Contrib.social

Code Review for Update module

Open on Drupal.org β†’
Created on 28 April 2015, almost 10 years ago
Updated 10 April 2025, 11 days ago

Information review of the Update module from Coder β†’ ... below are the results:

    _____________________________________________
    MODULES/UPDATE/UPDATE.MANAGER.INC
    update.manager.inc
    ============================
  1. severity: criticalreview: security_2Line 351: Potential problem: drupal_set_message() only accepts filtered text, be sure to use check_plain(), filter_xss() or similar to ensure your $variable is fully sanitized. (Drupal Docs) [security_2]
    ---> drupal_set_message(theme('item_list', $error_list), 'error');
  2. severity: criticalreview: security_4Line 681: Potential problem: form_set_error() and form_error() only accept filtered text, be sure to use check_plain(), filter_xss() or similar to ensure your $variable is fully sanitized. (Drupal Docs) [security_4]
    --->form_set_error($field, array_shift($archive_errors));
  3. severity: criticalreview: security_dsmLine 686: Potential problem: drupal_set_message() only accepts filtered text, be sure to use check_plain(), filter_xss() or similar to ensure your $variable is fully sanitized. (Drupal Docs) [security_dsm]
    --->drupal_set_message($error, 'error');
  4. severity: normalreview: style_function_spacingLine 776: Functions should be called with no spaces between the function name and opening parentheses [style_function_spacing]
    --->throw new Exception(t('Cannot extract %file, not a valid archive.', array ('%file' => $file)));
    _________________________________________
    MODULES/UPDATE/UPDATE.TEST
    update.test
    ==========================
  1. severity: normalreview: i18n_0Line 101: The $text argument to l() should be enclosed within t() so that it is translatable. [i18n_0]
    --->$this->assertRaw(l('7.1', 'http://example.com/drupal-7-1-release'), 'Link to release appears.');
  2. severity: normalreview: i18n_0Line 116: The $text argument to l() should be enclosed within t() so that it is translatable. [i18n_0]
    --->$this->assertRaw(l('7.2', 'http://example.com/drupal-7-2-release'), 'Link to release appears.');
  3. severity: normalreview: style_comma_spacingLine 679: missing space after comma [style_comma_spacing]
    --->$this->assertText(t('Only files with the following extensions are allowed: @archive_extensions.', array('@archive_extensions' => archiver_get_extensions())),'Only valid archives can be uploaded.');
πŸ› Bug report
Status

Closed: outdated

Version

7.0 ⚰️

Component

update.module

Created by

πŸ‡ΊπŸ‡ΈUnited States Kebz

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment 11 days ago β†’
    πŸ‡ΊπŸ‡ΈUnited States dww

    Most of this code no longer exists. Indeed, we're not using t() in tests. All of the code style stuff has long been fixed as this was ported to D8 and beyond.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024