This run took 147 seconds.
From 124020612b529e63eff29dbc824c715fc72ae2be Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Tue, 19 Nov 2024 07:53:38 +0000
Subject: [PATCH] [DNM] there are no updates
Change-Id: I43b9882e00edc0a811217f62ddb97b50063dbe35
---
package-lock.json | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 4933174..e2b1074 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2193,9 +2193,9 @@
}
},
"node_modules/cross-spawn": {
- "version": "7.0.3",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
- "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
+ "version": "7.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+ "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
"dev": true,
"dependencies": {
"path-key": "^3.1.0",
@@ -7075,9 +7075,9 @@
"dev": true
},
"node_modules/npm-run-all/node_modules/cross-spawn": {
- "version": "6.0.5",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz",
- "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==",
+ "version": "6.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.6.tgz",
+ "integrity": "sha512-VqCUuhcd1iB+dsv8gxPttb5iZh/D0iubSP21g36KXdEuf6I5JiioesUVjpCdHV9MZRUfVFlvwtIUyPfxo5trtw==",
"dev": true,
"dependencies": {
"nice-try": "^1.0.4",
@@ -12028,9 +12028,9 @@
}
},
"cross-spawn": {
- "version": "7.0.3",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
- "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
+ "version": "7.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+ "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
"dev": true,
"requires": {
"path-key": "^3.1.0",
@@ -15572,9 +15572,9 @@
"dev": true
},
"cross-spawn": {
- "version": "6.0.5",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz",
- "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==",
+ "version": "6.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.6.tgz",
+ "integrity": "sha512-VqCUuhcd1iB+dsv8gxPttb5iZh/D0iubSP21g36KXdEuf6I5JiioesUVjpCdHV9MZRUfVFlvwtIUyPfxo5trtw==",
"dev": true,
"requires": {
"nice-try": "^1.0.4",
--
2.39.2
$ date
--- stdout ---
Tue Nov 19 07:51:32 UTC 2024
--- end ---
$ git clone file:///srv/git/mediawiki-extensions-WikibaseLexeme.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stderr ---
Submodule 'resources/special/new-lexeme' (https://phabricator.wikimedia.org/diffusion/NLSP/new-lexeme-special-page.git) registered for path 'resources/special/new-lexeme'
Cloning into '/src/repo/resources/special/new-lexeme'...
--- stdout ---
Submodule path 'resources/special/new-lexeme': checked out 'eb1b9f2d22da3021fdea699bfb255c0ce0d5aca9'
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
909e52cae7130902fa7aa652a1a705ac6ce674bc refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"cross-spawn": {
"name": "cross-spawn",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1100467,
"name": "cross-spawn",
"dependency": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.0.5"
}
],
"effects": [
"npm-run-all"
],
"range": "<7.0.5",
"nodes": [
"node_modules/cross-spawn",
"node_modules/npm-run-all/node_modules/cross-spawn"
],
"fixAvailable": {
"name": "npm-run-all",
"version": "2.1.0",
"isSemVerMajor": true
}
},
"npm-run-all": {
"name": "npm-run-all",
"severity": "high",
"isDirect": true,
"via": [
"cross-spawn"
],
"effects": [],
"range": ">=2.1.1",
"nodes": [
"node_modules/npm-run-all"
],
"fixAvailable": {
"name": "npm-run-all",
"version": "2.1.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": true,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": false
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/request/node_modules/tough-cookie"
],
"fixAvailable": false
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 2,
"high": 2,
"critical": 0,
"total": 4
},
"dependencies": {
"prod": 1,
"dev": 848,
"optional": 5,
"peer": 19,
"peerOptional": 0,
"total": 848
}
}
}
--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 44 installs, 0 updates, 0 removals
- Locking composer/pcre (3.3.2)
- Locking composer/semver (3.4.3)
- Locking composer/spdx-licenses (1.5.8)
- Locking composer/xdebug-handler (3.0.5)
- Locking davidrjonas/composer-lock-diff (1.7.0)
- Locking dealerdirect/phpcodesniffer-composer-installer (v1.0.0)
- Locking doctrine/deprecations (1.1.3)
- Locking felixfbecker/advanced-json-rpc (v3.2.1)
- Locking giorgiosironi/eris (0.14.0)
- Locking hamcrest/hamcrest-php (v2.0.1)
- Locking mediawiki/mediawiki-codesniffer (v45.0.0)
- Locking mediawiki/mediawiki-phan-config (0.14.0)
- Locking mediawiki/minus-x (1.1.3)
- Locking mediawiki/phan-taint-check-plugin (6.0.0)
- Locking microsoft/tolerant-php-parser (v0.1.2)
- Locking netresearch/jsonmapper (v4.5.0)
- Locking phan/phan (5.4.3)
- Locking php-parallel-lint/php-console-color (v1.0.1)
- Locking php-parallel-lint/php-console-highlighter (v1.0.0)
- Locking php-parallel-lint/php-parallel-lint (v1.4.0)
- Locking phpcsstandards/phpcsextra (1.2.1)
- Locking phpcsstandards/phpcsutils (1.0.12)
- Locking phpdocumentor/reflection-common (2.2.0)
- Locking phpdocumentor/reflection-docblock (5.6.0)
- Locking phpdocumentor/type-resolver (1.10.0)
- Locking phpstan/phpdoc-parser (2.0.0)
- Locking psr/container (2.0.2)
- Locking psr/log (3.0.2)
- Locking sabre/event (5.1.7)
- Locking serialization/serialization (4.0.0)
- Locking squizlabs/php_codesniffer (3.10.3)
- Locking symfony/console (v7.1.8)
- Locking symfony/deprecation-contracts (v3.5.0)
- Locking symfony/polyfill-ctype (v1.31.0)
- Locking symfony/polyfill-intl-grapheme (v1.31.0)
- Locking symfony/polyfill-intl-normalizer (v1.31.0)
- Locking symfony/polyfill-mbstring (v1.31.0)
- Locking symfony/polyfill-php80 (v1.31.0)
- Locking symfony/service-contracts (v3.5.0)
- Locking symfony/string (v7.1.8)
- Locking tysonandre/var_representation_polyfill (0.1.3)
- Locking webmozart/assert (1.11.0)
- Locking wikimedia/assert (v0.5.1)
- Locking wmde/php-vuejs-templating (2.0.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 44 installs, 0 updates, 0 removals
0 [>---------------------------] 0 [->--------------------------]
- Installing squizlabs/php_codesniffer (3.10.3): Extracting archive
- Installing dealerdirect/phpcodesniffer-composer-installer (v1.0.0): Extracting archive
- Installing composer/pcre (3.3.2): Extracting archive
- Installing davidrjonas/composer-lock-diff (1.7.0): Extracting archive
- Installing giorgiosironi/eris (0.14.0): Extracting archive
- Installing hamcrest/hamcrest-php (v2.0.1): Extracting archive
- Installing symfony/polyfill-php80 (v1.31.0): Extracting archive
- Installing phpcsstandards/phpcsutils (1.0.12): Extracting archive
- Installing phpcsstandards/phpcsextra (1.2.1): Extracting archive
- Installing symfony/polyfill-mbstring (v1.31.0): Extracting archive
- Installing composer/spdx-licenses (1.5.8): Extracting archive
- Installing composer/semver (3.4.3): Extracting archive
- Installing mediawiki/mediawiki-codesniffer (v45.0.0): Extracting archive
- Installing tysonandre/var_representation_polyfill (0.1.3): Extracting archive
- Installing symfony/polyfill-intl-normalizer (v1.31.0): Extracting archive
- Installing symfony/polyfill-intl-grapheme (v1.31.0): Extracting archive
- Installing symfony/polyfill-ctype (v1.31.0): Extracting archive
- Installing symfony/string (v7.1.8): Extracting archive
- Installing symfony/deprecation-contracts (v3.5.0): Extracting archive
- Installing psr/container (2.0.2): Extracting archive
- Installing symfony/service-contracts (v3.5.0): Extracting archive
- Installing symfony/console (v7.1.8): Extracting archive
- Installing sabre/event (5.1.7): Extracting archive
- Installing netresearch/jsonmapper (v4.5.0): Extracting archive
- Installing microsoft/tolerant-php-parser (v0.1.2): Extracting archive
- Installing webmozart/assert (1.11.0): Extracting archive
- Installing phpstan/phpdoc-parser (2.0.0): Extracting archive
- Installing phpdocumentor/reflection-common (2.2.0): Extracting archive
- Installing doctrine/deprecations (1.1.3): Extracting archive
- Installing phpdocumentor/type-resolver (1.10.0): Extracting archive
- Installing phpdocumentor/reflection-docblock (5.6.0): Extracting archive
- Installing felixfbecker/advanced-json-rpc (v3.2.1): Extracting archive
- Installing psr/log (3.0.2): Extracting archive
- Installing composer/xdebug-handler (3.0.5): Extracting archive
- Installing phan/phan (5.4.3): Extracting archive
- Installing mediawiki/phan-taint-check-plugin (6.0.0): Extracting archive
- Installing mediawiki/mediawiki-phan-config (0.14.0): Extracting archive
- Installing mediawiki/minus-x (1.1.3): Extracting archive
- Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
- Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
- Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive
- Installing serialization/serialization (4.0.0): Extracting archive
- Installing wikimedia/assert (v0.5.1): Extracting archive
- Installing wmde/php-vuejs-templating (2.0.0): Extracting archive
0/42 [>---------------------------] 0%
22/42 [==============>-------------] 52%
37/42 [========================>---] 88%
42/42 [============================] 100%
3 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
16 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"cross-spawn": {
"name": "cross-spawn",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1100467,
"name": "cross-spawn",
"dependency": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.0.5"
}
],
"effects": [
"npm-run-all"
],
"range": "<7.0.5",
"nodes": [
"node_modules/cross-spawn",
"node_modules/npm-run-all/node_modules/cross-spawn"
],
"fixAvailable": {
"name": "npm-run-all",
"version": "2.1.0",
"isSemVerMajor": true
}
},
"npm-run-all": {
"name": "npm-run-all",
"severity": "high",
"isDirect": true,
"via": [
"cross-spawn"
],
"effects": [],
"range": ">=2.1.1",
"nodes": [
"node_modules/npm-run-all"
],
"fixAvailable": {
"name": "npm-run-all",
"version": "2.1.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": true,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": false
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/request/node_modules/tough-cookie"
],
"fixAvailable": false
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 2,
"high": 2,
"critical": 0,
"total": 4
},
"dependencies": {
"prod": 1,
"dev": 848,
"optional": 5,
"peer": 19,
"peerOptional": 0,
"total": 848
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
"added": 848,
"removed": 0,
"changed": 0,
"audited": 849,
"funding": 183,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"cross-spawn": {
"name": "cross-spawn",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1100467,
"name": "cross-spawn",
"dependency": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<7.0.5"
}
],
"effects": [
"npm-run-all"
],
"range": "<7.0.5",
"nodes": [
"",
""
],
"fixAvailable": {
"name": "npm-run-all",
"version": "2.1.0",
"isSemVerMajor": true
}
},
"npm-run-all": {
"name": "npm-run-all",
"severity": "high",
"isDirect": true,
"via": [
"cross-spawn"
],
"effects": [],
"range": ">=2.1.1",
"nodes": [
"node_modules/npm-run-all"
],
"fixAvailable": {
"name": "npm-run-all",
"version": "2.1.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": true,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": false
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/request/node_modules/tough-cookie"
],
"fixAvailable": false
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 2,
"high": 2,
"critical": 0,
"total": 4
},
"dependencies": {
"prod": 1,
"dev": 848,
"optional": 5,
"peer": 19,
"peerOptional": 0,
"total": 848
}
}
}
}
--- end ---
{"added": 848, "removed": 0, "changed": 0, "audited": 849, "funding": 183, "audit": {"auditReportVersion": 2, "vulnerabilities": {"cross-spawn": {"name": "cross-spawn", "severity": "high", "isDirect": false, "via": [{"source": 1100467, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<7.0.5"}], "effects": ["npm-run-all"], "range": "<7.0.5", "nodes": ["", ""], "fixAvailable": {"name": "npm-run-all", "version": "2.1.0", "isSemVerMajor": true}}, "npm-run-all": {"name": "npm-run-all", "severity": "high", "isDirect": true, "via": ["cross-spawn"], "effects": [], "range": ">=2.1.1", "nodes": ["node_modules/npm-run-all"], "fixAvailable": {"name": "npm-run-all", "version": "2.1.0", "isSemVerMajor": true}}, "request": {"name": "request", "severity": "moderate", "isDirect": true, "via": [{"source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": ["CWE-918"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<=2.88.2"}, "tough-cookie"], "effects": [], "range": "*", "nodes": ["node_modules/request"], "fixAvailable": false}, "tough-cookie": {"name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [{"source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": "<4.1.3"}], "effects": ["request"], "range": "<4.1.3", "nodes": ["node_modules/request/node_modules/tough-cookie"], "fixAvailable": false}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 2, "high": 2, "critical": 0, "total": 4}, "dependencies": {"prod": 1, "dev": 848, "optional": 5, "peer": 19, "peerOptional": 0, "total": 848}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated grunt-jasmine-nodejs@1.6.1: Deprecated in favor of npm scripts.
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@7.2.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated formidable@1.2.6: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated superagent@6.1.0: Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net
--- stdout ---
added 847 packages, and audited 848 packages in 27s
183 packages are looking for funding
run `npm fund` for details
# npm audit report
cross-spawn <7.0.5
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - https://github.com/advisories/GHSA-3xgq-45jj-v275
fix available via `npm audit fix --force`
Will install npm-run-all@2.1.0, which is a breaking change
node_modules/npm-run-all/node_modules/cross-spawn
npm-run-all >=2.1.1
Depends on vulnerable versions of cross-spawn
node_modules/npm-run-all
request *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/request
tough-cookie <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
No fix available
node_modules/request/node_modules/tough-cookie
4 vulnerabilities (2 moderate, 2 high)
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated grunt-jasmine-nodejs@1.6.1: Deprecated in favor of npm scripts.
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@7.2.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated formidable@1.2.6: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated superagent@6.1.0: Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net
--- stdout ---
added 847 packages, and audited 848 packages in 18s
183 packages are looking for funding
run `npm fund` for details
4 vulnerabilities (2 moderate, 2 high)
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stderr ---
[Vue warn]: Avoid app logic that relies on enumerating keys on a component instance. The keys will be empty in production mode to avoid performance overhead.
[Vue warn]: Avoid app logic that relies on enumerating keys on a component instance. The keys will be empty in production mode to avoid performance overhead.
[Vue warn]: Avoid app logic that relies on enumerating keys on a component instance. The keys will be empty in production mode to avoid performance overhead.
[Vue warn]: Avoid app logic that relies on enumerating keys on a component instance. The keys will be empty in production mode to avoid performance overhead.
[Vue warn]: Avoid app logic that relies on enumerating keys on a component instance. The keys will be empty in production mode to avoid performance overhead.
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
[33mThe CJS build of Vite's Node API is deprecated. See https://vitejs.dev/guide/troubleshooting.html#vite-cjs-node-api-deprecated for more details.[39m
DEPRECATION WARNING: The legacy JS API is deprecated and will be removed in Dart Sass 2.0.0.
More info: https://sass-lang.com/d/legacy-js-api
DEPRECATION WARNING: The legacy JS API is deprecated and will be removed in Dart Sass 2.0.0.
More info: https://sass-lang.com/d/legacy-js-api
DEPRECATION WARNING: The legacy JS API is deprecated and will be removed in Dart Sass 2.0.0.
More info: https://sass-lang.com/d/legacy-js-api
DEPRECATION WARNING: Sass's behavior for declarations that appear after nested
rules will be changing to match the behavior specified by CSS in an upcoming
version. To keep the existing behavior, move the declaration above the nested
rule. To opt into the new behavior, wrap the declaration in `& {}`.
More info: https://sass-lang.com/d/mixed-decls
╷
6 │ ┌ & > * + * {
7 │ │ margin-top: var( --dimension-layout-xsmall );
8 │ │ }
│ └─── nested rule
... │
11 │ padding: var( --dimension-layout-small );
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ declaration
╵
src/components/NewLexemeForm.vue 11:2 root stylesheet
DEPRECATION WARNING: Sass's behavior for declarations that appear after nested
rules will be changing to match the behavior specified by CSS in an upcoming
version. To keep the existing behavior, move the declaration above the nested
rule. To opt into the new behavior, wrap the declaration in `& {}`.
More info: https://sass-lang.com/d/mixed-decls
╷
6 │ ┌ & > * + * {
7 │ │ margin-top: var( --dimension-layout-xsmall );
8 │ │ }
│ └─── nested rule
... │
14 │ border-style: $border-style-base;
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ declaration
╵
src/components/NewLexemeForm.vue 14:2 root stylesheet
DEPRECATION WARNING: Sass's behavior for declarations that appear after nested
rules will be changing to match the behavior specified by CSS in an upcoming
version. To keep the existing behavior, move the declaration above the nested
rule. To opt into the new behavior, wrap the declaration in `& {}`.
More info: https://sass-lang.com/d/mixed-decls
╷
6 │ ┌ & > * + * {
7 │ │ margin-top: var( --dimension-layout-xsmall );
8 │ │ }
│ └─── nested rule
... │
15 │ border-width: $border-width-base;
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ declaration
╵
src/components/NewLexemeForm.vue 15:2 root stylesheet
DEPRECATION WARNING: Sass's behavior for declarations that appear after nested
rules will be changing to match the behavior specified by CSS in an upcoming
version. To keep the existing behavior, move the declaration above the nested
rule. To opt into the new behavior, wrap the declaration in `& {}`.
More info: https://sass-lang.com/d/mixed-decls
╷
6 │ ┌ & > * + * {
7 │ │ margin-top: var( --dimension-layout-xsmall );
8 │ │ }
│ └─── nested rule
... │
16 │ border-radius: $border-radius-base;
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ declaration
╵
src/components/NewLexemeForm.vue 16:2 root stylesheet
DEPRECATION WARNING: Sass's behavior for declarations that appear after nested
rules will be changing to match the behavior specified by CSS in an upcoming
version. To keep the existing behavior, move the declaration above the nested
rule. To opt into the new behavior, wrap the declaration in `& {}`.
More info: https://sass-lang.com/d/mixed-decls
╷
6 │ ┌ & > * + * {
7 │ │ margin-top: var( --dimension-layout-xsmall );
8 │ │ }
│ └─── nested rule
... │
17 │ border-color: $border-color-muted;
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ declaration
╵
src/components/NewLexemeForm.vue 17:2 root stylesheet
DEPRECATION WARNING: The legacy JS API is deprecated and will be removed in Dart Sass 2.0.0.
More info: https://sass-lang.com/d/legacy-js-api
DEPRECATION WARNING: The legacy JS API is deprecated and will be removed in Dart Sass 2.0.0.
More info: https://sass-lang.com/d/legacy-js-api
DEPRECATION WARNING: The legacy JS API is deprecated and will be removed in Dart Sass 2.0.0.
More info: https://sass-lang.com/d/legacy-js-api
DEPRECATION WARNING: The legacy JS API is deprecated and will be removed in Dart Sass 2.0.0.
More info: https://sass-lang.com/d/legacy-js-api
DEPRECATION WARNING: The legacy JS API is deprecated and will be removed in Dart Sass 2.0.0.
More info: https://sass-lang.com/d/legacy-js-api
--- stdout ---
> test
> run-s test:*
> test:grunt
> grunt test
Running "eslint:all" (eslint) task
/src/repo/cypress/support/pageObjects/FormsSection.ts
143:2 warning Missing JSDoc @return declaration jsdoc/require-returns
144:1 warning Missing JSDoc @param "formId" type jsdoc/require-param-type
/src/repo/resources/entityChangers/FormChanger.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/resources/entityChangers/SenseChanger.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/resources/jquery.wikibase.lexemeformview.js
287:1 warning Missing JSDoc @param "lemmas" type jsdoc/require-param-type
288:1 warning Missing JSDoc @param "formIndex" type jsdoc/require-param-type
289:1 warning Missing JSDoc @param "formId" type jsdoc/require-param-type
290:1 warning Missing JSDoc @param "representations" type jsdoc/require-param-type
/src/repo/resources/jquery.wikibase.lexemeview.js
25:1 warning Expected 0 trailing lines jsdoc/tag-lines
/src/repo/resources/serialization/FormSerializer.js
12:1 warning The type 'serialization' is undefined jsdoc/no-undefined-types
/src/repo/resources/serialization/LexemeDeserializer.js
10:1 warning The type 'SERIALIZER' is undefined jsdoc/no-undefined-types
/src/repo/resources/serialization/SenseSerializer.js
12:1 warning The type 'serialization' is undefined jsdoc/no-undefined-types
/src/repo/resources/special/NewLexeme.js
6:2 warning Unused eslint-disable directive (no problems were reported from 'no-undef')
/src/repo/resources/special/NewLexemeFallback.js
8:3 warning NodeList.forEach not supported by Chrome<51, Firefox<50, Safari<10, IE & others. Use Array.prototype.forEach.call instead mediawiki/no-nodelist-unsupported-methods
/src/repo/resources/view/ViewFactoryFactory.js
17:1 warning Syntax error in type: [] jsdoc/valid-types
/src/repo/resources/widgets/GlossWidget.js
34:1 warning Syntax error in type: [{ value: string, language: string }] jsdoc/valid-types
/src/repo/tests/qunit/datamodel/Form.tests.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/datamodel/Sense.tests.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/entityChangers/FormChanger.tests.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/entityChangers/SenseChanger.tests.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/jquery.wikibase.lexemeformlistview.tests.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/jquery.wikibase.lexemeformview.tests.js
1:1 warning Missing JSDoc @param "require" declaration jsdoc/require-param
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/jquery.wikibase.senselistview.tests.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/jquery.wikibase.senseview.tests.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/serialization/LexemeDeserializer.tests.js
1:1 warning Missing JSDoc @param "wb" declaration jsdoc/require-param
/src/repo/tests/qunit/widgets/GrammaticalFeatureListWidget.tests.js
1:1 warning Missing JSDoc @param "QUnit" declaration jsdoc/require-param
1:1 warning Missing JSDoc @param "require" declaration jsdoc/require-param
1:1 warning Missing JSDoc @param "sinon" declaration jsdoc/require-param
✖ 29 problems (0 errors, 29 warnings)
0 errors and 17 warnings potentially fixable with the `--fix` option.
Running "banana:WikibaseLexeme" (banana) task
>> The "fr" translation has 2 translations with trailing whitespace:
>> * wikibaselexeme-formidformatter-separator-multiple-representation
>> * wikibaselexeme-presentation-lexeme-display-label-separator-multiple-lemma
>> 3 message directories checked.
Running "jasmine_nodejs:all" (jasmine_nodejs) task
>> Executing 127 defined specs...
Test Suites & Specs:
1) actions
✔ ADD_REPRESENTATION on state having no representations and one lemma mutates to empty values and derives lemma language
✔ REMOVE_REPRESENTATION delegates to mutation
✔ UPDATE_REPRESENTATION_VALUE delegates to mutation
✔ UPDATE_REPRESENTATION_LANGUAGE delegates to mutation
✔ ADD_REPRESENTATION on state having existing representation and one lemma mutates to empty values
✔ ADD_REPRESENTATION on state having no representations and multiple lemmas mutates to empty values
✔ REPLACE_ALL_REPRESENTATIONS delegates to mutation
2) mutationTypes
✔ uses unique ids for all mutation types
3) wikibase.lexeme.widgets.LemmaWidget
✔ marks-up the lemma term with the lemma language
✔ edit mode is true
✔ initialize widget with one lemma
✔ add a new lemma
✔ edit mode is false
✔ can carry redundant lemma languages
✔ remove a lemma
✔ detects redundant lemma languages to mark the widget
✔ detects redundant lemma language to mark the individual languages
4) RepresentationWidget
✔ can remove a representation
✔ adds an empty representation on add
✔ is not in edit mode after editing is stopped
✔ switches to edit mode when editing
✔ shows only the representation it contains when editing the widget with some representation
✔ cannot add representation if not in edit mode
✔ adds a representation with unique lemmas language on add after delete
✔ can carry redundant representations
✔ adds a new empty representation when editing the widget with no representations and multiple lemmas
✔ cannot remove representation if not in edit mode
✔ adds a new representation with lemma language when editing the widget with no representations and one lemma
✔ is not in edit mode after being created
✔ detects redundant representation languages and marks the widget
✔ detects redundant representation languages and can mark the individual languages
5) RedundantLanguageIndicator
✔ creates mixin property hasRedundantLanguage returning true for existing redundantLanguages
✔ creates mixin property hasRedundantLanguage returning false for empty redundantLanguages
✔ creates mixin definition with watch that monitors the property recursively
✔ creates mixin definition providing method to determine if language isRedundantLanguage
✔ creates mixin watch handler not taking offence in repeated empty language
✔ creates mixin definition providing computed property hasRedundantLanguage
✔ creates mixin definition that adds a redundantLanguages property to data
✔ creates mixin definition with watch on desired property
✔ creates mixin watch handler that can find multiple redundant languages
✔ creates mixin definition method isRedundantLanguage returning false for empty redundantLanguages
✔ creates mixin watch handler that updates redundantLanguages with respective language values
✔ creates mixin definition with watch that fires immediately
6) actionTypes
✔ uses unique ids for all action types
7) LexemeSubEntityId
8) getIdSuffix
✔ returns the Form id suffix
✔ returns the Sense id suffix
9) mutations
✔ DERIVE_REPRESENTATION_LANGUAGE_FROM_LEMMA changes representation language correctly
✔ UPDATE_REPRESENTATION_LANGUAGE changes correct representation language
✔ REPLACE_ALL_REPRESENTATIONS replaces representations of correct form
✔ ADD_REPRESENTATION adds a new representation to the right form
✔ UPDATE_REPRESENTATION_VALUE changes correct representation value
✔ REMOVE_REPRESENTATION removes representation leaving others with updated index
10) focusElement
✔ returns a callback without doing anything else
11) callback
✔ calls focus on selected element
✔ can handle missing element
12) GlossWidget
✔ switch to edit mode
✔ initialize widget with one gloss
✔ create with no glosses - when switched to edit mode empty gloss is added
✔ add a new gloss
✔ removes empty glosses when saved
✔ stop editing
✔ remove a gloss
13) wikibase.lexeme.widgets.LexemeHeader
14) hasChanges
✔ returns true when language changes
✔ returns true when lexical category changes
✔ returns true when lemmas change
✔ returns false by default
✔ ignores added empty lemmas
15) isUnsaveable
✔ returns true when there are changes but saving is ongoing
✔ returns true when there are changes but also lemmas with redundant languages
✔ returns true when there are no changes
✔ returns false by default
✔ passes lemmas to LemmaWidget
✔ binds to lemma-widget hasRedundantLanguage event
✔ attempting to save with empty lemmas fails
✔ save lemma list with error
✔ shows save button disabled when unsaveable
✔ save lemma list
✔ shows save button enabled when not unsaveable
✔ updates language and lexical category on save
✔ cancel edit mode
✔ switch to edit mode
✔ shows save button disabled without changes
✔ passes language and lexical category to LanguageAndLexicalCategoryWidget
16) LexemeHeader.newLexemeHeaderStore
✔ mutation updateLanguage changes language and languageLink to given values
✔ mutation updateLanguage changes lexical category and the link to given values
✔ mutation updateRevisionId changes baseRevId to given value
✔ mutation finishSaving switches the isSaving flag to false
✔ action save calls API with correct parameters when removing an item from the state
✔ action save calls API with correct parameters when editing an existing lemma
✔ action save calls API with correct parameters when removing one of several existing lemmas
✔ action save on success mutates the state to start saving, updates state and finishes saving
✔ action save calls API with correct parameters when editing several existing lemmas
✔ action save calls API with correct parameters and changes state using data from response
✔ failed save returns rejected promise with first error object if API returns multiple errors
✔ action save on success processes tempuser values when present
✔ mutation updateLemmas changes lemmas to given values
✔ action save calls API with correct parameters when adding, editing and removing lemmas
✔ failed save returns rejected promise with a single error object
✔ action save calls API with correct parameters when editing one of several existing lemmas
✔ mutation startSaving switches the isSaving flag to true
17) store
✔ creates initial state
18) LanguageAndLexicalCategoryWidget
✔ switches to edit mode and back
✔ shows the language and the lexical category
19) ItemSelectorWrapper
✔ passes the item ID to the entityselector widget on mount
20) LemmaList
21) equals
✔ returns false for LemmaList of different length
✔ returns false for LemmaList with different lemmas
✔ returns true for LemmaList with same lemmas
✔ ignores empty lemmas
✔ returns false for objects that are not of type LemmaList
✔ getLemmas
22) copy
✔ clones Lemmas
✔ creates an identical LemmaList
✔ add
✔ length
✔ remove
23) InvalidLanguageIndicator
✔ creates mixin definition that adds an InvalidLanguages property to data
✔ creates mixin property hasInvalidLanguage returning false for empty InvalidLanguages
✔ creates mixin watch handler that can find multiple invalid languages
✔ creates mixin property hasInvalidLanguage returning true for existing InvalidLanguages
✔ creates mixin definition providing computed property hasInvalidLanguage
✔ creates mixin watch handler not taking offence in empty language
✔ creates mixin watch handler that updates InvalidLanguages with respective language values
✔ creates mixin definition with watch that does not fire immediately
✔ creates mixin definition with watch that monitors the property recursively
✔ creates mixin definition with watch on desired property
✔ creates mixin definition providing method to determine if language isInvalidLanguage
✔ creates mixin definition method isInvalidLanguage returning false for empty InvalidLanguages
>> Done!
Summary:
Suites: 23 of 23
Specs: 127 of 127
Expects: 0 (0 failures)
Finished in 0.695 seconds
>> Successful!
Running "jasmine_nodejs_reset" task
Running "stylelint:all" (stylelint) task
>> Linted 7 files without errors
Done.
> test:snl-distnodiff
> run-s snl:install snl:build snl:cp snl:diff
> snl:install
> npm -C $npm_package_config_snl_src i
> new-lexeme-special-page@0.0.1 prepare
> husky
added 1161 packages, and audited 1162 packages in 34s
217 packages are looking for funding
run `npm fund` for details
2 high severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
> snl:build
> npm -C $npm_package_config_snl_src run build
> new-lexeme-special-page@0.0.1 build
> vite build
vite v5.4.8 building for production...
transforming...
✓ 95 modules transformed.
rendering chunks...
computing gzip size...
dist/style.css 1.67 kB │ gzip: 0.50 kB
dist/SpecialNewLexeme.cjs.js 27.85 kB │ gzip: 8.65 kB
✓ built in 1.88s
> snl:cp
> run-p snl:cp:*
> snl:cp:css
> cp $npm_package_config_snl_src/dist/$npm_package_config_snl_css $npm_package_config_snl_dist/
> snl:cp:cjs
> cp $npm_package_config_snl_src/dist/$npm_package_config_snl_cjs $npm_package_config_snl_dist/
> snl:diff
> git diff --exit-code $npm_package_config_snl_dist
> test:snl-main
> git -C $npm_package_config_snl_src branch --contains HEAD main | grep -q .
> test:mwlibs
> echo 'disabled (T297381)' # ZUUL_BRANCH=${ZUUL_BRANCH:-master} lib-version-check
disabled (T297381)
--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
[DNM] there are no updates
$ git add .
--- stdout ---
--- end ---
$ git commit -F /tmp/tmpuedrfela
--- stdout ---
[master 1240206] [DNM] there are no updates
1 file changed, 12 insertions(+), 12 deletions(-)
--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From 124020612b529e63eff29dbc824c715fc72ae2be Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Tue, 19 Nov 2024 07:53:38 +0000
Subject: [PATCH] [DNM] there are no updates
Change-Id: I43b9882e00edc0a811217f62ddb97b50063dbe35
---
package-lock.json | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 4933174..e2b1074 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2193,9 +2193,9 @@
}
},
"node_modules/cross-spawn": {
- "version": "7.0.3",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
- "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
+ "version": "7.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+ "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
"dev": true,
"dependencies": {
"path-key": "^3.1.0",
@@ -7075,9 +7075,9 @@
"dev": true
},
"node_modules/npm-run-all/node_modules/cross-spawn": {
- "version": "6.0.5",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz",
- "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==",
+ "version": "6.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.6.tgz",
+ "integrity": "sha512-VqCUuhcd1iB+dsv8gxPttb5iZh/D0iubSP21g36KXdEuf6I5JiioesUVjpCdHV9MZRUfVFlvwtIUyPfxo5trtw==",
"dev": true,
"dependencies": {
"nice-try": "^1.0.4",
@@ -12028,9 +12028,9 @@
}
},
"cross-spawn": {
- "version": "7.0.3",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
- "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
+ "version": "7.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+ "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
"dev": true,
"requires": {
"path-key": "^3.1.0",
@@ -15572,9 +15572,9 @@
"dev": true
},
"cross-spawn": {
- "version": "6.0.5",
- "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz",
- "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==",
+ "version": "6.0.6",
+ "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.6.tgz",
+ "integrity": "sha512-VqCUuhcd1iB+dsv8gxPttb5iZh/D0iubSP21g36KXdEuf6I5JiioesUVjpCdHV9MZRUfVFlvwtIUyPfxo5trtw==",
"dev": true,
"requires": {
"nice-try": "^1.0.4",
--
2.39.2
--- end ---