mediawiki/tools/api-testing: main (log #964347)

sourcepatches

This run took 29 seconds.

$ date
--- stdout ---
Mon Mar 20 22:36:37 UTC 2023

--- end ---
$ git clone file:///srv/git/mediawiki-tools-api-testing.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---

--- end ---
$ git config user.name libraryupgrader
--- stdout ---

--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---

--- end ---
$ git submodule update --init
--- stdout ---

--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.

--- end ---
$ git show-ref refs/heads/master
--- stdout ---
9eb3f05ff2d504a0ac87b36f1a38e2a184eff62f refs/heads/master

--- end ---
$ /usr/bin/npm audit --json --legacy-peer-deps
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "ansi-regex": {
      "name": "ansi-regex",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1091188,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": "Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "high",
          "cwe": [
            "CWE-697",
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": ">=3.0.0 <3.0.1"
        },
        {
          "source": 1091189,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": "Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "high",
          "cwe": [
            "CWE-697",
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": ">=4.0.0 <4.1.1"
        },
        {
          "source": 1091190,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": "Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "high",
          "cwe": [
            "CWE-697",
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": ">=5.0.0 <5.0.1"
        }
      ],
      "effects": [],
      "range": "3.0.0 || 4.0.0 - 4.1.0 || 5.0.0",
      "nodes": [
        "node_modules/ansi-regex",
        "node_modules/cliui/node_modules/ansi-regex",
        "node_modules/wide-align/node_modules/ansi-regex",
        "node_modules/wrap-ansi/node_modules/ansi-regex",
        "node_modules/yargs/node_modules/ansi-regex"
      ],
      "fixAvailable": true
    },
    "browserslist": {
      "name": "browserslist",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        {
          "source": 1089762,
          "name": "browserslist",
          "dependency": "browserslist",
          "title": "Regular Expression Denial of Service in browserslist",
          "url": "https://github.com/advisories/GHSA-w8qv-6jwh-64r5",
          "severity": "moderate",
          "cwe": [
            "CWE-400"
          ],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          },
          "range": ">=4.0.0 <4.16.5"
        }
      ],
      "effects": [],
      "range": "4.0.0 - 4.16.4",
      "nodes": [
        "node_modules/browserslist"
      ],
      "fixAvailable": true
    },
    "cookiejar": {
      "name": "cookiejar",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        {
          "source": 1088659,
          "name": "cookiejar",
          "dependency": "cookiejar",
          "title": "cookiejar Regular Expression Denial of Service via Cookie.parse function",
          "url": "https://github.com/advisories/GHSA-h452-7996-h45h",
          "severity": "moderate",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          },
          "range": "<2.1.4"
        }
      ],
      "effects": [],
      "range": "<2.1.4",
      "nodes": [
        "node_modules/cookiejar"
      ],
      "fixAvailable": true
    },
    "flat": {
      "name": "flat",
      "severity": "critical",
      "isDirect": false,
      "via": [
        {
          "source": 1089152,
          "name": "flat",
          "dependency": "flat",
          "title": "flat vulnerable to Prototype Pollution",
          "url": "https://github.com/advisories/GHSA-2j2x-2gpw-g8fm",
          "severity": "critical",
          "cwe": [
            "CWE-1321"
          ],
          "cvss": {
            "score": 9.8,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
          },
          "range": "<5.0.1"
        }
      ],
      "effects": [
        "yargs-unparser"
      ],
      "range": "<5.0.1",
      "nodes": [
        "node_modules/flat"
      ],
      "fixAvailable": {
        "name": "mocha",
        "version": "10.2.0",
        "isSemVerMajor": true
      }
    },
    "glob-parent": {
      "name": "glob-parent",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1091181,
          "name": "glob-parent",
          "dependency": "glob-parent",
          "title": "glob-parent before 5.1.2 vulnerable to Regular Expression Denial of Service in enclosure regex",
          "url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
          "severity": "high",
          "cwe": [
            "CWE-400"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<5.1.2"
        }
      ],
      "effects": [],
      "range": "<5.1.2",
      "nodes": [
        "node_modules/glob-parent"
      ],
      "fixAvailable": true
    },
    "jsdoc": {
      "name": "jsdoc",
      "severity": "high",
      "isDirect": true,
      "via": [
        "markdown-it",
        "marked",
        "taffydb"
      ],
      "effects": [],
      "range": "3.2.0-dev - 3.6.11",
      "nodes": [
        "node_modules/jsdoc"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.11",
        "isSemVerMajor": false
      }
    },
    "jsdoc-wmf-theme": {
      "name": "jsdoc-wmf-theme",
      "severity": "high",
      "isDirect": true,
      "via": [
        "taffydb"
      ],
      "effects": [],
      "range": "*",
      "nodes": [
        "node_modules/jsdoc-wmf-theme"
      ],
      "fixAvailable": false
    },
    "lodash": {
      "name": "lodash",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1089058,
          "name": "lodash",
          "dependency": "lodash",
          "title": "Regular Expression Denial of Service (ReDoS) in lodash",
          "url": "https://github.com/advisories/GHSA-29mw-wpgm-hmr9",
          "severity": "moderate",
          "cwe": [
            "CWE-400"
          ],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          },
          "range": "<4.17.21"
        },
        {
          "source": 1091185,
          "name": "lodash",
          "dependency": "lodash",
          "title": "Command Injection in lodash",
          "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
          "severity": "high",
          "cwe": [
            "CWE-77",
            "CWE-94"
          ],
          "cvss": {
            "score": 7.2,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
          },
          "range": "<4.17.21"
        }
      ],
      "effects": [],
      "range": "<=4.17.20",
      "nodes": [
        "node_modules/@eslint/eslintrc/node_modules/lodash",
        "node_modules/eslint-plugin-jsdoc/node_modules/lodash",
        "node_modules/eslint/node_modules/lodash",
        "node_modules/lodash",
        "node_modules/table/node_modules/lodash"
      ],
      "fixAvailable": true
    },
    "markdown-it": {
      "name": "markdown-it",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        {
          "source": 1090461,
          "name": "markdown-it",
          "dependency": "markdown-it",
          "title": "Uncontrolled Resource Consumption in markdown-it",
          "url": "https://github.com/advisories/GHSA-6vfc-qv3f-vr6c",
          "severity": "moderate",
          "cwe": [
            "CWE-400"
          ],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          },
          "range": "<12.3.2"
        }
      ],
      "effects": [
        "jsdoc"
      ],
      "range": "<12.3.2",
      "nodes": [
        "node_modules/markdown-it"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.11",
        "isSemVerMajor": false
      }
    },
    "marked": {
      "name": "marked",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1089485,
          "name": "marked",
          "dependency": "marked",
          "title": "Inefficient Regular Expression Complexity in marked",
          "url": "https://github.com/advisories/GHSA-5v2h-r2cx-5xgj",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<4.0.10"
        },
        {
          "source": 1089486,
          "name": "marked",
          "dependency": "marked",
          "title": "Inefficient Regular Expression Complexity in marked",
          "url": "https://github.com/advisories/GHSA-rrrm-qjm4-v8hf",
          "severity": "high",
          "cwe": [
            "CWE-400",
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<4.0.10"
        }
      ],
      "effects": [
        "jsdoc"
      ],
      "range": "<=4.0.9",
      "nodes": [
        "node_modules/marked"
      ],
      "fixAvailable": {
        "name": "jsdoc",
        "version": "3.6.11",
        "isSemVerMajor": false
      }
    },
    "minimatch": {
      "name": "minimatch",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1091174,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch ReDoS vulnerability",
          "url": "https://github.com/advisories/GHSA-f8q6-p94x-37v3",
          "severity": "high",
          "cwe": [
            "CWE-400"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.0.5"
        }
      ],
      "effects": [
        "mocha"
      ],
      "range": "<3.0.5",
      "nodes": [
        "node_modules/minimatch"
      ],
      "fixAvailable": {
        "name": "mocha",
        "version": "10.2.0",
        "isSemVerMajor": true
      }
    },
    "minimist": {
      "name": "minimist",
      "severity": "critical",
      "isDirect": false,
      "via": [
        {
          "source": 1091173,
          "name": "minimist",
          "dependency": "minimist",
          "title": "Prototype Pollution in minimist",
          "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
          "severity": "critical",
          "cwe": [
            "CWE-1321"
          ],
          "cvss": {
            "score": 9.8,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
          },
          "range": ">=1.0.0 <1.2.6"
        }
      ],
      "effects": [],
      "range": "1.0.0 - 1.2.5",
      "nodes": [
        "node_modules/minimist"
      ],
      "fixAvailable": true
    },
    "mocha": {
      "name": "mocha",
      "severity": "critical",
      "isDirect": true,
      "via": [
        "minimatch",
        "yargs-unparser"
      ],
      "effects": [],
      "range": "5.1.0 - 9.2.1",
      "nodes": [
        "node_modules/mocha"
      ],
      "fixAvailable": {
        "name": "mocha",
        "version": "10.2.0",
        "isSemVerMajor": true
      }
    },
    "path-parse": {
      "name": "path-parse",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        {
          "source": 1089681,
          "name": "path-parse",
          "dependency": "path-parse",
          "title": "Regular Expression Denial of Service in path-parse",
          "url": "https://github.com/advisories/GHSA-hj48-42vr-x3v9",
          "severity": "moderate",
          "cwe": [
            "CWE-400"
          ],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          },
          "range": "<1.0.7"
        }
      ],
      "effects": [],
      "range": "<1.0.7",
      "nodes": [
        "node_modules/path-parse"
      ],
      "fixAvailable": true
    },
    "pathval": {
      "name": "pathval",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1089875,
          "name": "pathval",
          "dependency": "pathval",
          "title": "Prototype pollution in pathval",
          "url": "https://github.com/advisories/GHSA-g6ww-v8xp-vmwg",
          "severity": "high",
          "cwe": [
            "CWE-20",
            "CWE-1321"
          ],
          "cvss": {
            "score": 7.2,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
          },
          "range": "<1.1.1"
        }
      ],
      "effects": [],
      "range": "<1.1.1",
      "nodes": [
        "node_modules/pathval"
      ],
      "fixAvailable": true
    },
    "qs": {
      "name": "qs",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1090139,
          "name": "qs",
          "dependency": "qs",
          "title": "qs vulnerable to Prototype Pollution",
          "url": "https://github.com/advisories/GHSA-hrpp-h998-j3pp",
          "severity": "high",
          "cwe": [
            "CWE-1321"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": ">=6.9.0 <6.9.7"
        }
      ],
      "effects": [],
      "range": "6.9.0 - 6.9.6",
      "nodes": [
        "node_modules/qs"
      ],
      "fixAvailable": true
    },
    "taffydb": {
      "name": "taffydb",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1089386,
          "name": "taffydb",
          "dependency": "taffydb",
          "title": "TaffyDB can allow access to any data items in the DB",
          "url": "https://github.com/advisories/GHSA-mxhp-79qh-mcx6",
          "severity": "high",
          "cwe": [
            "CWE-20",
            "CWE-668"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
          },
          "range": "<=2.7.3"
        }
      ],
      "effects": [
        "jsdoc",
        "jsdoc-wmf-theme"
      ],
      "range": "*",
      "nodes": [
        "node_modules/taffydb"
      ],
      "fixAvailable": false
    },
    "y18n": {
      "name": "y18n",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1091234,
          "name": "y18n",
          "dependency": "y18n",
          "title": "Prototype Pollution in y18n",
          "url": "https://github.com/advisories/GHSA-c4w7-xm78-47vh",
          "severity": "high",
          "cwe": [
            "CWE-20",
            "CWE-915",
            "CWE-1321"
          ],
          "cvss": {
            "score": 7.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
          },
          "range": "=4.0.0"
        }
      ],
      "effects": [],
      "range": "4.0.0",
      "nodes": [
        "node_modules/y18n"
      ],
      "fixAvailable": true
    },
    "yargs-unparser": {
      "name": "yargs-unparser",
      "severity": "critical",
      "isDirect": false,
      "via": [
        "flat"
      ],
      "effects": [
        "mocha"
      ],
      "range": "<=1.6.3",
      "nodes": [
        "node_modules/yargs-unparser"
      ],
      "fixAvailable": {
        "name": "mocha",
        "version": "10.2.0",
        "isSemVerMajor": true
      }
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 4,
      "high": 11,
      "critical": 4,
      "total": 19
    },
    "dependencies": {
      "prod": 31,
      "dev": 279,
      "optional": 1,
      "peer": 0,
      "peerOptional": 0,
      "total": 309
    }
  }
}

--- end ---
Upgrading n:eslint-config-wikimedia from 0.18.0 -> 0.24.0
$ /usr/bin/npm install
--- stderr ---
npm WARN old lockfile 
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile 
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile 
npm WARN deprecated flat@4.1.0: Fixed a prototype pollution security issue in 4.1.0, please upgrade to ^4.1.1 or ^5.0.1.
npm WARN deprecated debug@3.2.6: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated formidable@1.2.2: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated superagent@5.1.0: Please upgrade to v7.0.2+ of superagent.  We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing.  See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>.
--- stdout ---

added 356 packages, and audited 357 packages in 6s

60 packages are looking for funding
  run `npm fund` for details

17 vulnerabilities (3 moderate, 10 high, 4 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues possible (including breaking changes), run:
  npm audit fix --force

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.

--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json

--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json

--- end ---
$ ./node_modules/.bin/eslint . --fix
--- stdout ---

/src/repo/lib/wiki.js
  24:15  error  'params' is already declared in the upper scope on line 37 column 8  no-shadow

✖ 1 problem (1 error, 0 warnings)


--- end ---
$ ./node_modules/.bin/eslint . -f json
--- stdout ---
[{"filePath":"/src/repo/.eslintrc.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/.jsdoc.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/.mocharc.yaml","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/configs/example.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/configs/quibble.apache.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/configs/quibble.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/index.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/REST.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/action_clients.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/actionapi.js","messages":[],"suppressedMessages":[{"ruleId":"max-len","severity":1,"message":"This line has a length of 101. Maximum allowed is 100.","line":266,"column":1,"nodeType":"Program","messageId":"max","endLine":266,"endColumn":96,"suppressions":[{"kind":"directive","justification":""}]},{"ruleId":"max-len","severity":1,"message":"This line has a length of 120. Maximum allowed is 100.","line":267,"column":1,"nodeType":"Program","messageId":"max","endLine":267,"endColumn":115,"suppressions":[{"kind":"directive","justification":""}]}],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/assert.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/clientFactory.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/utils.js","messages":[],"suppressedMessages":[{"ruleId":"no-promise-executor-return","severity":2,"message":"Return values from promise executor functions cannot be read.","line":38,"column":35,"nodeType":"CallExpression","messageId":"returnsValue","endLine":38,"endColumn":58,"suppressions":[{"kind":"directive","justification":""}]}],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/wiki.js","messages":[{"ruleId":"no-shadow","severity":2,"message":"'params' is already declared in the upper scope on line 37 column 8.","line":24,"column":15,"nodeType":"Identifier","messageId":"noShadow","endLine":24,"endColumn":21}],"suppressedMessages":[],"errorCount":1,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"source":"'use strict';\n\nconst supertest = require('supertest');\nconst crypto = require('crypto');\nconst querystring = require('querystring');\nconst { assert } = require('./assert');\nconst config = require('./config')();\n\n/**\n * Runs some pending jobs.\n *\n * @param {number} n The number of jobs to run.\n * @return {Promise<number>} Zero if there are no more jobs to be run,\n * and a number grater than zero if there are more jobs ready to be run.\n * That number may or may not represent the number of jobs remaining\n * in the queue.\n */\nconst runJobs = async (n = 1) => {\n\tif (!config.secret_key) {\n\t\tthrow new Error('Missing secret_key configuration value. ' +\n            'Set secret_key to the value of $wgSecretKey from LocalSettings.php');\n\t}\n\n\tconst sig = (params) => {\n\t\tconst data = {};\n\t\tconst keys = Object.keys(params).sort();\n\n\t\tfor (const k of keys) {\n\t\t\tdata[k] = params[k];\n\t\t}\n\n\t\tconst s = querystring.stringify(data);\n\t\tconst hmac = crypto.createHmac('sha1', config.secret_key).update(s);\n\t\treturn hmac.digest('hex');\n\t};\n\n\tconst params = {\n\t\ttitle: 'Special:RunJobs',\n\t\tmaxjobs: n,\n\t\tmaxtime: Math.max(n * 10, 60),\n\t\tasync: '', // false\n\t\tstats: '1', // true\n\t\ttasks: '', // what does this mean?\n\t\tsigexpiry: Math.ceil(Date.now() / 1000 + 60 * 60) // one hour\n\t};\n\n\tparams.signature = sig(params);\n\n\tconst response = await supertest.agent(config.base_uri).post('index.php').type('form').send(params);\n\n\tassert.isDefined(response.body.reached, `Text: ${response.text}`);\n\n\tif (response.body.reached === 'none-ready') {\n\t\t// The backend reports that no more jobs are ready.\n\t\treturn 0;\n\t} else {\n\t\t// If response.body.jobs is empty, we may be hitting an infinite\n\t\t// loop here. That should not happen.\n\t\tassert.isNotEmpty(response.body.jobs);\n\n\t\t// There is no reliable way to get the current size of the job queue.\n\t\t// Just return some number to indicate that there is more work to be done.\n\t\treturn 100;\n\t}\n};\n\n/**\n * Returns a promise that will resolve when all jobs in the wiki's job queue\n * have been run.\n *\n * @return {Promise<void>}\n */\nconst runAllJobs = async () => {\n\tconst log = () => {}; // TODO: allow optional logging\n\n\twhile (true) {\n\t\tlog('Running jobs...');\n\t\tconst jobsRemaining = await runJobs(10);\n\n\t\tif (jobsRemaining) {\n\t\t\tlog(`Still ${jobsRemaining} in the queue.`);\n\t\t} else {\n\t\t\tbreak;\n\t\t}\n\t}\n};\n\nconst getSecretKey = () => {\n\treturn config.secret_key || null;\n};\n\nmodule.exports = {\n\trunAllJobs,\n\tgetSecretKey\n};\n","usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/package-lock.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/package.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/test/.eslintrc.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/test/Actionapi.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/test/ClientFactoryTest.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/test/Config.js","messages":[],"suppressedMessages":[{"ruleId":"node/no-unsupported-features/node-builtins","severity":2,"message":"The 'fs.promises' is not supported until Node.js 11.14.0 (backported: ^10.17.0). The configured version range is '>= 10.0.0'.","line":7,"column":13,"nodeType":"MemberExpression","messageId":"unsupported","endLine":7,"endColumn":24,"suppressions":[{"kind":"directive","justification":""}]}],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]}]

--- end ---
$ /usr/bin/npm ci --legacy-peer-deps
--- stderr ---
npm WARN deprecated flat@4.1.0: Fixed a prototype pollution security issue in 4.1.0, please upgrade to ^4.1.1 or ^5.0.1.
npm WARN deprecated debug@3.2.6: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated formidable@1.2.2: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated superagent@5.1.0: Please upgrade to v7.0.2+ of superagent.  We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing.  See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>.
--- stdout ---

added 356 packages, and audited 357 packages in 4s

60 packages are looking for funding
  run `npm fund` for details

17 vulnerabilities (3 moderate, 10 high, 4 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues possible (including breaking changes), run:
  npm audit fix --force

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.

--- end ---
$ /usr/bin/npm test
--- stderr ---
Error: Missing local config! Please create a .api-testing.config.json config
    at module.exports (/src/repo/lib/config.js:29:10)
    at Object.<anonymous> (/src/repo/lib/actionapi.js:6:35)
    at Module._compile (node:internal/modules/cjs/loader:1126:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1180:10)
    at Module.load (node:internal/modules/cjs/loader:1004:32)
    at Function.Module._load (node:internal/modules/cjs/loader:839:12)
    at Module.require (node:internal/modules/cjs/loader:1028:19)
    at require (node:internal/modules/cjs/helpers:102:18)
    at Object.<anonymous> (/src/repo/lib/action_clients.js:4:16)
    at Module._compile (node:internal/modules/cjs/loader:1126:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1180:10)
    at Module.load (node:internal/modules/cjs/loader:1004:32)
    at Function.Module._load (node:internal/modules/cjs/loader:839:12)
    at Module.require (node:internal/modules/cjs/loader:1028:19)
    at require (node:internal/modules/cjs/helpers:102:18)
    at Object.<anonymous> (/src/repo/index.js:4:10)
    at Module._compile (node:internal/modules/cjs/loader:1126:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1180:10)
    at Module.load (node:internal/modules/cjs/loader:1004:32)
    at Function.Module._load (node:internal/modules/cjs/loader:839:12)
    at Module.require (node:internal/modules/cjs/loader:1028:19)
    at require (node:internal/modules/cjs/helpers:102:18)
    at Object.<anonymous> (/src/repo/test/Actionapi.js:3:28)
    at Module._compile (node:internal/modules/cjs/loader:1126:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1180:10)
    at Module.load (node:internal/modules/cjs/loader:1004:32)
    at Function.Module._load (node:internal/modules/cjs/loader:839:12)
    at Module.require (node:internal/modules/cjs/loader:1028:19)
    at require (node:internal/modules/cjs/helpers:102:18)
    at requireOrImport (/src/repo/node_modules/mocha/lib/esm-utils.js:15:12)
    at Object.exports.loadFilesAsync (/src/repo/node_modules/mocha/lib/esm-utils.js:28:26)
    at Mocha.loadFilesAsync (/src/repo/node_modules/mocha/lib/mocha.js:386:19)
    at singleRun (/src/repo/node_modules/mocha/lib/cli/run-helpers.js:149:15)
    at exports.runMocha (/src/repo/node_modules/mocha/lib/cli/run-helpers.js:186:11)
    at Object.exports.handler (/src/repo/node_modules/mocha/lib/cli/run.js:319:11)
    at /src/repo/node_modules/yargs/lib/command.js:241:49
--- stdout ---

> api-testing@1.5.1 test
> npm run lint && mocha --parallel


> api-testing@1.5.1 lint
> eslint --cache .


/src/repo/lib/wiki.js
  24:15  warning  'params' is already declared in the upper scope on line 37 column 8  no-shadow

✖ 1 problem (0 errors, 1 warning)


--- end ---
Traceback (most recent call last):
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1400, in main
    libup.run(args.repo, args.output, args.branch)
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1338, in run
    self.npm_upgrade(plan)
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1049, in npm_upgrade
    self.npm_test()
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 287, in npm_test
    self.check_call(['npm', 'test'])
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/shell2.py", line 54, in check_call
    res.check_returncode()
  File "/usr/lib/python3.9/subprocess.py", line 460, in check_returncode
    raise CalledProcessError(self.returncode, self.args, self.stdout,
subprocess.CalledProcessError: Command '['/usr/bin/npm', 'test']' returned non-zero exit status 1.
Source code is licensed under the AGPL.