https://integration.wikimedia.org/ci/job/mwext-php70-phan-seccheck-docker/5799/console as of version 1.3.0
<?xml version="1.0" encoding="ISO-8859-15"?>
<checkstyle version="6.5">
<file name="./includes/CentralAuthGroupMembershipProxy.php">
<error line="22" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthGroupMembershipProxy::__construct that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/CentralAuthHooks.php">
<error line="383" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthHooks::onSpecialPasswordResetOnSubmit that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="571" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthHooks::doCentralLoginRedirect that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="572" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthHooks::doCentralLoginRedirect that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="573" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthHooks::doCentralLoginRedirect that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="620" severity="warning" message="Calling method \CentralAuthUser::getMasterInstanceByName() in \closure_a93be2a8a1b5 that outputs using tainted argument $username. (Caused by: ./includes/CentralAuthUser.php +160) (Caused by: ./includes/CentralAuthHooks.php +618)" source="SecurityCheck-XSS"/>
<error line="1462" severity="warning" message="Calling method \CentralAuthUser::getInstanceByName() in \CentralAuthHooks::onSessionCheckInfo that outputs using tainted argument $name. (Caused by: ./includes/CentralAuthUser.php +132) (Caused by: ./includes/CentralAuthHooks.php +1460)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/CentralAuthIdLookup.php">
<error line="35" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthIdLookup::lookupCentralIds that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="72" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthIdLookup::lookupUserNames that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/CentralAuthUser.php">
<error line="120" severity="warning" message="Calling method \CentralAuthUser::getInstanceByName() in \CentralAuthUser::getInstance that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CentralAuthUser.php +132) (Caused by: ../../includes/user/User.php +2454; ../../includes/changes/RecentChange.php +349; ../../includes/user/User.php +401; ../../includes/changes/RecentChange.php +349; ../../includes/user/User.php +401)" source="SecurityCheck-XSS"/>
<error line="146" severity="warning" message="Calling method \CentralAuthUser::getMasterInstanceByName() in \CentralAuthUser::getMasterInstance that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CentralAuthUser.php +160) (Caused by: ../../includes/user/User.php +2454; ../../includes/changes/RecentChange.php +349; ../../includes/user/User.php +401; ../../includes/changes/RecentChange.php +349; ../../includes/user/User.php +401)" source="SecurityCheck-XSS"/>
<error line="288" severity="warning" message="Calling method \CentralAuthUser::getInstanceByName() in \CentralAuthUser::newFromId that outputs using tainted argument $name. (Caused by: ./includes/CentralAuthUser.php +132) (Caused by: ./includes/CentralAuthUser.php +280)" source="SecurityCheck-XSS"/>
<error line="309" severity="warning" message="Calling method \CentralAuthUser::getMasterInstanceByName() in \CentralAuthUser::newMasterInstanceFromId that outputs using tainted argument $name. (Caused by: ./includes/CentralAuthUser.php +160) (Caused by: ./includes/CentralAuthUser.php +301)" source="SecurityCheck-XSS"/>
<error line="324" severity="warning" message="Calling method \CentralAuthUser::__construct() in \CentralAuthUser::newFromRow that outputs using tainted argument $[arg #1]. (Caused by: ./maintenance/fixStuckGlobalRename.php +35)" source="SecurityCheck-XSS"/>
<error line="1445" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::queueAdminUnattachJob that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="1447" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::queueAdminUnattachJob that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="1449" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::queueAdminUnattachJob that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="1472" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::adminDelete that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="1743" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::doCrosswikiSuppression that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="1744" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::doCrosswikiSuppression that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="1753" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::doCrosswikiSuppression that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="1755" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::doCrosswikiSuppression that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="1925" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUser::canAuthenticate that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="2464" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324; ./includes/CentralAuthUser.php +2464; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324; ../../inclu...)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/CentralAuthUtils.php">
<error line="265" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUtils::scheduleCreationJobs that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/GlobalRename/GlobalRenameUser.php">
<error line="219" severity="warning" message="Calling method \LocalRenameUserJob::__construct() in \GlobalRenameUser::getJob that outputs using tainted argument $params. (Caused by: ./includes/LocalRenameJob/LocalRenameUserJob.php +42) (Caused by: ./includes/GlobalRename/GlobalRenameUser.php +205; ./includes/GlobalRename/GlobalRenameUser.php +219)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/GlobalRename/GlobalUserMerge.php">
<error line="84" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::addLogEntry that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="86" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::addLogEntry that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="103" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::merge that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="114" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::merge that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="116" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::merge that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="159" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::setRenameStatuses that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="160" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::setRenameStatuses that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="162" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::setRenameStatuses that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="171" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::setRenameStatuses that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="195" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::getJob that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="195" severity="warning" message="Calling method \LocalUserMergeJob::__construct() in \GlobalUserMerge::getJob that outputs using tainted argument $[arg #2]. (Caused by: ./includes/LocalRenameJob/LocalUserMergeJob.php +13) (Caused by: ./includes/GlobalRename/GlobalUserMerge.php +195; ./includes/GlobalRename/GlobalUserMerge.php +195)" source="SecurityCheck-XSS"/>
<error line="198" severity="warning" message="Calling method \CentralAuthUser::getName in \GlobalUserMerge::getJob that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/GlobalRename/GlobalUserMergeLogger.php">
<error line="37" severity="warning" message="Calling method \CentralAuthUser::getName in \closure_14cc18b5b7ff that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/LocalRenameJob/LocalRenameUserJob.php">
<error line="173" severity="warning" message="Calling method \LocalPageMoveJob::__construct() in \LocalRenameUserJob::movePages that outputs using tainted argument $[arg #2]. (Caused by: ./includes/LocalRenameJob/LocalPageMoveJob.php +29) (Caused by: ./includes/LocalRenameJob/LocalRenameUserJob.php +157; ./includes/LocalRenameJob/LocalRenameUserJob.php +173)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/api/ApiDeleteGlobalAccount.php">
<error line="42" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiDeleteGlobalAccount::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="48" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiDeleteGlobalAccount::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="49" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiDeleteGlobalAccount::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/api/ApiQueryGlobalUserInfo.php">
<error line="68" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiQueryGlobalUserInfo::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/api/ApiSetGlobalAccountStatus.php">
<error line="43" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiSetGlobalAccountStatus::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="44" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiSetGlobalAccountStatus::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="72" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiSetGlobalAccountStatus::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="73" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiSetGlobalAccountStatus::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="81" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiSetGlobalAccountStatus::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="82" severity="warning" message="Calling method \CentralAuthUser::getName in \ApiSetGlobalAccountStatus::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/session/CentralAuthSessionProvider.php">
<error line="212" severity="warning" message="Calling method \CentralAuthUser::getInstanceByName() in \CentralAuthSessionProvider::refreshSessionInfo that outputs using tainted argument $name. (Caused by: ./includes/CentralAuthUser.php +132) (Caused by: ./includes/session/CentralAuthSessionProvider.php +207)" source="SecurityCheck-XSS"/>
<error line="331" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthSessionProvider::persistSession that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="336" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthSessionProvider::persistSession that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="337" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthSessionProvider::persistSession that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/specials/RenameQueueTablePager.php">
<error line="176" severity="warning" message="Calling method \CentralAuthUser::getName in \RenameQueueTablePager::formatValue that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="177" severity="warning" message="Calling method \CentralAuthUser::getName in \RenameQueueTablePager::formatValue that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="179" severity="warning" message="Calling method \CentralAuthUser::getName in \RenameQueueTablePager::formatValue that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="180" severity="warning" message="Calling method \CentralAuthUser::getName in \RenameQueueTablePager::formatValue that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/specials/SpecialCentralAuth.php">
<error line="94" severity="warning" message="Calling method \CentralAuthUser::getInstanceByName() in \SpecialCentralAuth::execute that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CentralAuthUser.php +132) (Caused by: ./includes/specials/SpecialCentralAuth.php +50)" source="SecurityCheck-XSS"/>
<error line="94" severity="warning" message="Calling method \CentralAuthUser::getMasterInstanceByName() in \SpecialCentralAuth::execute that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CentralAuthUser.php +160) (Caused by: ./includes/specials/SpecialCentralAuth.php +50)" source="SecurityCheck-XSS"/>
<error line="95" severity="warning" message="Calling method \CentralAuthUser::getMasterInstanceByName() in \SpecialCentralAuth::execute that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CentralAuthUser.php +160) (Caused by: ./includes/specials/SpecialCentralAuth.php +50)" source="SecurityCheck-XSS"/>
<error line="96" severity="warning" message="Calling method \CentralAuthUser::getInstanceByName() in \SpecialCentralAuth::execute that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CentralAuthUser.php +132) (Caused by: ./includes/specials/SpecialCentralAuth.php +50)" source="SecurityCheck-XSS"/>
<error line="336" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAuth::getInfoFields that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="337" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAuth::getInfoFields that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="383" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCentralAuth::showWikiLists that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialCentralAuth.php +374; ./includes/specials/SpecialCentralAuth.php +118)" source="SecurityCheck-XSS"/>
<error line="385" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCentralAuth::showWikiLists that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialCentralAuth.php +375; ./includes/specials/SpecialCentralAuth.php +128)" source="SecurityCheck-XSS"/>
<error line="851" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAuth::showLogExtract that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/specials/SpecialCentralAutoLogin.php">
<error line="158" severity="warning" message="Calling method \SpecialCentralAutoLogin::doFinalOutput() in \SpecialCentralAutoLogin::execute that outputs using tainted argument $json. (Caused by: ./includes/specials/SpecialCentralAutoLogin.php +643) (Caused by: ./includes/specials/SpecialCentralAutoLogin.php +151)" source="SecurityCheck-XSS"/>
<error line="399" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAutoLogin::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="400" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAutoLogin::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="478" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAutoLogin::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="501" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAutoLogin::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="503" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAutoLogin::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="515" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralAutoLogin::execute that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="591" severity="warning" message="Calling method \Xml::encodeJsCall() in \SpecialCentralAutoLogin::execute that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Xml::encodeJsCall)" source="SecurityCheck-DoubleEscaped"/>
</file>
<file name="./includes/specials/SpecialCentralLogin.php">
<error line="110" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralLogin::doLoginStart that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="120" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralLogin::doLoginStart that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="138" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralLogin::doLoginStart that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="139" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralLogin::doLoginStart that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="140" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralLogin::doLoginStart that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="242" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialCentralLogin::doLoginComplete that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/specials/SpecialGlobalGroupPermissions.php">
<error line="702" severity="warning" message="Calling method \CentralAuthUser::getMasterInstanceByName() in \SpecialGlobalGroupPermissions::invalidateRightsCache that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CentralAuthUser.php +160)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/specials/SpecialGlobalRenameQueue.php">
<error line="278" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialGlobalRenameQueue::doViewRequest that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="280" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialGlobalRenameQueue::doViewRequest that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="281" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialGlobalRenameQueue::doViewRequest that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="288" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialGlobalRenameQueue::doViewRequest that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="300" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialGlobalRenameQueue::doViewRequest that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/specials/SpecialGlobalUserMerge.php">
<error line="204" severity="warning" message="Calling method \CentralAuthUser::getName in \closure_63834ceca99e that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/specials/SpecialMergeAccount.php">
<error line="109" severity="warning" message="Calling method \CentralAuthUser::getInstanceByName() in \SpecialMergeAccount::execute that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CentralAuthUser.php +132) (Caused by: ./includes/specials/SpecialMergeAccount.php +60)" source="SecurityCheck-XSS"/>
</file>
<file name="./includes/specials/SpecialMultiLock.php">
<error line="314" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialMultiLock::showUserTable that outputs using tainted argument $rowtext. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialMultiLock.php +304; ./includes/specials/SpecialMultiLock.php +306; ./includes/specials/SpecialMultiLock.php +313; ./includes/specials/SpecialMultiLock.php +314)" source="SecurityCheck-XSS"/>
<error line="333" severity="warning" message="Calling method \CentralAuthUser::getName in \SpecialMultiLock::getUserTableRow that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./maintenance/migrateStewards.php">
<error line="55" severity="warning" message="Calling method \CentralAuthUser::__construct() in [no method] that outputs using tainted argument $user. (Caused by: ./maintenance/fixStuckGlobalRename.php +35) (Caused by: ./maintenance/migrateStewards.php +46)" source="SecurityCheck-XSS"/>
</file>
<file name="./tests/phpunit/CentralAuthUserTest.php">
<error line="23" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUserTest::testGetInstance that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="39" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUserTest::testNewUnattached that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
<file name="./tests/phpunit/CentralAuthUserUsingDatabaseTest.php">
<error line="22" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUserUsingDatabaseTest::testBasicAttrs that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
<error line="89" severity="warning" message="Calling method \CentralAuthUser::getName in \CentralAuthUserUsingDatabaseTest::testNewFromId that is always unsafe (Caused by: ./includes/CentralAuthUser.php +590; ./maintenance/fixStuckGlobalRename.php +35; ./maintenance/forceRenameUsers.php +144; ./includes/CentralAuthUser.php +324)" source="SecurityCheck-XSS"/>
</file>
</checkstyle>