mediawiki/extensions/UploadWizard: REL1_35 (log #568141)

sourcepatches

This run took 49 seconds.

$ date
Sat Jan 29 03:09:18 UTC 2022

$ git clone file:///srv/git/mediawiki-extensions-UploadWizard.git repo --depth=1 -b REL1_35
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/REL1_35
53dbc600399a641f40955a4026d0a4e4c9ae60fb refs/heads/REL1_35

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 is deprecated and some packages will not be available. You should upgrade to Composer 2. See https://blog.packagist.com/deprecating-composer-1-support/
Updating dependencies (including require-dev)
Package operations: 32 installs, 0 updates, 0 removals
  - Installing squizlabs/php_codesniffer (3.5.5): Loading from cache
  - Installing composer/spdx-licenses (1.5.6): Loading from cache
  - Installing composer/semver (1.5.1): Loading from cache
  - Installing mediawiki/mediawiki-codesniffer (v31.0.0): Loading from cache
  - Installing symfony/polyfill-mbstring (v1.24.0): Loading from cache
  - Installing symfony/polyfill-intl-normalizer (v1.24.0): Loading from cache
  - Installing symfony/polyfill-intl-grapheme (v1.24.0): Loading from cache
  - Installing symfony/polyfill-ctype (v1.24.0): Loading from cache
  - Installing symfony/polyfill-php80 (v1.24.0): Loading from cache
  - Installing symfony/string (v5.4.3): Loading from cache
  - Installing symfony/deprecation-contracts (v2.5.0): Loading from cache
  - Installing psr/container (1.1.1): Loading from cache
  - Installing symfony/service-contracts (v2.5.0): Loading from cache
  - Installing symfony/polyfill-php73 (v1.24.0): Loading from cache
  - Installing symfony/console (v5.4.3): Loading from cache
  - Installing psr/log (1.1.4): Loading from cache
  - Installing sabre/event (5.1.4): Loading from cache
  - Installing netresearch/jsonmapper (v2.1.0): Loading from cache
  - Installing microsoft/tolerant-php-parser (v0.0.20): Loading from cache
  - Installing phpdocumentor/reflection-common (2.2.0): Loading from cache
  - Installing webmozart/assert (1.10.0): Loading from cache
  - Installing phpdocumentor/type-resolver (1.6.0): Loading from cache
  - Installing phpdocumentor/reflection-docblock (5.3.0): Loading from cache
  - Installing felixfbecker/advanced-json-rpc (v3.2.1): Loading from cache
  - Installing composer/xdebug-handler (1.4.6): Loading from cache
  - Installing phan/phan (2.6.1): Loading from cache
  - Installing mediawiki/phan-taint-check-plugin (3.0.2): Loading from cache
  - Installing mediawiki/mediawiki-phan-config (0.10.2): Loading from cache
  - Installing mediawiki/minus-x (1.1.0): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.2.0): Loading from cache
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
phan/phan suggests installing ext-ast (Needed for parsing ASTs (unless --use-fallback-parser is used). 1.0.1+ is needed, 1.0.6+ is recommended.)
Writing lock file
Generating autoload files
12 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Upgrading c:mediawiki/mediawiki-codesniffer from 31.0.0 -> 38.0.0
$ composer update
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 is deprecated and some packages will not be available. You should upgrade to Composer 2. See https://blog.packagist.com/deprecating-composer-1-support/
Updating dependencies (including require-dev)
Package operations: 0 installs, 3 updates, 0 removals
  - Updating squizlabs/php_codesniffer (3.5.5 => 3.6.1): Loading from cache
  - Updating composer/semver (1.5.1 => 1.7.2): Loading from cache
  - Removing mediawiki/mediawiki-codesniffer (v31.0.0)
  - Installing mediawiki/mediawiki-codesniffer (v38.0.0): Loading from cache
Writing lock file
Generating autoload files
13 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

{'MediaWiki.Commenting.FunctionComment.MissingDocumentationPublic', 'MediaWiki.Commenting.FunctionComment.MissingDocumentationProtected', 'MediaWiki.Commenting.FunctionComment.MissingDocumentationPrivate', 'MediaWiki.NamingConventions.LowerCamelFunctionsName.FunctionName', 'MediaWiki.WhiteSpace.SpaceBeforeSingleLineComment.NewLineComment'}
Tests fail!
$ git checkout .phpcs.xml

$ composer install
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Nothing to install or update
Generating autoload files
13 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

$ composer test
> parallel-lint . --exclude vendor --exclude node_modules
PHP 7.3.29 | 10 parallel jobs
.......................                                      23/23 (100 %)


Checked 23 files in 0.1 seconds
No syntax error found
> phpcs -sp --cache
....................... 23 / 23 (100%)


Time: 81ms; Memory: 6MB

> minus-x check .
MinusX
======
Processing /src/repo...
.............................................................
.............................................................
.............................................................
.............................................................
.............................................................
.............................................................
.............................................................
...............
All good!

Attempting to npm audit fix
$ npm audit fix --only=dev
added 551 packages from 344 contributors in 10.131s

76 packages are looking for funding
  run `npm fund` for details

fixed 2 of 4 vulnerabilities in 551 scanned packages
  2 vulnerabilities required manual review and could not be updated

$ npm audit fix --only=dev
npm WARN eslint-plugin-vue@6.2.2 requires a peer of eslint@^5.0.0 || ^6.0.0 but none is installed. You must install peer dependencies yourself.

updated 1 package in 3.849s

76 packages are looking for funding
  run `npm fund` for details

fixed 2 of 4 vulnerabilities in 551 scanned packages
  2 vulnerabilities required manual review and could not be updated

$ npm audit fix --only=dev
npm WARN eslint-plugin-vue@6.2.2 requires a peer of eslint@^5.0.0 || ^6.0.0 but none is installed. You must install peer dependencies yourself.

updated 1 package in 3.64s

76 packages are looking for funding
  run `npm fund` for details

fixed 2 of 4 vulnerabilities in 551 scanned packages
  2 vulnerabilities required manual review and could not be updated

$ package-lock-lint package-lock.json
Checking package-lock.json
nanoid@3.1.22: "resolved" is not a valid URL: "" (relative URL without a base)

Traceback (most recent call last):
  File "/venv/lib/python3.7/site-packages/runner-0.1.0-py3.7.egg/runner/__init__.py", line 1374, in main
    libup.run(args.repo, args.output, args.branch)
  File "/venv/lib/python3.7/site-packages/runner-0.1.0-py3.7.egg/runner/__init__.py", line 1318, in run
    self.npm_audit_fix(new_npm_audit)
  File "/venv/lib/python3.7/site-packages/runner-0.1.0-py3.7.egg/runner/__init__.py", line 211, in npm_audit_fix
    self.check_package_lock()
  File "/venv/lib/python3.7/site-packages/runner-0.1.0-py3.7.egg/runner/__init__.py", line 268, in check_package_lock
    self.check_call(['package-lock-lint', 'package-lock.json'])
  File "/venv/lib/python3.7/site-packages/runner-0.1.0-py3.7.egg/runner/shell2.py", line 40, in check_call
    res.check_returncode()
  File "/usr/lib/python3.7/subprocess.py", line 428, in check_returncode
    self.stderr)
subprocess.CalledProcessError: Command '['package-lock-lint', 'package-lock.json']' returned non-zero exit status 1.
Source code is licensed under the AGPL.