This run took 84 seconds.
$ date
--- stdout ---
Mon Dec 9 04:19:24 UTC 2024
--- end ---
$ git clone file:///srv/git/mediawiki-services-kartotherian.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stderr ---
Submodule 'vendor/node-mapnik' (https://github.com/mapnik/node-mapnik.git) registered for path 'vendor/node-mapnik'
Cloning into '/src/repo/vendor/node-mapnik'...
--- stdout ---
Submodule path 'vendor/node-mapnik': checked out 'c17f136fedaa6173b31a87e8c9e00e87ed69eed7'
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
6f21612eabd74477aa49a850abc87d6b34de3cd6 refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@mapbox/tilejson": {
"name": "@mapbox/tilejson",
"severity": "high",
"isDirect": true,
"via": [
"requestretry"
],
"effects": [
"tilelive-http"
],
"range": "*",
"nodes": [
"node_modules/@mapbox/tilejson"
],
"fixAvailable": false
},
"@mapbox/tilelive-vector": {
"name": "@mapbox/tilelive-vector",
"severity": "critical",
"isDirect": false,
"via": [
"request",
"tar",
"underscore"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@mapbox/tilelive-vector"
],
"fixAvailable": true
},
"@wikimedia/tilelive-vector": {
"name": "@wikimedia/tilelive-vector",
"severity": "critical",
"isDirect": true,
"via": [
"request",
"tar",
"underscore"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@wikimedia/tilelive-vector"
],
"fixAvailable": false
},
"ajv": {
"name": "ajv",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097685,
"name": "ajv",
"dependency": "ajv",
"title": "Prototype Pollution in Ajv",
"url": "https://github.com/advisories/GHSA-v88g-cgmw-v5xw",
"severity": "moderate",
"cwe": [
"CWE-915",
"CWE-1321"
],
"cvss": {
"score": 5.6,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
},
"range": "<6.12.3"
}
],
"effects": [
"har-validator"
],
"range": "<6.12.3",
"nodes": [
"node_modules/@mapbox/tilelive-vector/node_modules/ajv",
"node_modules/@wikimedia/tilelive-vector/node_modules/ajv"
],
"fixAvailable": false
},
"boom": {
"name": "boom",
"severity": "high",
"isDirect": false,
"via": [
"hoek"
],
"effects": [
"cryptiles",
"hawk"
],
"range": "*",
"nodes": [
"node_modules/boom",
"node_modules/cryptiles/node_modules/boom"
],
"fixAvailable": false
},
"carto": {
"name": "carto",
"severity": "high",
"isDirect": false,
"via": [
"js-yaml",
"semver",
"yargs"
],
"effects": [
"tilelive-tmstyle"
],
"range": ">=0.17.2",
"nodes": [
"node_modules/carto"
],
"fixAvailable": false
},
"cross-spawn": {
"name": "cross-spawn",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1100562,
"name": "cross-spawn",
"dependency": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.0.6"
},
{
"source": 1100563,
"name": "cross-spawn",
"dependency": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.0.5"
}
],
"effects": [
"execa"
],
"range": "<6.0.6 || >=7.0.0 <7.0.5",
"nodes": [
"node_modules/cross-spawn",
"node_modules/os-locale/node_modules/cross-spawn"
],
"fixAvailable": false
},
"cryptiles": {
"name": "cryptiles",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1095034,
"name": "cryptiles",
"dependency": "cryptiles",
"title": "Insufficient Entropy in cryptiles",
"url": "https://github.com/advisories/GHSA-rq8g-5pc5-wrhr",
"severity": "critical",
"cwe": [
"CWE-331"
],
"cvss": {
"score": 9.8,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=3.1.0 <4.1.2"
},
"boom"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/cryptiles"
],
"fixAvailable": true
},
"execa": {
"name": "execa",
"severity": "high",
"isDirect": false,
"via": [
"cross-spawn"
],
"effects": [
"os-locale"
],
"range": "0.5.0 - 0.9.0",
"nodes": [
"node_modules/os-locale/node_modules/execa"
],
"fixAvailable": false
},
"express": {
"name": "express",
"severity": "moderate",
"isDirect": true,
"via": [
"path-to-regexp"
],
"effects": [],
"range": "4.0.0-rc1 - 4.21.1 || 5.0.0-alpha.1 - 5.0.0-beta.3",
"nodes": [
"node_modules/express"
],
"fixAvailable": true
},
"har-validator": {
"name": "har-validator",
"severity": "moderate",
"isDirect": false,
"via": [
"ajv"
],
"effects": [
"request"
],
"range": "3.3.0 - 5.1.0",
"nodes": [
"node_modules/@mapbox/tilelive-vector/node_modules/har-validator",
"node_modules/@wikimedia/tilelive-vector/node_modules/har-validator"
],
"fixAvailable": false
},
"hawk": {
"name": "hawk",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1095062,
"name": "hawk",
"dependency": "hawk",
"title": "Uncontrolled Resource Consumption in Hawk",
"url": "https://github.com/advisories/GHSA-44pw-h2cw-w3vq",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H"
},
"range": "<9.0.1"
},
"boom",
"hoek",
"sntp"
],
"effects": [
"request"
],
"range": "<=9.0.0",
"nodes": [
"node_modules/hawk"
],
"fixAvailable": false
},
"hoek": {
"name": "hoek",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1096410,
"name": "hoek",
"dependency": "hoek",
"title": "hoek subject to prototype pollution via the clone function.",
"url": "https://github.com/advisories/GHSA-c429-5p7v-vgjp",
"severity": "high",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=6.1.3"
}
],
"effects": [
"boom",
"hawk",
"sntp"
],
"range": "*",
"nodes": [
"node_modules/hoek"
],
"fixAvailable": false
},
"js-yaml": {
"name": "js-yaml",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1085724,
"name": "js-yaml",
"dependency": "js-yaml",
"title": "Denial of Service in js-yaml",
"url": "https://github.com/advisories/GHSA-2pr6-76vf-7546",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.9,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.13.0"
},
{
"source": 1095058,
"name": "js-yaml",
"dependency": "js-yaml",
"title": "Code Injection in js-yaml",
"url": "https://github.com/advisories/GHSA-8j8c-7jfh-h6hx",
"severity": "high",
"cwe": [
"CWE-94"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<3.13.1"
}
],
"effects": [],
"range": "<=3.13.0",
"nodes": [
"node_modules/carto/node_modules/js-yaml"
],
"fixAvailable": true
},
"libxmljs": {
"name": "libxmljs",
"severity": "critical",
"isDirect": true,
"via": [
{
"source": 1100552,
"name": "libxmljs",
"dependency": "libxmljs",
"title": "libxmljs vulnerable to type confusion when parsing specially crafted XML ",
"url": "https://github.com/advisories/GHSA-mg49-jqgw-gcj6",
"severity": "critical",
"cwe": [
"CWE-843"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=1.0.11"
},
{
"source": 1100659,
"name": "libxmljs",
"dependency": "libxmljs",
"title": "libxmljs vulnerable to type confusion when parsing specially crafted XML",
"url": "https://github.com/advisories/GHSA-6433-x5p4-8jc7",
"severity": "critical",
"cwe": [
"CWE-843"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=1.0.11"
}
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/libxmljs"
],
"fixAvailable": false
},
"limitation": {
"name": "limitation",
"severity": "moderate",
"isDirect": false,
"via": [
"wikimedia-kad-fork"
],
"effects": [
"service-runner"
],
"range": ">=0.2.3",
"nodes": [
"node_modules/limitation"
],
"fixAvailable": {
"name": "service-runner",
"version": "3.0.0",
"isSemVerMajor": true
}
},
"mem": {
"name": "mem",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1085685,
"name": "mem",
"dependency": "mem",
"title": "Denial of Service in mem",
"url": "https://github.com/advisories/GHSA-4xcv-9jjx-gfj3",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.1,
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
"range": "<4.0.0"
}
],
"effects": [
"os-locale"
],
"range": "<4.0.0",
"nodes": [
"node_modules/mem"
],
"fixAvailable": false
},
"ms": {
"name": "ms",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1094419,
"name": "ms",
"dependency": "ms",
"title": "Vercel ms Inefficient Regular Expression Complexity vulnerability",
"url": "https://github.com/advisories/GHSA-w9mr-4mfr-499f",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<2.0.0"
}
],
"effects": [
"wikimedia-kad-fork"
],
"range": "<2.0.0",
"nodes": [
"node_modules/wikimedia-kad-fork/node_modules/ms"
],
"fixAvailable": {
"name": "service-runner",
"version": "3.0.0",
"isSemVerMajor": true
}
},
"mwapi": {
"name": "mwapi",
"severity": "moderate",
"isDirect": true,
"via": [
"preq"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/mwapi"
],
"fixAvailable": false
},
"os-locale": {
"name": "os-locale",
"severity": "high",
"isDirect": false,
"via": [
"execa",
"mem"
],
"effects": [
"yargs"
],
"range": "2.0.0 - 3.0.0",
"nodes": [
"node_modules/os-locale"
],
"fixAvailable": false
},
"path-to-regexp": {
"name": "path-to-regexp",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1101081,
"name": "path-to-regexp",
"dependency": "path-to-regexp",
"title": "Unpatched `path-to-regexp` ReDoS in 0.1.x",
"url": "https://github.com/advisories/GHSA-rhx6-c78j-4q9w",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<0.1.12"
}
],
"effects": [
"express"
],
"range": "<0.1.12",
"nodes": [
"node_modules/path-to-regexp"
],
"fixAvailable": true
},
"preq": {
"name": "preq",
"severity": "high",
"isDirect": true,
"via": [
"request",
"requestretry"
],
"effects": [
"mwapi"
],
"range": "*",
"nodes": [
"node_modules/preq"
],
"fixAvailable": false
},
"request": {
"name": "request",
"severity": "high",
"isDirect": true,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"har-validator",
"hawk",
"tough-cookie"
],
"effects": [
"@mapbox/tilelive-vector",
"@wikimedia/tilelive-vector",
"preq",
"request-promise",
"request-promise-core",
"requestretry",
"tilelive-http"
],
"range": "*",
"nodes": [
"node_modules/@mapbox/tilelive-vector/node_modules/request",
"node_modules/@wikimedia/tilelive-vector/node_modules/request",
"node_modules/request"
],
"fixAvailable": false
},
"request-promise": {
"name": "request-promise",
"severity": "moderate",
"isDirect": true,
"via": [
"request",
"request-promise-core",
"tough-cookie"
],
"effects": [],
"range": ">=0.0.2",
"nodes": [
"node_modules/request-promise"
],
"fixAvailable": {
"name": "request-promise",
"version": "0.0.1",
"isSemVerMajor": true
}
},
"request-promise-core": {
"name": "request-promise-core",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"request-promise"
],
"range": "*",
"nodes": [
"node_modules/request-promise-core"
],
"fixAvailable": {
"name": "request-promise",
"version": "0.0.1",
"isSemVerMajor": true
}
},
"requestretry": {
"name": "requestretry",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1090420,
"name": "requestretry",
"dependency": "requestretry",
"title": "Cookie exposure in requestretry",
"url": "https://github.com/advisories/GHSA-hjp8-2cm3-cc45",
"severity": "high",
"cwe": [
"CWE-200"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
"range": "<7.0.0"
},
"request"
],
"effects": [
"@mapbox/tilejson",
"preq"
],
"range": "*",
"nodes": [
"node_modules/preq/node_modules/requestretry",
"node_modules/requestretry"
],
"fixAvailable": false
},
"semver": {
"name": "semver",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098563,
"name": "semver",
"dependency": "semver",
"title": "semver vulnerable to Regular Expression Denial of Service",
"url": "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<5.7.2"
}
],
"effects": [
"carto"
],
"range": "<5.7.2",
"nodes": [
"node_modules/carto/node_modules/semver"
],
"fixAvailable": false
},
"service-runner": {
"name": "service-runner",
"severity": "moderate",
"isDirect": true,
"via": [
"limitation"
],
"effects": [],
"range": ">=3.1.0",
"nodes": [
"node_modules/service-runner"
],
"fixAvailable": {
"name": "service-runner",
"version": "3.0.0",
"isSemVerMajor": true
}
},
"sntp": {
"name": "sntp",
"severity": "high",
"isDirect": false,
"via": [
"hoek"
],
"effects": [
"hawk"
],
"range": "0.0.0 || >=0.1.1",
"nodes": [
"node_modules/sntp"
],
"fixAvailable": false
},
"tar": {
"name": "tar",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089685,
"name": "tar",
"dependency": "tar",
"title": "Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization",
"url": "https://github.com/advisories/GHSA-3jfq-g458-7qm9",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 8.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"
},
"range": "<3.2.2"
},
{
"source": 1095117,
"name": "tar",
"dependency": "tar",
"title": "Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization",
"url": "https://github.com/advisories/GHSA-5955-9wpr-37jh",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 8.2,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"
},
"range": "<4.4.18"
},
{
"source": 1097493,
"name": "tar",
"dependency": "tar",
"title": "Denial of service while parsing a tar file due to lack of folders count validation",
"url": "https://github.com/advisories/GHSA-f5x3-32g6-xq36",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
},
"range": "<6.2.1"
}
],
"effects": [],
"range": "<=6.2.0",
"nodes": [
"node_modules/@mapbox/tilelive-vector/node_modules/tar",
"node_modules/@wikimedia/tilelive-vector/node_modules/tar"
],
"fixAvailable": true
},
"tilelive-http": {
"name": "tilelive-http",
"severity": "high",
"isDirect": true,
"via": [
"@mapbox/tilejson",
"request"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/tilelive-http"
],
"fixAvailable": false
},
"tilelive-tmstyle": {
"name": "tilelive-tmstyle",
"severity": "critical",
"isDirect": true,
"via": [
"@mapbox/tilelive-vector",
"carto",
"underscore"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/tilelive-tmstyle"
],
"fixAvailable": false
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request",
"request-promise"
],
"range": "<4.1.3",
"nodes": [
"node_modules/@mapbox/tilelive-vector/node_modules/tough-cookie",
"node_modules/@wikimedia/tilelive-vector/node_modules/tough-cookie",
"node_modules/tough-cookie"
],
"fixAvailable": false
},
"underscore": {
"name": "underscore",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1095097,
"name": "underscore",
"dependency": "underscore",
"title": "Arbitrary Code Execution in underscore",
"url": "https://github.com/advisories/GHSA-cf4h-3jhx-xvhq",
"severity": "critical",
"cwe": [
"CWE-94"
],
"cvss": {
"score": 9.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=1.3.2 <1.12.1"
}
],
"effects": [
"tilelive-tmstyle"
],
"range": "1.3.2 - 1.12.0",
"nodes": [
"node_modules/@mapbox/tilelive-vector/node_modules/underscore",
"node_modules/@wikimedia/tilelive-vector/node_modules/underscore",
"node_modules/tilelive-tmstyle/node_modules/underscore"
],
"fixAvailable": false
},
"wikimedia-kad-fork": {
"name": "wikimedia-kad-fork",
"severity": "moderate",
"isDirect": false,
"via": [
"ms"
],
"effects": [
"limitation"
],
"range": "*",
"nodes": [
"node_modules/wikimedia-kad-fork"
],
"fixAvailable": {
"name": "service-runner",
"version": "3.0.0",
"isSemVerMajor": true
}
},
"yargs": {
"name": "yargs",
"severity": "moderate",
"isDirect": false,
"via": [
"os-locale",
"yargs-parser"
],
"effects": [
"carto"
],
"range": "8.0.0-candidate.0 - 12.0.5",
"nodes": [
"node_modules/carto/node_modules/yargs"
],
"fixAvailable": false
},
"yargs-parser": {
"name": "yargs-parser",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1088811,
"name": "yargs-parser",
"dependency": "yargs-parser",
"title": "yargs-parser Vulnerable to Prototype Pollution",
"url": "https://github.com/advisories/GHSA-p9pc-299p-vxgp",
"severity": "moderate",
"cwe": [
"CWE-915",
"CWE-1321"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
},
"range": ">=6.0.0 <13.1.2"
}
],
"effects": [
"yargs"
],
"range": "6.0.0 - 13.1.1",
"nodes": [
"node_modules/carto/node_modules/yargs-parser"
],
"fixAvailable": false
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 15,
"high": 16,
"critical": 6,
"total": 37
},
"dependencies": {
"prod": 599,
"dev": 565,
"optional": 14,
"peer": 19,
"peerOptional": 0,
"total": 1194
}
}
}
--- end ---
Upgrading n:eslint from ^8 -> 8.57.0
$ /usr/bin/npm install
--- stderr ---
npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated s3signed@0.1.0: This module is no longer maintained. It is provided as is.
npm WARN deprecated npmlog@5.0.1: This package is no longer supported.
npm WARN deprecated kad-fs@0.0.4: This package is no longer maintained.
npm WARN deprecated rimraf@2.4.5: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated cryptiles@3.2.1: This module has moved and is now available at @hapi/cryptiles. Please update your dependencies as this version is no longer maintained and may contain bugs and security issues.
npm WARN deprecated rimraf@2.7.1: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated boom@5.3.3: This module has moved and is now available at @hapi/boom. Please update your dependencies as this version is no longer maintained and may contain bugs and security issues.
npm WARN deprecated @humanwhocodes/config-array@0.11.14: Use @eslint/config-array instead
npm WARN deprecated sntp@2.1.0: This module moved to @hapi/sntp. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated har-validator@5.0.3: this library is no longer supported
npm WARN deprecated har-validator@5.0.3: this library is no longer supported
npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated request-promise@4.2.6: request-promise has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
npm WARN deprecated kad-memstore@0.0.1: This package is no longer maintained.
npm WARN deprecated boom@4.3.1: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated are-we-there-yet@2.0.0: This package is no longer supported.
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated queue-async@1.0.7: renamed to d3-queue
npm WARN deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm WARN deprecated hoek@4.3.1: This module has moved and is now available at @hapi/hoek. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
npm WARN deprecated glob@6.0.4: Glob versions prior to v9 are no longer supported
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated gauge@3.0.2: This package is no longer supported.
npm WARN deprecated mkdirp@0.3.5: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)
npm WARN deprecated hawk@6.0.2: This module moved to @hapi/hawk. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.83.0: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated request@2.83.0: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated fstream@1.0.12: This package is no longer supported.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated tar@2.2.2: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
npm WARN deprecated tar@2.2.2: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
npm WARN deprecated eslint@8.57.0: This version is no longer supported. Please see https://eslint.org/version-support for other options.
npm ERR! code 1
npm ERR! path /src/repo/node_modules/mapnik
npm ERR! command failed
npm ERR! command sh -c node-gyp-build
npm ERR! gyp info it worked if it ends with ok
npm ERR! gyp info using node-gyp@9.3.0
npm ERR! gyp info using node@18.19.0 | linux | x64
npm ERR! gyp info find Python using Python version 3.11.2 found at "/usr/bin/python3"
npm ERR! gyp info spawn /usr/bin/python3
npm ERR! gyp info spawn args [
npm ERR! gyp info spawn args '/usr/share/nodejs/node-gyp/gyp/gyp_main.py',
npm ERR! gyp info spawn args 'binding.gyp',
npm ERR! gyp info spawn args '-f',
npm ERR! gyp info spawn args 'make',
npm ERR! gyp info spawn args '-I',
npm ERR! gyp info spawn args '/src/repo/node_modules/mapnik/build/config.gypi',
npm ERR! gyp info spawn args '-I',
npm ERR! gyp info spawn args '/src/repo/node_modules/mapnik/common.gypi',
npm ERR! gyp info spawn args '-I',
npm ERR! gyp info spawn args '/usr/share/nodejs/node-gyp/addon.gypi',
npm ERR! gyp info spawn args '-I',
npm ERR! gyp info spawn args '/usr/include/nodejs/common.gypi',
npm ERR! gyp info spawn args '-Dlibrary=shared_library',
npm ERR! gyp info spawn args '-Dvisibility=default',
npm ERR! gyp info spawn args '-Dnode_root_dir=/usr/include/nodejs',
npm ERR! gyp info spawn args '-Dnode_gyp_dir=/usr/share/nodejs/node-gyp',
npm ERR! gyp info spawn args '-Dnode_lib_file=/usr/include/nodejs/<(target_arch)/node.lib',
npm ERR! gyp info spawn args '-Dmodule_root_dir=/src/repo/node_modules/mapnik',
npm ERR! gyp info spawn args '-Dnode_engine=v8',
npm ERR! gyp info spawn args '--depth=.',
npm ERR! gyp info spawn args '--no-parallel',
npm ERR! gyp info spawn args '--generator-output',
npm ERR! gyp info spawn args 'build',
npm ERR! gyp info spawn args '-Goutput_dir=.'
npm ERR! gyp info spawn args ]
npm ERR! /bin/sh: 1: mapnik-config: not found
npm ERR! gyp: Call to 'mapnik-config --cflags' returned exit status 127 while in binding.gyp. while trying to load binding.gyp
npm ERR! gyp ERR! configure error
npm ERR! gyp ERR! stack Error: `gyp` failed with exit code: 1
npm ERR! gyp ERR! stack at ChildProcess.onCpExit (/usr/share/nodejs/node-gyp/lib/configure.js:329:16)
npm ERR! gyp ERR! stack at ChildProcess.emit (node:events:517:28)
npm ERR! gyp ERR! stack at ChildProcess._handle.onexit (node:internal/child_process:292:12)
npm ERR! gyp ERR! System Linux 6.1.0-25-cloud-amd64
npm ERR! gyp ERR! command "/usr/bin/node" "/usr/share/nodejs/node-gyp/bin/node-gyp.js" "rebuild"
npm ERR! gyp ERR! cwd /src/repo/node_modules/mapnik
npm ERR! gyp ERR! node -v v18.19.0
npm ERR! gyp ERR! node-gyp -v v9.3.0
npm ERR! gyp ERR! not ok
npm ERR! A complete log of this run can be found in:
npm ERR! /cache/_logs/2024-12-09T04_19_32_697Z-debug-0.log
--- stdout ---
--- end ---
$ rm -rf package-lock.json node_modules
--- stdout ---
--- end ---
$ /usr/bin/npm install
--- stderr ---
npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated kad-fs@0.0.4: This package is no longer maintained.
npm WARN deprecated s3signed@0.1.0: This module is no longer maintained. It is provided as is.
npm WARN deprecated npmlog@5.0.1: This package is no longer supported.
npm WARN deprecated rimraf@2.4.5: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated cryptiles@3.2.1: This module has moved and is now available at @hapi/cryptiles. Please update your dependencies as this version is no longer maintained and may contain bugs and security issues.
npm WARN deprecated boom@5.3.3: This module has moved and is now available at @hapi/boom. Please update your dependencies as this version is no longer maintained and may contain bugs and security issues.
npm WARN deprecated rimraf@2.7.1: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated sntp@2.1.0: This module moved to @hapi/sntp. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated @humanwhocodes/config-array@0.11.14: Use @eslint/config-array instead
npm WARN deprecated har-validator@5.0.3: this library is no longer supported
npm WARN deprecated boom@4.3.1: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated kad-memstore@0.0.1: This package is no longer maintained.
npm WARN deprecated har-validator@5.0.3: this library is no longer supported
npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated request-promise@4.2.6: request-promise has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
npm WARN deprecated are-we-there-yet@2.0.0: This package is no longer supported.
npm WARN deprecated hoek@4.3.1: This module has moved and is now available at @hapi/hoek. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm WARN deprecated queue-async@1.0.7: renamed to d3-queue
npm WARN deprecated glob@6.0.4: Glob versions prior to v9 are no longer supported
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated gauge@3.0.2: This package is no longer supported.
npm WARN deprecated mkdirp@0.3.5: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)
npm WARN deprecated hawk@6.0.2: This module moved to @hapi/hawk. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.83.0: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated request@2.83.0: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated fstream@1.0.12: This package is no longer supported.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated tar@2.2.2: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
npm WARN deprecated tar@2.2.2: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
npm WARN deprecated eslint@8.57.0: This version is no longer supported. Please see https://eslint.org/version-support for other options.
npm ERR! code 1
npm ERR! path /src/repo/node_modules/mapnik
npm ERR! command failed
npm ERR! command sh -c node-gyp-build
npm ERR! gyp info it worked if it ends with ok
npm ERR! gyp info using node-gyp@9.3.0
npm ERR! gyp info using node@18.19.0 | linux | x64
npm ERR! gyp info find Python using Python version 3.11.2 found at "/usr/bin/python3"
npm ERR! gyp info spawn /usr/bin/python3
npm ERR! gyp info spawn args [
npm ERR! gyp info spawn args '/usr/share/nodejs/node-gyp/gyp/gyp_main.py',
npm ERR! gyp info spawn args 'binding.gyp',
npm ERR! gyp info spawn args '-f',
npm ERR! gyp info spawn args 'make',
npm ERR! gyp info spawn args '-I',
npm ERR! gyp info spawn args '/src/repo/node_modules/mapnik/build/config.gypi',
npm ERR! gyp info spawn args '-I',
npm ERR! gyp info spawn args '/src/repo/node_modules/mapnik/common.gypi',
npm ERR! gyp info spawn args '-I',
npm ERR! gyp info spawn args '/usr/share/nodejs/node-gyp/addon.gypi',
npm ERR! gyp info spawn args '-I',
npm ERR! gyp info spawn args '/usr/include/nodejs/common.gypi',
npm ERR! gyp info spawn args '-Dlibrary=shared_library',
npm ERR! gyp info spawn args '-Dvisibility=default',
npm ERR! gyp info spawn args '-Dnode_root_dir=/usr/include/nodejs',
npm ERR! gyp info spawn args '-Dnode_gyp_dir=/usr/share/nodejs/node-gyp',
npm ERR! gyp info spawn args '-Dnode_lib_file=/usr/include/nodejs/<(target_arch)/node.lib',
npm ERR! gyp info spawn args '-Dmodule_root_dir=/src/repo/node_modules/mapnik',
npm ERR! gyp info spawn args '-Dnode_engine=v8',
npm ERR! gyp info spawn args '--depth=.',
npm ERR! gyp info spawn args '--no-parallel',
npm ERR! gyp info spawn args '--generator-output',
npm ERR! gyp info spawn args 'build',
npm ERR! gyp info spawn args '-Goutput_dir=.'
npm ERR! gyp info spawn args ]
npm ERR! /bin/sh: 1: mapnik-config: not found
npm ERR! gyp: Call to 'mapnik-config --cflags' returned exit status 127 while in binding.gyp. while trying to load binding.gyp
npm ERR! gyp ERR! configure error
npm ERR! gyp ERR! stack Error: `gyp` failed with exit code: 1
npm ERR! gyp ERR! stack at ChildProcess.onCpExit (/usr/share/nodejs/node-gyp/lib/configure.js:329:16)
npm ERR! gyp ERR! stack at ChildProcess.emit (node:events:517:28)
npm ERR! gyp ERR! stack at ChildProcess._handle.onexit (node:internal/child_process:292:12)
npm ERR! gyp ERR! System Linux 6.1.0-25-cloud-amd64
npm ERR! gyp ERR! command "/usr/bin/node" "/usr/share/nodejs/node-gyp/bin/node-gyp.js" "rebuild"
npm ERR! gyp ERR! cwd /src/repo/node_modules/mapnik
npm ERR! gyp ERR! node -v v18.19.0
npm ERR! gyp ERR! node-gyp -v v9.3.0
npm ERR! gyp ERR! not ok
npm ERR! A complete log of this run can be found in:
npm ERR! /cache/_logs/2024-12-09T04_19_57_773Z-debug-0.log
--- stdout ---
--- end ---
Traceback (most recent call last):
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1182, in npm_upgrade
self.check_call(["npm", "install"])
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/shell2.py", line 59, in check_call
res.check_returncode()
File "/usr/lib/python3.11/subprocess.py", line 502, in check_returncode
raise CalledProcessError(self.returncode, self.args, self.stdout,
subprocess.CalledProcessError: Command '['/usr/bin/npm', 'install']' returned non-zero exit status 1.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1868, in main
libup.run(args.repo, args.output, args.branch)
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1807, in run
self.npm_upgrade(plan)
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1185, in npm_upgrade
self.check_call(["npm", "install"])
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/shell2.py", line 59, in check_call
res.check_returncode()
File "/usr/lib/python3.11/subprocess.py", line 502, in check_returncode
raise CalledProcessError(self.returncode, self.args, self.stdout,
subprocess.CalledProcessError: Command '['/usr/bin/npm', 'install']' returned non-zero exit status 1.