mediawiki/extensions/EntitySchema (main)

sourcepatches
From 7bf688eda25fa7c26d20f9885676d5a1eb3b83a9 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sat, 19 Jun 2021 07:42:35 +0000
Subject: [PATCH] build: Updating postcss to 7.0.36

* https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I23c344e7072d74639f5fe34b51869c497d2a7ad1
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index dfdd8f3..40db6bb 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -7369,9 +7369,9 @@
 			"dev": true
 		},
 		"postcss": {
-			"version": "7.0.35",
-			"resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz",
-			"integrity": "sha512-3QT8bBJeX/S5zKTTjTCIjRF3If4avAT6kqxcASlTWEtAFCb9NH0OUxNDfgZSWdP5fJnBYCMEWkIFfWeugjzYMg==",
+			"version": "7.0.36",
+			"resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.36.tgz",
+			"integrity": "sha512-BebJSIUMwJHRH0HAQoxN4u1CN86glsrwsW0q7T+/m44eXOUAxSNdHRkNZPYz5vVUbg17hFgOQDE7fZk7li3pZw==",
 			"dev": true,
 			"requires": {
 				"chalk": "^2.4.2",
-- 
2.20.1

$ date
Sat Jun 19 07:40:26 UTC 2021

$ git clone file:///srv/git/mediawiki-extensions-EntitySchema.git repo --depth=1 -b master
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/master
da6e9705290cf2196109c952e827a72585afac34 refs/heads/master

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 is deprecated and some packages will not be available. You should upgrade to Composer 2. See https://blog.packagist.com/deprecating-composer-1-support/
Updating dependencies (including require-dev)
Package operations: 33 installs, 0 updates, 0 removals
  - Installing squizlabs/php_codesniffer (3.6.0): Loading from cache
  - Installing composer/spdx-licenses (1.5.5): Loading from cache
  - Installing composer/semver (3.2.5): Loading from cache
  - Installing mediawiki/mediawiki-codesniffer (v36.0.0): Loading from cache
  - Installing symfony/polyfill-php80 (v1.23.0): Loading from cache
  - Installing symfony/polyfill-mbstring (v1.23.0): Loading from cache
  - Installing symfony/polyfill-intl-normalizer (v1.23.0): Loading from cache
  - Installing symfony/polyfill-intl-grapheme (v1.23.0): Loading from cache
  - Installing symfony/polyfill-ctype (v1.23.0): Loading from cache
  - Installing symfony/string (v5.3.2): Loading from cache
  - Installing psr/container (1.1.1): Loading from cache
  - Installing symfony/service-contracts (v2.4.0): Loading from cache
  - Installing symfony/polyfill-php73 (v1.23.0): Loading from cache
  - Installing symfony/deprecation-contracts (v2.4.0): Loading from cache
  - Installing symfony/console (v5.3.2): Loading from cache
  - Installing psr/log (1.1.4): Loading from cache
  - Installing sabre/event (5.1.2): Loading from cache
  - Installing netresearch/jsonmapper (v3.1.1): Loading from cache
  - Installing microsoft/tolerant-php-parser (v0.0.23): Loading from cache
  - Installing phpdocumentor/reflection-common (2.2.0): Loading from cache
  - Installing webmozart/assert (1.10.0): Loading from cache
  - Installing phpdocumentor/type-resolver (1.4.0): Loading from cache
  - Installing phpdocumentor/reflection-docblock (5.2.2): Loading from cache
  - Installing felixfbecker/advanced-json-rpc (v3.2.1): Loading from cache
  - Installing composer/xdebug-handler (1.4.6): Loading from cache
  - Installing phan/phan (3.2.6): Loading from cache
  - Installing mediawiki/phan-taint-check-plugin (3.2.1): Loading from cache
  - Installing mediawiki/mediawiki-phan-config (0.10.6): Loading from cache
  - Installing mediawiki/minus-x (1.1.1): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.3.0): Loading from cache
  - Installing diff/diff (3.2.0): Loading from cache
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
phan/phan suggests installing ext-ast (Needed for parsing ASTs (unless --use-fallback-parser is used). 1.0.1+ is needed, 1.0.8+ is recommended.)
Writing lock file
Generating autoload files
13 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Attempting to npm audit fix
$ npm audit fix --only=dev

> fibers@5.0.0 install /src/repo/node_modules/fibers
> node build.js || nodejs build.js

make: Entering directory '/src/repo/node_modules/fibers/build'
  CXX(target) Release/obj.target/fibers/src/fibers.o
../src/fibers.cc: In function ‘void uni::SetAccessor(v8::Isolate*, v8::Local<v8::Object>, v8::Local<v8::String>, uni::FunctionType (*)(v8::Local<v8::String>, const GetterCallbackInfo&), void (*)(v8::Local<v8::String>, v8::Local<v8::Value>, const SetterCallbackInfo&))’:
../src/fibers.cc:355:87: warning: cast between incompatible function types from ‘uni::FunctionType (*)(v8::Local<v8::String>, const GetterCallbackInfo&)’ {aka ‘void (*)(v8::Local<v8::String>, const v8::PropertyCallbackInfo<v8::Value>&)’} to ‘v8::AccessorNameGetterCallback’ {aka ‘void (*)(v8::Local<v8::Name>, const v8::PropertyCallbackInfo<v8::Value>&)’} [-Wcast-function-type]
   object->SetAccessor(isolate->GetCurrentContext(), name, (AccessorNameGetterCallback)getter, (AccessorNameSetterCallback)setter).ToChecked();
                                                                                       ^~~~~~
../src/fibers.cc:355:123: warning: cast between incompatible function types from ‘void (*)(v8::Local<v8::String>, v8::Local<v8::Value>, const SetterCallbackInfo&)’ {aka ‘void (*)(v8::Local<v8::String>, v8::Local<v8::Value>, const v8::PropertyCallbackInfo<void>&)’} to ‘v8::AccessorNameSetterCallback’ {aka ‘void (*)(v8::Local<v8::Name>, v8::Local<v8::Value>, const v8::PropertyCallbackInfo<void>&)’} [-Wcast-function-type]
   object->SetAccessor(isolate->GetCurrentContext(), name, (AccessorNameGetterCallback)getter, (AccessorNameSetterCallback)setter).ToChecked();
                                                                                                                           ^~~~~~
In file included from ../src/coroutine.h:1,
                 from ../src/fibers.cc:1:
../src/fibers.cc: At global scope:
/cache/node-gyp/10.24.0/include/node/node.h:573:43: warning: cast between incompatible function types from ‘void (*)(v8::Local<v8::Object>)’ to ‘node::addon_register_func’ {aka ‘void (*)(v8::Local<v8::Object>, v8::Local<v8::Value>, void*)’} [-Wcast-function-type]
       (node::addon_register_func) (regfunc),                          \
                                           ^
/cache/node-gyp/10.24.0/include/node/node.h:607:3: note: in expansion of macro ‘NODE_MODULE_X’
   NODE_MODULE_X(modname, regfunc, NULL, 0)  // NOLINT (readability/null_usage)
   ^~~~~~~~~~~~~
../src/fibers.cc:930:1: note: in expansion of macro ‘NODE_MODULE’
 NODE_MODULE(fibers, init)
 ^~~~~~~~~~~
  CXX(target) Release/obj.target/fibers/src/coroutine.o
  CC(target) Release/obj.target/fibers/src/libcoro/coro.o
  SOLINK_MODULE(target) Release/obj.target/fibers.node
  COPY Release/fibers.node
make: Leaving directory '/src/repo/node_modules/fibers/build'
Installed in `/src/repo/node_modules/fibers/bin/linux-x64-64-glibc/fibers.node`

> husky@1.3.1 install /src/repo/node_modules/husky
> node husky install

husky > setting up git hooks
skipping existing user hook: commit-msg
husky > done

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon: 
> https://opencollective.com/core-js 
> https://www.patreon.com/zloirock 

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)


> core-js-pure@3.14.0 postinstall /src/repo/node_modules/core-js-pure
> node -e "try{require('./postinstall')}catch(e){}"

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

added 1117 packages from 760 contributors in 58.4s

105 packages are looking for funding
  run `npm fund` for details

fixed 7 of 8 vulnerabilities in 1119 scanned packages
  1 package update for 1 vulnerability involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ npm audit fix --only=dev
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

up to date in 5.217s

105 packages are looking for funding
  run `npm fund` for details

fixed 0 of 1 vulnerability in 1119 scanned packages
  1 package update for 1 vulnerability involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ npm audit fix --only=dev
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

up to date in 5.044s

105 packages are looking for funding
  run `npm fund` for details

fixed 0 of 1 vulnerability in 1119 scanned packages
  1 package update for 1 vulnerability involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

$ package-lock-lint package-lock.json
0 issues found in: package-lock.json

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation

> core-js-pure@3.14.0 postinstall /src/repo/node_modules/core-js-pure
> node -e "try{require('./postinstall')}catch(e){}"


> husky@1.3.1 install /src/repo/node_modules/husky
> node husky install

husky > setting up git hooks
skipping existing user hook: commit-msg
husky > done

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"


> fibers@5.0.0 install /src/repo/node_modules/fibers
> node build.js || nodejs build.js

make: Entering directory '/src/repo/node_modules/fibers/build'
  CXX(target) Release/obj.target/fibers/src/fibers.o
../src/fibers.cc: In function ‘void uni::SetAccessor(v8::Isolate*, v8::Local<v8::Object>, v8::Local<v8::String>, uni::FunctionType (*)(v8::Local<v8::String>, const GetterCallbackInfo&), void (*)(v8::Local<v8::String>, v8::Local<v8::Value>, const SetterCallbackInfo&))’:
../src/fibers.cc:355:87: warning: cast between incompatible function types from ‘uni::FunctionType (*)(v8::Local<v8::String>, const GetterCallbackInfo&)’ {aka ‘void (*)(v8::Local<v8::String>, const v8::PropertyCallbackInfo<v8::Value>&)’} to ‘v8::AccessorNameGetterCallback’ {aka ‘void (*)(v8::Local<v8::Name>, const v8::PropertyCallbackInfo<v8::Value>&)’} [-Wcast-function-type]
   object->SetAccessor(isolate->GetCurrentContext(), name, (AccessorNameGetterCallback)getter, (AccessorNameSetterCallback)setter).ToChecked();
                                                                                       ^~~~~~
../src/fibers.cc:355:123: warning: cast between incompatible function types from ‘void (*)(v8::Local<v8::String>, v8::Local<v8::Value>, const SetterCallbackInfo&)’ {aka ‘void (*)(v8::Local<v8::String>, v8::Local<v8::Value>, const v8::PropertyCallbackInfo<void>&)’} to ‘v8::AccessorNameSetterCallback’ {aka ‘void (*)(v8::Local<v8::Name>, v8::Local<v8::Value>, const v8::PropertyCallbackInfo<void>&)’} [-Wcast-function-type]
   object->SetAccessor(isolate->GetCurrentContext(), name, (AccessorNameGetterCallback)getter, (AccessorNameSetterCallback)setter).ToChecked();
                                                                                                                           ^~~~~~
In file included from ../src/coroutine.h:1,
                 from ../src/fibers.cc:1:
../src/fibers.cc: At global scope:
/cache/node-gyp/10.24.0/include/node/node.h:573:43: warning: cast between incompatible function types from ‘void (*)(v8::Local<v8::Object>)’ to ‘node::addon_register_func’ {aka ‘void (*)(v8::Local<v8::Object>, v8::Local<v8::Value>, void*)’} [-Wcast-function-type]
       (node::addon_register_func) (regfunc),                          \
                                           ^
/cache/node-gyp/10.24.0/include/node/node.h:607:3: note: in expansion of macro ‘NODE_MODULE_X’
   NODE_MODULE_X(modname, regfunc, NULL, 0)  // NOLINT (readability/null_usage)
   ^~~~~~~~~~~~~
../src/fibers.cc:930:1: note: in expansion of macro ‘NODE_MODULE’
 NODE_MODULE(fibers, init)
 ^~~~~~~~~~~
  CXX(target) Release/obj.target/fibers/src/coroutine.o
  CC(target) Release/obj.target/fibers/src/libcoro/coro.o
  SOLINK_MODULE(target) Release/obj.target/fibers.node
  COPY Release/fibers.node
make: Leaving directory '/src/repo/node_modules/fibers/build'
Installed in `/src/repo/node_modules/fibers/bin/linux-x64-64-glibc/fibers.node`
added 1118 packages in 21.962s

$ npm test

> @ test /src/repo
> grunt test

Running "eslint:all" (eslint) task

/src/repo/resources/special.newSchema.js
  24:1  warning  This line has a length of 105. Maximum allowed is 100  max-len

/src/repo/resources/special.setSchemaLabelDescriptionAliases.edit.js
  22:1  warning  This line has a length of 105. Maximum allowed is 100  max-len

✖ 2 problems (0 errors, 2 warnings)


Running "stylelint:all" (stylelint) task
>> Linted 1 files without errors

Running "banana:EntitySchema" (banana) task
>> 1 message directory checked.

Done.

Upgrading n:postcss from 7.0.35 -> 7.0.36
$ package-lock-lint package-lock.json
0 issues found in: package-lock.json

$ git add .

$ git commit -F /tmp/tmpos477xrw
husky > pre-commit (node v10.24.0)
Stashing changes... [started]
Stashing changes... [skipped]
→ No partially staged files found...
Running linters... [started]
Running tasks for *.js [started]
Running tasks for *.php [started]
Running tasks for *.json [started]
Running tasks for *.{css,scss,less} [started]
Running tasks for *.js [skipped]
→ No staged files match *.js
Running tasks for *.php [skipped]
→ No staged files match *.php
Running tasks for *.{css,scss,less} [skipped]
→ No staged files match *.{css,scss,less}
eslint --fix [started]
eslint --fix [completed]
Running tasks for *.json [completed]
Running linters... [completed]
[master 7bf688e] build: Updating postcss to 7.0.36
 1 file changed, 3 insertions(+), 3 deletions(-)

$ git format-patch HEAD~1 --stdout
From 7bf688eda25fa7c26d20f9885676d5a1eb3b83a9 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sat, 19 Jun 2021 07:42:35 +0000
Subject: [PATCH] build: Updating postcss to 7.0.36

* https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I23c344e7072d74639f5fe34b51869c497d2a7ad1
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index dfdd8f3..40db6bb 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -7369,9 +7369,9 @@
 			"dev": true
 		},
 		"postcss": {
-			"version": "7.0.35",
-			"resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz",
-			"integrity": "sha512-3QT8bBJeX/S5zKTTjTCIjRF3If4avAT6kqxcASlTWEtAFCb9NH0OUxNDfgZSWdP5fJnBYCMEWkIFfWeugjzYMg==",
+			"version": "7.0.36",
+			"resolved": "https://registry.npmjs.org/postcss/-/postcss-7.0.36.tgz",
+			"integrity": "sha512-BebJSIUMwJHRH0HAQoxN4u1CN86glsrwsW0q7T+/m44eXOUAxSNdHRkNZPYz5vVUbg17hFgOQDE7fZk7li3pZw==",
 			"dev": true,
 			"requires": {
 				"chalk": "^2.4.2",
-- 
2.20.1

composer dependencies

Dependencies
Development dependencies

npm dependencies

Development dependencies

Logs

Source code is licensed under the AGPL.