recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Remove `phpast.*` Conduit methods

Summary:
Ref T4592. These were added with the intent of not requiring builds on Windows, but then we got builds on Windows working and they seem to be straightforward. See T4592 for most recent discussion.

Remove these methods because they aren't really practical for anything and increase attack surface area by giving adversaries access to `xhpast`, and generally bloat up the Conduit API. To my knowledge, nothing has ever called them.

(If an install somehow relies on these, they can drop them into `src/extensions/` to expose them again.)

Test Plan: Viewed conduit.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: aran, epriestley

Maniphest Tasks: T4592

Differential Revision: https://secure.phabricator.com/D8500

epriestley 69399dfc 71762407

-96
-6
src/__phutil_library_map__.php
··· 217 217 'ConduitAPI_phid_info_Method' => 'applications/phid/conduit/ConduitAPI_phid_info_Method.php', 218 218 'ConduitAPI_phid_lookup_Method' => 'applications/phid/conduit/ConduitAPI_phid_lookup_Method.php', 219 219 'ConduitAPI_phid_query_Method' => 'applications/phid/conduit/ConduitAPI_phid_query_Method.php', 220 - 'ConduitAPI_phpast_Method' => 'applications/phpast/conduit/ConduitAPI_phpast_Method.php', 221 - 'ConduitAPI_phpast_getast_Method' => 'applications/phpast/conduit/ConduitAPI_phpast_getast_Method.php', 222 - 'ConduitAPI_phpast_version_Method' => 'applications/phpast/conduit/ConduitAPI_phpast_version_Method.php', 223 220 'ConduitAPI_phragment_Method' => 'applications/phragment/conduit/ConduitAPI_phragment_Method.php', 224 221 'ConduitAPI_phragment_getpatch_Method' => 'applications/phragment/conduit/ConduitAPI_phragment_getpatch_Method.php', 225 222 'ConduitAPI_phragment_queryfragments_Method' => 'applications/phragment/conduit/ConduitAPI_phragment_queryfragments_Method.php', ··· 2746 2743 'ConduitAPI_phid_info_Method' => 'ConduitAPI_phid_Method', 2747 2744 'ConduitAPI_phid_lookup_Method' => 'ConduitAPI_phid_Method', 2748 2745 'ConduitAPI_phid_query_Method' => 'ConduitAPI_phid_Method', 2749 - 'ConduitAPI_phpast_Method' => 'ConduitAPIMethod', 2750 - 'ConduitAPI_phpast_getast_Method' => 'ConduitAPI_phpast_Method', 2751 - 'ConduitAPI_phpast_version_Method' => 'ConduitAPI_phpast_Method', 2752 2746 'ConduitAPI_phragment_Method' => 'ConduitAPIMethod', 2753 2747 'ConduitAPI_phragment_getpatch_Method' => 'ConduitAPI_phragment_Method', 2754 2748 'ConduitAPI_phragment_queryfragments_Method' => 'ConduitAPI_phragment_Method',
-13
src/applications/phpast/conduit/ConduitAPI_phpast_Method.php
··· 1 - <?php 2 - 3 - /** 4 - * @group conduit 5 - */ 6 - abstract class ConduitAPI_phpast_Method extends ConduitAPIMethod { 7 - 8 - public function getApplication() { 9 - return PhabricatorApplication::getByClass( 10 - 'PhabricatorApplicationPHPAST'); 11 - } 12 - 13 - }
-37
src/applications/phpast/conduit/ConduitAPI_phpast_getast_Method.php
··· 1 - <?php 2 - 3 - /** 4 - * @group conduit 5 - */ 6 - final class ConduitAPI_phpast_getast_Method 7 - extends ConduitAPI_phpast_Method { 8 - 9 - public function getMethodDescription() { 10 - return "Parse a piece of PHP code."; 11 - } 12 - 13 - public function defineParamTypes() { 14 - return array( 15 - 'code' => 'required string', 16 - ); 17 - } 18 - 19 - public function defineReturnType() { 20 - return 'nonempty dict'; 21 - } 22 - 23 - public function defineErrorTypes() { 24 - return array( 25 - 'ERR-XHPAST-LEY' => 'xhpast got Rickrolled', 26 - ); 27 - } 28 - 29 - protected function execute(ConduitAPIRequest $request) { 30 - $source = $request->getValue('code'); 31 - $future = xhpast_get_parser_future($source); 32 - list($stdout) = $future->resolvex(); 33 - 34 - return json_decode($stdout, true); 35 - } 36 - 37 - }
-40
src/applications/phpast/conduit/ConduitAPI_phpast_version_Method.php
··· 1 - <?php 2 - 3 - /** 4 - * @group conduit 5 - */ 6 - final class ConduitAPI_phpast_version_Method 7 - extends ConduitAPI_phpast_Method { 8 - 9 - public function getMethodDescription() { 10 - return "Get server xhpast version."; 11 - } 12 - 13 - public function defineParamTypes() { 14 - return array(); 15 - } 16 - 17 - public function defineReturnType() { 18 - return 'string'; 19 - } 20 - 21 - public function defineErrorTypes() { 22 - return array( 23 - 'ERR-NOT-FOUND' => 'xhpast was not found on the server', 24 - 'ERR-COMMAND-FAILED' => 'xhpast died with a nonzero exit code', 25 - ); 26 - } 27 - 28 - protected function execute(ConduitAPIRequest $request) { 29 - $path = xhpast_get_binary_path(); 30 - if (!Filesystem::pathExists($path)) { 31 - throw new ConduitException('ERR-NOT-FOUND'); 32 - } 33 - list($err, $stdout) = exec_manual('%s --version', $path); 34 - if ($err) { 35 - throw new ConduitException('ERR-COMMAND-FAILED'); 36 - } 37 - return trim($stdout); 38 - } 39 - 40 - }