-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hi,
I'm proposing a breaking change to MediaWiki\Shell\Command::restrict(). I made a mistake in my original implementation of this function that I believe we're better off fixing. For background on what shell restrictions are, see https://www.mediawiki.org/wiki/Manual:Shell_framework#Restrictions.
To summarize the ticket I filed https://phabricator.wikimedia.org/T257278:
Command manages $restrictions as bitfields and by default sets it to Shell::RESTRICT_DEFAULT (39). To disable restrictions, the idea was to call ->restrict( Shell::RESTRICT_NONE );. However, ->restrict() adds to $restrictions (using |=) instead of overwriting...so it's impossible to disable a default restriction.
My proposal is to have ->restrict() overwrite the current $restrictions instead of adding to it. Based on codesearch, every non-test caller is already set up to work this way, so in practice, it shouldn't be a breaking change.
The Gerrit patch for this is https://gerrit.wikimedia.org/r/c/mediawiki/core/+/609870/ and contains multiple examples of the correct way to call the fixed function .
Comments, alternative suggestions welcome. I would like to get this in for 1.35 if possible.
Thanks, - -- Legoktm