mediawiki/extensions/CirrusSearch: main (log #521467)

sourcepatches

This run took 167 seconds.

From 8c31721ccdc053f565c0bbbf7f9d1f89b5e75bb4 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Thu, 4 Nov 2021 09:38:33 +0000
Subject: [PATCH] build: Updating validator to 13.7.0

* https://npmjs.com/advisories/1004784 (CVE-2021-3765)

Change-Id: I20b8daf72c2f127ebfd35958aa3a98a634078cc7
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 786bc35..c3fa22c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -8406,9 +8406,9 @@
 			}
 		},
 		"validator": {
-			"version": "13.6.0",
-			"resolved": "https://registry.npmjs.org/validator/-/validator-13.6.0.tgz",
-			"integrity": "sha512-gVgKbdbHgtxpRyR8K0O6oFZPhhB5tT1jeEHZR0Znr9Svg03U0+r9DXWMrnRAB+HtCStDQKlaIZm42tVsVjqtjg==",
+			"version": "13.7.0",
+			"resolved": "https://registry.npmjs.org/validator/-/validator-13.7.0.tgz",
+			"integrity": "sha512-nYXQLCBkpJ8X6ltALua9dRrZDHVYxjJ1wgskNt1lH9fzGjs3tgojGSCBjmEPwkWS1y29+DrizMTW19Pr9uB2nw==",
 			"dev": true
 		},
 		"vasync": {
-- 
2.20.1

$ date
Thu Nov  4 09:35:58 UTC 2021

$ git clone file:///srv/git/mediawiki-extensions-CirrusSearch.git repo --depth=1 -b master
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/master
fcea4df30effcf29a9529e79059c12b9c7538e37 refs/heads/master

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 is deprecated and some packages will not be available. You should upgrade to Composer 2. See https://blog.packagist.com/deprecating-composer-1-support/
Updating dependencies (including require-dev)
Package operations: 37 installs, 0 updates, 0 removals
  - Installing wikimedia/textcat (1.3.0): Loading from cache
  - Installing wikimedia/lucene-explain-parser (1.0.0): Loading from cache
  - Installing squizlabs/php_codesniffer (3.6.1): Loading from cache
  - Installing composer/spdx-licenses (1.5.5): Loading from cache
  - Installing composer/semver (dev-main 83e511e): Cloning 83e511e247 from cache
  - Installing mediawiki/mediawiki-codesniffer (v38.0.0): Loading from cache
  - Installing tysonandre/var_representation_polyfill (0.1.1): Loading from cache
  - Installing symfony/polyfill-php80 (dev-main 57b712b): Cloning 57b712b08e from cache
  - Installing symfony/polyfill-mbstring (dev-main 11b9acb): Cloning 11b9acb5e8 from cache
  - Installing symfony/polyfill-intl-normalizer (dev-main 8590a5f): Cloning 8590a5f561 from cache
  - Installing symfony/polyfill-intl-grapheme (dev-main 5911fe4): Cloning 5911fe42c2 from cache
  - Installing symfony/polyfill-ctype (dev-main 3088518): Cloning 30885182c9 from cache
  - Installing symfony/string (5.4.x-dev dad92b1): Cloning dad92b16d8 from cache
  - Installing psr/container (1.1.x-dev 8622567): Cloning 8622567409 from cache
  - Installing symfony/service-contracts (2.5.x-dev 56b990c): Cloning 56b990c181 from cache
  - Installing symfony/polyfill-php73 (dev-main cc5db0e): Cloning cc5db0e22b from cache
  - Installing symfony/deprecation-contracts (2.5.x-dev 6f981ee): Cloning 6f981ee24c from cache
  - Installing psr/log (1.1.4): Loading from cache
  - Installing symfony/console (5.4.x-dev f9b98cd): Cloning f9b98cdeca from cache
  - Installing sabre/event (5.1.4): Loading from cache
  - Installing netresearch/jsonmapper (v4.0.0): Loading from cache
  - Installing microsoft/tolerant-php-parser (v0.1.1): Loading from cache
  - Installing phpdocumentor/reflection-common (dev-master a0eeab5): Cloning a0eeab580c from cache
  - Installing webmozart/assert (dev-master b419d64): Cloning b419d64859 from cache
  - Installing phpdocumentor/type-resolver (1.x-dev 2c26b0e): Cloning 2c26b0e4a9 from cache
  - Installing phpdocumentor/reflection-docblock (dev-master 622548b): Cloning 622548b623 from cache
  - Installing felixfbecker/advanced-json-rpc (v3.2.1): Loading from cache
  - Installing composer/xdebug-handler (2.0.2): Loading from cache
  - Installing phan/phan (5.2.0): Loading from cache
  - Installing mediawiki/phan-taint-check-plugin (3.3.2): Loading from cache
  - Installing mediawiki/mediawiki-phan-config (0.11.0): Loading from cache
  - Installing mediawiki/minus-x (1.1.1): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.3.1): Loading from cache
  - Installing justinrainbow/json-schema (5.x-dev 384f945): Cloning 384f94595c from cache
  - Installing symfony/yaml (5.0.x-dev 29b60e8): Cloning 29b60e88ff from cache
tysonandre/var_representation_polyfill suggests installing ext-var_representation (*)
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
phan/phan suggests installing ext-ast (Needed for parsing ASTs (unless --use-fallback-parser is used). 1.0.1+ is needed, 1.0.14+ is recommended.)
phan/phan suggests installing ext-var_representation (Suggested for converting values to strings in issue messages)
Writing lock file
Generating autoload files
14 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Attempting to npm audit fix
$ npm audit fix --only=dev

> fibers_node_v8@3.1.5 preinstall /src/repo/node_modules/fibers_node_v8
> node preinstall.js


> fibers@4.0.3 install /src/repo/node_modules/fibers
> node build.js || nodejs build.js

`linux-x64-64-glibc` exists; testing
Binary is fine; exiting

> fibers_node_v8@3.1.5 install /src/repo/node_modules/fibers_node_v8
> node build.js

ignore install

> dtrace-provider@0.8.8 install /src/repo/node_modules/dtrace-provider
> node-gyp rebuild || node suppress-error.js

make: Entering directory '/src/repo/node_modules/dtrace-provider/build'
  TOUCH Release/obj.target/DTraceProviderStub.stamp
make: Leaving directory '/src/repo/node_modules/dtrace-provider/build'

> core-js@2.6.12 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon: 
> https://opencollective.com/core-js 
> https://www.patreon.com/zloirock 

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)


> core-js@3.14.0 postinstall /src/repo/node_modules/eslint-plugin-compat/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/mocha/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

added 1037 packages from 817 contributors in 20.841s

114 packages are looking for funding
  run `npm fund` for details

fixed 1 of 16 vulnerabilities in 1043 scanned packages
  5 vulnerabilities required manual review and could not be updated
  3 package updates for 10 vulnerabilities involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ npm audit fix --only=dev
npm WARN @babel/helper-compilation-targets@7.15.4 requires a peer of @babel/core@^7.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/mocha/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

up to date in 5.016s

114 packages are looking for funding
  run `npm fund` for details

fixed 0 of 15 vulnerabilities in 1043 scanned packages
  5 vulnerabilities required manual review and could not be updated
  3 package updates for 10 vulnerabilities involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ npm audit fix --only=dev
npm WARN @babel/helper-compilation-targets@7.15.4 requires a peer of @babel/core@^7.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/mocha/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

up to date in 4.927s

114 packages are looking for funding
  run `npm fund` for details

fixed 0 of 15 vulnerabilities in 1043 scanned packages
  5 vulnerabilities required manual review and could not be updated
  3 package updates for 10 vulnerabilities involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ package-lock-lint package-lock.json
Checking package-lock.json

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation

> dtrace-provider@0.8.8 install /src/repo/node_modules/dtrace-provider
> node-gyp rebuild || node suppress-error.js

make: Entering directory '/src/repo/node_modules/dtrace-provider/build'
  TOUCH Release/obj.target/DTraceProviderStub.stamp
make: Leaving directory '/src/repo/node_modules/dtrace-provider/build'

> core-js@3.14.0 postinstall /src/repo/node_modules/eslint-plugin-compat/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"


> fibers@4.0.3 install /src/repo/node_modules/fibers
> node build.js || nodejs build.js

`linux-x64-64-glibc` exists; testing
Binary is fine; exiting

> fibers_node_v8@3.1.5 preinstall /src/repo/node_modules/fibers_node_v8
> node preinstall.js


> fibers_node_v8@3.1.5 install /src/repo/node_modules/fibers_node_v8
> node build.js

ignore install

> core-js@2.6.12 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

added 1039 packages in 18.742s

$ npm test

> cirrussearch@0.0.0 test /src/repo
> grunt test

Running "eslint:all" (eslint) task

/src/repo/tests/phpunit/fixtures/configDump/enwiki_crosslang_frwiki_config.json
  0:0  warning  File ignored because of a matching ignore pattern. Use "--no-ignore" to override

/src/repo/tests/phpunit/fixtures/configDump/enwiki_crosslang_frwiki_invalid_config.json
  0:0  warning  File ignored because of a matching ignore pattern. Use "--no-ignore" to override

/src/repo/tests/phpunit/fixtures/configDump/enwiki_sisterproject_configs.json
  0:0  warning  File ignored because of a matching ignore pattern. Use "--no-ignore" to override

/src/repo/tests/phpunit/fixtures/regexParser/ref_impl_fixtures.json
  0:0  warning  File ignored because of a matching ignore pattern. Use "--no-ignore" to override

✖ 4 problems (0 errors, 4 warnings)


Running "banana:all" (banana) task
>> 2 message directories checked.

Running "stylelint:all" (stylelint) task
>> Linted 1 files without errors

Done.

Upgrading n:validator from 13.6.0 -> 13.7.0
$ package-lock-lint package-lock.json
Checking package-lock.json

$ git add .

$ git commit -F /tmp/tmpp5nwoo9z
[master 8c31721] build: Updating validator to 13.7.0
 1 file changed, 3 insertions(+), 3 deletions(-)

$ git format-patch HEAD~1 --stdout
From 8c31721ccdc053f565c0bbbf7f9d1f89b5e75bb4 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Thu, 4 Nov 2021 09:38:33 +0000
Subject: [PATCH] build: Updating validator to 13.7.0

* https://npmjs.com/advisories/1004784 (CVE-2021-3765)

Change-Id: I20b8daf72c2f127ebfd35958aa3a98a634078cc7
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 786bc35..c3fa22c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -8406,9 +8406,9 @@
 			}
 		},
 		"validator": {
-			"version": "13.6.0",
-			"resolved": "https://registry.npmjs.org/validator/-/validator-13.6.0.tgz",
-			"integrity": "sha512-gVgKbdbHgtxpRyR8K0O6oFZPhhB5tT1jeEHZR0Znr9Svg03U0+r9DXWMrnRAB+HtCStDQKlaIZm42tVsVjqtjg==",
+			"version": "13.7.0",
+			"resolved": "https://registry.npmjs.org/validator/-/validator-13.7.0.tgz",
+			"integrity": "sha512-nYXQLCBkpJ8X6ltALua9dRrZDHVYxjJ1wgskNt1lH9fzGjs3tgojGSCBjmEPwkWS1y29+DrizMTW19Pr9uB2nw==",
 			"dev": true
 		},
 		"vasync": {
-- 
2.20.1

Source code is licensed under the AGPL.