This run took 470 seconds.
From 0ab56c33437b025b0fc31831a2bf50982388d6ce Mon Sep 17 00:00:00 2001 From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org> Date: Thu, 21 Nov 2024 00:45:40 +0000 Subject: [PATCH] build: Updating npm dependencies MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * grunt-stylelint: 0.20.0 → 0.20.1 * body-parser: 1.19.2 → 1.20.3 * https://github.com/advisories/GHSA-qwcr-r2fm-qrc7 * cookie: 0.4.2 → 0.7.2 * https://github.com/advisories/GHSA-pxg6-pf52-xh8x * engine.io: 6.4.2 → 6.6.2 * https://github.com/advisories/GHSA-pxg6-pf52-xh8x * micromatch: 4.0.7 → 4.0.8 * https://github.com/advisories/GHSA-952p-6rrq-rcjv * socket.io: 4.6.1 → 4.8.1 * https://github.com/advisories/GHSA-25hc-qcg6-38wj * https://github.com/advisories/GHSA-pxg6-pf52-xh8x Additional changes: * Also sorted "composer fix" command to run phpcbf last. Change-Id: I9791d22b50ed0f07d1ff2b054caa23f8e9faabd9 --- composer.json | 4 +- package-lock.json | 670 ++++++++++++++++++++++++++++++++++------------ package.json | 2 +- 3 files changed, 498 insertions(+), 178 deletions(-) diff --git a/composer.json b/composer.json index efdf8af..50369f1 100644 --- a/composer.json +++ b/composer.json @@ -159,8 +159,8 @@ "phan": "phan -d . --long-progress-bar", "phpcs": "phpcs -p -s --cache", "fix": [ - "phpcbf", - "minus-x fix ." + "minus-x fix .", + "phpcbf" ], "pre-install-cmd": "MediaWiki\\Composer\\VersionChecker::onEvent", "pre-update-cmd": "MediaWiki\\Composer\\VersionChecker::onEvent", diff --git a/package-lock.json b/package-lock.json index 10d8f43..90d1ffa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -29,7 +29,7 @@ "grunt-contrib-watch": "1.1.0", "grunt-eslint": "24.3.0", "grunt-karma": "4.0.2", - "grunt-stylelint": "0.20.0", + "grunt-stylelint": "0.20.1", "jest": "29.7.0", "jest-environment-jsdom": "29.7.0", "jsdoc": "4.0.2", @@ -3577,9 +3577,9 @@ } }, "node_modules/@socket.io/component-emitter": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.0.tgz", - "integrity": "sha512-+9jVqKhRSpsc591z5vX+X5Yyw+he/HCB4iQ/RYxw35CEPaY1gnsNE43nf9n9AaYjAQrTiI/mOwKUKdUs9vf7Xg==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.2.tgz", + "integrity": "sha512-9BCxFwvbGg/RsZK9tjXd8s4UcwR0MWeFQ1XEKIQVVvAGJyINdrqKMcTRyLoK8Rse1GjzLV9cwjWV1olXRWEXVA==", "dev": true }, "node_modules/@stylistic/stylelint-config": { @@ -3736,9 +3736,9 @@ "dev": true }, "node_modules/@types/cors": { - "version": "2.8.13", - "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.13.tgz", - "integrity": "sha512-RG8AStHlUiV5ysZQKq97copd2UmVYw3/pRMLefISZ3S1hK104Cwm7iLQ3fTKx+lsUH2CE8FlLaYeEA2LSeqYUA==", + "version": "2.8.17", + "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.17.tgz", + "integrity": "sha512-8CGDvrBj1zgo2qE+oS3pOCyYNqCPryMWY2bGfwA0dcfopWGgxs+78df0Rs3rc9THP4JkOhLsAa+15VdpAqkcUA==", "dev": true, "dependencies": { "@types/node": "*" @@ -5576,24 +5576,27 @@ } }, "node_modules/body-parser": { - "version": "1.19.2", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.2.tgz", - "integrity": "sha512-SAAwOxgoCKMGs9uUAUFHygfLAyaniaoun6I8mFY9pRAJL9+Kec34aU+oIjDhTycub1jozEfEwx1W1IuOYxVSFw==", + "version": "1.20.3", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", + "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", "dev": true, "dependencies": { "bytes": "3.1.2", - "content-type": "~1.0.4", + "content-type": "~1.0.5", "debug": "2.6.9", - "depd": "~1.1.2", - "http-errors": "1.8.1", + "depd": "2.0.0", + "destroy": "1.2.0", + "http-errors": "2.0.0", "iconv-lite": "0.4.24", - "on-finished": "~2.3.0", - "qs": "6.9.7", - "raw-body": "2.4.3", - "type-is": "~1.6.18" + "on-finished": "2.4.1", + "qs": "6.13.0", + "raw-body": "2.5.2", + "type-is": "~1.6.18", + "unpipe": "1.0.0" }, "engines": { - "node": ">= 0.8" + "node": ">= 0.8", + "npm": "1.2.8000 || >= 1.4.16" } }, "node_modules/body-parser/node_modules/debug": { @@ -5611,6 +5614,18 @@ "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", "dev": true }, + "node_modules/body-parser/node_modules/on-finished": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", + "integrity": "sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==", + "dev": true, + "dependencies": { + "ee-first": "1.1.1" + }, + "engines": { + "node": ">= 0.8" + } + }, "node_modules/body/node_modules/bytes": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/bytes/-/bytes-1.0.0.tgz", @@ -6021,6 +6036,25 @@ "node": ">=8" } }, + "node_modules/call-bind": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", + "dev": true, + "dependencies": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "set-function-length": "^1.2.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/call-me-maybe": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/call-me-maybe/-/call-me-maybe-1.0.2.tgz", @@ -6456,9 +6490,9 @@ "dev": true }, "node_modules/content-type": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz", - "integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==", + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz", + "integrity": "sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==", "dev": true, "engines": { "node": ">= 0.6" @@ -6477,9 +6511,9 @@ "dev": true }, "node_modules/cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "version": "0.7.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz", + "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==", "dev": true, "engines": { "node": ">= 0.6" @@ -6640,9 +6674,9 @@ } }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, "dependencies": { "path-key": "^3.1.0", @@ -7015,6 +7049,23 @@ "node": ">=10" } }, + "node_modules/define-data-property": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", + "dev": true, + "dependencies": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "gopd": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/delayed-stream": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", @@ -7025,12 +7076,12 @@ } }, "node_modules/depd": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", - "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==", "dev": true, "engines": { - "node": ">= 0.6" + "node": ">= 0.8" } }, "node_modules/dequal": { @@ -7042,6 +7093,16 @@ "node": ">=6" } }, + "node_modules/destroy": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", + "integrity": "sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==", + "dev": true, + "engines": { + "node": ">= 0.8", + "npm": "1.2.8000 || >= 1.4.16" + } + }, "node_modules/detect-file": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/detect-file/-/detect-file-1.0.0.tgz", @@ -7473,9 +7534,9 @@ } }, "node_modules/engine.io": { - "version": "6.4.2", - "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.4.2.tgz", - "integrity": "sha512-FKn/3oMiJjrOEOeUub2WCox6JhxBXq/Zn3fZOMCBxKnNYtsdKjxhl7yR3fZhM9PV+rdE75SU5SYMc+2PGzo+Tg==", + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.6.2.tgz", + "integrity": "sha512-gmNvsYi9C8iErnZdVcJnvCpSKbWTt1E8+JZo8b+daLninywUWi5NQ5STSHZ9rFjFO7imNcvb8Pc5pe/wMR5xEw==", "dev": true, "dependencies": { "@types/cookie": "^0.4.1", @@ -7483,20 +7544,20 @@ "@types/node": ">=10.0.0", "accepts": "~1.3.4", "base64id": "2.0.0", - "cookie": "~0.4.1", + "cookie": "~0.7.2", "cors": "~2.8.5", "debug": "~4.3.1", - "engine.io-parser": "~5.0.3", - "ws": "~8.11.0" + "engine.io-parser": "~5.2.1", + "ws": "~8.17.1" }, "engines": { - "node": ">=10.0.0" + "node": ">=10.2.0" } }, "node_modules/engine.io-parser": { - "version": "5.0.6", - "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.0.6.tgz", - "integrity": "sha512-tjuoZDMAdEhVnSFleYPCtdL2GXwVTGtNjoeJd9IhIG3C1xs9uwxqRNEu5WpnDZCaozwVlK/nuQhpodhXSIMaxw==", + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.2.3.tgz", + "integrity": "sha512-HqD3yTBfnBxIrbnM1DoD6Pcq8NECnh8d4As1Qgh0z5Gg3jRRIqijury0CL3ghu/edArpUYiYqQiDUQBIs4np3Q==", "dev": true, "engines": { "node": ">=10.0.0" @@ -7560,6 +7621,27 @@ "is-arrayish": "^0.2.1" } }, + "node_modules/es-define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", + "dev": true, + "dependencies": { + "get-intrinsic": "^1.2.4" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/escalade": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", @@ -7713,12 +7795,6 @@ "eslint-plugin-yml": "^1.14.0" } }, - "node_modules/eslint-config-wikimedia/node_modules/browserslist-config-wikimedia": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/browserslist-config-wikimedia/-/browserslist-config-wikimedia-0.7.0.tgz", - "integrity": "sha512-CTa0lv78dXKEgrYsOLCkqO+9UUS3CV9MWEOYHcymgEvx4mYxB80sCoKRCR7wW2SOMNxjaP9hohrZripjnKuRTA==", - "dev": true - }, "node_modules/eslint-plugin-compat": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/eslint-plugin-compat/-/eslint-plugin-compat-4.2.0.tgz", @@ -8926,6 +9002,25 @@ "node": "*" } }, + "node_modules/get-intrinsic": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", + "dev": true, + "dependencies": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "has-proto": "^1.0.1", + "has-symbols": "^1.0.3", + "hasown": "^2.0.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", @@ -9149,6 +9244,18 @@ "node": "*" } }, + "node_modules/gopd": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", + "dev": true, + "dependencies": { + "get-intrinsic": "^1.1.3" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/got": { "version": "11.8.6", "resolved": "https://registry.npmjs.org/got/-/got-11.8.6.tgz", @@ -9375,9 +9482,9 @@ "dev": true }, "node_modules/grunt-stylelint": { - "version": "0.20.0", - "resolved": "https://registry.npmjs.org/grunt-stylelint/-/grunt-stylelint-0.20.0.tgz", - "integrity": "sha512-TG17gIrP2//lNq5G0YOXFC55WjXOI5Ybib3XVlatEuZcATlo/FO7cfVMgAAxbO2k6f45LP/naS/3iJTod0dVjg==", + "version": "0.20.1", + "resolved": "https://registry.npmjs.org/grunt-stylelint/-/grunt-stylelint-0.20.1.tgz", + "integrity": "sha512-tDep9ceEerB+fK6CkzPBXu5qPM7RuwCRgfrtwugEyYYnxINreMZktqQU5eoTW+MhhFj81uWQQnxf+c4geyAmQg==", "dev": true, "dependencies": { "chalk": "^4.1.2" @@ -9486,6 +9593,42 @@ "node": ">=8" } }, + "node_modules/has-property-descriptors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", + "dev": true, + "dependencies": { + "es-define-property": "^1.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/has-proto": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==", + "dev": true, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/has-symbols": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", + "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==", + "dev": true, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/hasown": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.0.tgz", @@ -9590,19 +9733,28 @@ "dev": true }, "node_modules/http-errors": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.8.1.tgz", - "integrity": "sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", + "integrity": "sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==", "dev": true, "dependencies": { - "depd": "~1.1.2", + "depd": "2.0.0", "inherits": "2.0.4", "setprototypeof": "1.2.0", - "statuses": ">= 1.5.0 < 2", + "statuses": "2.0.1", "toidentifier": "1.0.1" }, "engines": { - "node": ">= 0.6" + "node": ">= 0.8" + } + }, + "node_modules/http-errors/node_modules/statuses": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==", + "dev": true, + "engines": { + "node": ">= 0.8" } }, "node_modules/http-parser-js": { @@ -13120,9 +13272,9 @@ } }, "node_modules/micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "dependencies": { "braces": "^3.0.3", @@ -14718,10 +14870,13 @@ } }, "node_modules/qs": { - "version": "6.9.7", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.7.tgz", - "integrity": "sha512-IhMFgUmuNpyRfxA90umL7ByLlgRXu6tIfKPpF5TmcfRLlLCckfP/g3IQmju6jjpu+Hh8rA+2p6A27ZSPOOHdKw==", + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", + "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", "dev": true, + "dependencies": { + "side-channel": "^1.0.6" + }, "engines": { "node": ">=0.6" }, @@ -14815,13 +14970,13 @@ } }, "node_modules/raw-body": { - "version": "2.4.3", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.3.tgz", - "integrity": "sha512-UlTNLIcu0uzb4D2f4WltY6cVjLi+/jEN4lgEUj3E04tpMDpUlkBo/eSn6zou9hum2VMNpCCUone0O0WeJim07g==", + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", + "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==", "dev": true, "dependencies": { "bytes": "3.1.2", - "http-errors": "1.8.1", + "http-errors": "2.0.0", "iconv-lite": "0.4.24", "unpipe": "1.0.0" }, @@ -15624,6 +15779,23 @@ "randombytes": "^2.1.0" } }, + "node_modules/set-function-length": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", + "dev": true, + "dependencies": { + "define-data-property": "^1.1.4", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "gopd": "^1.0.1", + "has-property-descriptors": "^1.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/setprototypeof": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", @@ -15651,6 +15823,24 @@ "node": ">=8" } }, + "node_modules/side-channel": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==", + "dev": true, + "dependencies": { + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.4", + "object-inspect": "^1.13.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", @@ -15690,35 +15880,37 @@ } }, "node_modules/socket.io": { - "version": "4.6.1", - "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.6.1.tgz", - "integrity": "sha512-KMcaAi4l/8+xEjkRICl6ak8ySoxsYG+gG6/XfRCPJPQ/haCRIJBTL4wIl8YCsmtaBovcAXGLOShyVWQ/FG8GZA==", + "version": "4.8.1", + "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.8.1.tgz", + "integrity": "sha512-oZ7iUCxph8WYRHHcjBEc9unw3adt5CmSNlppj/5Q4k2RIrhl8Z5yY2Xr4j9zj0+wzVZ0bxmYoGSzKJnRl6A4yg==", "dev": true, "dependencies": { "accepts": "~1.3.4", "base64id": "~2.0.0", + "cors": "~2.8.5", "debug": "~4.3.2", - "engine.io": "~6.4.1", + "engine.io": "~6.6.0", "socket.io-adapter": "~2.5.2", - "socket.io-parser": "~4.2.1" + "socket.io-parser": "~4.2.4" }, "engines": { - "node": ">=10.0.0" + "node": ">=10.2.0" } }, "node_modules/socket.io-adapter": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.2.tgz", - "integrity": "sha512-87C3LO/NOMc+eMcpcxUBebGjkpMDkNBS9tf7KJqcDsmL936EChtVva71Dw2q4tQcuVC+hAUy4an2NO/sYXmwRA==", + "version": "2.5.5", + "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.5.tgz", + "integrity": "sha512-eLDQas5dzPgOWCk9GuuJC2lBqItuhKI4uxGgo9aIV7MYbk2h9Q6uULEh8WBzThoI7l+qU9Ast9fVUmkqPP9wYg==", "dev": true, "dependencies": { - "ws": "~8.11.0" + "debug": "~4.3.4", + "ws": "~8.17.1" } }, "node_modules/socket.io-parser": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.3.tgz", - "integrity": "sha512-JMafRntWVO2DCJimKsRTh/wnqVvO4hrfwOqtO7f+uzwsQMuxO6VwImtYxaQ+ieoyshWOTJyV0fA21lccEXRPpQ==", + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.4.tgz", + "integrity": "sha512-/GbIKmo8ioc+NIWIhwdecY0ge+qVBSMdgxGygevmdHj24bsfgtCmcUUcQ5ZzcylGFHsN3k4HB4Cgkl96KVnuew==", "dev": true, "dependencies": { "@socket.io/component-emitter": "~3.1.0", @@ -17227,8 +17419,13 @@ } }, "node_modules/wdio-mediawiki": { - "resolved": "tests/selenium/wdio-mediawiki", - "link": true + "version": "2.5.0", + "resolved": "file:tests/selenium/wdio-mediawiki", + "dev": true, + "license": "MIT", + "dependencies": { + "mwbot": "2.1.3" + } }, "node_modules/webdriver": { "version": "7.33.0", @@ -17486,16 +17683,16 @@ } }, "node_modules/ws": { - "version": "8.11.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.11.0.tgz", - "integrity": "sha512-HPG3wQd9sNQoT9xHyNCXoDUa+Xw/VevmY9FoHyQ+g+rrMn4j6FB4np7Z0OhdTgjx6MgQLK7jwSy1YecU1+4Asg==", + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "dev": true, "engines": { "node": ">=10.0.0" }, "peerDependencies": { "bufferutil": "^4.0.1", - "utf-8-validate": "^5.0.2" + "utf-8-validate": ">=5.0.2" }, "peerDependenciesMeta": { "bufferutil": { @@ -17700,7 +17897,7 @@ "node_modules/yarn-install": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/yarn-install/-/yarn-install-1.0.0.tgz", - "integrity": "sha1-V/RQULgu/VcYKzlzxUqgXLXSUjA=", + "integrity": "sha512-VO1u181msinhPcGvQTVMnHVOae8zjX/NSksR17e6eXHRveDvHCF5mGjh9hkN8mzyfnCqcBe42LdTs7bScuTaeg==", "dev": true, "dependencies": { "cac": "^3.0.3", @@ -17893,14 +18090,6 @@ "funding": { "url": "https://github.com/sponsors/isaacs" } - }, - "tests/selenium/wdio-mediawiki": { - "version": "2.5.0", - "dev": true, - "license": "MIT", - "dependencies": { - "mwbot": "2.1.3" - } } }, "dependencies": { @@ -20472,9 +20661,9 @@ "dev": true }, "@socket.io/component-emitter": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.0.tgz", - "integrity": "sha512-+9jVqKhRSpsc591z5vX+X5Yyw+he/HCB4iQ/RYxw35CEPaY1gnsNE43nf9n9AaYjAQrTiI/mOwKUKdUs9vf7Xg==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.2.tgz", + "integrity": "sha512-9BCxFwvbGg/RsZK9tjXd8s4UcwR0MWeFQ1XEKIQVVvAGJyINdrqKMcTRyLoK8Rse1GjzLV9cwjWV1olXRWEXVA==", "dev": true }, "@stylistic/stylelint-config": { @@ -20609,9 +20798,9 @@ "dev": true }, "@types/cors": { - "version": "2.8.13", - "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.13.tgz", - "integrity": "sha512-RG8AStHlUiV5ysZQKq97copd2UmVYw3/pRMLefISZ3S1hK104Cwm7iLQ3fTKx+lsUH2CE8FlLaYeEA2LSeqYUA==", + "version": "2.8.17", + "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.17.tgz", + "integrity": "sha512-8CGDvrBj1zgo2qE+oS3pOCyYNqCPryMWY2bGfwA0dcfopWGgxs+78df0Rs3rc9THP4JkOhLsAa+15VdpAqkcUA==", "dev": true, "requires": { "@types/node": "*" @@ -22142,21 +22331,23 @@ } }, "body-parser": { - "version": "1.19.2", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.2.tgz", - "integrity": "sha512-SAAwOxgoCKMGs9uUAUFHygfLAyaniaoun6I8mFY9pRAJL9+Kec34aU+oIjDhTycub1jozEfEwx1W1IuOYxVSFw==", + "version": "1.20.3", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", + "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", "dev": true, "requires": { "bytes": "3.1.2", - "content-type": "~1.0.4", + "content-type": "~1.0.5", "debug": "2.6.9", - "depd": "~1.1.2", - "http-errors": "1.8.1", + "depd": "2.0.0", + "destroy": "1.2.0", + "http-errors": "2.0.0", "iconv-lite": "0.4.24", - "on-finished": "~2.3.0", - "qs": "6.9.7", - "raw-body": "2.4.3", - "type-is": "~1.6.18" + "on-finished": "2.4.1", + "qs": "6.13.0", + "raw-body": "2.5.2", + "type-is": "~1.6.18", + "unpipe": "1.0.0" }, "dependencies": { "debug": { @@ -22173,6 +22364,15 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", "dev": true + }, + "on-finished": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", + "integrity": "sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==", + "dev": true, + "requires": { + "ee-first": "1.1.1" + } } } }, @@ -22445,6 +22645,19 @@ "responselike": "^2.0.0" } }, + "call-bind": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", + "dev": true, + "requires": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "set-function-length": "^1.2.1" + } + }, "call-me-maybe": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/call-me-maybe/-/call-me-maybe-1.0.2.tgz", @@ -22781,9 +22994,9 @@ } }, "content-type": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz", - "integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==", + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz", + "integrity": "sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==", "dev": true }, "continuable-cache": { @@ -22799,9 +23012,9 @@ "dev": true }, "cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "version": "0.7.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz", + "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==", "dev": true }, "cookiejar": { @@ -22921,9 +23134,9 @@ } }, "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, "requires": { "path-key": "^3.1.0", @@ -23216,6 +23429,17 @@ "integrity": "sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg==", "dev": true }, + "define-data-property": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", + "dev": true, + "requires": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "gopd": "^1.0.1" + } + }, "delayed-stream": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", @@ -23223,9 +23447,9 @@ "dev": true }, "depd": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", - "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==", "dev": true }, "dequal": { @@ -23234,6 +23458,12 @@ "integrity": "sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA==", "dev": true }, + "destroy": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", + "integrity": "sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==", + "dev": true + }, "detect-file": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/detect-file/-/detect-file-1.0.0.tgz", @@ -23555,9 +23785,9 @@ } }, "engine.io": { - "version": "6.4.2", - "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.4.2.tgz", - "integrity": "sha512-FKn/3oMiJjrOEOeUub2WCox6JhxBXq/Zn3fZOMCBxKnNYtsdKjxhl7yR3fZhM9PV+rdE75SU5SYMc+2PGzo+Tg==", + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.6.2.tgz", + "integrity": "sha512-gmNvsYi9C8iErnZdVcJnvCpSKbWTt1E8+JZo8b+daLninywUWi5NQ5STSHZ9rFjFO7imNcvb8Pc5pe/wMR5xEw==", "dev": true, "requires": { "@types/cookie": "^0.4.1", @@ -23565,17 +23795,17 @@ "@types/node": ">=10.0.0", "accepts": "~1.3.4", "base64id": "2.0.0", - "cookie": "~0.4.1", + "cookie": "~0.7.2", "cors": "~2.8.5", "debug": "~4.3.1", - "engine.io-parser": "~5.0.3", - "ws": "~8.11.0" + "engine.io-parser": "~5.2.1", + "ws": "~8.17.1" } }, "engine.io-parser": { - "version": "5.0.6", - "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.0.6.tgz", - "integrity": "sha512-tjuoZDMAdEhVnSFleYPCtdL2GXwVTGtNjoeJd9IhIG3C1xs9uwxqRNEu5WpnDZCaozwVlK/nuQhpodhXSIMaxw==", + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.2.3.tgz", + "integrity": "sha512-HqD3yTBfnBxIrbnM1DoD6Pcq8NECnh8d4As1Qgh0z5Gg3jRRIqijury0CL3ghu/edArpUYiYqQiDUQBIs4np3Q==", "dev": true }, "enhanced-resolve": { @@ -23624,6 +23854,21 @@ "is-arrayish": "^0.2.1" } }, + "es-define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", + "dev": true, + "requires": { + "get-intrinsic": "^1.2.4" + } + }, + "es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true + }, "escalade": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", @@ -23767,14 +24012,6 @@ "eslint-plugin-vue": "^9.26.0", "eslint-plugin-wdio": "^8.24.12", "eslint-plugin-yml": "^1.14.0" - }, - "dependencies": { - "browserslist-config-wikimedia": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/browserslist-config-wikimedia/-/browserslist-config-wikimedia-0.7.0.tgz", - "integrity": "sha512-CTa0lv78dXKEgrYsOLCkqO+9UUS3CV9MWEOYHcymgEvx4mYxB80sCoKRCR7wW2SOMNxjaP9hohrZripjnKuRTA==", - "dev": true - } } }, "eslint-plugin-compat": { @@ -24628,6 +24865,19 @@ "integrity": "sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==", "dev": true }, + "get-intrinsic": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", + "dev": true, + "requires": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "has-proto": "^1.0.1", + "has-symbols": "^1.0.3", + "hasown": "^2.0.0" + } + }, "get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", @@ -24798,6 +25048,15 @@ } } }, + "gopd": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", + "dev": true, + "requires": { + "get-intrinsic": "^1.1.3" + } + }, "got": { "version": "11.8.6", "resolved": "https://registry.npmjs.org/got/-/got-11.8.6.tgz", @@ -25007,9 +25266,9 @@ } }, "grunt-stylelint": { - "version": "0.20.0", - "resolved": "https://registry.npmjs.org/grunt-stylelint/-/grunt-stylelint-0.20.0.tgz", - "integrity": "sha512-TG17gIrP2//lNq5G0YOXFC55WjXOI5Ybib3XVlatEuZcATlo/FO7cfVMgAAxbO2k6f45LP/naS/3iJTod0dVjg==", + "version": "0.20.1", + "resolved": "https://registry.npmjs.org/grunt-stylelint/-/grunt-stylelint-0.20.1.tgz", + "integrity": "sha512-tDep9ceEerB+fK6CkzPBXu5qPM7RuwCRgfrtwugEyYYnxINreMZktqQU5eoTW+MhhFj81uWQQnxf+c4geyAmQg==", "dev": true, "requires": { "chalk": "^4.1.2" @@ -25054,6 +25313,27 @@ "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true }, + "has-property-descriptors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", + "dev": true, + "requires": { + "es-define-property": "^1.0.0" + } + }, + "has-proto": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==", + "dev": true + }, + "has-symbols": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", + "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==", + "dev": true + }, "hasown": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.0.tgz", @@ -25130,16 +25410,24 @@ "dev": true }, "http-errors": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.8.1.tgz", - "integrity": "sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", + "integrity": "sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==", "dev": true, "requires": { - "depd": "~1.1.2", + "depd": "2.0.0", "inherits": "2.0.4", "setprototypeof": "1.2.0", - "statuses": ">= 1.5.0 < 2", + "statuses": "2.0.1", "toidentifier": "1.0.1" + }, + "dependencies": { + "statuses": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==", + "dev": true + } } }, "http-parser-js": { @@ -27938,9 +28226,9 @@ "dev": true }, "micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "requires": { "braces": "^3.0.3", @@ -29101,10 +29389,13 @@ "dev": true }, "qs": { - "version": "6.9.7", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.7.tgz", - "integrity": "sha512-IhMFgUmuNpyRfxA90umL7ByLlgRXu6tIfKPpF5TmcfRLlLCckfP/g3IQmju6jjpu+Hh8rA+2p6A27ZSPOOHdKw==", - "dev": true + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", + "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", + "dev": true, + "requires": { + "side-channel": "^1.0.6" + } }, "query-selector-shadow-dom": { "version": "1.0.1", @@ -29163,13 +29454,13 @@ "dev": true }, "raw-body": { - "version": "2.4.3", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.3.tgz", - "integrity": "sha512-UlTNLIcu0uzb4D2f4WltY6cVjLi+/jEN4lgEUj3E04tpMDpUlkBo/eSn6zou9hum2VMNpCCUone0O0WeJim07g==", + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", + "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==", "dev": true, "requires": { "bytes": "3.1.2", - "http-errors": "1.8.1", + "http-errors": "2.0.0", "iconv-lite": "0.4.24", "unpipe": "1.0.0" } @@ -29801,6 +30092,20 @@ "randombytes": "^2.1.0" } }, + "set-function-length": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", + "dev": true, + "requires": { + "define-data-property": "^1.1.4", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "gopd": "^1.0.1", + "has-property-descriptors": "^1.0.2" + } + }, "setprototypeof": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", @@ -29822,6 +30127,18 @@ "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", "dev": true }, + "side-channel": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==", + "dev": true, + "requires": { + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.4", + "object-inspect": "^1.13.1" + } + }, "signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", @@ -29852,32 +30169,34 @@ } }, "socket.io": { - "version": "4.6.1", - "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.6.1.tgz", - "integrity": "sha512-KMcaAi4l/8+xEjkRICl6ak8ySoxsYG+gG6/XfRCPJPQ/haCRIJBTL4wIl8YCsmtaBovcAXGLOShyVWQ/FG8GZA==", + "version": "4.8.1", + "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.8.1.tgz", + "integrity": "sha512-oZ7iUCxph8WYRHHcjBEc9unw3adt5CmSNlppj/5Q4k2RIrhl8Z5yY2Xr4j9zj0+wzVZ0bxmYoGSzKJnRl6A4yg==", "dev": true, "requires": { "accepts": "~1.3.4", "base64id": "~2.0.0", + "cors": "~2.8.5", "debug": "~4.3.2", - "engine.io": "~6.4.1", + "engine.io": "~6.6.0", "socket.io-adapter": "~2.5.2", - "socket.io-parser": "~4.2.1" + "socket.io-parser": "~4.2.4" } }, "socket.io-adapter": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.2.tgz", - "integrity": "sha512-87C3LO/NOMc+eMcpcxUBebGjkpMDkNBS9tf7KJqcDsmL936EChtVva71Dw2q4tQcuVC+hAUy4an2NO/sYXmwRA==", + "version": "2.5.5", + "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.5.tgz", + "integrity": "sha512-eLDQas5dzPgOWCk9GuuJC2lBqItuhKI4uxGgo9aIV7MYbk2h9Q6uULEh8WBzThoI7l+qU9Ast9fVUmkqPP9wYg==", "dev": true, "requires": { - "ws": "~8.11.0" + "debug": "~4.3.4", + "ws": "~8.17.1" } }, "socket.io-parser": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.3.tgz", - "integrity": "sha512-JMafRntWVO2DCJimKsRTh/wnqVvO4hrfwOqtO7f+uzwsQMuxO6VwImtYxaQ+ieoyshWOTJyV0fA21lccEXRPpQ==", + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.4.tgz", + "integrity": "sha512-/GbIKmo8ioc+NIWIhwdecY0ge+qVBSMdgxGygevmdHj24bsfgtCmcUUcQ5ZzcylGFHsN3k4HB4Cgkl96KVnuew==", "dev": true, "requires": { "@socket.io/component-emitter": "~3.1.0", @@ -31030,7 +31349,8 @@ } }, "wdio-mediawiki": { - "version": "file:tests/selenium/wdio-mediawiki", + "version": "2.5.0", + "dev": true, "requires": { "mwbot": "2.1.3" } @@ -31239,9 +31559,9 @@ } }, "ws": { - "version": "8.11.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.11.0.tgz", - "integrity": "sha512-HPG3wQd9sNQoT9xHyNCXoDUa+Xw/VevmY9FoHyQ+g+rrMn4j6FB4np7Z0OhdTgjx6MgQLK7jwSy1YecU1+4Asg==", + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "dev": true, "requires": {} }, @@ -31391,7 +31711,7 @@ "yarn-install": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/yarn-install/-/yarn-install-1.0.0.tgz", - "integrity": "sha1-V/RQULgu/VcYKzlzxUqgXLXSUjA=", + "integrity": "sha512-VO1u181msinhPcGvQTVMnHVOae8zjX/NSksR17e6eXHRveDvHCF5mGjh9hkN8mzyfnCqcBe42LdTs7bScuTaeg==", "dev": true, "requires": { "cac": "^3.0.3", diff --git a/package.json b/package.json index f4bc761..3dba04e 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ "grunt-contrib-watch": "1.1.0", "grunt-eslint": "24.3.0", "grunt-karma": "4.0.2", - "grunt-stylelint": "0.20.0", + "grunt-stylelint": "0.20.1", "jest": "29.7.0", "jest-environment-jsdom": "29.7.0", "jsdoc": "4.0.2", -- 2.39.2
$ date --- stdout --- Thu Nov 21 00:38:04 UTC 2024 --- end --- $ git clone file:///srv/git/mediawiki-core.git repo --depth=1 -b master --- stderr --- Cloning into 'repo'... Updating files: 77% (8091/10383) Updating files: 78% (8099/10383) Updating files: 79% (8203/10383) Updating files: 80% (8307/10383) Updating files: 81% (8411/10383) Updating files: 82% (8515/10383) Updating files: 83% (8618/10383) Updating files: 84% (8722/10383) Updating files: 85% (8826/10383) Updating files: 86% (8930/10383) Updating files: 87% (9034/10383) Updating files: 88% (9138/10383) Updating files: 89% (9241/10383) Updating files: 90% (9345/10383) Updating files: 91% (9449/10383) Updating files: 92% (9553/10383) Updating files: 93% (9657/10383) Updating files: 94% (9761/10383) Updating files: 95% (9864/10383) Updating files: 96% (9968/10383) Updating files: 97% (10072/10383) Updating files: 98% (10176/10383) Updating files: 99% (10280/10383) Updating files: 100% (10383/10383) Updating files: 100% (10383/10383), done. --- stdout --- --- end --- $ git config user.name libraryupgrader --- stdout --- --- end --- $ git config user.email tools.libraryupgrader@tools.wmflabs.org --- stdout --- --- end --- $ git submodule update --init --- stdout --- --- end --- $ grr init --- stdout --- Installed commit-msg hook. --- end --- $ git show-ref refs/heads/master --- stdout --- 8b2f165b91f0f2250e0e2b5d2620049f097681f3 refs/heads/master --- end --- $ /usr/bin/npm audit --json --- stdout --- { "auditReportVersion": 2, "vulnerabilities": { "@wdio/cli": { "name": "@wdio/cli", "severity": "high", "isDirect": true, "via": [ "webdriverio", "yarn-install" ], "effects": [ "@wdio/junit-reporter", "@wdio/local-runner", "@wdio/spec-reporter" ], "range": "5.4.10 - 8.40.6", "nodes": [ "node_modules/@wdio/cli" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/junit-reporter": { "name": "@wdio/junit-reporter", "severity": "high", "isDirect": true, "via": [ "@wdio/cli" ], "effects": [], "range": "6.0.4 - 8.0.0-alpha.631", "nodes": [ "node_modules/@wdio/junit-reporter" ], "fixAvailable": { "name": "@wdio/junit-reporter", "version": "9.2.14", "isSemVerMajor": true } }, "@wdio/local-runner": { "name": "@wdio/local-runner", "severity": "high", "isDirect": true, "via": [ "@wdio/cli", "@wdio/runner" ], "effects": [], "range": "6.0.4 - 8.40.6", "nodes": [ "node_modules/@wdio/local-runner" ], "fixAvailable": { "name": "@wdio/local-runner", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/runner": { "name": "@wdio/runner", "severity": "high", "isDirect": false, "via": [ "webdriverio" ], "effects": [ "@wdio/local-runner" ], "range": "7.16.5 - 8.40.6", "nodes": [ "node_modules/@wdio/runner" ], "fixAvailable": { "name": "@wdio/local-runner", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/spec-reporter": { "name": "@wdio/spec-reporter", "severity": "high", "isDirect": true, "via": [ "@wdio/cli" ], "effects": [], "range": "6.0.4 - 8.0.0-alpha.631", "nodes": [ "node_modules/@wdio/spec-reporter" ], "fixAvailable": { "name": "@wdio/spec-reporter", "version": "9.2.14", "isSemVerMajor": true } }, "axios": { "name": "axios", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097679, "name": "axios", "dependency": "axios", "title": "Axios Cross-Site Request Forgery Vulnerability", "url": "https://github.com/advisories/GHSA-wf5p-g6vw-rhxx", "severity": "moderate", "cwe": [ "CWE-352" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, "range": ">=0.8.1 <0.28.0" } ], "effects": [ "openapi-validator" ], "range": "0.8.1 - 0.27.2", "nodes": [ "node_modules/axios" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "body-parser": { "name": "body-parser", "severity": "high", "isDirect": false, "via": [ { "source": 1099520, "name": "body-parser", "dependency": "body-parser", "title": "body-parser vulnerable to denial of service when url encoding is enabled", "url": "https://github.com/advisories/GHSA-qwcr-r2fm-qrc7", "severity": "high", "cwe": [ "CWE-405" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<1.20.3" } ], "effects": [], "range": "<1.20.3", "nodes": [ "node_modules/body-parser" ], "fixAvailable": true }, "chai-openapi-response-validator": { "name": "chai-openapi-response-validator", "severity": "moderate", "isDirect": true, "via": [ "openapi-validator" ], "effects": [], "range": "0.11.2 || >=0.14.2-alpha.0", "nodes": [ "node_modules/chai-openapi-response-validator" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "cookie": { "name": "cookie", "severity": "low", "isDirect": false, "via": [ { "source": 1099846, "name": "cookie", "dependency": "cookie", "title": "cookie accepts cookie name, path, and domain with out of bounds characters", "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x", "severity": "low", "cwe": [ "CWE-74" ], "cvss": { "score": 0, "vectorString": null }, "range": "<0.7.0" } ], "effects": [ "engine.io" ], "range": "<0.7.0", "nodes": [ "node_modules/cookie" ], "fixAvailable": true }, "cross-spawn": { "name": "cross-spawn", "severity": "high", "isDirect": false, "via": [ { "source": 1100562, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<6.0.6" }, { "source": 1100563, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=7.0.0 <7.0.5" } ], "effects": [ "yarn-install" ], "range": "<6.0.6 || >=7.0.0 <7.0.5", "nodes": [ "node_modules/cross-spawn", "node_modules/yarn-install/node_modules/cross-spawn" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "devtools": { "name": "devtools", "severity": "high", "isDirect": false, "via": [ "puppeteer-core" ], "effects": [], "range": ">=7.16.5", "nodes": [ "node_modules/devtools" ], "fixAvailable": true }, "engine.io": { "name": "engine.io", "severity": "high", "isDirect": false, "via": [ "cookie", "ws" ], "effects": [ "socket.io" ], "range": "0.7.8 - 0.7.9 || 1.8.0 - 6.6.1", "nodes": [ "node_modules/engine.io" ], "fixAvailable": true }, "micromatch": { "name": "micromatch", "severity": "moderate", "isDirect": false, "via": [ { "source": 1098681, "name": "micromatch", "dependency": "micromatch", "title": "Regular Expression Denial of Service (ReDoS) in micromatch", "url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv", "severity": "moderate", "cwe": [ "CWE-1333" ], "cvss": { "score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, "range": "<4.0.8" } ], "effects": [], "range": "<4.0.8", "nodes": [ "node_modules/micromatch" ], "fixAvailable": true }, "mwbot": { "name": "mwbot", "severity": "moderate", "isDirect": false, "via": [ "request" ], "effects": [], "range": ">=0.1.6", "nodes": [ "node_modules/mwbot" ], "fixAvailable": { "name": "mwbot", "version": "0.1.5", "isSemVerMajor": true } }, "openapi-validator": { "name": "openapi-validator", "severity": "moderate", "isDirect": false, "via": [ "axios" ], "effects": [ "chai-openapi-response-validator" ], "range": ">=0.14.2-alpha.0", "nodes": [ "node_modules/openapi-validator" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "puppeteer-core": { "name": "puppeteer-core", "severity": "high", "isDirect": false, "via": [ "ws" ], "effects": [ "devtools", "webdriverio" ], "range": "11.0.0 - 22.11.1", "nodes": [ "node_modules/puppeteer-core" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "request": { "name": "request", "severity": "moderate", "isDirect": false, "via": [ { "source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": [ "CWE-918" ], "cvss": { "score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, "range": "<=2.88.2" }, "tough-cookie" ], "effects": [ "mwbot" ], "range": "*", "nodes": [ "node_modules/request" ], "fixAvailable": { "name": "mwbot", "version": "0.1.5", "isSemVerMajor": true } }, "socket.io": { "name": "socket.io", "severity": "moderate", "isDirect": false, "via": [ { "source": 1100550, "name": "socket.io", "dependency": "socket.io", "title": "socket.io has an unhandled 'error' event", "url": "https://github.com/advisories/GHSA-25hc-qcg6-38wj", "severity": "moderate", "cwe": [ "CWE-20", "CWE-754" ], "cvss": { "score": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, "range": ">=3.0.0 <4.6.2" }, "engine.io" ], "effects": [], "range": "1.6.0 - 4.7.5", "nodes": [ "node_modules/socket.io" ], "fixAvailable": true }, "socket.io-adapter": { "name": "socket.io-adapter", "severity": "high", "isDirect": false, "via": [ "ws" ], "effects": [], "range": "2.5.2 - 2.5.4", "nodes": [ "node_modules/socket.io-adapter" ], "fixAvailable": true }, "tough-cookie": { "name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": [ "CWE-1321" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, "range": "<4.1.3" } ], "effects": [ "request" ], "range": "<4.1.3", "nodes": [ "node_modules/tough-cookie" ], "fixAvailable": { "name": "mwbot", "version": "0.1.5", "isSemVerMajor": true } }, "webdriverio": { "name": "webdriverio", "severity": "high", "isDirect": false, "via": [ "devtools", "puppeteer-core" ], "effects": [ "@wdio/cli", "@wdio/runner" ], "range": "7.16.5 - 8.40.6", "nodes": [ "node_modules/webdriverio" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "ws": { "name": "ws", "severity": "high", "isDirect": false, "via": [ { "source": 1098392, "name": "ws", "dependency": "ws", "title": "ws affected by a DoS when handling a request with many HTTP headers", "url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q", "severity": "high", "cwe": [ "CWE-476" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=8.0.0 <8.17.1" } ], "effects": [ "engine.io", "puppeteer-core", "socket.io-adapter" ], "range": "8.0.0 - 8.17.0", "nodes": [ "node_modules/puppeteer-core/node_modules/ws", "node_modules/ws" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "yarn-install": { "name": "yarn-install", "severity": "high", "isDirect": false, "via": [ "cross-spawn" ], "effects": [ "@wdio/cli" ], "range": "*", "nodes": [ "node_modules/yarn-install" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } } }, "metadata": { "vulnerabilities": { "info": 0, "low": 1, "moderate": 8, "high": 14, "critical": 0, "total": 23 }, "dependencies": { "prod": 1, "dev": 1481, "optional": 4, "peer": 2, "peerOptional": 0, "total": 1481 } } } --- end --- $ /usr/bin/composer install --- stderr --- No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information. > MediaWiki\Composer\VersionChecker::onEvent Loading composer repositories with package information Updating dependencies Lock file operations: 136 installs, 0 updates, 0 removals - Locking composer/pcre (3.3.2) - Locking composer/semver (3.4.3) - Locking composer/spdx-licenses (1.5.8) - Locking composer/xdebug-handler (3.0.5) - Locking cssjanus/cssjanus (v2.3.0) - Locking dealerdirect/phpcodesniffer-composer-installer (v1.0.0) - Locking doctrine/cache (2.2.0) - Locking doctrine/dbal (3.8.4) - Locking doctrine/deprecations (1.1.3) - Locking doctrine/event-manager (2.0.1) - Locking doctrine/instantiator (2.0.0) - Locking doctrine/sql-formatter (1.1.3) - Locking felixfbecker/advanced-json-rpc (v3.2.1) - Locking giorgiosironi/eris (0.14.0) - Locking guzzlehttp/guzzle (7.9.2) - Locking guzzlehttp/promises (2.0.4) - Locking guzzlehttp/psr7 (2.7.0) - Locking hamcrest/hamcrest-php (v2.0.1) - Locking johnkary/phpunit-speedtrap (v4.0.1) - Locking justinrainbow/json-schema (5.3.0) - Locking liuggio/statsd-php-client (v1.0.18) - Locking mck89/peast (v1.16.3) - Locking mediawiki/mediawiki-codesniffer (v45.0.0) - Locking mediawiki/mediawiki-phan-config (0.14.0) - Locking mediawiki/minus-x (1.1.3) - Locking mediawiki/phan-taint-check-plugin (6.0.0) - Locking microsoft/tolerant-php-parser (v0.1.2) - Locking monolog/monolog (2.9.3) - Locking myclabs/deep-copy (1.12.1) - Locking netresearch/jsonmapper (v4.5.0) - Locking nikic/php-parser (v5.3.1) - Locking oojs/oojs-ui (v0.51.2) - Locking pear/console_getopt (v1.4.3) - Locking pear/mail (v2.0.0) - Locking pear/mail_mime (1.10.12) - Locking pear/net_smtp (1.12.1) - Locking pear/net_socket (v1.2.2) - Locking pear/net_url2 (v2.2.2) - Locking pear/pear-core-minimal (v1.10.15) - Locking pear/pear_exception (v1.0.2) - Locking phan/phan (5.4.3) - Locking phar-io/manifest (2.0.4) - Locking phar-io/version (3.2.1) - Locking php-parallel-lint/php-console-color (v1.0.1) - Locking php-parallel-lint/php-console-highlighter (v1.0.0) - Locking php-parallel-lint/php-parallel-lint (v1.4.0) - Locking phpcsstandards/phpcsextra (1.2.1) - Locking phpcsstandards/phpcsutils (1.0.12) - Locking phpdocumentor/reflection-common (2.2.0) - Locking phpdocumentor/reflection-docblock (5.6.0) - Locking phpdocumentor/type-resolver (1.10.0) - Locking phpstan/phpdoc-parser (2.0.0) - Locking phpunit/php-code-coverage (9.2.32) - Locking phpunit/php-file-iterator (3.0.6) - Locking phpunit/php-invoker (3.1.1) - Locking phpunit/php-text-template (2.0.4) - Locking phpunit/php-timer (5.0.3) - Locking phpunit/phpunit (9.6.19) - Locking psr/cache (3.0.0) - Locking psr/container (1.1.2) - Locking psr/http-client (1.0.3) - Locking psr/http-factory (1.1.0) - Locking psr/http-message (1.1) - Locking psr/log (1.1.4) - Locking psy/psysh (v0.12.4) - Locking ralouphie/getallheaders (3.0.3) - Locking sabre/event (5.1.7) - Locking sebastian/cli-parser (1.0.2) - Locking sebastian/code-unit (1.0.8) - Locking sebastian/code-unit-reverse-lookup (2.0.3) - Locking sebastian/comparator (4.0.8) - Locking sebastian/complexity (2.0.3) - Locking sebastian/diff (4.0.6) - Locking sebastian/environment (5.1.5) - Locking sebastian/exporter (4.0.6) - Locking sebastian/global-state (5.0.7) - Locking sebastian/lines-of-code (1.0.4) - Locking sebastian/object-enumerator (4.0.4) - Locking sebastian/object-reflector (2.0.4) - Locking sebastian/recursion-context (4.0.5) - Locking sebastian/resource-operations (3.0.4) - Locking sebastian/type (3.2.1) - Locking sebastian/version (3.0.2) - Locking seld/jsonlint (1.10.2) - Locking squizlabs/php_codesniffer (3.10.3) - Locking symfony/console (v7.1.8) - Locking symfony/deprecation-contracts (v3.5.0) - Locking symfony/polyfill-php80 (v1.31.0) - Locking symfony/polyfill-php81 (v1.31.0) - Locking symfony/polyfill-php82 (v1.31.0) - Locking symfony/polyfill-php83 (v1.31.0) - Locking symfony/service-contracts (v3.5.0) - Locking symfony/string (v7.1.8) - Locking symfony/var-dumper (v7.1.8) - Locking symfony/yaml (v5.4.45) - Locking theseer/tokenizer (1.2.3) - Locking tysonandre/var_representation_polyfill (0.1.3) - Locking webmozart/assert (1.11.0) - Locking wikimedia/alea (1.0.0) - Locking wikimedia/assert (v0.5.1) - Locking wikimedia/at-ease (v3.0.0) - Locking wikimedia/base-convert (v2.0.2) - Locking wikimedia/bcp-47-code (v2.0.1) - Locking wikimedia/cdb (3.0.0) - Locking wikimedia/cldr-plural-rule-parser (v2.0.0) - Locking wikimedia/common-passwords (v0.5.0) - Locking wikimedia/composer-merge-plugin (v2.1.0) - Locking wikimedia/html-formatter (4.1.0) - Locking wikimedia/idle-dom (v2.0.1) - Locking wikimedia/ip-utils (5.0.0) - Locking wikimedia/json-codec (v3.0.3) - Locking wikimedia/langconv (0.4.2) - Locking wikimedia/less.php (v5.1.2) - Locking wikimedia/minify (2.8.0) - Locking wikimedia/normalized-exception (v2.0.0) - Locking wikimedia/object-factory (v5.0.1) - Locking wikimedia/parsoid (v0.21.0-a7) - Locking wikimedia/php-session-serializer (v3.0.0) - Locking wikimedia/purtle (v2.0.0) - Locking wikimedia/relpath (4.0.1) - Locking wikimedia/remex-html (4.1.1) - Locking wikimedia/request-timeout (2.0.0) - Locking wikimedia/running-stat (v2.1.0) - Locking wikimedia/scoped-callback (v5.0.0) - Locking wikimedia/services (4.0.0) - Locking wikimedia/shellbox (4.1.1) - Locking wikimedia/testing-access-wrapper (3.0.0) - Locking wikimedia/timestamp (v4.2.0) - Locking wikimedia/utfnormal (4.0.0) - Locking wikimedia/wait-condition-loop (v2.0.2) - Locking wikimedia/wikipeg (4.0.0) - Locking wikimedia/wrappedstring (v4.0.1) - Locking wikimedia/xmp-reader (0.9.4) - Locking wikimedia/zest-css (3.0.2) - Locking wmde/hamcrest-html-matchers (v1.0.0) - Locking zordius/lightncandy (v1.2.6) Writing lock file Installing dependencies from lock file (including require-dev) Package operations: 136 installs, 0 updates, 0 removals - Downloading wikimedia/parsoid (v0.21.0-a7) 0/1 [>---------------------------] 0% 1/1 [============================] 100% - Installing wikimedia/composer-merge-plugin (v2.1.0): Extracting archive - Installing squizlabs/php_codesniffer (3.10.3): Extracting archive - Installing dealerdirect/phpcodesniffer-composer-installer (v1.0.0): Extracting archive - Installing composer/pcre (3.3.2): Extracting archive - Installing cssjanus/cssjanus (v2.3.0): Extracting archive - Installing psr/log (1.1.4): Extracting archive - Installing psr/cache (3.0.0): Extracting archive - Installing doctrine/event-manager (2.0.1): Extracting archive - Installing doctrine/deprecations (1.1.3): Extracting archive - Installing doctrine/cache (2.2.0): Extracting archive - Installing doctrine/dbal (3.8.4): Extracting archive - Installing doctrine/sql-formatter (1.1.3): Extracting archive - Installing giorgiosironi/eris (0.14.0): Extracting archive - Installing guzzlehttp/promises (2.0.4): Extracting archive - Installing ralouphie/getallheaders (3.0.3): Extracting archive - Installing psr/http-message (1.1): Extracting archive - Installing psr/http-factory (1.1.0): Extracting archive - Installing guzzlehttp/psr7 (2.7.0): Extracting archive - Installing sebastian/version (3.0.2): Extracting archive - Installing sebastian/type (3.2.1): Extracting archive - Installing sebastian/resource-operations (3.0.4): Extracting archive - Installing sebastian/recursion-context (4.0.5): Extracting archive - Installing sebastian/object-reflector (2.0.4): Extracting archive - Installing sebastian/object-enumerator (4.0.4): Extracting archive - Installing sebastian/global-state (5.0.7): Extracting archive - Installing sebastian/exporter (4.0.6): Extracting archive - Installing sebastian/environment (5.1.5): Extracting archive - Installing sebastian/diff (4.0.6): Extracting archive - Installing sebastian/comparator (4.0.8): Extracting archive - Installing sebastian/code-unit (1.0.8): Extracting archive - Installing sebastian/cli-parser (1.0.2): Extracting archive - Installing phpunit/php-timer (5.0.3): Extracting archive - Installing phpunit/php-text-template (2.0.4): Extracting archive - Installing phpunit/php-invoker (3.1.1): Extracting archive - Installing phpunit/php-file-iterator (3.0.6): Extracting archive - Installing theseer/tokenizer (1.2.3): Extracting archive - Installing nikic/php-parser (v5.3.1): Extracting archive - Installing sebastian/lines-of-code (1.0.4): Extracting archive - Installing sebastian/complexity (2.0.3): Extracting archive - Installing sebastian/code-unit-reverse-lookup (2.0.3): Extracting archive - Installing phpunit/php-code-coverage (9.2.32): Extracting archive - Installing phar-io/version (3.2.1): Extracting archive - Installing phar-io/manifest (2.0.4): Extracting archive - Installing myclabs/deep-copy (1.12.1): Extracting archive - Installing doctrine/instantiator (2.0.0): Extracting archive - Installing phpunit/phpunit (9.6.19): Extracting archive - Installing johnkary/phpunit-speedtrap (v4.0.1): Extracting archive - Installing justinrainbow/json-schema (5.3.0): Extracting archive - Installing mck89/peast (v1.16.3): Extracting archive - Installing symfony/polyfill-php80 (v1.31.0): Extracting archive - Installing phpcsstandards/phpcsutils (1.0.12): Extracting archive - Installing phpcsstandards/phpcsextra (1.2.1): Extracting archive - Installing composer/spdx-licenses (1.5.8): Extracting archive - Installing composer/semver (3.4.3): Extracting archive - Installing mediawiki/mediawiki-codesniffer (v45.0.0): Extracting archive - Installing tysonandre/var_representation_polyfill (0.1.3): Extracting archive - Installing symfony/string (v7.1.8): Extracting archive - Installing symfony/deprecation-contracts (v3.5.0): Extracting archive - Installing psr/container (1.1.2): Extracting archive - Installing symfony/service-contracts (v3.5.0): Extracting archive - Installing symfony/console (v7.1.8): Extracting archive - Installing sabre/event (5.1.7): Extracting archive - Installing netresearch/jsonmapper (v4.5.0): Extracting archive - Installing microsoft/tolerant-php-parser (v0.1.2): Extracting archive - Installing webmozart/assert (1.11.0): Extracting archive - Installing phpstan/phpdoc-parser (2.0.0): Extracting archive - Installing phpdocumentor/reflection-common (2.2.0): Extracting archive - Installing phpdocumentor/type-resolver (1.10.0): Extracting archive - Installing phpdocumentor/reflection-docblock (5.6.0): Extracting archive - Installing felixfbecker/advanced-json-rpc (v3.2.1): Extracting archive - Installing composer/xdebug-handler (3.0.5): Extracting archive - Installing phan/phan (5.4.3): Extracting archive - Installing mediawiki/phan-taint-check-plugin (6.0.0): Extracting archive - Installing mediawiki/mediawiki-phan-config (0.14.0): Extracting archive - Installing mediawiki/minus-x (1.1.3): Extracting archive - Installing oojs/oojs-ui (v0.51.2): Extracting archive - Installing pear/pear_exception (v1.0.2): Extracting archive - Installing pear/console_getopt (v1.4.3): Extracting archive - Installing pear/pear-core-minimal (v1.10.15): Extracting archive - Installing pear/mail (v2.0.0): Extracting archive - Installing pear/mail_mime (1.10.12): Extracting archive - Installing pear/net_socket (v1.2.2): Extracting archive - Installing pear/net_smtp (1.12.1): Extracting archive - Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive - Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive - Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive - Installing psr/http-client (1.0.3): Extracting archive - Installing symfony/var-dumper (v7.1.8): Extracting archive - Installing psy/psysh (v0.12.4): Extracting archive - Installing seld/jsonlint (1.10.2): Extracting archive - Installing symfony/polyfill-php81 (v1.31.0): Extracting archive - Installing symfony/polyfill-php82 (v1.31.0): Extracting archive - Installing symfony/polyfill-php83 (v1.31.0): Extracting archive - Installing symfony/yaml (v5.4.45): Extracting archive - Installing wikimedia/alea (1.0.0): Extracting archive - Installing wikimedia/at-ease (v3.0.0): Extracting archive - Installing wikimedia/cdb (3.0.0): Extracting archive - Installing wikimedia/cldr-plural-rule-parser (v2.0.0): Extracting archive - Installing wikimedia/common-passwords (v0.5.0): Extracting archive - Installing wikimedia/html-formatter (4.1.0): Extracting archive - Installing wikimedia/assert (v0.5.1): Extracting archive - Installing wikimedia/langconv (0.4.2): Extracting archive - Installing wikimedia/less.php (v5.1.2): Extracting archive - Installing pear/net_url2 (v2.2.2): Extracting archive - Installing wikimedia/minify (2.8.0): Extracting archive - Installing wikimedia/zest-css (3.0.2): Extracting archive - Installing wikimedia/wikipeg (4.0.0): Extracting archive - Installing wikimedia/scoped-callback (v5.0.0): Extracting archive - Installing wikimedia/utfnormal (4.0.0): Extracting archive - Installing wikimedia/remex-html (4.1.1): Extracting archive - Installing wikimedia/object-factory (v5.0.1): Extracting archive - Installing wikimedia/json-codec (v3.0.3): Extracting archive - Installing wikimedia/base-convert (v2.0.2): Extracting archive - Installing wikimedia/ip-utils (5.0.0): Extracting archive - Installing wikimedia/idle-dom (v2.0.1): Extracting archive - Installing wikimedia/bcp-47-code (v2.0.1): Extracting archive - Installing liuggio/statsd-php-client (v1.0.18): Extracting archive - Installing wikimedia/parsoid (v0.21.0-a7): Extracting archive - Installing wikimedia/php-session-serializer (v3.0.0): Extracting archive - Installing wikimedia/purtle (v2.0.0): Extracting archive - Installing wikimedia/relpath (4.0.1): Extracting archive - Installing wikimedia/normalized-exception (v2.0.0): Extracting archive - Installing wikimedia/request-timeout (2.0.0): Extracting archive - Installing wikimedia/running-stat (v2.1.0): Extracting archive - Installing wikimedia/services (4.0.0): Extracting archive - Installing monolog/monolog (2.9.3): Extracting archive - Installing guzzlehttp/guzzle (7.9.2): Extracting archive - Installing wikimedia/shellbox (4.1.1): Extracting archive - Installing wikimedia/testing-access-wrapper (3.0.0): Extracting archive - Installing wikimedia/wait-condition-loop (v2.0.2): Extracting archive - Installing wikimedia/wrappedstring (v4.0.1): Extracting archive - Installing wikimedia/timestamp (v4.2.0): Extracting archive - Installing wikimedia/xmp-reader (0.9.4): Extracting archive - Installing hamcrest/hamcrest-php (v2.0.1): Extracting archive - Installing wmde/hamcrest-html-matchers (v1.0.0): Extracting archive - Installing zordius/lightncandy (v1.2.6): Extracting archive 0/133 [>---------------------------] 0% 20/133 [====>-----------------------] 15% 30/133 [======>---------------------] 22% 44/133 [=========>------------------] 33% 62/133 [=============>--------------] 46% 71/133 [==============>-------------] 53% 81/133 [=================>----------] 60% 100/133 [=====================>------] 75% 109/133 [======================>-----] 81% 126/133 [==========================>-] 94% 133/133 [============================] 100% 27 package suggestions were added by new dependencies, use `composer suggest` to see details. Generating optimized autoload files 51 packages you are using are looking for funding. Use the `composer fund` command to find out more! > MediaWiki\Composer\ComposerVendorHtaccessCreator::onEvent --- stdout --- PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils --- end --- Upgrading n:grunt-stylelint from 0.20.0 -> 0.20.1 $ /usr/bin/npm install --- stderr --- npm WARN deprecated @types/easy-table@1.2.0: This is a stub types definition. easy-table provides its own type definitions, so you do not need this installed. npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated date-format@0.0.2: 0.x is no longer supported. Please upgrade to 4.x or higher. npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead npm WARN deprecated formidable@1.2.6: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 npm WARN deprecated superagent@6.1.0: Please upgrade to v7.0.2+ of superagent. We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing. See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>. Thanks to @shadowgate15, @spence-s, and @niftylettuce. Superagent is sponsored by Forward Email at <https://forwardemail.net>. --- stdout --- added 1479 packages, and audited 1480 packages in 21s 162 packages are looking for funding run `npm fund` for details 24 vulnerabilities (1 low, 9 moderate, 14 high) To address issues that do not require attention, run: npm audit fix To address all issues possible (including breaking changes), run: npm audit fix --force Some issues need review, and may require choosing a different dependency. Run `npm audit` for details. --- end --- $ package-lock-lint package-lock.json --- stdout --- Checking package-lock.json --- end --- $ /usr/bin/npm ci --- stderr --- npm WARN deprecated @types/easy-table@1.2.0: This is a stub types definition. easy-table provides its own type definitions, so you do not need this installed. npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated date-format@0.0.2: 0.x is no longer supported. Please upgrade to 4.x or higher. npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead npm WARN deprecated formidable@1.2.6: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 npm WARN deprecated superagent@6.1.0: Please upgrade to v7.0.2+ of superagent. We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing. See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>. Thanks to @shadowgate15, @spence-s, and @niftylettuce. Superagent is sponsored by Forward Email at <https://forwardemail.net>. --- stdout --- added 1479 packages, and audited 1480 packages in 28s 162 packages are looking for funding run `npm fund` for details 20 vulnerabilities (1 low, 8 moderate, 11 high) To address issues that do not require attention, run: npm audit fix To address all issues possible (including breaking changes), run: npm audit fix --force Some issues need review, and may require choosing a different dependency. Run `npm audit` for details. --- end --- $ /usr/bin/npm test --- stderr --- PASS tests/jest/mediawiki.special.block/stores/block.test.js PASS tests/jest/mediawiki.special.block/BlockLog.test.js PASS tests/jest/mediawiki.special.block/UserLookup.test.js PASS tests/jest/mediawiki.special.block/ExpiryField.test.js PASS tests/jest/mediawiki.special.block/SpecialBlock.test.js (7.621 s) Test Suites: 5 passed, 5 total Tests: 24 passed, 24 total Snapshots: 0 total Time: 9.307 s Ran all test suites. --- stdout --- > test > grunt lint && npm run doc && npm run jest Running "eslint:all" (eslint) task /src/repo/resources/src/jquery/jquery.makeCollapsible.js 425:1 warning Syntax error in namepath: ~'wikipage.collapsibleContent' jsdoc/valid-types /src/repo/resources/src/mediawiki.action.edit/edit.js 12:1 warning Syntax error in namepath: ~'wikipage.editform' jsdoc/valid-types /src/repo/resources/src/mediawiki.action/mediawiki.action.view.postEdit.js 21:1 warning Syntax error in namepath: ~'postEdit' jsdoc/valid-types 36:1 warning Syntax error in namepath: ~'postEdit.afterRemoval' jsdoc/valid-types /src/repo/resources/src/mediawiki.authenticationPopup/index.js 38:1 warning The type 'userinfo' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.base/errorLogger.js 8:1 warning Syntax error in namepath: ~'global.error' jsdoc/valid-types 22:1 warning Syntax error in namepath: ~'error.caught' jsdoc/valid-types /src/repo/resources/src/mediawiki.base/log.js 14:1 warning Found more than one @return declaration jsdoc/require-returns 14:1 warning Found more than one @return declaration jsdoc/require-returns-check /src/repo/resources/src/mediawiki.base/mediawiki.base.js 217:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 243:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.diff/inlineFormatToggle.js 150:1 warning Syntax error in namepath: ~'wikipage.diff.wikitextDiffBody' jsdoc/valid-types 162:1 warning Syntax error in namepath: ~'wikipage.diff.diffTypeSwitch' jsdoc/valid-types /src/repo/resources/src/mediawiki.editRecovery/edit.js 173:1 warning Syntax error in namepath: ~'editRecovery.loadEnd' jsdoc/valid-types /src/repo/resources/src/mediawiki.htmlform/cond-state.js 48:1 warning Found more than one @return declaration jsdoc/require-returns-check /src/repo/resources/src/mediawiki.htmlform/htmlform.js 5:1 warning Syntax error in namepath: ~'htmlform.enhance' jsdoc/valid-types /src/repo/resources/src/mediawiki.inspect.js 61:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 91:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 112:2 warning Found more than one @return declaration jsdoc/require-returns 112:2 warning Found more than one @return declaration jsdoc/require-returns-check 121:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 152:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 164:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 175:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 203:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.jqueryMsg/mediawiki.jqueryMsg.js 142:1 warning Found more than one @return declaration jsdoc/require-returns 142:1 warning Found more than one @return declaration jsdoc/require-returns-check /src/repo/resources/src/mediawiki.language.months/months.js 44:1 warning The type 'Months' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.notification.convertmessagebox.js 13:1 warning Syntax error in namepath: (require("mediawiki.notification.convertmessagebox")) jsdoc/valid-types /src/repo/resources/src/mediawiki.page.preview.js 416:1 warning Syntax error in namepath: ~'wikipage.tableOfContents' jsdoc/valid-types /src/repo/resources/src/mediawiki.page.ready/ready.js 96:1 warning Syntax error in namepath: ~'wikipage.indicators' jsdoc/valid-types 116:1 warning Syntax error in namepath: ~'wikipage.content' jsdoc/valid-types 137:1 warning Syntax error in namepath: ~'wikipage.categories' jsdoc/valid-types 153:1 warning Syntax error in namepath: ~'wikipage.diff' jsdoc/valid-types 184:1 warning Syntax error in namepath: ~'skin.logout' jsdoc/valid-types /src/repo/resources/src/mediawiki.page.watch.ajax/watch-ajax.js 128:1 warning Syntax error in namepath: ~'wikipage.watchlistChange' jsdoc/valid-types /src/repo/resources/src/mediawiki.rcfilters/Controller.js 330:1 warning Found more than one @return declaration jsdoc/require-returns 330:1 warning Found more than one @return declaration jsdoc/require-returns-check 550:1 warning Syntax error in namepath: ~'RcFilters.highlight.enable' jsdoc/valid-types /src/repo/resources/src/mediawiki.rcfilters/dm/FilterItem.js 81:1 warning Found more than one @return declaration jsdoc/require-returns 81:1 warning Found more than one @return declaration jsdoc/require-returns-check 335:1 warning The type 'update' is undefined jsdoc/no-undefined-types 351:1 warning The type 'update' is undefined jsdoc/no-undefined-types 366:1 warning The type 'update' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.rcfilters/dm/FiltersViewModel.js 1185:1 warning The type 'searchChange' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.rcfilters/mw.rcfilters.js 176:1 warning Syntax error in namepath: ~'structuredChangeFilters.ui.initialized' jsdoc/valid-types /src/repo/resources/src/mediawiki.rcfilters/ui/FilterTagMultiselectWidget.js 400:1 warning Syntax error in namepath: ~'RcFilters.popup.open' jsdoc/valid-types /src/repo/resources/src/mediawiki.searchSuggest/searchSuggest.js 52:1 warning The type 'ResponseMetaData' is undefined jsdoc/no-undefined-types 59:1 warning The type 'ResponseFunction' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.special.apisandbox/ApiSandboxLayout.js 44:1 warning Found more than one @return declaration jsdoc/require-returns 44:1 warning Found more than one @return declaration jsdoc/require-returns-check /src/repo/resources/src/mediawiki.special.block/SpecialBlock.vue 25:10 warning 'v-html' directive can lead to XSS attack vue/no-v-html /src/repo/resources/src/mediawiki.template.js 26:1 warning The type 'TemplateRenderer' is undefined jsdoc/no-undefined-types 40:1 warning The type 'TemplateRenderFunction' is undefined jsdoc/no-undefined-types 45:1 warning The type 'TemplateCompileFunction' is undefined jsdoc/no-undefined-types 61:1 warning The type 'TemplateCompiler' is undefined jsdoc/no-undefined-types 88:1 warning The type 'TemplateCompiler' is undefined jsdoc/no-undefined-types 107:1 warning The type 'TemplateRenderer' is undefined jsdoc/no-undefined-types 125:1 warning The type 'TemplateRenderer' is undefined jsdoc/no-undefined-types 147:1 warning The type 'TemplateRenderer' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.util/util.js 626:1 warning Syntax error in namepath: ~'util.addPortlet' jsdoc/valid-types 794:1 warning Syntax error in namepath: ~'util.addPortletLink' jsdoc/valid-types /src/repo/resources/src/mediawiki.widgets.datetime/DateTimeFormatter.js 268:1 warning The type 'FieldSpecificationObject' is undefined jsdoc/no-undefined-types 632:1 warning The type 'CalendarGridData' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.widgets.datetime/DiscordianDateTimeFormatter.js 74:1 warning The type 'FieldSpecificationObject' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.widgets.datetime/ProlepticGregorianDateTimeFormatter.js 306:1 warning The type 'FieldSpecificationObject' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.widgets/mw.widgets.NamespaceInputWidget.js 50:1 warning The type 'DropdownOptions' is undefined jsdoc/no-undefined-types /src/repo/resources/src/startup/mediawiki.loader.js 61:1 warning Syntax error in namepath: ~'resourceloader.exception' jsdoc/valid-types /src/repo/tests/qunit/data/testrunner.js 72:2 warning Missing JSDoc @return declaration jsdoc/require-returns /src/repo/tests/selenium/wdio-mediawiki/Util.js 35:1 warning This line has a length of 107. Maximum allowed is 100 max-len ✖ 70 problems (0 errors, 70 warnings) Running "banana:core" (banana) task >> The "se" translation has 41 translations with trailing whitespace: >> * pool-errorunknown >> * badaccess >> * timeouterror >> * botpasswords-summary >> * botpasswords-disabled >> * botpasswords-no-central-id >> * botpasswords-update-failed >> * passwordreset-emailtext-ip >> * passwordreset-emailtext-user >> * changeemail-nochange >> * blankarticle >> * previewerrortext >> * missing-revision >> * confirmleave-warning >> * difference-bad-new-revision >> * search-rewritten >> * linterror-misc-tidy-replacement-issues >> * userrights-expiry-none >> * right-viewsuppressed >> * right-import >> * action-viewsuppressed >> * rcfilters-savedqueries-setdefault >> * rcfilters-filtergroup-watchlistactivity >> * rc-old-title >> * http-timed-out >> * http-curl-error >> * pageswithprop-reverse >> * mostlinkedtemplates >> * badrevision >> * allpagesfrom >> * email-legend >> * timezone-local >> * mediastatistics-header-office >> * special-characters-group-hebrew >> * specialpage-securitylevel-not-allowed-title >> * passwordpolicies-policy-passwordcannotmatchdefaults >> * renameuser-linkoncontribs-text >> * renameusersuppress >> * renameuser-error-temp-user-reserved >> * action-renameuser >> * right-renameuser >> 1 message directory checked. Running "banana:codex" (banana) task >> 1 message directory checked. Running "banana:exif" (banana) task >> 1 message directory checked. Running "banana:preferences" (banana) task >> The "se" translation has 5 translations with trailing whitespace: >> * tog-enotifusertalkpages >> * timezoneregion-america >> * tog-previewonfirst >> * prefs-changesrc >> * prefs-changeswatchlist >> 1 message directory checked. Running "banana:api" (banana) task >> 1 message directory checked. Running "banana:rest" (banana) task >> 1 message directory checked. Running "banana:installer" (banana) task >> The "frc" translation has 1 translation with trailing whitespace: >> * config-page-complete >> 1 message directory checked. Running "banana:paramvalidator" (banana) task >> 1 message directory checked. Running "stylelint:resources" (stylelint) task >> resources/src/mediawiki.action/mediawiki.action.view.filepage.less >> 211:1 ⚠ Unexpected browser feature "prefers-color-scheme" is not supported by Firefox 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66, Chrome 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75, Safari 10,11,12,10.1,11.1, Safari on iOS 10.0-10.2,10.3,11.0-11.2,11.3-11.4,12.0-12.1,12.2-12.5 plugin/no-unsupported-browser-features >> >> resources/src/mediawiki.skinning/elements.less >> 75:2 ⚠ Unexpected browser feature "flow-root" is not supported by Firefox 49,50,51,52, Chrome 49,50,51,52,53,54,55,56,57, Safari 10,11,12,10.1,11.1,12.1, Safari on iOS 10.0-10.2,10.3,11.0-11.2,11.3-11.4,12.0-12.1,12.2-12.5 plugin/no-unsupported-browser-features >> >> resources/src/mediawiki.special.block/components/ExpiryField.vue >> 250:1 ⚠ Unexpected browser feature "flexbox-gap" is not supported by Edge 79,80,81,83, Firefox 49,50,51,52,53,54,55,56,57,58,59,60,61,62, Chrome 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,83, Safari 10,11,12,13,14,10.1,11.1,12.1,13.1, Safari on iOS 10.0-10.2,10.3,11.0-11.2,11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4 plugin/no-unsupported-browser-features >> 259:2 ⚠ Unexpected browser feature "flexbox-gap" is not supported by Edge 79,80,81,83, Firefox 49,50,51,52,53,54,55,56,57,58,59,60,61,62, Chrome 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,83, Safari 10,11,12,13,14,10.1,11.1,12.1,13.1, Safari on iOS 10.0-10.2,10.3,11.0-11.2,11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4 plugin/no-unsupported-browser-features >> >> ⚠ 4 problems (0 errors, 4 warnings) ⚠ 4 warnings >> Linted 209 files without errors Running "stylelint:config" (stylelint) task >> Linted 1 files without errors Done. > doc > jsdoc -c jsdoc.json > jest > jest --config tests/jest/jest.config.js --- end --- $ /usr/bin/npm audit --json --- stdout --- { "auditReportVersion": 2, "vulnerabilities": { "@wdio/cli": { "name": "@wdio/cli", "severity": "high", "isDirect": true, "via": [ "webdriverio", "yarn-install" ], "effects": [ "@wdio/junit-reporter", "@wdio/local-runner", "@wdio/spec-reporter" ], "range": "5.4.10 - 8.40.6", "nodes": [ "node_modules/@wdio/cli" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/junit-reporter": { "name": "@wdio/junit-reporter", "severity": "high", "isDirect": true, "via": [ "@wdio/cli" ], "effects": [], "range": "6.0.4 - 8.0.0-alpha.631", "nodes": [ "node_modules/@wdio/junit-reporter" ], "fixAvailable": { "name": "@wdio/junit-reporter", "version": "9.2.14", "isSemVerMajor": true } }, "@wdio/local-runner": { "name": "@wdio/local-runner", "severity": "high", "isDirect": true, "via": [ "@wdio/cli", "@wdio/runner" ], "effects": [], "range": "6.0.4 - 8.40.6", "nodes": [ "node_modules/@wdio/local-runner" ], "fixAvailable": { "name": "@wdio/local-runner", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/runner": { "name": "@wdio/runner", "severity": "high", "isDirect": false, "via": [ "webdriverio" ], "effects": [ "@wdio/local-runner" ], "range": "7.16.5 - 8.40.6", "nodes": [ "node_modules/@wdio/runner" ], "fixAvailable": { "name": "@wdio/local-runner", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/spec-reporter": { "name": "@wdio/spec-reporter", "severity": "high", "isDirect": true, "via": [ "@wdio/cli" ], "effects": [], "range": "6.0.4 - 8.0.0-alpha.631", "nodes": [ "node_modules/@wdio/spec-reporter" ], "fixAvailable": { "name": "@wdio/spec-reporter", "version": "9.2.14", "isSemVerMajor": true } }, "axios": { "name": "axios", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097679, "name": "axios", "dependency": "axios", "title": "Axios Cross-Site Request Forgery Vulnerability", "url": "https://github.com/advisories/GHSA-wf5p-g6vw-rhxx", "severity": "moderate", "cwe": [ "CWE-352" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, "range": ">=0.8.1 <0.28.0" } ], "effects": [ "openapi-validator" ], "range": "0.8.1 - 0.27.2", "nodes": [ "node_modules/axios" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "body-parser": { "name": "body-parser", "severity": "high", "isDirect": false, "via": [ { "source": 1099520, "name": "body-parser", "dependency": "body-parser", "title": "body-parser vulnerable to denial of service when url encoding is enabled", "url": "https://github.com/advisories/GHSA-qwcr-r2fm-qrc7", "severity": "high", "cwe": [ "CWE-405" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<1.20.3" } ], "effects": [], "range": "<1.20.3", "nodes": [ "node_modules/body-parser" ], "fixAvailable": true }, "chai-openapi-response-validator": { "name": "chai-openapi-response-validator", "severity": "moderate", "isDirect": true, "via": [ "openapi-validator" ], "effects": [], "range": "0.11.2 || >=0.14.2-alpha.0", "nodes": [ "node_modules/chai-openapi-response-validator" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "cookie": { "name": "cookie", "severity": "low", "isDirect": false, "via": [ { "source": 1099846, "name": "cookie", "dependency": "cookie", "title": "cookie accepts cookie name, path, and domain with out of bounds characters", "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x", "severity": "low", "cwe": [ "CWE-74" ], "cvss": { "score": 0, "vectorString": null }, "range": "<0.7.0" } ], "effects": [ "engine.io" ], "range": "<0.7.0", "nodes": [ "node_modules/cookie" ], "fixAvailable": true }, "cross-spawn": { "name": "cross-spawn", "severity": "high", "isDirect": false, "via": [ { "source": 1100562, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<6.0.6" }, { "source": 1100563, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=7.0.0 <7.0.5" } ], "effects": [ "yarn-install" ], "range": "<6.0.6 || >=7.0.0 <7.0.5", "nodes": [ "node_modules/cross-spawn", "node_modules/yarn-install/node_modules/cross-spawn" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "devtools": { "name": "devtools", "severity": "high", "isDirect": false, "via": [ "puppeteer-core" ], "effects": [], "range": ">=7.16.5", "nodes": [ "node_modules/devtools" ], "fixAvailable": true }, "engine.io": { "name": "engine.io", "severity": "high", "isDirect": false, "via": [ "cookie", "ws" ], "effects": [ "socket.io" ], "range": "0.7.8 - 0.7.9 || 1.8.0 - 6.6.1", "nodes": [ "node_modules/engine.io" ], "fixAvailable": true }, "micromatch": { "name": "micromatch", "severity": "moderate", "isDirect": false, "via": [ { "source": 1098681, "name": "micromatch", "dependency": "micromatch", "title": "Regular Expression Denial of Service (ReDoS) in micromatch", "url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv", "severity": "moderate", "cwe": [ "CWE-1333" ], "cvss": { "score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, "range": "<4.0.8" } ], "effects": [], "range": "<4.0.8", "nodes": [ "node_modules/micromatch" ], "fixAvailable": true }, "mwbot": { "name": "mwbot", "severity": "moderate", "isDirect": false, "via": [ "request" ], "effects": [ "wdio-mediawiki" ], "range": ">=0.1.6", "nodes": [ "node_modules/mwbot" ], "fixAvailable": false }, "openapi-validator": { "name": "openapi-validator", "severity": "moderate", "isDirect": false, "via": [ "axios" ], "effects": [ "chai-openapi-response-validator" ], "range": ">=0.14.2-alpha.0", "nodes": [ "node_modules/openapi-validator" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "puppeteer-core": { "name": "puppeteer-core", "severity": "high", "isDirect": false, "via": [ "ws" ], "effects": [ "devtools", "webdriverio" ], "range": "11.0.0 - 22.11.1", "nodes": [ "node_modules/puppeteer-core" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "request": { "name": "request", "severity": "moderate", "isDirect": false, "via": [ { "source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": [ "CWE-918" ], "cvss": { "score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, "range": "<=2.88.2" }, "tough-cookie" ], "effects": [ "mwbot" ], "range": "*", "nodes": [ "node_modules/request" ], "fixAvailable": false }, "socket.io": { "name": "socket.io", "severity": "moderate", "isDirect": false, "via": [ { "source": 1100550, "name": "socket.io", "dependency": "socket.io", "title": "socket.io has an unhandled 'error' event", "url": "https://github.com/advisories/GHSA-25hc-qcg6-38wj", "severity": "moderate", "cwe": [ "CWE-20", "CWE-754" ], "cvss": { "score": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, "range": ">=3.0.0 <4.6.2" }, "engine.io" ], "effects": [], "range": "1.6.0 - 4.7.5", "nodes": [ "node_modules/socket.io" ], "fixAvailable": true }, "socket.io-adapter": { "name": "socket.io-adapter", "severity": "high", "isDirect": false, "via": [ "ws" ], "effects": [], "range": "2.5.2 - 2.5.4", "nodes": [ "node_modules/socket.io-adapter" ], "fixAvailable": true }, "tough-cookie": { "name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": [ "CWE-1321" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, "range": "<4.1.3" } ], "effects": [ "request" ], "range": "<4.1.3", "nodes": [ "node_modules/tough-cookie" ], "fixAvailable": false }, "wdio-mediawiki": { "name": "wdio-mediawiki", "severity": "moderate", "isDirect": true, "via": [ "mwbot" ], "effects": [], "range": "*", "nodes": [ "node_modules/wdio-mediawiki" ], "fixAvailable": false }, "webdriverio": { "name": "webdriverio", "severity": "high", "isDirect": false, "via": [ "devtools", "puppeteer-core" ], "effects": [ "@wdio/cli", "@wdio/runner" ], "range": "7.16.5 - 8.40.6", "nodes": [ "node_modules/webdriverio" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "ws": { "name": "ws", "severity": "high", "isDirect": false, "via": [ { "source": 1098392, "name": "ws", "dependency": "ws", "title": "ws affected by a DoS when handling a request with many HTTP headers", "url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q", "severity": "high", "cwe": [ "CWE-476" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=8.0.0 <8.17.1" } ], "effects": [ "engine.io", "puppeteer-core", "socket.io-adapter" ], "range": "8.0.0 - 8.17.0", "nodes": [ "node_modules/puppeteer-core/node_modules/ws", "node_modules/ws" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "yarn-install": { "name": "yarn-install", "severity": "high", "isDirect": false, "via": [ "cross-spawn" ], "effects": [ "@wdio/cli" ], "range": "*", "nodes": [ "node_modules/yarn-install" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } } }, "metadata": { "vulnerabilities": { "info": 0, "low": 1, "moderate": 9, "high": 14, "critical": 0, "total": 24 }, "dependencies": { "prod": 1, "dev": 1480, "optional": 4, "peer": 2, "peerOptional": 0, "total": 1480 } } } --- end --- Attempting to npm audit fix $ /usr/bin/npm audit fix --dry-run --only=dev --json --- stderr --- npm WARN invalid config only="dev" set in command line options npm WARN invalid config Must be one of: null, prod, production --- stdout --- { "added": 15, "removed": 1, "changed": 18, "audited": 1494, "funding": 170, "audit": { "auditReportVersion": 2, "vulnerabilities": { "@wdio/cli": { "name": "@wdio/cli", "severity": "high", "isDirect": true, "via": [ "webdriverio", "yarn-install" ], "effects": [ "@wdio/junit-reporter", "@wdio/local-runner", "@wdio/spec-reporter" ], "range": "5.4.10 - 8.40.6", "nodes": [ "node_modules/@wdio/cli" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/junit-reporter": { "name": "@wdio/junit-reporter", "severity": "high", "isDirect": true, "via": [ "@wdio/cli" ], "effects": [], "range": "6.0.4 - 8.0.0-alpha.631", "nodes": [ "node_modules/@wdio/junit-reporter" ], "fixAvailable": { "name": "@wdio/junit-reporter", "version": "9.2.14", "isSemVerMajor": true } }, "@wdio/local-runner": { "name": "@wdio/local-runner", "severity": "high", "isDirect": true, "via": [ "@wdio/cli", "@wdio/runner" ], "effects": [], "range": "6.0.4 - 8.40.6", "nodes": [ "node_modules/@wdio/local-runner" ], "fixAvailable": { "name": "@wdio/local-runner", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/runner": { "name": "@wdio/runner", "severity": "high", "isDirect": false, "via": [ "webdriverio" ], "effects": [ "@wdio/local-runner" ], "range": "7.16.5 - 8.40.6", "nodes": [ "node_modules/@wdio/runner" ], "fixAvailable": { "name": "@wdio/local-runner", "version": "9.3.0", "isSemVerMajor": true } }, "@wdio/spec-reporter": { "name": "@wdio/spec-reporter", "severity": "high", "isDirect": true, "via": [ "@wdio/cli" ], "effects": [], "range": "6.0.4 - 8.0.0-alpha.631", "nodes": [ "node_modules/@wdio/spec-reporter" ], "fixAvailable": { "name": "@wdio/spec-reporter", "version": "9.2.14", "isSemVerMajor": true } }, "axios": { "name": "axios", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097679, "name": "axios", "dependency": "axios", "title": "Axios Cross-Site Request Forgery Vulnerability", "url": "https://github.com/advisories/GHSA-wf5p-g6vw-rhxx", "severity": "moderate", "cwe": [ "CWE-352" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, "range": ">=0.8.1 <0.28.0" } ], "effects": [ "openapi-validator" ], "range": "0.8.1 - 0.27.2", "nodes": [ "node_modules/axios" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "body-parser": { "name": "body-parser", "severity": "high", "isDirect": false, "via": [ { "source": 1099520, "name": "body-parser", "dependency": "body-parser", "title": "body-parser vulnerable to denial of service when url encoding is enabled", "url": "https://github.com/advisories/GHSA-qwcr-r2fm-qrc7", "severity": "high", "cwe": [ "CWE-405" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<1.20.3" } ], "effects": [], "range": "<1.20.3", "nodes": [ "" ], "fixAvailable": true }, "chai-openapi-response-validator": { "name": "chai-openapi-response-validator", "severity": "moderate", "isDirect": true, "via": [ "openapi-validator" ], "effects": [], "range": "0.11.2 || >=0.14.2-alpha.0", "nodes": [ "node_modules/chai-openapi-response-validator" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "cookie": { "name": "cookie", "severity": "low", "isDirect": false, "via": [ { "source": 1099846, "name": "cookie", "dependency": "cookie", "title": "cookie accepts cookie name, path, and domain with out of bounds characters", "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x", "severity": "low", "cwe": [ "CWE-74" ], "cvss": { "score": 0, "vectorString": null }, "range": "<0.7.0" } ], "effects": [ "engine.io" ], "range": "<0.7.0", "nodes": [ "" ], "fixAvailable": true }, "cross-spawn": { "name": "cross-spawn", "severity": "high", "isDirect": false, "via": [ { "source": 1100562, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<6.0.6" }, { "source": 1100563, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=7.0.0 <7.0.5" } ], "effects": [ "yarn-install" ], "range": "<6.0.6 || >=7.0.0 <7.0.5", "nodes": [ "", "node_modules/yarn-install/node_modules/cross-spawn" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "devtools": { "name": "devtools", "severity": "high", "isDirect": false, "via": [ "puppeteer-core" ], "effects": [], "range": ">=7.16.5", "nodes": [ "node_modules/devtools" ], "fixAvailable": true }, "engine.io": { "name": "engine.io", "severity": "high", "isDirect": false, "via": [ "cookie", "ws" ], "effects": [ "socket.io" ], "range": "0.7.8 - 0.7.9 || 1.8.0 - 6.6.1", "nodes": [ "" ], "fixAvailable": true }, "micromatch": { "name": "micromatch", "severity": "moderate", "isDirect": false, "via": [ { "source": 1098681, "name": "micromatch", "dependency": "micromatch", "title": "Regular Expression Denial of Service (ReDoS) in micromatch", "url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv", "severity": "moderate", "cwe": [ "CWE-1333" ], "cvss": { "score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, "range": "<4.0.8" } ], "effects": [], "range": "<4.0.8", "nodes": [ "" ], "fixAvailable": true }, "mwbot": { "name": "mwbot", "severity": "moderate", "isDirect": false, "via": [ "request" ], "effects": [ "wdio-mediawiki" ], "range": ">=0.1.6", "nodes": [ "node_modules/mwbot" ], "fixAvailable": false }, "openapi-validator": { "name": "openapi-validator", "severity": "moderate", "isDirect": false, "via": [ "axios" ], "effects": [ "chai-openapi-response-validator" ], "range": ">=0.14.2-alpha.0", "nodes": [ "node_modules/openapi-validator" ], "fixAvailable": { "name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true } }, "puppeteer-core": { "name": "puppeteer-core", "severity": "high", "isDirect": false, "via": [ "ws" ], "effects": [ "devtools", "webdriverio" ], "range": "11.0.0 - 22.11.1", "nodes": [ "node_modules/puppeteer-core" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "request": { "name": "request", "severity": "moderate", "isDirect": false, "via": [ { "source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": [ "CWE-918" ], "cvss": { "score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, "range": "<=2.88.2" }, "tough-cookie" ], "effects": [ "mwbot" ], "range": "*", "nodes": [ "node_modules/request" ], "fixAvailable": false }, "socket.io": { "name": "socket.io", "severity": "moderate", "isDirect": false, "via": [ { "source": 1100550, "name": "socket.io", "dependency": "socket.io", "title": "socket.io has an unhandled 'error' event", "url": "https://github.com/advisories/GHSA-25hc-qcg6-38wj", "severity": "moderate", "cwe": [ "CWE-20", "CWE-754" ], "cvss": { "score": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, "range": ">=3.0.0 <4.6.2" }, "engine.io" ], "effects": [], "range": "1.6.0 - 4.7.5", "nodes": [ "" ], "fixAvailable": true }, "socket.io-adapter": { "name": "socket.io-adapter", "severity": "high", "isDirect": false, "via": [ "ws" ], "effects": [], "range": "2.5.2 - 2.5.4", "nodes": [ "" ], "fixAvailable": true }, "tough-cookie": { "name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": [ "CWE-1321" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, "range": "<4.1.3" } ], "effects": [ "request" ], "range": "<4.1.3", "nodes": [ "node_modules/tough-cookie" ], "fixAvailable": false }, "wdio-mediawiki": { "name": "wdio-mediawiki", "severity": "moderate", "isDirect": true, "via": [ "mwbot" ], "effects": [], "range": "*", "nodes": [ "node_modules/wdio-mediawiki" ], "fixAvailable": false }, "webdriverio": { "name": "webdriverio", "severity": "high", "isDirect": false, "via": [ "devtools", "puppeteer-core" ], "effects": [ "@wdio/cli", "@wdio/runner" ], "range": "7.16.5 - 8.40.6", "nodes": [ "node_modules/webdriverio" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "ws": { "name": "ws", "severity": "high", "isDirect": false, "via": [ { "source": 1098392, "name": "ws", "dependency": "ws", "title": "ws affected by a DoS when handling a request with many HTTP headers", "url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q", "severity": "high", "cwe": [ "CWE-476" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=8.0.0 <8.17.1" } ], "effects": [ "engine.io", "puppeteer-core", "socket.io-adapter" ], "range": "8.0.0 - 8.17.0", "nodes": [ "", "node_modules/puppeteer-core/node_modules/ws" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } }, "yarn-install": { "name": "yarn-install", "severity": "high", "isDirect": false, "via": [ "cross-spawn" ], "effects": [ "@wdio/cli" ], "range": "*", "nodes": [ "" ], "fixAvailable": { "name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true } } }, "metadata": { "vulnerabilities": { "info": 0, "low": 1, "moderate": 9, "high": 14, "critical": 0, "total": 24 }, "dependencies": { "prod": 1, "dev": 1493, "optional": 4, "peer": 2, "peerOptional": 0, "total": 1493 } } } } --- end --- {"added": 15, "removed": 1, "changed": 18, "audited": 1494, "funding": 170, "audit": {"auditReportVersion": 2, "vulnerabilities": {"@wdio/cli": {"name": "@wdio/cli", "severity": "high", "isDirect": true, "via": ["webdriverio", "yarn-install"], "effects": ["@wdio/junit-reporter", "@wdio/local-runner", "@wdio/spec-reporter"], "range": "5.4.10 - 8.40.6", "nodes": ["node_modules/@wdio/cli"], "fixAvailable": {"name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true}}, "@wdio/junit-reporter": {"name": "@wdio/junit-reporter", "severity": "high", "isDirect": true, "via": ["@wdio/cli"], "effects": [], "range": "6.0.4 - 8.0.0-alpha.631", "nodes": ["node_modules/@wdio/junit-reporter"], "fixAvailable": {"name": "@wdio/junit-reporter", "version": "9.2.14", "isSemVerMajor": true}}, "@wdio/local-runner": {"name": "@wdio/local-runner", "severity": "high", "isDirect": true, "via": ["@wdio/cli", "@wdio/runner"], "effects": [], "range": "6.0.4 - 8.40.6", "nodes": ["node_modules/@wdio/local-runner"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.3.0", "isSemVerMajor": true}}, "@wdio/runner": {"name": "@wdio/runner", "severity": "high", "isDirect": false, "via": ["webdriverio"], "effects": ["@wdio/local-runner"], "range": "7.16.5 - 8.40.6", "nodes": ["node_modules/@wdio/runner"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.3.0", "isSemVerMajor": true}}, "@wdio/spec-reporter": {"name": "@wdio/spec-reporter", "severity": "high", "isDirect": true, "via": ["@wdio/cli"], "effects": [], "range": "6.0.4 - 8.0.0-alpha.631", "nodes": ["node_modules/@wdio/spec-reporter"], "fixAvailable": {"name": "@wdio/spec-reporter", "version": "9.2.14", "isSemVerMajor": true}}, "axios": {"name": "axios", "severity": "moderate", "isDirect": false, "via": [{"source": 1097679, "name": "axios", "dependency": "axios", "title": "Axios Cross-Site Request Forgery Vulnerability", "url": "https://github.com/advisories/GHSA-wf5p-g6vw-rhxx", "severity": "moderate", "cwe": ["CWE-352"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}, "range": ">=0.8.1 <0.28.0"}], "effects": ["openapi-validator"], "range": "0.8.1 - 0.27.2", "nodes": ["node_modules/axios"], "fixAvailable": {"name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true}}, "body-parser": {"name": "body-parser", "severity": "high", "isDirect": false, "via": [{"source": 1099520, "name": "body-parser", "dependency": "body-parser", "title": "body-parser vulnerable to denial of service when url encoding is enabled", "url": "https://github.com/advisories/GHSA-qwcr-r2fm-qrc7", "severity": "high", "cwe": ["CWE-405"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<1.20.3"}], "effects": [], "range": "<1.20.3", "nodes": [""], "fixAvailable": true}, "chai-openapi-response-validator": {"name": "chai-openapi-response-validator", "severity": "moderate", "isDirect": true, "via": ["openapi-validator"], "effects": [], "range": "0.11.2 || >=0.14.2-alpha.0", "nodes": ["node_modules/chai-openapi-response-validator"], "fixAvailable": {"name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true}}, "cookie": {"name": "cookie", "severity": "low", "isDirect": false, "via": [{"source": 1099846, "name": "cookie", "dependency": "cookie", "title": "cookie accepts cookie name, path, and domain with out of bounds characters", "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x", "severity": "low", "cwe": ["CWE-74"], "cvss": {"score": 0, "vectorString": null}, "range": "<0.7.0"}], "effects": ["engine.io"], "range": "<0.7.0", "nodes": [""], "fixAvailable": true}, "cross-spawn": {"name": "cross-spawn", "severity": "high", "isDirect": false, "via": [{"source": 1100562, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<6.0.6"}, {"source": 1100563, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.0.0 <7.0.5"}], "effects": ["yarn-install"], "range": "<6.0.6 || >=7.0.0 <7.0.5", "nodes": ["", "node_modules/yarn-install/node_modules/cross-spawn"], "fixAvailable": {"name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true}}, "devtools": {"name": "devtools", "severity": "high", "isDirect": false, "via": ["puppeteer-core"], "effects": [], "range": ">=7.16.5", "nodes": ["node_modules/devtools"], "fixAvailable": true}, "engine.io": {"name": "engine.io", "severity": "high", "isDirect": false, "via": ["cookie", "ws"], "effects": ["socket.io"], "range": "0.7.8 - 0.7.9 || 1.8.0 - 6.6.1", "nodes": [""], "fixAvailable": true}, "micromatch": {"name": "micromatch", "severity": "moderate", "isDirect": false, "via": [{"source": 1098681, "name": "micromatch", "dependency": "micromatch", "title": "Regular Expression Denial of Service (ReDoS) in micromatch", "url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv", "severity": "moderate", "cwe": ["CWE-1333"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<4.0.8"}], "effects": [], "range": "<4.0.8", "nodes": [""], "fixAvailable": true}, "mwbot": {"name": "mwbot", "severity": "moderate", "isDirect": false, "via": ["request"], "effects": ["wdio-mediawiki"], "range": ">=0.1.6", "nodes": ["node_modules/mwbot"], "fixAvailable": false}, "openapi-validator": {"name": "openapi-validator", "severity": "moderate", "isDirect": false, "via": ["axios"], "effects": ["chai-openapi-response-validator"], "range": ">=0.14.2-alpha.0", "nodes": ["node_modules/openapi-validator"], "fixAvailable": {"name": "chai-openapi-response-validator", "version": "0.14.1", "isSemVerMajor": true}}, "puppeteer-core": {"name": "puppeteer-core", "severity": "high", "isDirect": false, "via": ["ws"], "effects": ["devtools", "webdriverio"], "range": "11.0.0 - 22.11.1", "nodes": ["node_modules/puppeteer-core"], "fixAvailable": {"name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true}}, "request": {"name": "request", "severity": "moderate", "isDirect": false, "via": [{"source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": ["CWE-918"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<=2.88.2"}, "tough-cookie"], "effects": ["mwbot"], "range": "*", "nodes": ["node_modules/request"], "fixAvailable": false}, "socket.io": {"name": "socket.io", "severity": "moderate", "isDirect": false, "via": [{"source": 1100550, "name": "socket.io", "dependency": "socket.io", "title": "socket.io has an unhandled 'error' event", "url": "https://github.com/advisories/GHSA-25hc-qcg6-38wj", "severity": "moderate", "cwe": ["CWE-20", "CWE-754"], "cvss": {"score": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "range": ">=3.0.0 <4.6.2"}, "engine.io"], "effects": [], "range": "1.6.0 - 4.7.5", "nodes": [""], "fixAvailable": true}, "socket.io-adapter": {"name": "socket.io-adapter", "severity": "high", "isDirect": false, "via": ["ws"], "effects": [], "range": "2.5.2 - 2.5.4", "nodes": [""], "fixAvailable": true}, "tough-cookie": {"name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [{"source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": "<4.1.3"}], "effects": ["request"], "range": "<4.1.3", "nodes": ["node_modules/tough-cookie"], "fixAvailable": false}, "wdio-mediawiki": {"name": "wdio-mediawiki", "severity": "moderate", "isDirect": true, "via": ["mwbot"], "effects": [], "range": "*", "nodes": ["node_modules/wdio-mediawiki"], "fixAvailable": false}, "webdriverio": {"name": "webdriverio", "severity": "high", "isDirect": false, "via": ["devtools", "puppeteer-core"], "effects": ["@wdio/cli", "@wdio/runner"], "range": "7.16.5 - 8.40.6", "nodes": ["node_modules/webdriverio"], "fixAvailable": {"name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true}}, "ws": {"name": "ws", "severity": "high", "isDirect": false, "via": [{"source": 1098392, "name": "ws", "dependency": "ws", "title": "ws affected by a DoS when handling a request with many HTTP headers", "url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q", "severity": "high", "cwe": ["CWE-476"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=8.0.0 <8.17.1"}], "effects": ["engine.io", "puppeteer-core", "socket.io-adapter"], "range": "8.0.0 - 8.17.0", "nodes": ["", "node_modules/puppeteer-core/node_modules/ws"], "fixAvailable": {"name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true}}, "yarn-install": {"name": "yarn-install", "severity": "high", "isDirect": false, "via": ["cross-spawn"], "effects": ["@wdio/cli"], "range": "*", "nodes": [""], "fixAvailable": {"name": "@wdio/cli", "version": "9.3.0", "isSemVerMajor": true}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 1, "moderate": 9, "high": 14, "critical": 0, "total": 24}, "dependencies": {"prod": 1, "dev": 1493, "optional": 4, "peer": 2, "peerOptional": 0, "total": 1493}}}} $ /usr/bin/npm audit fix --only=dev --- stderr --- npm WARN invalid config only="dev" set in command line options npm WARN invalid config Must be one of: null, prod, production --- stdout --- added 14 packages, removed 1 package, changed 18 packages, and audited 1493 packages in 6s 170 packages are looking for funding run `npm fund` for details # npm audit report axios 0.8.1 - 0.27.2 Severity: moderate Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx fix available via `npm audit fix --force` Will install chai-openapi-response-validator@0.14.1, which is a breaking change node_modules/axios openapi-validator >=0.14.2-alpha.0 Depends on vulnerable versions of axios node_modules/openapi-validator chai-openapi-response-validator 0.11.2 || >=0.14.2-alpha.0 Depends on vulnerable versions of openapi-validator node_modules/chai-openapi-response-validator cross-spawn <6.0.6 Severity: high Regular Expression Denial of Service (ReDoS) in cross-spawn - https://github.com/advisories/GHSA-3xgq-45jj-v275 fix available via `npm audit fix --force` Will install @wdio/cli@9.3.0, which is a breaking change node_modules/yarn-install/node_modules/cross-spawn yarn-install * Depends on vulnerable versions of cross-spawn node_modules/yarn-install @wdio/cli 5.4.10 - 8.40.6 Depends on vulnerable versions of webdriverio Depends on vulnerable versions of yarn-install node_modules/@wdio/cli @wdio/junit-reporter 6.0.4 - 8.0.0-alpha.631 Depends on vulnerable versions of @wdio/cli node_modules/@wdio/junit-reporter @wdio/local-runner 6.0.4 - 8.40.6 Depends on vulnerable versions of @wdio/cli Depends on vulnerable versions of @wdio/runner node_modules/@wdio/local-runner @wdio/spec-reporter 6.0.4 - 8.0.0-alpha.631 Depends on vulnerable versions of @wdio/cli node_modules/@wdio/spec-reporter request * Severity: moderate Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6 Depends on vulnerable versions of tough-cookie No fix available node_modules/request mwbot >=0.1.6 Depends on vulnerable versions of request node_modules/mwbot wdio-mediawiki * Depends on vulnerable versions of mwbot node_modules/wdio-mediawiki tough-cookie <4.1.3 Severity: moderate tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3 No fix available node_modules/tough-cookie ws 8.0.0 - 8.17.0 Severity: high ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q fix available via `npm audit fix --force` Will install @wdio/cli@9.3.0, which is a breaking change node_modules/puppeteer-core/node_modules/ws puppeteer-core 11.0.0 - 22.11.1 Depends on vulnerable versions of ws node_modules/puppeteer-core devtools >=7.16.5 Depends on vulnerable versions of puppeteer-core node_modules/devtools webdriverio 7.16.5 - 8.40.6 Depends on vulnerable versions of devtools Depends on vulnerable versions of puppeteer-core node_modules/webdriverio @wdio/runner 7.16.5 - 8.40.6 Depends on vulnerable versions of webdriverio node_modules/@wdio/runner 18 vulnerabilities (7 moderate, 11 high) To address issues that do not require attention, run: npm audit fix To address all issues possible (including breaking changes), run: npm audit fix --force Some issues need review, and may require choosing a different dependency. --- end --- Verifying that tests still pass $ /usr/bin/npm ci --- stderr --- npm WARN deprecated @types/easy-table@1.2.0: This is a stub types definition. easy-table provides its own type definitions, so you do not need this installed. npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated date-format@0.0.2: 0.x is no longer supported. Please upgrade to 4.x or higher. npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead npm WARN deprecated formidable@1.2.6: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 npm WARN deprecated superagent@6.1.0: Please upgrade to v7.0.2+ of superagent. We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing. See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>. Thanks to @shadowgate15, @spence-s, and @niftylettuce. Superagent is sponsored by Forward Email at <https://forwardemail.net>. --- stdout --- added 1492 packages, and audited 1493 packages in 25s 170 packages are looking for funding run `npm fund` for details 18 vulnerabilities (7 moderate, 11 high) To address issues that do not require attention, run: npm audit fix To address all issues possible (including breaking changes), run: npm audit fix --force Some issues need review, and may require choosing a different dependency. Run `npm audit` for details. --- end --- $ /usr/bin/npm test --- stderr --- PASS tests/jest/mediawiki.special.block/stores/block.test.js PASS tests/jest/mediawiki.special.block/BlockLog.test.js PASS tests/jest/mediawiki.special.block/UserLookup.test.js PASS tests/jest/mediawiki.special.block/ExpiryField.test.js PASS tests/jest/mediawiki.special.block/SpecialBlock.test.js (6.151 s) Test Suites: 5 passed, 5 total Tests: 24 passed, 24 total Snapshots: 0 total Time: 7.871 s, estimated 8 s Ran all test suites. --- stdout --- > test > grunt lint && npm run doc && npm run jest Running "eslint:all" (eslint) task /src/repo/resources/src/jquery/jquery.makeCollapsible.js 425:1 warning Syntax error in namepath: ~'wikipage.collapsibleContent' jsdoc/valid-types /src/repo/resources/src/mediawiki.action.edit/edit.js 12:1 warning Syntax error in namepath: ~'wikipage.editform' jsdoc/valid-types /src/repo/resources/src/mediawiki.action/mediawiki.action.view.postEdit.js 21:1 warning Syntax error in namepath: ~'postEdit' jsdoc/valid-types 36:1 warning Syntax error in namepath: ~'postEdit.afterRemoval' jsdoc/valid-types /src/repo/resources/src/mediawiki.authenticationPopup/index.js 38:1 warning The type 'userinfo' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.base/errorLogger.js 8:1 warning Syntax error in namepath: ~'global.error' jsdoc/valid-types 22:1 warning Syntax error in namepath: ~'error.caught' jsdoc/valid-types /src/repo/resources/src/mediawiki.base/log.js 14:1 warning Found more than one @return declaration jsdoc/require-returns 14:1 warning Found more than one @return declaration jsdoc/require-returns-check /src/repo/resources/src/mediawiki.base/mediawiki.base.js 217:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 243:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.diff/inlineFormatToggle.js 150:1 warning Syntax error in namepath: ~'wikipage.diff.wikitextDiffBody' jsdoc/valid-types 162:1 warning Syntax error in namepath: ~'wikipage.diff.diffTypeSwitch' jsdoc/valid-types /src/repo/resources/src/mediawiki.editRecovery/edit.js 173:1 warning Syntax error in namepath: ~'editRecovery.loadEnd' jsdoc/valid-types /src/repo/resources/src/mediawiki.htmlform/cond-state.js 48:1 warning Found more than one @return declaration jsdoc/require-returns-check /src/repo/resources/src/mediawiki.htmlform/htmlform.js 5:1 warning Syntax error in namepath: ~'htmlform.enhance' jsdoc/valid-types /src/repo/resources/src/mediawiki.inspect.js 61:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 91:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 112:2 warning Found more than one @return declaration jsdoc/require-returns 112:2 warning Found more than one @return declaration jsdoc/require-returns-check 121:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 152:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 164:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 175:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types 203:1 warning The type 'mediawiki' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.jqueryMsg/mediawiki.jqueryMsg.js 142:1 warning Found more than one @return declaration jsdoc/require-returns 142:1 warning Found more than one @return declaration jsdoc/require-returns-check /src/repo/resources/src/mediawiki.language.months/months.js 44:1 warning The type 'Months' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.notification.convertmessagebox.js 13:1 warning Syntax error in namepath: (require("mediawiki.notification.convertmessagebox")) jsdoc/valid-types /src/repo/resources/src/mediawiki.page.preview.js 416:1 warning Syntax error in namepath: ~'wikipage.tableOfContents' jsdoc/valid-types /src/repo/resources/src/mediawiki.page.ready/ready.js 96:1 warning Syntax error in namepath: ~'wikipage.indicators' jsdoc/valid-types 116:1 warning Syntax error in namepath: ~'wikipage.content' jsdoc/valid-types 137:1 warning Syntax error in namepath: ~'wikipage.categories' jsdoc/valid-types 153:1 warning Syntax error in namepath: ~'wikipage.diff' jsdoc/valid-types 184:1 warning Syntax error in namepath: ~'skin.logout' jsdoc/valid-types /src/repo/resources/src/mediawiki.page.watch.ajax/watch-ajax.js 128:1 warning Syntax error in namepath: ~'wikipage.watchlistChange' jsdoc/valid-types /src/repo/resources/src/mediawiki.rcfilters/Controller.js 330:1 warning Found more than one @return declaration jsdoc/require-returns 330:1 warning Found more than one @return declaration jsdoc/require-returns-check 550:1 warning Syntax error in namepath: ~'RcFilters.highlight.enable' jsdoc/valid-types /src/repo/resources/src/mediawiki.rcfilters/dm/FilterItem.js 81:1 warning Found more than one @return declaration jsdoc/require-returns 81:1 warning Found more than one @return declaration jsdoc/require-returns-check 335:1 warning The type 'update' is undefined jsdoc/no-undefined-types 351:1 warning The type 'update' is undefined jsdoc/no-undefined-types 366:1 warning The type 'update' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.rcfilters/dm/FiltersViewModel.js 1185:1 warning The type 'searchChange' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.rcfilters/mw.rcfilters.js 176:1 warning Syntax error in namepath: ~'structuredChangeFilters.ui.initialized' jsdoc/valid-types /src/repo/resources/src/mediawiki.rcfilters/ui/FilterTagMultiselectWidget.js 400:1 warning Syntax error in namepath: ~'RcFilters.popup.open' jsdoc/valid-types /src/repo/resources/src/mediawiki.searchSuggest/searchSuggest.js 52:1 warning The type 'ResponseMetaData' is undefined jsdoc/no-undefined-types 59:1 warning The type 'ResponseFunction' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.special.apisandbox/ApiSandboxLayout.js 44:1 warning Found more than one @return declaration jsdoc/require-returns 44:1 warning Found more than one @return declaration jsdoc/require-returns-check /src/repo/resources/src/mediawiki.special.block/SpecialBlock.vue 25:10 warning 'v-html' directive can lead to XSS attack vue/no-v-html /src/repo/resources/src/mediawiki.template.js 26:1 warning The type 'TemplateRenderer' is undefined jsdoc/no-undefined-types 40:1 warning The type 'TemplateRenderFunction' is undefined jsdoc/no-undefined-types 45:1 warning The type 'TemplateCompileFunction' is undefined jsdoc/no-undefined-types 61:1 warning The type 'TemplateCompiler' is undefined jsdoc/no-undefined-types 88:1 warning The type 'TemplateCompiler' is undefined jsdoc/no-undefined-types 107:1 warning The type 'TemplateRenderer' is undefined jsdoc/no-undefined-types 125:1 warning The type 'TemplateRenderer' is undefined jsdoc/no-undefined-types 147:1 warning The type 'TemplateRenderer' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.util/util.js 626:1 warning Syntax error in namepath: ~'util.addPortlet' jsdoc/valid-types 794:1 warning Syntax error in namepath: ~'util.addPortletLink' jsdoc/valid-types /src/repo/resources/src/mediawiki.widgets.datetime/DateTimeFormatter.js 268:1 warning The type 'FieldSpecificationObject' is undefined jsdoc/no-undefined-types 632:1 warning The type 'CalendarGridData' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.widgets.datetime/DiscordianDateTimeFormatter.js 74:1 warning The type 'FieldSpecificationObject' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.widgets.datetime/ProlepticGregorianDateTimeFormatter.js 306:1 warning The type 'FieldSpecificationObject' is undefined jsdoc/no-undefined-types /src/repo/resources/src/mediawiki.widgets/mw.widgets.NamespaceInputWidget.js 50:1 warning The type 'DropdownOptions' is undefined jsdoc/no-undefined-types /src/repo/resources/src/startup/mediawiki.loader.js 61:1 warning Syntax error in namepath: ~'resourceloader.exception' jsdoc/valid-types /src/repo/tests/qunit/data/testrunner.js 72:2 warning Missing JSDoc @return declaration jsdoc/require-returns /src/repo/tests/selenium/wdio-mediawiki/Util.js 35:1 warning This line has a length of 107. Maximum allowed is 100 max-len ✖ 70 problems (0 errors, 70 warnings) Running "banana:core" (banana) task >> The "se" translation has 41 translations with trailing whitespace: >> * pool-errorunknown >> * badaccess >> * timeouterror >> * botpasswords-summary >> * botpasswords-disabled >> * botpasswords-no-central-id >> * botpasswords-update-failed >> * passwordreset-emailtext-ip >> * passwordreset-emailtext-user >> * changeemail-nochange >> * blankarticle >> * previewerrortext >> * missing-revision >> * confirmleave-warning >> * difference-bad-new-revision >> * search-rewritten >> * linterror-misc-tidy-replacement-issues >> * userrights-expiry-none >> * right-viewsuppressed >> * right-import >> * action-viewsuppressed >> * rcfilters-savedqueries-setdefault >> * rcfilters-filtergroup-watchlistactivity >> * rc-old-title >> * http-timed-out >> * http-curl-error >> * pageswithprop-reverse >> * mostlinkedtemplates >> * badrevision >> * allpagesfrom >> * email-legend >> * timezone-local >> * mediastatistics-header-office >> * special-characters-group-hebrew >> * specialpage-securitylevel-not-allowed-title >> * passwordpolicies-policy-passwordcannotmatchdefaults >> * renameuser-linkoncontribs-text >> * renameusersuppress >> * renameuser-error-temp-user-reserved >> * action-renameuser >> * right-renameuser >> 1 message directory checked. Running "banana:codex" (banana) task >> 1 message directory checked. Running "banana:exif" (banana) task >> 1 message directory checked. Running "banana:preferences" (banana) task >> The "se" translation has 5 translations with trailing whitespace: >> * tog-enotifusertalkpages >> * timezoneregion-america >> * tog-previewonfirst >> * prefs-changesrc >> * prefs-changeswatchlist >> 1 message directory checked. Running "banana:api" (banana) task >> 1 message directory checked. Running "banana:rest" (banana) task >> 1 message directory checked. Running "banana:installer" (banana) task >> The "frc" translation has 1 translation with trailing whitespace: >> * config-page-complete >> 1 message directory checked. Running "banana:paramvalidator" (banana) task >> 1 message directory checked. Running "stylelint:resources" (stylelint) task >> resources/src/mediawiki.action/mediawiki.action.view.filepage.less >> 211:1 ⚠ Unexpected browser feature "prefers-color-scheme" is not supported by Firefox 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66, Chrome 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75, Safari 10,11,12,10.1,11.1, Safari on iOS 10.0-10.2,10.3,11.0-11.2,11.3-11.4,12.0-12.1,12.2-12.5 plugin/no-unsupported-browser-features >> >> resources/src/mediawiki.skinning/elements.less >> 75:2 ⚠ Unexpected browser feature "flow-root" is not supported by Firefox 49,50,51,52, Chrome 49,50,51,52,53,54,55,56,57, Safari 10,11,12,10.1,11.1,12.1, Safari on iOS 10.0-10.2,10.3,11.0-11.2,11.3-11.4,12.0-12.1,12.2-12.5 plugin/no-unsupported-browser-features >> >> resources/src/mediawiki.special.block/components/ExpiryField.vue >> 250:1 ⚠ Unexpected browser feature "flexbox-gap" is not supported by Edge 79,80,81,83, Firefox 49,50,51,52,53,54,55,56,57,58,59,60,61,62, Chrome 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,83, Safari 10,11,12,13,14,10.1,11.1,12.1,13.1, Safari on iOS 10.0-10.2,10.3,11.0-11.2,11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4 plugin/no-unsupported-browser-features >> 259:2 ⚠ Unexpected browser feature "flexbox-gap" is not supported by Edge 79,80,81,83, Firefox 49,50,51,52,53,54,55,56,57,58,59,60,61,62, Chrome 49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,83, Safari 10,11,12,13,14,10.1,11.1,12.1,13.1, Safari on iOS 10.0-10.2,10.3,11.0-11.2,11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4 plugin/no-unsupported-browser-features >> >> ⚠ 4 problems (0 errors, 4 warnings) ⚠ 4 warnings >> Linted 209 files without errors Running "stylelint:config" (stylelint) task >> Linted 1 files without errors Done. > doc > jsdoc -c jsdoc.json > jest > jest --config tests/jest/jest.config.js --- end --- {"1099520": {"source": 1099520, "name": "body-parser", "dependency": "body-parser", "title": "body-parser vulnerable to denial of service when url encoding is enabled", "url": "https://github.com/advisories/GHSA-qwcr-r2fm-qrc7", "severity": "high", "cwe": ["CWE-405"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<1.20.3"}} Upgrading n:body-parser from 1.19.2 -> 1.20.3 {"1099846": {"source": 1099846, "name": "cookie", "dependency": "cookie", "title": "cookie accepts cookie name, path, and domain with out of bounds characters", "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x", "severity": "low", "cwe": ["CWE-74"], "cvss": {"score": 0, "vectorString": null}, "range": "<0.7.0"}} Upgrading n:cookie from 0.4.2 -> 0.7.2 {} {"1099846": {"source": 1099846, "name": "cookie", "dependency": "cookie", "title": "cookie accepts cookie name, path, and domain with out of bounds characters", "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x", "severity": "low", "cwe": ["CWE-74"], "cvss": {"score": 0, "vectorString": null}, "range": "<0.7.0"}} Upgrading n:engine.io from 6.4.2 -> 6.6.2 {"1098681": {"source": 1098681, "name": "micromatch", "dependency": "micromatch", "title": "Regular Expression Denial of Service (ReDoS) in micromatch", "url": "https://github.com/advisories/GHSA-952p-6rrq-rcjv", "severity": "moderate", "cwe": ["CWE-1333"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<4.0.8"}} Upgrading n:micromatch from 4.0.7 -> 4.0.8 {"1100550": {"source": 1100550, "name": "socket.io", "dependency": "socket.io", "title": "socket.io has an unhandled 'error' event", "url": "https://github.com/advisories/GHSA-25hc-qcg6-38wj", "severity": "moderate", "cwe": ["CWE-20", "CWE-754"], "cvss": {"score": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "range": ">=3.0.0 <4.6.2"}, "1099846": {"source": 1099846, "name": "cookie", "dependency": "cookie", "title": "cookie accepts cookie name, path, and domain with out of bounds characters", "url": "https://github.com/advisories/GHSA-pxg6-pf52-xh8x", "severity": "low", "cwe": ["CWE-74"], "cvss": {"score": 0, "vectorString": null}, "range": "<0.7.0"}} Upgrading n:socket.io from 4.6.1 -> 4.8.1 {} $ package-lock-lint package-lock.json --- stdout --- Checking package-lock.json --- end --- build: Updating npm dependencies * grunt-stylelint: 0.20.0 → 0.20.1 * body-parser: 1.19.2 → 1.20.3 * https://github.com/advisories/GHSA-qwcr-r2fm-qrc7 * cookie: 0.4.2 → 0.7.2 * https://github.com/advisories/GHSA-pxg6-pf52-xh8x * engine.io: 6.4.2 → 6.6.2 * https://github.com/advisories/GHSA-pxg6-pf52-xh8x * micromatch: 4.0.7 → 4.0.8 * https://github.com/advisories/GHSA-952p-6rrq-rcjv * socket.io: 4.6.1 → 4.8.1 * https://github.com/advisories/GHSA-25hc-qcg6-38wj * https://github.com/advisories/GHSA-pxg6-pf52-xh8x Additional changes: * Also sorted "composer fix" command to run phpcbf last. $ git add . --- stdout --- --- end --- $ git commit -F /tmp/tmpwwg_lv4_ --- stdout --- [master 0ab56c3] build: Updating npm dependencies 3 files changed, 498 insertions(+), 178 deletions(-) --- end --- $ git format-patch HEAD~1 --stdout --- stdout --- From 0ab56c33437b025b0fc31831a2bf50982388d6ce Mon Sep 17 00:00:00 2001 From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org> Date: Thu, 21 Nov 2024 00:45:40 +0000 Subject: [PATCH] build: Updating npm dependencies MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * grunt-stylelint: 0.20.0 → 0.20.1 * body-parser: 1.19.2 → 1.20.3 * https://github.com/advisories/GHSA-qwcr-r2fm-qrc7 * cookie: 0.4.2 → 0.7.2 * https://github.com/advisories/GHSA-pxg6-pf52-xh8x * engine.io: 6.4.2 → 6.6.2 * https://github.com/advisories/GHSA-pxg6-pf52-xh8x * micromatch: 4.0.7 → 4.0.8 * https://github.com/advisories/GHSA-952p-6rrq-rcjv * socket.io: 4.6.1 → 4.8.1 * https://github.com/advisories/GHSA-25hc-qcg6-38wj * https://github.com/advisories/GHSA-pxg6-pf52-xh8x Additional changes: * Also sorted "composer fix" command to run phpcbf last. Change-Id: I9791d22b50ed0f07d1ff2b054caa23f8e9faabd9 --- composer.json | 4 +- package-lock.json | 670 ++++++++++++++++++++++++++++++++++------------ package.json | 2 +- 3 files changed, 498 insertions(+), 178 deletions(-) diff --git a/composer.json b/composer.json index efdf8af..50369f1 100644 --- a/composer.json +++ b/composer.json @@ -159,8 +159,8 @@ "phan": "phan -d . --long-progress-bar", "phpcs": "phpcs -p -s --cache", "fix": [ - "phpcbf", - "minus-x fix ." + "minus-x fix .", + "phpcbf" ], "pre-install-cmd": "MediaWiki\\Composer\\VersionChecker::onEvent", "pre-update-cmd": "MediaWiki\\Composer\\VersionChecker::onEvent", diff --git a/package-lock.json b/package-lock.json index 10d8f43..90d1ffa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -29,7 +29,7 @@ "grunt-contrib-watch": "1.1.0", "grunt-eslint": "24.3.0", "grunt-karma": "4.0.2", - "grunt-stylelint": "0.20.0", + "grunt-stylelint": "0.20.1", "jest": "29.7.0", "jest-environment-jsdom": "29.7.0", "jsdoc": "4.0.2", @@ -3577,9 +3577,9 @@ } }, "node_modules/@socket.io/component-emitter": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.0.tgz", - "integrity": "sha512-+9jVqKhRSpsc591z5vX+X5Yyw+he/HCB4iQ/RYxw35CEPaY1gnsNE43nf9n9AaYjAQrTiI/mOwKUKdUs9vf7Xg==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.2.tgz", + "integrity": "sha512-9BCxFwvbGg/RsZK9tjXd8s4UcwR0MWeFQ1XEKIQVVvAGJyINdrqKMcTRyLoK8Rse1GjzLV9cwjWV1olXRWEXVA==", "dev": true }, "node_modules/@stylistic/stylelint-config": { @@ -3736,9 +3736,9 @@ "dev": true }, "node_modules/@types/cors": { - "version": "2.8.13", - "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.13.tgz", - "integrity": "sha512-RG8AStHlUiV5ysZQKq97copd2UmVYw3/pRMLefISZ3S1hK104Cwm7iLQ3fTKx+lsUH2CE8FlLaYeEA2LSeqYUA==", + "version": "2.8.17", + "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.17.tgz", + "integrity": "sha512-8CGDvrBj1zgo2qE+oS3pOCyYNqCPryMWY2bGfwA0dcfopWGgxs+78df0Rs3rc9THP4JkOhLsAa+15VdpAqkcUA==", "dev": true, "dependencies": { "@types/node": "*" @@ -5576,24 +5576,27 @@ } }, "node_modules/body-parser": { - "version": "1.19.2", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.2.tgz", - "integrity": "sha512-SAAwOxgoCKMGs9uUAUFHygfLAyaniaoun6I8mFY9pRAJL9+Kec34aU+oIjDhTycub1jozEfEwx1W1IuOYxVSFw==", + "version": "1.20.3", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", + "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", "dev": true, "dependencies": { "bytes": "3.1.2", - "content-type": "~1.0.4", + "content-type": "~1.0.5", "debug": "2.6.9", - "depd": "~1.1.2", - "http-errors": "1.8.1", + "depd": "2.0.0", + "destroy": "1.2.0", + "http-errors": "2.0.0", "iconv-lite": "0.4.24", - "on-finished": "~2.3.0", - "qs": "6.9.7", - "raw-body": "2.4.3", - "type-is": "~1.6.18" + "on-finished": "2.4.1", + "qs": "6.13.0", + "raw-body": "2.5.2", + "type-is": "~1.6.18", + "unpipe": "1.0.0" }, "engines": { - "node": ">= 0.8" + "node": ">= 0.8", + "npm": "1.2.8000 || >= 1.4.16" } }, "node_modules/body-parser/node_modules/debug": { @@ -5611,6 +5614,18 @@ "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", "dev": true }, + "node_modules/body-parser/node_modules/on-finished": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", + "integrity": "sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==", + "dev": true, + "dependencies": { + "ee-first": "1.1.1" + }, + "engines": { + "node": ">= 0.8" + } + }, "node_modules/body/node_modules/bytes": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/bytes/-/bytes-1.0.0.tgz", @@ -6021,6 +6036,25 @@ "node": ">=8" } }, + "node_modules/call-bind": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", + "dev": true, + "dependencies": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "set-function-length": "^1.2.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/call-me-maybe": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/call-me-maybe/-/call-me-maybe-1.0.2.tgz", @@ -6456,9 +6490,9 @@ "dev": true }, "node_modules/content-type": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz", - "integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==", + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz", + "integrity": "sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==", "dev": true, "engines": { "node": ">= 0.6" @@ -6477,9 +6511,9 @@ "dev": true }, "node_modules/cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "version": "0.7.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz", + "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==", "dev": true, "engines": { "node": ">= 0.6" @@ -6640,9 +6674,9 @@ } }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, "dependencies": { "path-key": "^3.1.0", @@ -7015,6 +7049,23 @@ "node": ">=10" } }, + "node_modules/define-data-property": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", + "dev": true, + "dependencies": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "gopd": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/delayed-stream": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", @@ -7025,12 +7076,12 @@ } }, "node_modules/depd": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", - "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==", "dev": true, "engines": { - "node": ">= 0.6" + "node": ">= 0.8" } }, "node_modules/dequal": { @@ -7042,6 +7093,16 @@ "node": ">=6" } }, + "node_modules/destroy": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", + "integrity": "sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==", + "dev": true, + "engines": { + "node": ">= 0.8", + "npm": "1.2.8000 || >= 1.4.16" + } + }, "node_modules/detect-file": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/detect-file/-/detect-file-1.0.0.tgz", @@ -7473,9 +7534,9 @@ } }, "node_modules/engine.io": { - "version": "6.4.2", - "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.4.2.tgz", - "integrity": "sha512-FKn/3oMiJjrOEOeUub2WCox6JhxBXq/Zn3fZOMCBxKnNYtsdKjxhl7yR3fZhM9PV+rdE75SU5SYMc+2PGzo+Tg==", + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.6.2.tgz", + "integrity": "sha512-gmNvsYi9C8iErnZdVcJnvCpSKbWTt1E8+JZo8b+daLninywUWi5NQ5STSHZ9rFjFO7imNcvb8Pc5pe/wMR5xEw==", "dev": true, "dependencies": { "@types/cookie": "^0.4.1", @@ -7483,20 +7544,20 @@ "@types/node": ">=10.0.0", "accepts": "~1.3.4", "base64id": "2.0.0", - "cookie": "~0.4.1", + "cookie": "~0.7.2", "cors": "~2.8.5", "debug": "~4.3.1", - "engine.io-parser": "~5.0.3", - "ws": "~8.11.0" + "engine.io-parser": "~5.2.1", + "ws": "~8.17.1" }, "engines": { - "node": ">=10.0.0" + "node": ">=10.2.0" } }, "node_modules/engine.io-parser": { - "version": "5.0.6", - "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.0.6.tgz", - "integrity": "sha512-tjuoZDMAdEhVnSFleYPCtdL2GXwVTGtNjoeJd9IhIG3C1xs9uwxqRNEu5WpnDZCaozwVlK/nuQhpodhXSIMaxw==", + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.2.3.tgz", + "integrity": "sha512-HqD3yTBfnBxIrbnM1DoD6Pcq8NECnh8d4As1Qgh0z5Gg3jRRIqijury0CL3ghu/edArpUYiYqQiDUQBIs4np3Q==", "dev": true, "engines": { "node": ">=10.0.0" @@ -7560,6 +7621,27 @@ "is-arrayish": "^0.2.1" } }, + "node_modules/es-define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", + "dev": true, + "dependencies": { + "get-intrinsic": "^1.2.4" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/escalade": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", @@ -7713,12 +7795,6 @@ "eslint-plugin-yml": "^1.14.0" } }, - "node_modules/eslint-config-wikimedia/node_modules/browserslist-config-wikimedia": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/browserslist-config-wikimedia/-/browserslist-config-wikimedia-0.7.0.tgz", - "integrity": "sha512-CTa0lv78dXKEgrYsOLCkqO+9UUS3CV9MWEOYHcymgEvx4mYxB80sCoKRCR7wW2SOMNxjaP9hohrZripjnKuRTA==", - "dev": true - }, "node_modules/eslint-plugin-compat": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/eslint-plugin-compat/-/eslint-plugin-compat-4.2.0.tgz", @@ -8926,6 +9002,25 @@ "node": "*" } }, + "node_modules/get-intrinsic": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", + "dev": true, + "dependencies": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "has-proto": "^1.0.1", + "has-symbols": "^1.0.3", + "hasown": "^2.0.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", @@ -9149,6 +9244,18 @@ "node": "*" } }, + "node_modules/gopd": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", + "dev": true, + "dependencies": { + "get-intrinsic": "^1.1.3" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/got": { "version": "11.8.6", "resolved": "https://registry.npmjs.org/got/-/got-11.8.6.tgz", @@ -9375,9 +9482,9 @@ "dev": true }, "node_modules/grunt-stylelint": { - "version": "0.20.0", - "resolved": "https://registry.npmjs.org/grunt-stylelint/-/grunt-stylelint-0.20.0.tgz", - "integrity": "sha512-TG17gIrP2//lNq5G0YOXFC55WjXOI5Ybib3XVlatEuZcATlo/FO7cfVMgAAxbO2k6f45LP/naS/3iJTod0dVjg==", + "version": "0.20.1", + "resolved": "https://registry.npmjs.org/grunt-stylelint/-/grunt-stylelint-0.20.1.tgz", + "integrity": "sha512-tDep9ceEerB+fK6CkzPBXu5qPM7RuwCRgfrtwugEyYYnxINreMZktqQU5eoTW+MhhFj81uWQQnxf+c4geyAmQg==", "dev": true, "dependencies": { "chalk": "^4.1.2" @@ -9486,6 +9593,42 @@ "node": ">=8" } }, + "node_modules/has-property-descriptors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", + "dev": true, + "dependencies": { + "es-define-property": "^1.0.0" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/has-proto": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==", + "dev": true, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/has-symbols": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", + "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==", + "dev": true, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/hasown": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.0.tgz", @@ -9590,19 +9733,28 @@ "dev": true }, "node_modules/http-errors": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.8.1.tgz", - "integrity": "sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", + "integrity": "sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==", "dev": true, "dependencies": { - "depd": "~1.1.2", + "depd": "2.0.0", "inherits": "2.0.4", "setprototypeof": "1.2.0", - "statuses": ">= 1.5.0 < 2", + "statuses": "2.0.1", "toidentifier": "1.0.1" }, "engines": { - "node": ">= 0.6" + "node": ">= 0.8" + } + }, + "node_modules/http-errors/node_modules/statuses": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==", + "dev": true, + "engines": { + "node": ">= 0.8" } }, "node_modules/http-parser-js": { @@ -13120,9 +13272,9 @@ } }, "node_modules/micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "dependencies": { "braces": "^3.0.3", @@ -14718,10 +14870,13 @@ } }, "node_modules/qs": { - "version": "6.9.7", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.7.tgz", - "integrity": "sha512-IhMFgUmuNpyRfxA90umL7ByLlgRXu6tIfKPpF5TmcfRLlLCckfP/g3IQmju6jjpu+Hh8rA+2p6A27ZSPOOHdKw==", + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", + "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", "dev": true, + "dependencies": { + "side-channel": "^1.0.6" + }, "engines": { "node": ">=0.6" }, @@ -14815,13 +14970,13 @@ } }, "node_modules/raw-body": { - "version": "2.4.3", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.3.tgz", - "integrity": "sha512-UlTNLIcu0uzb4D2f4WltY6cVjLi+/jEN4lgEUj3E04tpMDpUlkBo/eSn6zou9hum2VMNpCCUone0O0WeJim07g==", + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", + "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==", "dev": true, "dependencies": { "bytes": "3.1.2", - "http-errors": "1.8.1", + "http-errors": "2.0.0", "iconv-lite": "0.4.24", "unpipe": "1.0.0" }, @@ -15624,6 +15779,23 @@ "randombytes": "^2.1.0" } }, + "node_modules/set-function-length": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", + "dev": true, + "dependencies": { + "define-data-property": "^1.1.4", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "gopd": "^1.0.1", + "has-property-descriptors": "^1.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/setprototypeof": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", @@ -15651,6 +15823,24 @@ "node": ">=8" } }, + "node_modules/side-channel": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==", + "dev": true, + "dependencies": { + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.4", + "object-inspect": "^1.13.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", @@ -15690,35 +15880,37 @@ } }, "node_modules/socket.io": { - "version": "4.6.1", - "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.6.1.tgz", - "integrity": "sha512-KMcaAi4l/8+xEjkRICl6ak8ySoxsYG+gG6/XfRCPJPQ/haCRIJBTL4wIl8YCsmtaBovcAXGLOShyVWQ/FG8GZA==", + "version": "4.8.1", + "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.8.1.tgz", + "integrity": "sha512-oZ7iUCxph8WYRHHcjBEc9unw3adt5CmSNlppj/5Q4k2RIrhl8Z5yY2Xr4j9zj0+wzVZ0bxmYoGSzKJnRl6A4yg==", "dev": true, "dependencies": { "accepts": "~1.3.4", "base64id": "~2.0.0", + "cors": "~2.8.5", "debug": "~4.3.2", - "engine.io": "~6.4.1", + "engine.io": "~6.6.0", "socket.io-adapter": "~2.5.2", - "socket.io-parser": "~4.2.1" + "socket.io-parser": "~4.2.4" }, "engines": { - "node": ">=10.0.0" + "node": ">=10.2.0" } }, "node_modules/socket.io-adapter": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.2.tgz", - "integrity": "sha512-87C3LO/NOMc+eMcpcxUBebGjkpMDkNBS9tf7KJqcDsmL936EChtVva71Dw2q4tQcuVC+hAUy4an2NO/sYXmwRA==", + "version": "2.5.5", + "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.5.tgz", + "integrity": "sha512-eLDQas5dzPgOWCk9GuuJC2lBqItuhKI4uxGgo9aIV7MYbk2h9Q6uULEh8WBzThoI7l+qU9Ast9fVUmkqPP9wYg==", "dev": true, "dependencies": { - "ws": "~8.11.0" + "debug": "~4.3.4", + "ws": "~8.17.1" } }, "node_modules/socket.io-parser": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.3.tgz", - "integrity": "sha512-JMafRntWVO2DCJimKsRTh/wnqVvO4hrfwOqtO7f+uzwsQMuxO6VwImtYxaQ+ieoyshWOTJyV0fA21lccEXRPpQ==", + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.4.tgz", + "integrity": "sha512-/GbIKmo8ioc+NIWIhwdecY0ge+qVBSMdgxGygevmdHj24bsfgtCmcUUcQ5ZzcylGFHsN3k4HB4Cgkl96KVnuew==", "dev": true, "dependencies": { "@socket.io/component-emitter": "~3.1.0", @@ -17227,8 +17419,13 @@ } }, "node_modules/wdio-mediawiki": { - "resolved": "tests/selenium/wdio-mediawiki", - "link": true + "version": "2.5.0", + "resolved": "file:tests/selenium/wdio-mediawiki", + "dev": true, + "license": "MIT", + "dependencies": { + "mwbot": "2.1.3" + } }, "node_modules/webdriver": { "version": "7.33.0", @@ -17486,16 +17683,16 @@ } }, "node_modules/ws": { - "version": "8.11.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.11.0.tgz", - "integrity": "sha512-HPG3wQd9sNQoT9xHyNCXoDUa+Xw/VevmY9FoHyQ+g+rrMn4j6FB4np7Z0OhdTgjx6MgQLK7jwSy1YecU1+4Asg==", + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "dev": true, "engines": { "node": ">=10.0.0" }, "peerDependencies": { "bufferutil": "^4.0.1", - "utf-8-validate": "^5.0.2" + "utf-8-validate": ">=5.0.2" }, "peerDependenciesMeta": { "bufferutil": { @@ -17700,7 +17897,7 @@ "node_modules/yarn-install": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/yarn-install/-/yarn-install-1.0.0.tgz", - "integrity": "sha1-V/RQULgu/VcYKzlzxUqgXLXSUjA=", + "integrity": "sha512-VO1u181msinhPcGvQTVMnHVOae8zjX/NSksR17e6eXHRveDvHCF5mGjh9hkN8mzyfnCqcBe42LdTs7bScuTaeg==", "dev": true, "dependencies": { "cac": "^3.0.3", @@ -17893,14 +18090,6 @@ "funding": { "url": "https://github.com/sponsors/isaacs" } - }, - "tests/selenium/wdio-mediawiki": { - "version": "2.5.0", - "dev": true, - "license": "MIT", - "dependencies": { - "mwbot": "2.1.3" - } } }, "dependencies": { @@ -20472,9 +20661,9 @@ "dev": true }, "@socket.io/component-emitter": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.0.tgz", - "integrity": "sha512-+9jVqKhRSpsc591z5vX+X5Yyw+he/HCB4iQ/RYxw35CEPaY1gnsNE43nf9n9AaYjAQrTiI/mOwKUKdUs9vf7Xg==", + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.2.tgz", + "integrity": "sha512-9BCxFwvbGg/RsZK9tjXd8s4UcwR0MWeFQ1XEKIQVVvAGJyINdrqKMcTRyLoK8Rse1GjzLV9cwjWV1olXRWEXVA==", "dev": true }, "@stylistic/stylelint-config": { @@ -20609,9 +20798,9 @@ "dev": true }, "@types/cors": { - "version": "2.8.13", - "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.13.tgz", - "integrity": "sha512-RG8AStHlUiV5ysZQKq97copd2UmVYw3/pRMLefISZ3S1hK104Cwm7iLQ3fTKx+lsUH2CE8FlLaYeEA2LSeqYUA==", + "version": "2.8.17", + "resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.17.tgz", + "integrity": "sha512-8CGDvrBj1zgo2qE+oS3pOCyYNqCPryMWY2bGfwA0dcfopWGgxs+78df0Rs3rc9THP4JkOhLsAa+15VdpAqkcUA==", "dev": true, "requires": { "@types/node": "*" @@ -22142,21 +22331,23 @@ } }, "body-parser": { - "version": "1.19.2", - "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.2.tgz", - "integrity": "sha512-SAAwOxgoCKMGs9uUAUFHygfLAyaniaoun6I8mFY9pRAJL9+Kec34aU+oIjDhTycub1jozEfEwx1W1IuOYxVSFw==", + "version": "1.20.3", + "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.3.tgz", + "integrity": "sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g==", "dev": true, "requires": { "bytes": "3.1.2", - "content-type": "~1.0.4", + "content-type": "~1.0.5", "debug": "2.6.9", - "depd": "~1.1.2", - "http-errors": "1.8.1", + "depd": "2.0.0", + "destroy": "1.2.0", + "http-errors": "2.0.0", "iconv-lite": "0.4.24", - "on-finished": "~2.3.0", - "qs": "6.9.7", - "raw-body": "2.4.3", - "type-is": "~1.6.18" + "on-finished": "2.4.1", + "qs": "6.13.0", + "raw-body": "2.5.2", + "type-is": "~1.6.18", + "unpipe": "1.0.0" }, "dependencies": { "debug": { @@ -22173,6 +22364,15 @@ "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A==", "dev": true + }, + "on-finished": { + "version": "2.4.1", + "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz", + "integrity": "sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==", + "dev": true, + "requires": { + "ee-first": "1.1.1" + } } } }, @@ -22445,6 +22645,19 @@ "responselike": "^2.0.0" } }, + "call-bind": { + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", + "dev": true, + "requires": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "set-function-length": "^1.2.1" + } + }, "call-me-maybe": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/call-me-maybe/-/call-me-maybe-1.0.2.tgz", @@ -22781,9 +22994,9 @@ } }, "content-type": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz", - "integrity": "sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==", + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz", + "integrity": "sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA==", "dev": true }, "continuable-cache": { @@ -22799,9 +23012,9 @@ "dev": true }, "cookie": { - "version": "0.4.2", - "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.2.tgz", - "integrity": "sha512-aSWTXFzaKWkvHO1Ny/s+ePFpvKsPnjc551iI41v3ny/ow6tBG5Vd+FuqGNhh1LxOmVzOlGUriIlOaokOvhaStA==", + "version": "0.7.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz", + "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==", "dev": true }, "cookiejar": { @@ -22921,9 +23134,9 @@ } }, "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, "requires": { "path-key": "^3.1.0", @@ -23216,6 +23429,17 @@ "integrity": "sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg==", "dev": true }, + "define-data-property": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", + "dev": true, + "requires": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "gopd": "^1.0.1" + } + }, "delayed-stream": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", @@ -23223,9 +23447,9 @@ "dev": true }, "depd": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz", - "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==", "dev": true }, "dequal": { @@ -23234,6 +23458,12 @@ "integrity": "sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA==", "dev": true }, + "destroy": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz", + "integrity": "sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg==", + "dev": true + }, "detect-file": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/detect-file/-/detect-file-1.0.0.tgz", @@ -23555,9 +23785,9 @@ } }, "engine.io": { - "version": "6.4.2", - "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.4.2.tgz", - "integrity": "sha512-FKn/3oMiJjrOEOeUub2WCox6JhxBXq/Zn3fZOMCBxKnNYtsdKjxhl7yR3fZhM9PV+rdE75SU5SYMc+2PGzo+Tg==", + "version": "6.6.2", + "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.6.2.tgz", + "integrity": "sha512-gmNvsYi9C8iErnZdVcJnvCpSKbWTt1E8+JZo8b+daLninywUWi5NQ5STSHZ9rFjFO7imNcvb8Pc5pe/wMR5xEw==", "dev": true, "requires": { "@types/cookie": "^0.4.1", @@ -23565,17 +23795,17 @@ "@types/node": ">=10.0.0", "accepts": "~1.3.4", "base64id": "2.0.0", - "cookie": "~0.4.1", + "cookie": "~0.7.2", "cors": "~2.8.5", "debug": "~4.3.1", - "engine.io-parser": "~5.0.3", - "ws": "~8.11.0" + "engine.io-parser": "~5.2.1", + "ws": "~8.17.1" } }, "engine.io-parser": { - "version": "5.0.6", - "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.0.6.tgz", - "integrity": "sha512-tjuoZDMAdEhVnSFleYPCtdL2GXwVTGtNjoeJd9IhIG3C1xs9uwxqRNEu5WpnDZCaozwVlK/nuQhpodhXSIMaxw==", + "version": "5.2.3", + "resolved": "https://registry.npmjs.org/engine.io-parser/-/engine.io-parser-5.2.3.tgz", + "integrity": "sha512-HqD3yTBfnBxIrbnM1DoD6Pcq8NECnh8d4As1Qgh0z5Gg3jRRIqijury0CL3ghu/edArpUYiYqQiDUQBIs4np3Q==", "dev": true }, "enhanced-resolve": { @@ -23624,6 +23854,21 @@ "is-arrayish": "^0.2.1" } }, + "es-define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", + "dev": true, + "requires": { + "get-intrinsic": "^1.2.4" + } + }, + "es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true + }, "escalade": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", @@ -23767,14 +24012,6 @@ "eslint-plugin-vue": "^9.26.0", "eslint-plugin-wdio": "^8.24.12", "eslint-plugin-yml": "^1.14.0" - }, - "dependencies": { - "browserslist-config-wikimedia": { - "version": "0.7.0", - "resolved": "https://registry.npmjs.org/browserslist-config-wikimedia/-/browserslist-config-wikimedia-0.7.0.tgz", - "integrity": "sha512-CTa0lv78dXKEgrYsOLCkqO+9UUS3CV9MWEOYHcymgEvx4mYxB80sCoKRCR7wW2SOMNxjaP9hohrZripjnKuRTA==", - "dev": true - } } }, "eslint-plugin-compat": { @@ -24628,6 +24865,19 @@ "integrity": "sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==", "dev": true }, + "get-intrinsic": { + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", + "dev": true, + "requires": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "has-proto": "^1.0.1", + "has-symbols": "^1.0.3", + "hasown": "^2.0.0" + } + }, "get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", @@ -24798,6 +25048,15 @@ } } }, + "gopd": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", + "dev": true, + "requires": { + "get-intrinsic": "^1.1.3" + } + }, "got": { "version": "11.8.6", "resolved": "https://registry.npmjs.org/got/-/got-11.8.6.tgz", @@ -25007,9 +25266,9 @@ } }, "grunt-stylelint": { - "version": "0.20.0", - "resolved": "https://registry.npmjs.org/grunt-stylelint/-/grunt-stylelint-0.20.0.tgz", - "integrity": "sha512-TG17gIrP2//lNq5G0YOXFC55WjXOI5Ybib3XVlatEuZcATlo/FO7cfVMgAAxbO2k6f45LP/naS/3iJTod0dVjg==", + "version": "0.20.1", + "resolved": "https://registry.npmjs.org/grunt-stylelint/-/grunt-stylelint-0.20.1.tgz", + "integrity": "sha512-tDep9ceEerB+fK6CkzPBXu5qPM7RuwCRgfrtwugEyYYnxINreMZktqQU5eoTW+MhhFj81uWQQnxf+c4geyAmQg==", "dev": true, "requires": { "chalk": "^4.1.2" @@ -25054,6 +25313,27 @@ "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true }, + "has-property-descriptors": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", + "dev": true, + "requires": { + "es-define-property": "^1.0.0" + } + }, + "has-proto": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==", + "dev": true + }, + "has-symbols": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", + "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==", + "dev": true + }, "hasown": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.0.tgz", @@ -25130,16 +25410,24 @@ "dev": true }, "http-errors": { - "version": "1.8.1", - "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.8.1.tgz", - "integrity": "sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz", + "integrity": "sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==", "dev": true, "requires": { - "depd": "~1.1.2", + "depd": "2.0.0", "inherits": "2.0.4", "setprototypeof": "1.2.0", - "statuses": ">= 1.5.0 < 2", + "statuses": "2.0.1", "toidentifier": "1.0.1" + }, + "dependencies": { + "statuses": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz", + "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==", + "dev": true + } } }, "http-parser-js": { @@ -27938,9 +28226,9 @@ "dev": true }, "micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dev": true, "requires": { "braces": "^3.0.3", @@ -29101,10 +29389,13 @@ "dev": true }, "qs": { - "version": "6.9.7", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.7.tgz", - "integrity": "sha512-IhMFgUmuNpyRfxA90umL7ByLlgRXu6tIfKPpF5TmcfRLlLCckfP/g3IQmju6jjpu+Hh8rA+2p6A27ZSPOOHdKw==", - "dev": true + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.13.0.tgz", + "integrity": "sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg==", + "dev": true, + "requires": { + "side-channel": "^1.0.6" + } }, "query-selector-shadow-dom": { "version": "1.0.1", @@ -29163,13 +29454,13 @@ "dev": true }, "raw-body": { - "version": "2.4.3", - "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.3.tgz", - "integrity": "sha512-UlTNLIcu0uzb4D2f4WltY6cVjLi+/jEN4lgEUj3E04tpMDpUlkBo/eSn6zou9hum2VMNpCCUone0O0WeJim07g==", + "version": "2.5.2", + "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz", + "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==", "dev": true, "requires": { "bytes": "3.1.2", - "http-errors": "1.8.1", + "http-errors": "2.0.0", "iconv-lite": "0.4.24", "unpipe": "1.0.0" } @@ -29801,6 +30092,20 @@ "randombytes": "^2.1.0" } }, + "set-function-length": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", + "dev": true, + "requires": { + "define-data-property": "^1.1.4", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "gopd": "^1.0.1", + "has-property-descriptors": "^1.0.2" + } + }, "setprototypeof": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz", @@ -29822,6 +30127,18 @@ "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==", "dev": true }, + "side-channel": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==", + "dev": true, + "requires": { + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.4", + "object-inspect": "^1.13.1" + } + }, "signal-exit": { "version": "3.0.7", "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz", @@ -29852,32 +30169,34 @@ } }, "socket.io": { - "version": "4.6.1", - "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.6.1.tgz", - "integrity": "sha512-KMcaAi4l/8+xEjkRICl6ak8ySoxsYG+gG6/XfRCPJPQ/haCRIJBTL4wIl8YCsmtaBovcAXGLOShyVWQ/FG8GZA==", + "version": "4.8.1", + "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.8.1.tgz", + "integrity": "sha512-oZ7iUCxph8WYRHHcjBEc9unw3adt5CmSNlppj/5Q4k2RIrhl8Z5yY2Xr4j9zj0+wzVZ0bxmYoGSzKJnRl6A4yg==", "dev": true, "requires": { "accepts": "~1.3.4", "base64id": "~2.0.0", + "cors": "~2.8.5", "debug": "~4.3.2", - "engine.io": "~6.4.1", + "engine.io": "~6.6.0", "socket.io-adapter": "~2.5.2", - "socket.io-parser": "~4.2.1" + "socket.io-parser": "~4.2.4" } }, "socket.io-adapter": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.2.tgz", - "integrity": "sha512-87C3LO/NOMc+eMcpcxUBebGjkpMDkNBS9tf7KJqcDsmL936EChtVva71Dw2q4tQcuVC+hAUy4an2NO/sYXmwRA==", + "version": "2.5.5", + "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.5.tgz", + "integrity": "sha512-eLDQas5dzPgOWCk9GuuJC2lBqItuhKI4uxGgo9aIV7MYbk2h9Q6uULEh8WBzThoI7l+qU9Ast9fVUmkqPP9wYg==", "dev": true, "requires": { - "ws": "~8.11.0" + "debug": "~4.3.4", + "ws": "~8.17.1" } }, "socket.io-parser": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.3.tgz", - "integrity": "sha512-JMafRntWVO2DCJimKsRTh/wnqVvO4hrfwOqtO7f+uzwsQMuxO6VwImtYxaQ+ieoyshWOTJyV0fA21lccEXRPpQ==", + "version": "4.2.4", + "resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.4.tgz", + "integrity": "sha512-/GbIKmo8ioc+NIWIhwdecY0ge+qVBSMdgxGygevmdHj24bsfgtCmcUUcQ5ZzcylGFHsN3k4HB4Cgkl96KVnuew==", "dev": true, "requires": { "@socket.io/component-emitter": "~3.1.0", @@ -31030,7 +31349,8 @@ } }, "wdio-mediawiki": { - "version": "file:tests/selenium/wdio-mediawiki", + "version": "2.5.0", + "dev": true, "requires": { "mwbot": "2.1.3" } @@ -31239,9 +31559,9 @@ } }, "ws": { - "version": "8.11.0", - "resolved": "https://registry.npmjs.org/ws/-/ws-8.11.0.tgz", - "integrity": "sha512-HPG3wQd9sNQoT9xHyNCXoDUa+Xw/VevmY9FoHyQ+g+rrMn4j6FB4np7Z0OhdTgjx6MgQLK7jwSy1YecU1+4Asg==", + "version": "8.17.1", + "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz", + "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==", "dev": true, "requires": {} }, @@ -31391,7 +31711,7 @@ "yarn-install": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/yarn-install/-/yarn-install-1.0.0.tgz", - "integrity": "sha1-V/RQULgu/VcYKzlzxUqgXLXSUjA=", + "integrity": "sha512-VO1u181msinhPcGvQTVMnHVOae8zjX/NSksR17e6eXHRveDvHCF5mGjh9hkN8mzyfnCqcBe42LdTs7bScuTaeg==", "dev": true, "requires": { "cac": "^3.0.3", diff --git a/package.json b/package.json index f4bc761..3dba04e 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ "grunt-contrib-watch": "1.1.0", "grunt-eslint": "24.3.0", "grunt-karma": "4.0.2", - "grunt-stylelint": "0.20.0", + "grunt-stylelint": "0.20.1", "jest": "29.7.0", "jest-environment-jsdom": "29.7.0", "jsdoc": "4.0.2", -- 2.39.2 --- end ---