mediawiki/extensions/CodeMirror: REL1_36 (log #358218)

sourcepatches

This run took 191 seconds.

From 628d108793ade06e168cda1932eb4d2241027864 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Thu, 22 Jul 2021 06:05:25 +0000
Subject: [PATCH] build: Updating npm dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* postcss: 7.0.35 → 7.0.36
  * https://npmjs.com/advisories/1693 (CVE-2021-23368)
* ws: 7.4.1 → 7.5.3
  * https://npmjs.com/advisories/1748 (CVE-2021-32640)
* glob-parent: 5.1.0 → 5.1.2
  * https://npmjs.com/advisories/1751 (CVE-2020-28469)
* trim-newlines: 1.0.0 → 3.0.1
  * https://npmjs.com/advisories/1753 (CVE-2021-33623)
* normalize-url: 4.5.0 → 4.5.1
  * https://npmjs.com/advisories/1755 (CVE-2021-33502)

Change-Id: Ia174dcbf603e953da29017ed5d80e884832f8cc9
---
 package-lock.json | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 43878bf..e55d78b 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4540,9 +4540,9 @@
 			}
 		},
 		"glob-parent": {
-			"version": "5.1.0",
-			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.0.tgz",
-			"integrity": "sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==",
+			"version": "5.1.2",
+			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+			"integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
 			"dev": true,
 			"requires": {
 				"is-glob": "^4.0.1"
@@ -7335,9 +7335,9 @@
 			"dev": true
 		},
 		"normalize-url": {
-			"version": "4.5.0",
-			"resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.0.tgz",
-			"integrity": "sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==",
+			"version": "4.5.1",
+			"resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.1.tgz",
+			"integrity": "sha512-9UZCFRHQdNrfTpGg8+1INIg93B6zE0aXMVFkw1WFwvO4SlZywU6aLg5Of0Ap/PgcbSw4LNxvMWXMeugwMCX0AA==",
 			"dev": true
 		},
 		"num2fraction": {
@@ -7787,9 +7787,9 @@
 			}
 		},
 		"postcss": {
-			"version": "7.0.35",
-			"resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz",
-			"integrity": "sha512-3QT8bBJeX/S5zKTTjTCIjRF3If4avAT6kqxcASlTWEtAFCb9NH0OUxNDfgZSWdP5fJnBYCMEWkIFfWeugjzYMg==",
+			"version": "7.0.36",
+			"resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.36.tgz",
+			"integrity": "sha512-BebJSIUMwJHRH0HAQoxN4u1CN86glsrwsW0q7T+/m44eXOUAxSNdHRkNZPYz5vVUbg17hFgOQDE7fZk7li3pZw==",
 			"dev": true,
 			"requires": {
 				"chalk": "^2.4.2",
@@ -9296,8 +9296,8 @@
 						"hosted-git-info": {
 							"version": "2.8.9",
 							"resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz",
-							"dev": true,
-							"integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw=="
+							"integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==",
+							"dev": true
 						},
 						"normalize-package-data": {
 							"version": "2.5.0",
@@ -9430,9 +9430,9 @@
 					}
 				},
 				"trim-newlines": {
-					"version": "3.0.0",
-					"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.0.tgz",
-					"integrity": "sha512-C4+gOpvmxaSMKuEf9Qc134F1ZuOHVXKRbtEflf4NTtuuJDEIJ9p5PXsalL8SkeRw+qit1Mo+yuvMPAKwWg/1hA==",
+					"version": "3.0.1",
+					"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.1.tgz",
+					"integrity": "sha512-c1PTsA3tYrIsLGkJkzHF+w9F2EyxfXGo4UyJc4pFL++FMjnq0HJS69T3M7d//gKrFKwy429bouPescbjecU+Zw==",
 					"dev": true
 				},
 				"type-fest": {
@@ -10732,9 +10732,9 @@
 			}
 		},
 		"ws": {
-			"version": "7.4.1",
-			"resolved": "https://registry.npmjs.org/ws/-/ws-7.4.1.tgz",
-			"integrity": "sha512-pTsP8UAfhy3sk1lSk/O/s4tjD0CRwvMnzvwr4OKGX7ZvqZtUyx4KIJB5JWbkykPoc55tixMGgTNoh3k4FkNGFQ==",
+			"version": "7.5.3",
+			"resolved": "https://registry.npmjs.org/ws/-/ws-7.5.3.tgz",
+			"integrity": "sha512-kQ/dHIzuLrS6Je9+uv81ueZomEwH0qVYstcAQ4/Z93K8zeko9gtAbttJWzoC5ukqXY1PpoouV3+VSOqEAFt5wg==",
 			"dev": true
 		},
 		"xdg-basedir": {
-- 
2.20.1

$ date
Thu Jul 22 06:02:19 UTC 2021

$ git clone file:///srv/git/mediawiki-extensions-CodeMirror.git repo --depth=1 -b REL1_36
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/REL1_36
ed712c3ad248208d72a83cc2432f0f911bc8cda6 refs/heads/REL1_36

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 is deprecated and some packages will not be available. You should upgrade to Composer 2. See https://blog.packagist.com/deprecating-composer-1-support/
Updating dependencies (including require-dev)
Package operations: 32 installs, 0 updates, 0 removals
  - Installing squizlabs/php_codesniffer (3.5.8): Loading from cache
  - Installing composer/spdx-licenses (1.5.5): Loading from cache
  - Installing composer/semver (3.2.5): Loading from cache
  - Installing mediawiki/mediawiki-codesniffer (v35.0.0): Loading from cache
  - Installing symfony/polyfill-php80 (v1.23.0): Loading from cache
  - Installing symfony/polyfill-mbstring (v1.23.0): Loading from cache
  - Installing symfony/polyfill-intl-normalizer (v1.23.0): Loading from cache
  - Installing symfony/polyfill-intl-grapheme (v1.23.0): Loading from cache
  - Installing symfony/polyfill-ctype (v1.23.0): Loading from cache
  - Installing symfony/string (v5.3.3): Loading from cache
  - Installing psr/container (1.1.1): Loading from cache
  - Installing symfony/service-contracts (v2.4.0): Loading from cache
  - Installing symfony/polyfill-php73 (v1.23.0): Loading from cache
  - Installing symfony/deprecation-contracts (v2.4.0): Loading from cache
  - Installing symfony/console (v5.3.2): Loading from cache
  - Installing psr/log (1.1.4): Loading from cache
  - Installing sabre/event (5.1.2): Loading from cache
  - Installing netresearch/jsonmapper (v3.1.1): Loading from cache
  - Installing microsoft/tolerant-php-parser (v0.0.23): Loading from cache
  - Installing phpdocumentor/reflection-common (2.2.0): Loading from cache
  - Installing webmozart/assert (1.10.0): Loading from cache
  - Installing phpdocumentor/type-resolver (1.4.0): Loading from cache
  - Installing phpdocumentor/reflection-docblock (5.2.2): Loading from cache
  - Installing felixfbecker/advanced-json-rpc (v3.2.1): Loading from cache
  - Installing composer/xdebug-handler (1.4.6): Loading from cache
  - Installing phan/phan (3.2.6): Loading from cache
  - Installing mediawiki/phan-taint-check-plugin (3.2.1): Loading from cache
  - Installing mediawiki/mediawiki-phan-config (0.10.6): Loading from cache
  - Installing mediawiki/minus-x (1.1.1): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.2.0): Loading from cache
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
phan/phan suggests installing ext-ast (Needed for parsing ASTs (unless --use-fallback-parser is used). 1.0.1+ is needed, 1.0.8+ is recommended.)
Writing lock file
Generating autoload files
13 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Attempting to npm audit fix
$ npm audit fix --only=dev

> fibers@4.0.3 install /src/repo/node_modules/fibers
> node build.js || nodejs build.js

`linux-x64-64-glibc` exists; testing
Binary is fine; exiting

> @ffmpeg-installer/linux-x64@4.1.0 postinstall /src/repo/node_modules/@ffmpeg-installer/linux-x64
> chmod u+x ffmpeg


> core-js@3.6.5 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon: 
> https://opencollective.com/core-js 
> https://www.patreon.com/zloirock 

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/darwin-x64@4.1.0 (node_modules/@ffmpeg-installer/darwin-x64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/darwin-x64@4.1.0: wanted {"os":"darwin","arch":"x64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-arm@4.1.3 (node_modules/@ffmpeg-installer/linux-arm):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-arm@4.1.3: wanted {"os":"linux","arch":"arm"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-arm64@4.1.4 (node_modules/@ffmpeg-installer/linux-arm64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-arm64@4.1.4: wanted {"os":"linux","arch":"arm64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-ia32@4.1.0 (node_modules/@ffmpeg-installer/linux-ia32):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-ia32@4.1.0: wanted {"os":"linux","arch":"ia32"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/win32-ia32@4.1.0 (node_modules/@ffmpeg-installer/win32-ia32):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/win32-ia32@4.1.0: wanted {"os":"win32","arch":"ia32"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/win32-x64@4.1.0 (node_modules/@ffmpeg-installer/win32-x64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/win32-x64@4.1.0: wanted {"os":"win32","arch":"x64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

added 1232 packages from 811 contributors in 41.646s

113 packages are looking for funding
  run `npm fund` for details

fixed 28 of 30 vulnerabilities in 1240 scanned packages
  1 vulnerability required manual review and could not be updated
  1 package update for 1 vulnerability involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ npm audit fix --only=dev
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/darwin-x64@4.1.0 (node_modules/@ffmpeg-installer/darwin-x64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/darwin-x64@4.1.0: wanted {"os":"darwin","arch":"x64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-arm@4.1.3 (node_modules/@ffmpeg-installer/linux-arm):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-arm@4.1.3: wanted {"os":"linux","arch":"arm"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-arm64@4.1.4 (node_modules/@ffmpeg-installer/linux-arm64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-arm64@4.1.4: wanted {"os":"linux","arch":"arm64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-ia32@4.1.0 (node_modules/@ffmpeg-installer/linux-ia32):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-ia32@4.1.0: wanted {"os":"linux","arch":"ia32"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/win32-ia32@4.1.0 (node_modules/@ffmpeg-installer/win32-ia32):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/win32-ia32@4.1.0: wanted {"os":"win32","arch":"ia32"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/win32-x64@4.1.0 (node_modules/@ffmpeg-installer/win32-x64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/win32-x64@4.1.0: wanted {"os":"win32","arch":"x64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

up to date in 10.089s

113 packages are looking for funding
  run `npm fund` for details

fixed 0 of 2 vulnerabilities in 1240 scanned packages
  1 vulnerability required manual review and could not be updated
  1 package update for 1 vulnerability involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ npm audit fix --only=dev
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/darwin-x64@4.1.0 (node_modules/@ffmpeg-installer/darwin-x64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/darwin-x64@4.1.0: wanted {"os":"darwin","arch":"x64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-arm@4.1.3 (node_modules/@ffmpeg-installer/linux-arm):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-arm@4.1.3: wanted {"os":"linux","arch":"arm"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-arm64@4.1.4 (node_modules/@ffmpeg-installer/linux-arm64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-arm64@4.1.4: wanted {"os":"linux","arch":"arm64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/linux-ia32@4.1.0 (node_modules/@ffmpeg-installer/linux-ia32):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/linux-ia32@4.1.0: wanted {"os":"linux","arch":"ia32"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/win32-ia32@4.1.0 (node_modules/@ffmpeg-installer/win32-ia32):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/win32-ia32@4.1.0: wanted {"os":"win32","arch":"ia32"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: @ffmpeg-installer/win32-x64@4.1.0 (node_modules/@ffmpeg-installer/win32-x64):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for @ffmpeg-installer/win32-x64@4.1.0: wanted {"os":"win32","arch":"x64"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

up to date in 10.278s

113 packages are looking for funding
  run `npm fund` for details

fixed 0 of 2 vulnerabilities in 1240 scanned packages
  1 vulnerability required manual review and could not be updated
  1 package update for 1 vulnerability involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ package-lock-lint package-lock.json
0 issues found in: package-lock.json

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation

> @ffmpeg-installer/darwin-x64@4.1.0 postinstall /src/repo/node_modules/@ffmpeg-installer/darwin-x64
> chmod u+x ffmpeg


> @ffmpeg-installer/linux-x64@4.1.0 postinstall /src/repo/node_modules/@ffmpeg-installer/linux-x64
> chmod u+x ffmpeg


> @ffmpeg-installer/linux-ia32@4.1.0 postinstall /src/repo/node_modules/@ffmpeg-installer/linux-ia32
> chmod u+x ffmpeg


> @ffmpeg-installer/linux-arm64@4.1.4 postinstall /src/repo/node_modules/@ffmpeg-installer/linux-arm64
> chmod u+x ffmpeg


> @ffmpeg-installer/linux-arm@4.1.3 postinstall /src/repo/node_modules/@ffmpeg-installer/linux-arm
> chmod u+x ffmpeg


> core-js@3.6.5 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"


> fibers@4.0.3 install /src/repo/node_modules/fibers
> node build.js || nodejs build.js

`linux-x64-64-glibc` exists; testing
Binary is fine; exiting
added 1239 packages in 23.396s

$ npm test

> @ test /src/repo
> grunt test

Running "eslint:all" (eslint) task

/src/repo/tests/selenium/wdio.conf.js
  117:1  warning  This line has a length of 106. Maximum allowed is 100  max-len
  165:1  warning  This line has a length of 105. Maximum allowed is 100  max-len
  196:1  warning  This line has a length of 108. Maximum allowed is 100  max-len
  198:1  warning  This line has a length of 105. Maximum allowed is 100  max-len
  209:1  warning  This line has a length of 102. Maximum allowed is 100  max-len
  213:1  warning  This line has a length of 108. Maximum allowed is 100  max-len
  213:0  warning  Syntax error in type: [type]                           jsdoc/valid-types
  214:0  warning  Syntax error in type: [type]                           jsdoc/valid-types
  215:1  warning  This line has a length of 114. Maximum allowed is 100  max-len
  215:0  warning  Syntax error in type: [type]                           jsdoc/valid-types
  216:0  warning  Syntax error in type: [type]                           jsdoc/valid-types
  221:1  warning  This line has a length of 101. Maximum allowed is 100  max-len
  332:0  warning  Syntax error in type: <Object>                         jsdoc/valid-types

✖ 13 problems (0 errors, 13 warnings)


Running "stylelint:all" (stylelint) task
>> Linted 5 files without errors

Running "banana:all" (banana) task
>> 1 message directory checked.

Done.

Upgrading n:postcss from 7.0.35 -> 7.0.36
Upgrading n:ws from 7.4.1 -> 7.5.3
Upgrading n:glob-parent from 5.1.0 -> 5.1.2
Upgrading n:trim-newlines from 1.0.0 -> 3.0.1
Upgrading n:normalize-url from 4.5.0 -> 4.5.1
$ package-lock-lint package-lock.json
0 issues found in: package-lock.json

$ git add .

$ git commit -F /tmp/tmpi5zkj3cu
[REL1_36 628d108] build: Updating npm dependencies
 1 file changed, 17 insertions(+), 17 deletions(-)

$ git format-patch HEAD~1 --stdout
From 628d108793ade06e168cda1932eb4d2241027864 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Thu, 22 Jul 2021 06:05:25 +0000
Subject: [PATCH] build: Updating npm dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* postcss: 7.0.35 → 7.0.36
  * https://npmjs.com/advisories/1693 (CVE-2021-23368)
* ws: 7.4.1 → 7.5.3
  * https://npmjs.com/advisories/1748 (CVE-2021-32640)
* glob-parent: 5.1.0 → 5.1.2
  * https://npmjs.com/advisories/1751 (CVE-2020-28469)
* trim-newlines: 1.0.0 → 3.0.1
  * https://npmjs.com/advisories/1753 (CVE-2021-33623)
* normalize-url: 4.5.0 → 4.5.1
  * https://npmjs.com/advisories/1755 (CVE-2021-33502)

Change-Id: Ia174dcbf603e953da29017ed5d80e884832f8cc9
---
 package-lock.json | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 43878bf..e55d78b 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4540,9 +4540,9 @@
 			}
 		},
 		"glob-parent": {
-			"version": "5.1.0",
-			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.0.tgz",
-			"integrity": "sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==",
+			"version": "5.1.2",
+			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+			"integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
 			"dev": true,
 			"requires": {
 				"is-glob": "^4.0.1"
@@ -7335,9 +7335,9 @@
 			"dev": true
 		},
 		"normalize-url": {
-			"version": "4.5.0",
-			"resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.0.tgz",
-			"integrity": "sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==",
+			"version": "4.5.1",
+			"resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.1.tgz",
+			"integrity": "sha512-9UZCFRHQdNrfTpGg8+1INIg93B6zE0aXMVFkw1WFwvO4SlZywU6aLg5Of0Ap/PgcbSw4LNxvMWXMeugwMCX0AA==",
 			"dev": true
 		},
 		"num2fraction": {
@@ -7787,9 +7787,9 @@
 			}
 		},
 		"postcss": {
-			"version": "7.0.35",
-			"resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz",
-			"integrity": "sha512-3QT8bBJeX/S5zKTTjTCIjRF3If4avAT6kqxcASlTWEtAFCb9NH0OUxNDfgZSWdP5fJnBYCMEWkIFfWeugjzYMg==",
+			"version": "7.0.36",
+			"resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.36.tgz",
+			"integrity": "sha512-BebJSIUMwJHRH0HAQoxN4u1CN86glsrwsW0q7T+/m44eXOUAxSNdHRkNZPYz5vVUbg17hFgOQDE7fZk7li3pZw==",
 			"dev": true,
 			"requires": {
 				"chalk": "^2.4.2",
@@ -9296,8 +9296,8 @@
 						"hosted-git-info": {
 							"version": "2.8.9",
 							"resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz",
-							"dev": true,
-							"integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw=="
+							"integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==",
+							"dev": true
 						},
 						"normalize-package-data": {
 							"version": "2.5.0",
@@ -9430,9 +9430,9 @@
 					}
 				},
 				"trim-newlines": {
-					"version": "3.0.0",
-					"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.0.tgz",
-					"integrity": "sha512-C4+gOpvmxaSMKuEf9Qc134F1ZuOHVXKRbtEflf4NTtuuJDEIJ9p5PXsalL8SkeRw+qit1Mo+yuvMPAKwWg/1hA==",
+					"version": "3.0.1",
+					"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.1.tgz",
+					"integrity": "sha512-c1PTsA3tYrIsLGkJkzHF+w9F2EyxfXGo4UyJc4pFL++FMjnq0HJS69T3M7d//gKrFKwy429bouPescbjecU+Zw==",
 					"dev": true
 				},
 				"type-fest": {
@@ -10732,9 +10732,9 @@
 			}
 		},
 		"ws": {
-			"version": "7.4.1",
-			"resolved": "https://registry.npmjs.org/ws/-/ws-7.4.1.tgz",
-			"integrity": "sha512-pTsP8UAfhy3sk1lSk/O/s4tjD0CRwvMnzvwr4OKGX7ZvqZtUyx4KIJB5JWbkykPoc55tixMGgTNoh3k4FkNGFQ==",
+			"version": "7.5.3",
+			"resolved": "https://registry.npmjs.org/ws/-/ws-7.5.3.tgz",
+			"integrity": "sha512-kQ/dHIzuLrS6Je9+uv81ueZomEwH0qVYstcAQ4/Z93K8zeko9gtAbttJWzoC5ukqXY1PpoouV3+VSOqEAFt5wg==",
 			"dev": true
 		},
 		"xdg-basedir": {
-- 
2.20.1

Source code is licensed under the AGPL.