mediawiki/extensions/WikiTextLoggedInOut: REL1_35 (log #318809)

sourcepatches

This run took 46 seconds.

From 5ae475e2504cd92a73e3da8498e789dc16476a1b Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Thu, 10 Jun 2021 22:13:10 +0000
Subject: [PATCH] build: Updating glob-parent to 5.1.2

* https://npmjs.com/advisories/1751 (CVE-2020-28469)

Change-Id: Ic2e26d3f8c68c92be4fa4a7a1c15de9e78e79617
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 9fd558d..e0170fe 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -703,9 +703,9 @@
 			}
 		},
 		"glob-parent": {
-			"version": "5.1.0",
-			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.0.tgz",
-			"integrity": "sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==",
+			"version": "5.1.2",
+			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+			"integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
 			"dev": true,
 			"requires": {
 				"is-glob": "^4.0.1"
-- 
2.20.1

$ date
Thu Jun 10 22:12:29 UTC 2021

$ git clone file:///srv/git/mediawiki-extensions-WikiTextLoggedInOut.git repo --depth=1 -b REL1_35
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/REL1_35
bd0ce830981d546bbe29c7c9b46c0ee84d285bf9 refs/heads/REL1_35

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 is deprecated and some packages will not be available. You should upgrade to Composer 2. See https://blog.packagist.com/deprecating-composer-1-support/
Updating dependencies (including require-dev)
Package operations: 19 installs, 0 updates, 0 removals
  - Installing squizlabs/php_codesniffer (3.5.5): Loading from cache
  - Installing composer/spdx-licenses (1.5.5): Loading from cache
  - Installing composer/semver (2.0.0): Loading from cache
  - Installing mediawiki/mediawiki-codesniffer (v31.0.0): Loading from cache
  - Installing symfony/polyfill-php80 (v1.23.0): Loading from cache
  - Installing symfony/polyfill-mbstring (v1.23.0): Loading from cache
  - Installing symfony/polyfill-intl-normalizer (v1.23.0): Loading from cache
  - Installing symfony/polyfill-intl-grapheme (v1.23.0): Loading from cache
  - Installing symfony/polyfill-ctype (v1.23.0): Loading from cache
  - Installing symfony/string (v5.3.0): Loading from cache
  - Installing psr/container (1.1.1): Loading from cache
  - Installing symfony/service-contracts (v2.4.0): Loading from cache
  - Installing symfony/polyfill-php73 (v1.23.0): Loading from cache
  - Installing symfony/deprecation-contracts (v2.4.0): Loading from cache
  - Installing symfony/console (v5.3.0): Loading from cache
  - Installing mediawiki/minus-x (1.1.0): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.2.0): Loading from cache
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
symfony/console suggests installing psr/log (For using the console logger)
Writing lock file
Generating autoload files
12 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Attempting to npm audit fix
$ npm audit fix --only=dev
added 229 packages from 175 contributors in 6.796s

9 packages are looking for funding
  run `npm fund` for details

fixed 2 of 2 vulnerabilities in 229 scanned packages

$ npm audit fix --only=dev
up to date in 1.47s

9 packages are looking for funding
  run `npm fund` for details

fixed 0 of 0 vulnerabilities in 229 scanned packages

$ npm audit fix --only=dev
up to date in 1.214s

9 packages are looking for funding
  run `npm fund` for details

fixed 0 of 0 vulnerabilities in 229 scanned packages

$ package-lock-lint package-lock.json
0 issues found in: package-lock.json

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation
added 229 packages in 4.683s

$ npm test

> @ test /src/repo
> grunt test

Running "eslint:all" (eslint) task

Running "banana:WikiTextLoggedInOut" (banana) task
>> 1 message directory checked.

Done.

Upgrading n:glob-parent from 5.1.0 -> 5.1.2
$ package-lock-lint package-lock.json
0 issues found in: package-lock.json

$ git add .

$ git commit -F /tmp/tmplo2w5p1d
[REL1_35 5ae475e] build: Updating glob-parent to 5.1.2
 1 file changed, 3 insertions(+), 3 deletions(-)

$ git format-patch HEAD~1 --stdout
From 5ae475e2504cd92a73e3da8498e789dc16476a1b Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Thu, 10 Jun 2021 22:13:10 +0000
Subject: [PATCH] build: Updating glob-parent to 5.1.2

* https://npmjs.com/advisories/1751 (CVE-2020-28469)

Change-Id: Ic2e26d3f8c68c92be4fa4a7a1c15de9e78e79617
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 9fd558d..e0170fe 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -703,9 +703,9 @@
 			}
 		},
 		"glob-parent": {
-			"version": "5.1.0",
-			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.0.tgz",
-			"integrity": "sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==",
+			"version": "5.1.2",
+			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+			"integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
 			"dev": true,
 			"requires": {
 				"is-glob": "^4.0.1"
-- 
2.20.1

Source code is licensed under the AGPL.