I added symlinks to matomo.js and matomo.php because matomo is a keyword that is blocked by some blockers.
File integrity is correct in pointing out they should not be there, but the solution it proposes is wrong.
2020-10-10 - edit fixed typo
I think this is actually expected behaviour and the solution be to mark these files as "to be ignored" by creating a file
config/config.php like with content like this:
<?php return array( 'fileintegrity.ignore' => DI\add(array( 'w.js', 'w.php', )) );
If someone else can confirm this is expected behaviour then this could be put in an FAQ.
I think the bug reported isn't that those files are shown, but that the check recommends deleting the original files instead of the "incorrect" symlinks.
If someone wants to fix this, they are welcome to submit a Pull Request.
👍 didn't notice there was a different message. For this particular case it would actually remove those files by adding the config but of course the actual bug remains which is the use of
realpath in https://github.com/matomo-org/matomo/blob/4.0.0-b2/core/FileIntegrity.php#L75
Sure you may. I have no problems with the symlinks though. Just reporting a bug.