mediawiki/extensions/GitGadgets: main (log #272599)

sourcepatches

This run took 77 seconds.

From bd1519733edf9030aa4babf16311c1ab06baf873 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sat, 15 May 2021 12:39:02 +0000
Subject: [PATCH] build: Updating postcss to 8.2.15

* https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I2a8495d233c9a94443f6f3a68bf41b0c48ad0235
---
 package-lock.json | 64 ++++++++++++++++++++++++++++-------------------
 1 file changed, 38 insertions(+), 26 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index f6a005a..9c7c9af 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -952,17 +952,28 @@
 			},
 			"dependencies": {
 				"postcss": {
-					"version": "8.1.9",
-					"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.1.9.tgz",
-					"integrity": "sha512-oWuBpEl1meaMKkQXn0ic78TUrgsMvrAZLE/6ZY0H3LTteq2O3L8PGWwMbPLctpksTJIHjQeossMUMNQW7qRIHQ==",
+					"version": "8.2.15",
+					"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.2.15.tgz",
+					"integrity": "sha512-2zO3b26eJD/8rb106Qu2o7Qgg52ND5HPjcyQiK2B98O388h43A448LCslC0dI2P97wCAQRJsFvwTRcXxTKds+Q==",
 					"dev": true,
 					"requires": {
-						"colorette": "^1.2.1",
-						"nanoid": "^3.1.18",
-						"source-map": "^0.6.1",
-						"vfile-location": "^3.2.0"
+						"colorette": "^1.2.2",
+						"nanoid": "^3.1.23",
+						"source-map": "^0.6.1"
 					},
 					"dependencies": {
+						"colorette": {
+							"version": "1.2.2",
+							"resolved": "https://registry.npmjs.org/colorette/-/colorette-1.2.2.tgz",
+							"integrity": "sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w==",
+							"dev": true
+						},
+						"nanoid": {
+							"version": "3.1.23",
+							"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.1.23.tgz",
+							"integrity": "sha512-FiB0kzdP0FFVGDKlRLEQ1BgDzU87dy5NnzjeW9YZNt+/c3+q82EQDUwniSAUxp/F0gFNI1ZhKU1FqYsMuqZVnw==",
+							"dev": true
+						},
 						"source-map": {
 							"version": "0.6.1",
 							"resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
@@ -3132,12 +3143,6 @@
 				}
 			}
 		},
-		"nanoid": {
-			"version": "3.1.18",
-			"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.1.18.tgz",
-			"integrity": "sha512-rndlDjbbHbcV3xi+R2fpJ+PbGMdfBxz5v1fATIQFq0DP64FsicQdwnKLy47K4kZHdRpmQXtz24eGsxQqamzYTA==",
-			"dev": true
-		},
 		"natural-compare": {
 			"version": "1.4.0",
 			"resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz",
@@ -4280,15 +4285,28 @@
 			},
 			"dependencies": {
 				"postcss": {
-					"version": "8.1.9",
-					"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.1.9.tgz",
-					"integrity": "sha512-oWuBpEl1meaMKkQXn0ic78TUrgsMvrAZLE/6ZY0H3LTteq2O3L8PGWwMbPLctpksTJIHjQeossMUMNQW7qRIHQ==",
+					"version": "8.2.15",
+					"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.2.15.tgz",
+					"integrity": "sha512-2zO3b26eJD/8rb106Qu2o7Qgg52ND5HPjcyQiK2B98O388h43A448LCslC0dI2P97wCAQRJsFvwTRcXxTKds+Q==",
 					"dev": true,
 					"requires": {
-						"colorette": "^1.2.1",
-						"nanoid": "^3.1.18",
-						"source-map": "^0.6.1",
-						"vfile-location": "^3.2.0"
+						"colorette": "^1.2.2",
+						"nanoid": "^3.1.23",
+						"source-map": "^0.6.1"
+					},
+					"dependencies": {
+						"colorette": {
+							"version": "1.2.2",
+							"resolved": "https://registry.npmjs.org/colorette/-/colorette-1.2.2.tgz",
+							"integrity": "sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w==",
+							"dev": true
+						},
+						"nanoid": {
+							"version": "3.1.23",
+							"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.1.23.tgz",
+							"integrity": "sha512-FiB0kzdP0FFVGDKlRLEQ1BgDzU87dy5NnzjeW9YZNt+/c3+q82EQDUwniSAUxp/F0gFNI1ZhKU1FqYsMuqZVnw==",
+							"dev": true
+						}
 					}
 				},
 				"source-map": {
@@ -4552,12 +4570,6 @@
 				"vfile-message": "^2.0.0"
 			}
 		},
-		"vfile-location": {
-			"version": "3.2.0",
-			"resolved": "https://registry.npmjs.org/vfile-location/-/vfile-location-3.2.0.tgz",
-			"integrity": "sha512-aLEIZKv/oxuCDZ8lkJGhuhztf/BW4M+iHdCwglA/eWc+vtuRFJj8EtgceYFX4LRjOhCAAiNHsKGssC6onJ+jbA==",
-			"dev": true
-		},
 		"vfile-message": {
 			"version": "2.0.4",
 			"resolved": "https://registry.npmjs.org/vfile-message/-/vfile-message-2.0.4.tgz",
-- 
2.20.1

$ date
Sat May 15 12:38:01 UTC 2021

$ git clone file:///srv/git/mediawiki-extensions-GitGadgets.git repo --depth=1 -b master
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/master
9b5a37e9419b4ff8fb86580dadf6737de1f0fd38 refs/heads/master

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: You are using an outdated version of Composer. Composer 2 is now available and you should upgrade. See https://getcomposer.org/2
Updating dependencies (including require-dev)
Package operations: 31 installs, 0 updates, 0 removals
  - Installing squizlabs/php_codesniffer (3.6.0): Loading from cache
  - Installing composer/spdx-licenses (1.5.5): Loading from cache
  - Installing composer/semver (3.2.4): Loading from cache
  - Installing mediawiki/mediawiki-codesniffer (v36.0.0): Loading from cache
  - Installing symfony/polyfill-php80 (v1.22.1): Loading from cache
  - Installing symfony/polyfill-mbstring (v1.22.1): Loading from cache
  - Installing symfony/polyfill-intl-normalizer (v1.22.1): Loading from cache
  - Installing symfony/polyfill-intl-grapheme (v1.22.1): Loading from cache
  - Installing symfony/polyfill-ctype (v1.22.1): Loading from cache
  - Installing symfony/string (v5.2.8): Loading from cache
  - Installing psr/container (1.1.1): Loading from cache
  - Installing symfony/service-contracts (v2.4.0): Loading from cache
  - Installing symfony/polyfill-php73 (v1.22.1): Loading from cache
  - Installing symfony/console (v5.2.8): Loading from cache
  - Installing psr/log (1.1.4): Loading from cache
  - Installing sabre/event (5.1.2): Loading from cache
  - Installing netresearch/jsonmapper (v2.1.0): Loading from cache
  - Installing microsoft/tolerant-php-parser (v0.0.23): Loading from cache
  - Installing phpdocumentor/reflection-common (2.2.0): Loading from cache
  - Installing webmozart/assert (1.10.0): Loading from cache
  - Installing phpdocumentor/type-resolver (1.4.0): Loading from cache
  - Installing phpdocumentor/reflection-docblock (5.2.2): Loading from cache
  - Installing felixfbecker/advanced-json-rpc (v3.2.0): Loading from cache
  - Installing composer/xdebug-handler (1.4.6): Loading from cache
  - Installing phan/phan (3.2.6): Loading from cache
  - Installing mediawiki/phan-taint-check-plugin (3.2.1): Loading from cache
  - Installing mediawiki/mediawiki-phan-config (0.10.6): Loading from cache
  - Installing mediawiki/minus-x (1.1.1): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.3.0): Loading from cache
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
phan/phan suggests installing ext-ast (Needed for parsing ASTs (unless --use-fallback-parser is used). 1.0.1+ is needed, 1.0.8+ is recommended.)
Writing lock file
Generating autoload files
12 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Attempting to npm audit fix
$ npm audit fix --only=dev

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon: 
> https://opencollective.com/core-js 
> https://www.patreon.com/zloirock 

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)

added 544 packages from 332 contributors in 15.16s

73 packages are looking for funding
  run `npm fund` for details

fixed 2 of 9 vulnerabilities in 542 scanned packages
  7 vulnerabilities required manual review and could not be updated

$ npm audit fix --only=dev
up to date in 2.829s

73 packages are looking for funding
  run `npm fund` for details

fixed 0 of 7 vulnerabilities in 544 scanned packages
  7 vulnerabilities required manual review and could not be updated

$ npm audit fix --only=dev
up to date in 2.532s

73 packages are looking for funding
  run `npm fund` for details

fixed 0 of 7 vulnerabilities in 544 scanned packages
  7 vulnerabilities required manual review and could not be updated

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

added 544 packages in 9.388s

$ npm test

> @ test /src/repo
> grunt test

Running "eslint:all" (eslint) task

Running "stylelint:all" (stylelint) task
>> Linted 0 files without errors

Running "banana:GitGadgets" (banana) task
>> 1 message directory checked.

Done.

Upgrading n:postcss from 7.0.35 -> 8.2.15
$ git add .

$ git commit -F /tmp/tmp1u_ze7i4
[master bd15197] build: Updating postcss to 8.2.15
 1 file changed, 38 insertions(+), 26 deletions(-)

$ git format-patch HEAD~1 --stdout
From bd1519733edf9030aa4babf16311c1ab06baf873 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sat, 15 May 2021 12:39:02 +0000
Subject: [PATCH] build: Updating postcss to 8.2.15

* https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I2a8495d233c9a94443f6f3a68bf41b0c48ad0235
---
 package-lock.json | 64 ++++++++++++++++++++++++++++-------------------
 1 file changed, 38 insertions(+), 26 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index f6a005a..9c7c9af 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -952,17 +952,28 @@
 			},
 			"dependencies": {
 				"postcss": {
-					"version": "8.1.9",
-					"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.1.9.tgz",
-					"integrity": "sha512-oWuBpEl1meaMKkQXn0ic78TUrgsMvrAZLE/6ZY0H3LTteq2O3L8PGWwMbPLctpksTJIHjQeossMUMNQW7qRIHQ==",
+					"version": "8.2.15",
+					"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.2.15.tgz",
+					"integrity": "sha512-2zO3b26eJD/8rb106Qu2o7Qgg52ND5HPjcyQiK2B98O388h43A448LCslC0dI2P97wCAQRJsFvwTRcXxTKds+Q==",
 					"dev": true,
 					"requires": {
-						"colorette": "^1.2.1",
-						"nanoid": "^3.1.18",
-						"source-map": "^0.6.1",
-						"vfile-location": "^3.2.0"
+						"colorette": "^1.2.2",
+						"nanoid": "^3.1.23",
+						"source-map": "^0.6.1"
 					},
 					"dependencies": {
+						"colorette": {
+							"version": "1.2.2",
+							"resolved": "https://registry.npmjs.org/colorette/-/colorette-1.2.2.tgz",
+							"integrity": "sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w==",
+							"dev": true
+						},
+						"nanoid": {
+							"version": "3.1.23",
+							"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.1.23.tgz",
+							"integrity": "sha512-FiB0kzdP0FFVGDKlRLEQ1BgDzU87dy5NnzjeW9YZNt+/c3+q82EQDUwniSAUxp/F0gFNI1ZhKU1FqYsMuqZVnw==",
+							"dev": true
+						},
 						"source-map": {
 							"version": "0.6.1",
 							"resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
@@ -3132,12 +3143,6 @@
 				}
 			}
 		},
-		"nanoid": {
-			"version": "3.1.18",
-			"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.1.18.tgz",
-			"integrity": "sha512-rndlDjbbHbcV3xi+R2fpJ+PbGMdfBxz5v1fATIQFq0DP64FsicQdwnKLy47K4kZHdRpmQXtz24eGsxQqamzYTA==",
-			"dev": true
-		},
 		"natural-compare": {
 			"version": "1.4.0",
 			"resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz",
@@ -4280,15 +4285,28 @@
 			},
 			"dependencies": {
 				"postcss": {
-					"version": "8.1.9",
-					"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.1.9.tgz",
-					"integrity": "sha512-oWuBpEl1meaMKkQXn0ic78TUrgsMvrAZLE/6ZY0H3LTteq2O3L8PGWwMbPLctpksTJIHjQeossMUMNQW7qRIHQ==",
+					"version": "8.2.15",
+					"resolved": "https://registry.npmjs.org/postcss/-/postcss-8.2.15.tgz",
+					"integrity": "sha512-2zO3b26eJD/8rb106Qu2o7Qgg52ND5HPjcyQiK2B98O388h43A448LCslC0dI2P97wCAQRJsFvwTRcXxTKds+Q==",
 					"dev": true,
 					"requires": {
-						"colorette": "^1.2.1",
-						"nanoid": "^3.1.18",
-						"source-map": "^0.6.1",
-						"vfile-location": "^3.2.0"
+						"colorette": "^1.2.2",
+						"nanoid": "^3.1.23",
+						"source-map": "^0.6.1"
+					},
+					"dependencies": {
+						"colorette": {
+							"version": "1.2.2",
+							"resolved": "https://registry.npmjs.org/colorette/-/colorette-1.2.2.tgz",
+							"integrity": "sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w==",
+							"dev": true
+						},
+						"nanoid": {
+							"version": "3.1.23",
+							"resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.1.23.tgz",
+							"integrity": "sha512-FiB0kzdP0FFVGDKlRLEQ1BgDzU87dy5NnzjeW9YZNt+/c3+q82EQDUwniSAUxp/F0gFNI1ZhKU1FqYsMuqZVnw==",
+							"dev": true
+						}
 					}
 				},
 				"source-map": {
@@ -4552,12 +4570,6 @@
 				"vfile-message": "^2.0.0"
 			}
 		},
-		"vfile-location": {
-			"version": "3.2.0",
-			"resolved": "https://registry.npmjs.org/vfile-location/-/vfile-location-3.2.0.tgz",
-			"integrity": "sha512-aLEIZKv/oxuCDZ8lkJGhuhztf/BW4M+iHdCwglA/eWc+vtuRFJj8EtgceYFX4LRjOhCAAiNHsKGssC6onJ+jbA==",
-			"dev": true
-		},
 		"vfile-message": {
 			"version": "2.0.4",
 			"resolved": "https://registry.npmjs.org/vfile-message/-/vfile-message-2.0.4.tgz",
-- 
2.20.1

Source code is licensed under the AGPL.