Get xml_vuln_detector working, Tasks issue

Would like to get it running with test case, test integration and so on.

• add test case / test integration
• Add watchdog loggers
• Add a service to service.yml
• show CDATA issues?
• show javascript inserted?
• show CSS inserted?
• log various hits to a JSON or text file, and have a viewer for this? (similar to migrate API?) - did not see a feasible current module for making these JSON or other logs though. at a glance
• add to drupal.org after it is working
• have a drush command to evaluate stuff in public:// file dir.

Just noting XMLVulnDetector.php mostly came from 'claude' ai 'sonnet' and notably the XML commands it is using are dubious re deprecation.

My thinking was to add this to work with (but not be a dependency) with wordpress_migrate so that XML files can get at least rudimentary sanitized. An issue i have raised:

see

• https://www.drupal.org/project/wordpress_migrate/issues/3348775
• https://www.drupal.org/project/wordpress_migrate/issues/3248042

My thinking was to target php8.3 but 8.1 is not EOL until 2026. I'm aware XML API in PHP has been getting shaken up over recent years but not very up on it.

gitlab.com does not like the drupalCI file

• https://git.drupalcode.org/project/gitlab_templates/-/blob/main/gitlab-ci/template.gitlab-ci.yml
• https://www.drupal.org/docs/develop/git/using-gitlab-to-contribute-to-drupal/gitlab-ci'

it could also log the stuff it finds

UI ideas

Have a file upload. To temporary file handler public:// . It accepts the upload. Has some checkboxes for various processing (regex).

Later each of these processing regex could be collected as plugins in a plugin manager.