mediawiki/extensions/WikiToLDAP (REL1_36)

sourcepatches
From b7e6919028df66b50a7d9ccf8d13f03607693358 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Thu, 10 Jun 2021 22:14:10 +0000
Subject: [PATCH] build: Updating npm dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* glob-parent: 5.1.0 → 5.1.2
  * https://npmjs.com/advisories/1751 (CVE-2020-28469)
* trim-newlines: 3.0.0 → 3.0.1
  * https://npmjs.com/advisories/1753 (CVE-2021-33623)

Additional changes:
* Changed package-lock.json dependencies to use HTTPS

Change-Id: I255a2ee20ba70011f9663dcf0024e9269c63d684
---
 package-lock.json | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 585269d..b5bb8c9 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1854,9 +1854,9 @@
 			}
 		},
 		"glob-parent": {
-			"version": "5.1.0",
-			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.0.tgz",
-			"integrity": "sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==",
+			"version": "5.1.2",
+			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+			"integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
 			"dev": true,
 			"requires": {
 				"is-glob": "^4.0.1"
@@ -3253,7 +3253,7 @@
 		},
 		"path-is-absolute": {
 			"version": "1.0.1",
-			"resolved": "http://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
+			"resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
 			"integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=",
 			"dev": true
 		},
@@ -3802,7 +3802,7 @@
 		},
 		"sprintf-js": {
 			"version": "1.0.3",
-			"resolved": "http://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
+			"resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
 			"integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=",
 			"dev": true
 		},
@@ -4247,9 +4247,9 @@
 			}
 		},
 		"trim-newlines": {
-			"version": "3.0.0",
-			"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.0.tgz",
-			"integrity": "sha512-C4+gOpvmxaSMKuEf9Qc134F1ZuOHVXKRbtEflf4NTtuuJDEIJ9p5PXsalL8SkeRw+qit1Mo+yuvMPAKwWg/1hA==",
+			"version": "3.0.1",
+			"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.1.tgz",
+			"integrity": "sha512-c1PTsA3tYrIsLGkJkzHF+w9F2EyxfXGo4UyJc4pFL++FMjnq0HJS69T3M7d//gKrFKwy429bouPescbjecU+Zw==",
 			"dev": true
 		},
 		"trough": {
-- 
2.20.1

$ date
Thu Jun 10 22:13:14 UTC 2021

$ git clone file:///srv/git/mediawiki-extensions-WikiToLDAP.git repo --depth=1 -b REL1_36
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/REL1_36
d6803519581b411a9370a8e025fec7f26d7c5cfe refs/heads/REL1_36

$ composer install
Loading composer repositories with package information
Warning from https://repo.packagist.org: Support for Composer 1 is deprecated and some packages will not be available. You should upgrade to Composer 2. See https://blog.packagist.com/deprecating-composer-1-support/
Updating dependencies (including require-dev)
Package operations: 32 installs, 0 updates, 0 removals
  - Installing squizlabs/php_codesniffer (3.5.8): Loading from cache
  - Installing composer/spdx-licenses (1.5.5): Loading from cache
  - Installing composer/semver (3.2.5): Loading from cache
  - Installing mediawiki/mediawiki-codesniffer (v35.0.0): Loading from cache
  - Installing symfony/polyfill-php80 (v1.23.0): Loading from cache
  - Installing symfony/polyfill-mbstring (v1.23.0): Loading from cache
  - Installing symfony/polyfill-intl-normalizer (v1.23.0): Loading from cache
  - Installing symfony/polyfill-intl-grapheme (v1.23.0): Loading from cache
  - Installing symfony/polyfill-ctype (v1.23.0): Loading from cache
  - Installing symfony/string (v5.3.0): Loading from cache
  - Installing psr/container (1.1.1): Loading from cache
  - Installing symfony/service-contracts (v2.4.0): Loading from cache
  - Installing symfony/polyfill-php73 (v1.23.0): Loading from cache
  - Installing symfony/deprecation-contracts (v2.4.0): Loading from cache
  - Installing symfony/console (v5.3.0): Loading from cache
  - Installing psr/log (1.1.4): Loading from cache
  - Installing sabre/event (5.1.2): Loading from cache
  - Installing netresearch/jsonmapper (v2.1.0): Loading from cache
  - Installing microsoft/tolerant-php-parser (v0.0.23): Loading from cache
  - Installing phpdocumentor/reflection-common (2.2.0): Loading from cache
  - Installing webmozart/assert (1.10.0): Loading from cache
  - Installing phpdocumentor/type-resolver (1.4.0): Loading from cache
  - Installing phpdocumentor/reflection-docblock (5.2.2): Loading from cache
  - Installing felixfbecker/advanced-json-rpc (v3.2.0): Loading from cache
  - Installing composer/xdebug-handler (1.4.6): Loading from cache
  - Installing phan/phan (3.2.6): Loading from cache
  - Installing mediawiki/phan-taint-check-plugin (3.2.1): Loading from cache
  - Installing mediawiki/mediawiki-phan-config (0.10.6): Loading from cache
  - Installing mediawiki/minus-x (1.1.0): Loading from cache
  - Installing php-parallel-lint/php-console-color (v0.3): Loading from cache
  - Installing php-parallel-lint/php-console-highlighter (v0.5): Loading from cache
  - Installing php-parallel-lint/php-parallel-lint (v1.2.0): Loading from cache
symfony/service-contracts suggests installing symfony/service-implementation
symfony/console suggests installing symfony/event-dispatcher
symfony/console suggests installing symfony/lock
symfony/console suggests installing symfony/process
phan/phan suggests installing ext-ast (Needed for parsing ASTs (unless --use-fallback-parser is used). 1.0.1+ is needed, 1.0.8+ is recommended.)
Writing lock file
Generating autoload files
13 packages you are using are looking for funding.
Use the `composer fund` command to find out more!

Attempting to npm audit fix
$ npm audit fix --only=dev
added 529 packages from 326 contributors in 11.055s

72 packages are looking for funding
  run `npm fund` for details

fixed 5 of 12 vulnerabilities in 529 scanned packages
  7 vulnerabilities required manual review and could not be updated

$ npm audit fix --only=dev
npm WARN eslint-plugin-vue@6.2.2 requires a peer of eslint@^5.0.0 || ^6.0.0 but none is installed. You must install peer dependencies yourself.

up to date in 7.439s

72 packages are looking for funding
  run `npm fund` for details

fixed 0 of 7 vulnerabilities in 529 scanned packages
  7 vulnerabilities required manual review and could not be updated

$ npm audit fix --only=dev
npm WARN eslint-plugin-vue@6.2.2 requires a peer of eslint@^5.0.0 || ^6.0.0 but none is installed. You must install peer dependencies yourself.

up to date in 2.597s

72 packages are looking for funding
  run `npm fund` for details

fixed 0 of 7 vulnerabilities in 529 scanned packages
  7 vulnerabilities required manual review and could not be updated

$ package-lock-lint package-lock.json
0 issues found in: package-lock.json

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation
added 529 packages in 6.817s

$ npm test

> @ test /src/repo
> grunt test

Running "eslint:all" (eslint) task

/src/repo/resources/init.js
   1:1   warning  Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible  no-jquery/no-global-selector
   1:4   warning  Strings must use singlequote                                                        quotes
   3:2   warning  Combine this with the previous 'var' statement                                      one-var
   3:28  warning  Strings must use singlequote                                                        quotes
   4:2   warning  Combine this with the previous 'var' statement                                      one-var
   4:28  warning  Strings must use singlequote                                                        quotes
  10:2   warning  Combine this with the previous 'var' statement                                      one-var
  10:2   warning  All 'var' declarations must be at the top of the function scope                     vars-on-top
  14:38  warning  'data' is defined but never used                                                    no-unused-vars

✖ 9 problems (0 errors, 9 warnings)
  0 errors and 5 warnings potentially fixable with the `--fix` option.


Running "stylelint:all" (stylelint) task
>> Linted 0 files without errors

Done.

Upgrading n:glob-parent from 5.1.0 -> 5.1.2
Upgrading n:trim-newlines from 3.0.0 -> 3.0.1
$ package-lock-lint package-lock.json
0 issues found in: package-lock.json

$ git add .

$ git commit -F /tmp/tmphg7glvtw
[REL1_36 b7e6919] build: Updating npm dependencies
 1 file changed, 8 insertions(+), 8 deletions(-)

$ git format-patch HEAD~1 --stdout
From b7e6919028df66b50a7d9ccf8d13f03607693358 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Thu, 10 Jun 2021 22:14:10 +0000
Subject: [PATCH] build: Updating npm dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* glob-parent: 5.1.0 → 5.1.2
  * https://npmjs.com/advisories/1751 (CVE-2020-28469)
* trim-newlines: 3.0.0 → 3.0.1
  * https://npmjs.com/advisories/1753 (CVE-2021-33623)

Additional changes:
* Changed package-lock.json dependencies to use HTTPS

Change-Id: I255a2ee20ba70011f9663dcf0024e9269c63d684
---
 package-lock.json | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 585269d..b5bb8c9 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1854,9 +1854,9 @@
 			}
 		},
 		"glob-parent": {
-			"version": "5.1.0",
-			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.0.tgz",
-			"integrity": "sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==",
+			"version": "5.1.2",
+			"resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+			"integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
 			"dev": true,
 			"requires": {
 				"is-glob": "^4.0.1"
@@ -3253,7 +3253,7 @@
 		},
 		"path-is-absolute": {
 			"version": "1.0.1",
-			"resolved": "http://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
+			"resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
 			"integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=",
 			"dev": true
 		},
@@ -3802,7 +3802,7 @@
 		},
 		"sprintf-js": {
 			"version": "1.0.3",
-			"resolved": "http://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
+			"resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz",
 			"integrity": "sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw=",
 			"dev": true
 		},
@@ -4247,9 +4247,9 @@
 			}
 		},
 		"trim-newlines": {
-			"version": "3.0.0",
-			"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.0.tgz",
-			"integrity": "sha512-C4+gOpvmxaSMKuEf9Qc134F1ZuOHVXKRbtEflf4NTtuuJDEIJ9p5PXsalL8SkeRw+qit1Mo+yuvMPAKwWg/1hA==",
+			"version": "3.0.1",
+			"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.1.tgz",
+			"integrity": "sha512-c1PTsA3tYrIsLGkJkzHF+w9F2EyxfXGo4UyJc4pFL++FMjnq0HJS69T3M7d//gKrFKwy429bouPescbjecU+Zw==",
 			"dev": true
 		},
 		"trough": {
-- 
2.20.1

composer dependencies

Dependencies
Development dependencies

npm dependencies

Development dependencies

Logs

Source code is licensed under the AGPL.