mediawiki/extensions/OpenIDConnect (master)

sourcepatches
From 05b63c1b95a60ebd06612e3ba778e474c1618239 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Fri, 7 May 2021 16:58:12 +0000
Subject: [PATCH] build: Updating dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

composer:
* mediawiki/mediawiki-codesniffer: 35.0.0 → 36.0.0
* php-parallel-lint/php-parallel-lint: 1.2.0 → 1.3.0

npm:
* lodash: 4.17.20 → 4.17.21
  * https://npmjs.com/advisories/1673 (CVE-2021-23337)

Change-Id: I5688cd43b4e7798090d569a071600bdd3b76d598
---
 composer.json                                            | 4 ++--
 maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php | 2 +-
 package-lock.json                                        | 6 +++---
 src/OpenIDConnect.php                                    | 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/composer.json b/composer.json
index 7634bca..d9e2738 100644
--- a/composer.json
+++ b/composer.json
@@ -14,10 +14,10 @@
 		"composer/installers": "~1.0"
 	},
 	"require-dev": {
-		"mediawiki/mediawiki-codesniffer": "35.0.0",
+		"mediawiki/mediawiki-codesniffer": "36.0.0",
 		"mediawiki/minus-x": "1.1.1",
 		"php-parallel-lint/php-console-highlighter": "0.5.0",
-		"php-parallel-lint/php-parallel-lint": "1.2.0"
+		"php-parallel-lint/php-parallel-lint": "1.3.0"
 	},
 	"scripts": {
 		"test": [
diff --git a/maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php b/maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php
index d7b77b9..5fd78d1 100644
--- a/maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php
+++ b/maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php
@@ -51,7 +51,7 @@ class MigrateOIDCSubjectAndIssuerFromUserTable extends LoggedUpdateMaintenance {
 	 * @inheritDoc
 	 */
 	public function doDBUpdates() {
-		$dbw = $this->getDB( DB_MASTER );
+		$dbw = $this->getDB( DB_PRIMARY );
 
 		if ( !$dbw->fieldExists(
 			'user',
diff --git a/package-lock.json b/package-lock.json
index d68e798..f56a318 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1973,9 +1973,9 @@
 			}
 		},
 		"lodash": {
-			"version": "4.17.20",
-			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz",
-			"integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==",
+			"version": "4.17.21",
+			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+			"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
 			"dev": true
 		},
 		"lodash.memoize": {
diff --git a/src/OpenIDConnect.php b/src/OpenIDConnect.php
index 58a6d27..5063bfb 100644
--- a/src/OpenIDConnect.php
+++ b/src/OpenIDConnect.php
@@ -280,7 +280,7 @@ class OpenIDConnect extends PluggableAuth {
 			$authManager->removeAuthenticationSessionData(
 				self::OIDC_ISSUER_SESSION_KEY );
 		}
-		$dbw = wfGetDB( DB_MASTER );
+		$dbw = wfGetDB( DB_PRIMARY );
 		$dbw->upsert(
 			'openid_connect',
 			[
-- 
2.20.1

$ date
Fri May  7 16:57:29 UTC 2021

$ git clone file:///srv/git/mediawiki-extensions-OpenIDConnect.git repo --depth=1 -b master
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/master
a6dca590d9d337ba4bb78fba15e8b4d6893cbc60 refs/heads/master

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: You are using an outdated version of Composer. Composer 2 is now available and you should upgrade. See https://getcomposer.org/2
Updating dependencies (including require-dev)
Package operations: 21 installs, 0 updates, 0 removals
  - Installing composer/installers (v1.11.0): Loading from cache
  - Installing phpseclib/phpseclib (2.0.31): Loading from cache
  - Installing jumbojett/openid-connect-php (v0.9.1): Loading from cache
  - Installing squizlabs/php_codesniffer (3.5.8): Loading from cache
  - Installing composer/spdx-licenses (1.5.5): Loading from cache
  - Installing composer/semver (3.2.4): Loading from cache
  - Installing mediawiki/mediawiki-codesniffer (v35.0.0): Loading from cache
  - Installing symfony/polyfill-php80 (v1.22.1): Loading from cache
  - Installing symfony/polyfill-mbstring (v1.22.1): Loading from cache
  - Installing symfony/polyfill-intl-normalizer (v1.22.1): Loading from cache
  - Installing symfony/polyfill-intl-grapheme (v1.22.1): Loading from cache
  - Installing symfony/polyfill-ctype (v1.22.1): Loading from cache
  - Installing symfony/string (v5.2.6): Loading from cache
  - Installing psr/container (1.1.1): Loading from cache
  - Installing symfony/service-contracts (v2.4.0): Loading from cache
  - Installing symfony/polyfill-php73 (v1.22.1): Loading from cache
  - Installing symfony/console (v5.2.7): Loading from cache
  - Installing mediawiki/minus-x (1.1.1): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.2.0): Loading from cache
phpseclib/phpseclib suggests installing ext-libsodium (SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.)
phpseclib/phpseclib suggests installing ext-mcrypt (Install the Mcrypt extension in order to speed up a few other cryptographic operations.)
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
symfony/console suggests installing psr/log (For using the console logger)
Writing lock file
Generating autoload files
13 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Upgrading c:mediawiki/mediawiki-codesniffer from 35.0.0 -> 36.0.0
Upgrading c:php-parallel-lint/php-parallel-lint from 1.2.0 -> 1.3.0
$ composer update
Loading composer repositories with package information
Warning from https://repo.packagist.org: You are using an outdated version of Composer. Composer 2 is now available and you should upgrade. See https://getcomposer.org/2
Updating dependencies (including require-dev)
Package operations: 0 installs, 3 updates, 0 removals
  - Updating squizlabs/php_codesniffer (3.5.8 => 3.6.0): Loading from cache
  - Updating mediawiki/mediawiki-codesniffer (v35.0.0 => v36.0.0): Loading from cache
  - Updating php-parallel-lint/php-parallel-lint (v1.2.0 => v1.3.0): Loading from cache
Writing lock file
Generating autoload files
13 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

{'MediaWiki.Commenting.FunctionComment.MissingDocumentationPrivate', 'PSR12.Properties.ConstantVisibility.NotFound', 'MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationPrivate'}
Tests fail!
$ vendor/bin/phpcbf

PHPCBF RESULT SUMMARY
----------------------------------------------------------------------
FILE                                                  FIXED  REMAINING
----------------------------------------------------------------------
...ance/MigrateOIDCSubjectAndIssuerFromUserTable.php  1      0
/src/repo/src/OpenIDConnect.php                       1      10
----------------------------------------------------------------------
A TOTAL OF 2 ERRORS WERE FIXED IN 2 FILES
----------------------------------------------------------------------

Time: 251ms; Memory: 14MB



$ git checkout .phpcs.xml

$ composer install
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Nothing to install or update
Generating autoload files
13 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

$ composer test
> parallel-lint . --exclude vendor --exclude node_modules
PHP 7.3.27 | 10 parallel jobs
....                                                         4/4 (100 %)


Checked 4 files in 0 seconds
No syntax error found
> phpcs -p -s
.... 4 / 4 (100%)


Time: 131ms; Memory: 10MB

> minus-x check .
MinusX
======
Processing /src/repo...
.............................................
All good!

Attempting to npm audit fix
$ npm audit fix --only=dev

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon: 
> https://opencollective.com/core-js 
> https://www.patreon.com/zloirock 

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)

added 340 packages from 242 contributors in 11.824s

23 packages are looking for funding
  run `npm fund` for details

fixed 8 of 8 vulnerabilities in 340 scanned packages

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

added 340 packages in 5.973s

$ npm test

> @ test /src/repo
> grunt test

Running "eslint:all" (eslint) task

Running "banana:all" (banana) task
>> 1 message directory checked.

Done.

Upgrading n:lodash from 4.17.20 -> 4.17.21
$ git add .

$ git commit -F /tmp/tmpawlam4ew
[master 05b63c1] build: Updating dependencies
 4 files changed, 7 insertions(+), 7 deletions(-)

$ git format-patch HEAD~1 --stdout
From 05b63c1b95a60ebd06612e3ba778e474c1618239 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Fri, 7 May 2021 16:58:12 +0000
Subject: [PATCH] build: Updating dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

composer:
* mediawiki/mediawiki-codesniffer: 35.0.0 → 36.0.0
* php-parallel-lint/php-parallel-lint: 1.2.0 → 1.3.0

npm:
* lodash: 4.17.20 → 4.17.21
  * https://npmjs.com/advisories/1673 (CVE-2021-23337)

Change-Id: I5688cd43b4e7798090d569a071600bdd3b76d598
---
 composer.json                                            | 4 ++--
 maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php | 2 +-
 package-lock.json                                        | 6 +++---
 src/OpenIDConnect.php                                    | 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/composer.json b/composer.json
index 7634bca..d9e2738 100644
--- a/composer.json
+++ b/composer.json
@@ -14,10 +14,10 @@
 		"composer/installers": "~1.0"
 	},
 	"require-dev": {
-		"mediawiki/mediawiki-codesniffer": "35.0.0",
+		"mediawiki/mediawiki-codesniffer": "36.0.0",
 		"mediawiki/minus-x": "1.1.1",
 		"php-parallel-lint/php-console-highlighter": "0.5.0",
-		"php-parallel-lint/php-parallel-lint": "1.2.0"
+		"php-parallel-lint/php-parallel-lint": "1.3.0"
 	},
 	"scripts": {
 		"test": [
diff --git a/maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php b/maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php
index d7b77b9..5fd78d1 100644
--- a/maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php
+++ b/maintenance/MigrateOIDCSubjectAndIssuerFromUserTable.php
@@ -51,7 +51,7 @@ class MigrateOIDCSubjectAndIssuerFromUserTable extends LoggedUpdateMaintenance {
 	 * @inheritDoc
 	 */
 	public function doDBUpdates() {
-		$dbw = $this->getDB( DB_MASTER );
+		$dbw = $this->getDB( DB_PRIMARY );
 
 		if ( !$dbw->fieldExists(
 			'user',
diff --git a/package-lock.json b/package-lock.json
index d68e798..f56a318 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1973,9 +1973,9 @@
 			}
 		},
 		"lodash": {
-			"version": "4.17.20",
-			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz",
-			"integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==",
+			"version": "4.17.21",
+			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+			"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
 			"dev": true
 		},
 		"lodash.memoize": {
diff --git a/src/OpenIDConnect.php b/src/OpenIDConnect.php
index 58a6d27..5063bfb 100644
--- a/src/OpenIDConnect.php
+++ b/src/OpenIDConnect.php
@@ -280,7 +280,7 @@ class OpenIDConnect extends PluggableAuth {
 			$authManager->removeAuthenticationSessionData(
 				self::OIDC_ISSUER_SESSION_KEY );
 		}
-		$dbw = wfGetDB( DB_MASTER );
+		$dbw = wfGetDB( DB_PRIMARY );
 		$dbw->upsert(
 			'openid_connect',
 			[
-- 
2.20.1

composer dependencies

Dependencies
Development dependencies

npm dependencies

Development dependencies

Logs

Source code is licensed under the AGPL.