mediawiki/extensions/Kartographer (main)

sourcepatches
From f5ad8f125bfc3a58ee477776f0f40a73a78c560a Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sat, 15 May 2021 13:05:17 +0000
Subject: [PATCH] build: Updating websocket-extensions to 0.1.4

* https://npmjs.com/advisories/1710 (CVE-2020-7662)

Change-Id: I047ac99de0fe571164657c1add86ab73e9102c83
---
 lib/external/mapbox/style.css | 17 +++++++++++++++--
 package-lock.json             |  6 +++---
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/lib/external/mapbox/style.css b/lib/external/mapbox/style.css
index 2d90144..1385a40 100644
--- a/lib/external/mapbox/style.css
+++ b/lib/external/mapbox/style.css
@@ -12,8 +12,9 @@
 .leaflet-container *,
 .leaflet-container *:after,
 .leaflet-container *:before {
-  -moz-box-sizing:border-box;
-       box-sizing:border-box;
+  -webkit-box-sizing:border-box;
+     -moz-box-sizing:border-box;
+          box-sizing:border-box;
   }
 
 .leaflet-container h1,
@@ -210,6 +211,8 @@
 .leaflet-fade-anim .leaflet-popup {
 	opacity: 0;
 	-webkit-transition: opacity 0.2s linear;
+	   -moz-transition: opacity 0.2s linear;
+	     -o-transition: opacity 0.2s linear;
 	        transition: opacity 0.2s linear;
 	}
 .leaflet-fade-anim .leaflet-map-pane .leaflet-popup {
@@ -225,11 +228,15 @@
 	}
 .leaflet-zoom-anim .leaflet-zoom-animated {
 	-webkit-transition: -webkit-transform 0.25s cubic-bezier(0,0,0.25,1);
+	   -moz-transition:    -moz-transform 0.25s cubic-bezier(0,0,0.25,1);
+	     -o-transition:      -o-transform 0.25s cubic-bezier(0,0,0.25,1);
 	        transition:         transform 0.25s cubic-bezier(0,0,0.25,1);
 	}
 .leaflet-zoom-anim .leaflet-tile,
 .leaflet-pan-anim .leaflet-tile {
 	-webkit-transition: none;
+	   -moz-transition: none;
+	     -o-transition: none;
 	        transition: none;
 	}
 
@@ -672,6 +679,8 @@
   overflow:auto;
   opacity:1;
   -webkit-transition:opacity 150ms;
+     -moz-transition:opacity 150ms;
+       -o-transition:opacity 150ms;
           transition:opacity 150ms;
   }
 
@@ -730,11 +739,13 @@
 
 .mapbox-modal .mapbox-modal-content {
   -webkit-transform:translateY(-100%);
+     -moz-transform:translateY(-100%);
       -ms-transform:translateY(-100%);
           transform:translateY(-100%);
   }
   .mapbox-modal.active .mapbox-modal-content {
     -webkit-transform:translateY(0);
+       -moz-transform:translateY(0);
         -ms-transform:translateY(0);
             transform:translateY(0);
     }
@@ -793,6 +804,8 @@
   border-radius:0 3px 3px 0;
   opacity:0;
   -webkit-transition:opacity 100ms;
+     -moz-transition:opacity 100ms;
+       -o-transition:opacity 100ms;
           transition:opacity 100ms;
   }
 .leaflet-control-mapbox-geocoder.active .leaflet-control-mapbox-geocoder-wrap {
diff --git a/package-lock.json b/package-lock.json
index 1b3cf8f..9afa95a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6389,9 +6389,9 @@
 			}
 		},
 		"websocket-extensions": {
-			"version": "0.1.3",
-			"resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.3.tgz",
-			"integrity": "sha512-nqHUnMXmBzT0w570r2JpJxfiSD1IzoI+HGVdd3aZ0yNi3ngvQ4jv1dtHt5VGxfI2yj5yqImPhOK4vmIh2xMbGg==",
+			"version": "0.1.4",
+			"resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.4.tgz",
+			"integrity": "sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==",
 			"dev": true
 		},
 		"which": {
-- 
2.20.1

$ date
Sat May 15 13:02:49 UTC 2021

$ git clone file:///srv/git/mediawiki-extensions-Kartographer.git repo --depth=1 -b master
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/master
584e96129009b6b93625bfb621d5aea596189129 refs/heads/master

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: You are using an outdated version of Composer. Composer 2 is now available and you should upgrade. See https://getcomposer.org/2
Updating dependencies (including require-dev)
Package operations: 32 installs, 0 updates, 0 removals
  - Installing squizlabs/php_codesniffer (3.6.0): Loading from cache
  - Installing composer/spdx-licenses (1.5.5): Loading from cache
  - Installing composer/semver (3.2.4): Loading from cache
  - Installing mediawiki/mediawiki-codesniffer (v36.0.0): Loading from cache
  - Installing symfony/polyfill-php80 (v1.22.1): Loading from cache
  - Installing symfony/polyfill-mbstring (v1.22.1): Loading from cache
  - Installing symfony/polyfill-intl-normalizer (v1.22.1): Loading from cache
  - Installing symfony/polyfill-intl-grapheme (v1.22.1): Loading from cache
  - Installing symfony/polyfill-ctype (v1.22.1): Loading from cache
  - Installing symfony/string (v5.2.8): Loading from cache
  - Installing psr/container (1.1.1): Loading from cache
  - Installing symfony/service-contracts (v2.4.0): Loading from cache
  - Installing symfony/polyfill-php73 (v1.22.1): Loading from cache
  - Installing symfony/console (v5.2.8): Loading from cache
  - Installing psr/log (1.1.4): Loading from cache
  - Installing sabre/event (5.1.2): Loading from cache
  - Installing netresearch/jsonmapper (v2.1.0): Loading from cache
  - Installing microsoft/tolerant-php-parser (v0.0.23): Loading from cache
  - Installing phpdocumentor/reflection-common (2.2.0): Loading from cache
  - Installing webmozart/assert (1.10.0): Loading from cache
  - Installing phpdocumentor/type-resolver (1.4.0): Loading from cache
  - Installing phpdocumentor/reflection-docblock (5.2.2): Loading from cache
  - Installing felixfbecker/advanced-json-rpc (v3.2.0): Loading from cache
  - Installing composer/xdebug-handler (1.4.6): Loading from cache
  - Installing phan/phan (3.2.6): Loading from cache
  - Installing mediawiki/phan-taint-check-plugin (3.2.1): Loading from cache
  - Installing mediawiki/mediawiki-phan-config (0.10.6): Loading from cache
  - Installing mediawiki/minus-x (1.1.1): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.3.0): Loading from cache
  - Installing justinrainbow/json-schema (5.2.10): Loading from cache
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
phan/phan suggests installing ext-ast (Needed for parsing ASTs (unless --use-fallback-parser is used). 1.0.1+ is needed, 1.0.8+ is recommended.)
Writing lock file
Generating autoload files
12 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Attempting to npm audit fix
$ npm audit fix --only=dev

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon: 
> https://opencollective.com/core-js 
> https://www.patreon.com/zloirock 

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)

added 730 packages from 484 contributors in 23.426s

83 packages are looking for funding
  run `npm fund` for details

fixed 1 of 8 vulnerabilities in 739 scanned packages
  7 vulnerabilities required manual review and could not be updated

$ npm audit fix --only=dev
up to date in 3.166s

83 packages are looking for funding
  run `npm fund` for details

fixed 0 of 7 vulnerabilities in 739 scanned packages
  7 vulnerabilities required manual review and could not be updated

$ npm audit fix --only=dev
up to date in 3.439s

83 packages are looking for funding
  run `npm fund` for details

fixed 0 of 7 vulnerabilities in 739 scanned packages
  7 vulnerabilities required manual review and could not be updated

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

added 739 packages in 12.308s

$ npm test

> Kartographer@0.0.0 test /src/repo
> grunt test

Running "eslint:all" (eslint) task

/src/repo/Gruntfile.js
  98:90   warning  'err' is already declared in the upper scope on line 88 column 87      no-shadow
  98:95   warning  'stdout' is already declared in the upper scope on line 88 column 92   no-shadow
  98:103  warning  'stderr' is already declared in the upper scope on line 88 column 100  no-shadow
  99:11   warning  'ret' is already declared in the upper scope on line 91 column 8       no-shadow

/src/repo/modules/box/Map.js
   26:9   warning  'scale' is already declared in the upper scope on line 17 column 2         no-shadow
  153:4   warning  'map' is already declared in the upper scope on line 913 column 10         no-shadow
  316:0   warning  Tag @event must have a name/namepath                                       jsdoc/valid-types
  407:7   warning  'map' is already declared in the upper scope on line 913 column 10         no-shadow
  413:64  warning  'dataGroups' is already declared in the upper scope on line 406 column 28  no-shadow
  443:7   warning  'map' is already declared in the upper scope on line 913 column 10         no-shadow
  505:8   warning  'map' is already declared in the upper scope on line 913 column 10         no-shadow

/src/repo/modules/linkbox/Link.js
  129:84  warning  'map' is already declared in the upper scope on line 85 column 3  no-shadow

/src/repo/tests/phpunit/data/good-schemas/09-geometry-collection.json
  15:7  warning  This number literal will lose precision at runtime  no-loss-of-precision

✖ 13 problems (0 errors, 13 warnings)


Running "stylelint:all" (stylelint) task
>> Linted 12 files without errors

Running "banana:Kartographer" (banana) task
>> 3 message directories checked.

Running "svgmin:all" (svgmin) task
Total saved: 0 B

Running "libcheck" task
>> These library files were directly changed. Please change them upstream, instead:
>> lib/external/mapbox/style.css

Upgrading n:websocket-extensions from 0.1.3 -> 0.1.4
$ git add .

$ git commit -F /tmp/tmpethxd5op
[master f5ad8f1] build: Updating websocket-extensions to 0.1.4
 2 files changed, 18 insertions(+), 5 deletions(-)

$ git format-patch HEAD~1 --stdout
From f5ad8f125bfc3a58ee477776f0f40a73a78c560a Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sat, 15 May 2021 13:05:17 +0000
Subject: [PATCH] build: Updating websocket-extensions to 0.1.4

* https://npmjs.com/advisories/1710 (CVE-2020-7662)

Change-Id: I047ac99de0fe571164657c1add86ab73e9102c83
---
 lib/external/mapbox/style.css | 17 +++++++++++++++--
 package-lock.json             |  6 +++---
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/lib/external/mapbox/style.css b/lib/external/mapbox/style.css
index 2d90144..1385a40 100644
--- a/lib/external/mapbox/style.css
+++ b/lib/external/mapbox/style.css
@@ -12,8 +12,9 @@
 .leaflet-container *,
 .leaflet-container *:after,
 .leaflet-container *:before {
-  -moz-box-sizing:border-box;
-       box-sizing:border-box;
+  -webkit-box-sizing:border-box;
+     -moz-box-sizing:border-box;
+          box-sizing:border-box;
   }
 
 .leaflet-container h1,
@@ -210,6 +211,8 @@
 .leaflet-fade-anim .leaflet-popup {
 	opacity: 0;
 	-webkit-transition: opacity 0.2s linear;
+	   -moz-transition: opacity 0.2s linear;
+	     -o-transition: opacity 0.2s linear;
 	        transition: opacity 0.2s linear;
 	}
 .leaflet-fade-anim .leaflet-map-pane .leaflet-popup {
@@ -225,11 +228,15 @@
 	}
 .leaflet-zoom-anim .leaflet-zoom-animated {
 	-webkit-transition: -webkit-transform 0.25s cubic-bezier(0,0,0.25,1);
+	   -moz-transition:    -moz-transform 0.25s cubic-bezier(0,0,0.25,1);
+	     -o-transition:      -o-transform 0.25s cubic-bezier(0,0,0.25,1);
 	        transition:         transform 0.25s cubic-bezier(0,0,0.25,1);
 	}
 .leaflet-zoom-anim .leaflet-tile,
 .leaflet-pan-anim .leaflet-tile {
 	-webkit-transition: none;
+	   -moz-transition: none;
+	     -o-transition: none;
 	        transition: none;
 	}
 
@@ -672,6 +679,8 @@
   overflow:auto;
   opacity:1;
   -webkit-transition:opacity 150ms;
+     -moz-transition:opacity 150ms;
+       -o-transition:opacity 150ms;
           transition:opacity 150ms;
   }
 
@@ -730,11 +739,13 @@
 
 .mapbox-modal .mapbox-modal-content {
   -webkit-transform:translateY(-100%);
+     -moz-transform:translateY(-100%);
       -ms-transform:translateY(-100%);
           transform:translateY(-100%);
   }
   .mapbox-modal.active .mapbox-modal-content {
     -webkit-transform:translateY(0);
+       -moz-transform:translateY(0);
         -ms-transform:translateY(0);
             transform:translateY(0);
     }
@@ -793,6 +804,8 @@
   border-radius:0 3px 3px 0;
   opacity:0;
   -webkit-transition:opacity 100ms;
+     -moz-transition:opacity 100ms;
+       -o-transition:opacity 100ms;
           transition:opacity 100ms;
   }
 .leaflet-control-mapbox-geocoder.active .leaflet-control-mapbox-geocoder-wrap {
diff --git a/package-lock.json b/package-lock.json
index 1b3cf8f..9afa95a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -6389,9 +6389,9 @@
 			}
 		},
 		"websocket-extensions": {
-			"version": "0.1.3",
-			"resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.3.tgz",
-			"integrity": "sha512-nqHUnMXmBzT0w570r2JpJxfiSD1IzoI+HGVdd3aZ0yNi3ngvQ4jv1dtHt5VGxfI2yj5yqImPhOK4vmIh2xMbGg==",
+			"version": "0.1.4",
+			"resolved": "https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.4.tgz",
+			"integrity": "sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==",
 			"dev": true
 		},
 		"which": {
-- 
2.20.1

composer dependencies

Dependencies
Development dependencies

npm dependencies

Dependencies
Development dependencies

Logs

Source code is licensed under the AGPL.