$ date
--- stdout ---
Fri Mar 24 22:26:40 UTC 2023
--- end ---
$ git clone file:///srv/git/mediawiki-tools-api-testing.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
1404d7931defb155dcea3b8867da3fff19cf8fe1 refs/heads/master
--- end ---
$ /usr/bin/npm audit --json --legacy-peer-deps
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"ansi-regex": {
"name": "ansi-regex",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1091188,
"name": "ansi-regex",
"dependency": "ansi-regex",
"title": "Inefficient Regular Expression Complexity in chalk/ansi-regex",
"url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
"severity": "high",
"cwe": [
"CWE-697",
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=3.0.0 <3.0.1"
},
{
"source": 1091189,
"name": "ansi-regex",
"dependency": "ansi-regex",
"title": "Inefficient Regular Expression Complexity in chalk/ansi-regex",
"url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
"severity": "high",
"cwe": [
"CWE-697",
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=4.0.0 <4.1.1"
},
{
"source": 1091190,
"name": "ansi-regex",
"dependency": "ansi-regex",
"title": "Inefficient Regular Expression Complexity in chalk/ansi-regex",
"url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
"severity": "high",
"cwe": [
"CWE-697",
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=5.0.0 <5.0.1"
}
],
"effects": [],
"range": "3.0.0 || 4.0.0 - 4.1.0 || 5.0.0",
"nodes": [
"node_modules/ansi-regex",
"node_modules/cliui/node_modules/ansi-regex",
"node_modules/wide-align/node_modules/ansi-regex",
"node_modules/wrap-ansi/node_modules/ansi-regex",
"node_modules/yargs/node_modules/ansi-regex"
],
"fixAvailable": true
},
"browserslist": {
"name": "browserslist",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1089762,
"name": "browserslist",
"dependency": "browserslist",
"title": "Regular Expression Denial of Service in browserslist",
"url": "https://github.com/advisories/GHSA-w8qv-6jwh-64r5",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=4.0.0 <4.16.5"
}
],
"effects": [],
"range": "4.0.0 - 4.16.4",
"nodes": [
"node_modules/browserslist"
],
"fixAvailable": true
},
"cookiejar": {
"name": "cookiejar",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1088659,
"name": "cookiejar",
"dependency": "cookiejar",
"title": "cookiejar Regular Expression Denial of Service via Cookie.parse function",
"url": "https://github.com/advisories/GHSA-h452-7996-h45h",
"severity": "moderate",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<2.1.4"
}
],
"effects": [],
"range": "<2.1.4",
"nodes": [
"node_modules/cookiejar"
],
"fixAvailable": true
},
"flat": {
"name": "flat",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1089152,
"name": "flat",
"dependency": "flat",
"title": "flat vulnerable to Prototype Pollution",
"url": "https://github.com/advisories/GHSA-2j2x-2gpw-g8fm",
"severity": "critical",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 9.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<5.0.1"
}
],
"effects": [
"yargs-unparser"
],
"range": "<5.0.1",
"nodes": [
"node_modules/flat"
],
"fixAvailable": {
"name": "mocha",
"version": "10.2.0",
"isSemVerMajor": true
}
},
"glob-parent": {
"name": "glob-parent",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1091181,
"name": "glob-parent",
"dependency": "glob-parent",
"title": "glob-parent before 5.1.2 vulnerable to Regular Expression Denial of Service in enclosure regex",
"url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<5.1.2"
}
],
"effects": [],
"range": "<5.1.2",
"nodes": [
"node_modules/glob-parent"
],
"fixAvailable": true
},
"jsdoc": {
"name": "jsdoc",
"severity": "high",
"isDirect": true,
"via": [
"markdown-it",
"marked",
"taffydb"
],
"effects": [],
"range": "3.2.0-dev - 3.6.11",
"nodes": [
"node_modules/jsdoc"
],
"fixAvailable": {
"name": "jsdoc",
"version": "3.6.11",
"isSemVerMajor": false
}
},
"jsdoc-wmf-theme": {
"name": "jsdoc-wmf-theme",
"severity": "high",
"isDirect": true,
"via": [
"taffydb"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/jsdoc-wmf-theme"
],
"fixAvailable": false
},
"lodash": {
"name": "lodash",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089058,
"name": "lodash",
"dependency": "lodash",
"title": "Regular Expression Denial of Service (ReDoS) in lodash",
"url": "https://github.com/advisories/GHSA-29mw-wpgm-hmr9",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<4.17.21"
},
{
"source": 1091185,
"name": "lodash",
"dependency": "lodash",
"title": "Command Injection in lodash",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"severity": "high",
"cwe": [
"CWE-77",
"CWE-94"
],
"cvss": {
"score": 7.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<4.17.21"
}
],
"effects": [],
"range": "<=4.17.20",
"nodes": [
"node_modules/@eslint/eslintrc/node_modules/lodash",
"node_modules/eslint-plugin-jsdoc/node_modules/lodash",
"node_modules/eslint/node_modules/lodash",
"node_modules/lodash",
"node_modules/table/node_modules/lodash"
],
"fixAvailable": true
},
"markdown-it": {
"name": "markdown-it",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1090461,
"name": "markdown-it",
"dependency": "markdown-it",
"title": "Uncontrolled Resource Consumption in markdown-it",
"url": "https://github.com/advisories/GHSA-6vfc-qv3f-vr6c",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<12.3.2"
}
],
"effects": [
"jsdoc"
],
"range": "<12.3.2",
"nodes": [
"node_modules/markdown-it"
],
"fixAvailable": {
"name": "jsdoc",
"version": "3.6.11",
"isSemVerMajor": false
}
},
"marked": {
"name": "marked",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089485,
"name": "marked",
"dependency": "marked",
"title": "Inefficient Regular Expression Complexity in marked",
"url": "https://github.com/advisories/GHSA-5v2h-r2cx-5xgj",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<4.0.10"
},
{
"source": 1089486,
"name": "marked",
"dependency": "marked",
"title": "Inefficient Regular Expression Complexity in marked",
"url": "https://github.com/advisories/GHSA-rrrm-qjm4-v8hf",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<4.0.10"
}
],
"effects": [
"jsdoc"
],
"range": "<=4.0.9",
"nodes": [
"node_modules/marked"
],
"fixAvailable": {
"name": "jsdoc",
"version": "3.6.11",
"isSemVerMajor": false
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1091174,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS vulnerability",
"url": "https://github.com/advisories/GHSA-f8q6-p94x-37v3",
"severity": "high",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.0.5"
}
],
"effects": [
"mocha"
],
"range": "<3.0.5",
"nodes": [
"node_modules/minimatch"
],
"fixAvailable": {
"name": "mocha",
"version": "10.2.0",
"isSemVerMajor": true
}
},
"minimist": {
"name": "minimist",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1091173,
"name": "minimist",
"dependency": "minimist",
"title": "Prototype Pollution in minimist",
"url": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
"severity": "critical",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 9.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=1.0.0 <1.2.6"
}
],
"effects": [],
"range": "1.0.0 - 1.2.5",
"nodes": [
"node_modules/minimist"
],
"fixAvailable": true
},
"mocha": {
"name": "mocha",
"severity": "critical",
"isDirect": true,
"via": [
"minimatch",
"yargs-unparser"
],
"effects": [],
"range": "5.1.0 - 9.2.1",
"nodes": [
"node_modules/mocha"
],
"fixAvailable": {
"name": "mocha",
"version": "10.2.0",
"isSemVerMajor": true
}
},
"path-parse": {
"name": "path-parse",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1089681,
"name": "path-parse",
"dependency": "path-parse",
"title": "Regular Expression Denial of Service in path-parse",
"url": "https://github.com/advisories/GHSA-hj48-42vr-x3v9",
"severity": "moderate",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<1.0.7"
}
],
"effects": [],
"range": "<1.0.7",
"nodes": [
"node_modules/path-parse"
],
"fixAvailable": true
},
"pathval": {
"name": "pathval",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089875,
"name": "pathval",
"dependency": "pathval",
"title": "Prototype pollution in pathval",
"url": "https://github.com/advisories/GHSA-g6ww-v8xp-vmwg",
"severity": "high",
"cwe": [
"CWE-20",
"CWE-1321"
],
"cvss": {
"score": 7.2,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<1.1.1"
}
],
"effects": [],
"range": "<1.1.1",
"nodes": [
"node_modules/pathval"
],
"fixAvailable": true
},
"qs": {
"name": "qs",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1090139,
"name": "qs",
"dependency": "qs",
"title": "qs vulnerable to Prototype Pollution",
"url": "https://github.com/advisories/GHSA-hrpp-h998-j3pp",
"severity": "high",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=6.9.0 <6.9.7"
}
],
"effects": [],
"range": "6.9.0 - 6.9.6",
"nodes": [
"node_modules/qs"
],
"fixAvailable": true
},
"taffydb": {
"name": "taffydb",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1089386,
"name": "taffydb",
"dependency": "taffydb",
"title": "TaffyDB can allow access to any data items in the DB",
"url": "https://github.com/advisories/GHSA-mxhp-79qh-mcx6",
"severity": "high",
"cwe": [
"CWE-20",
"CWE-668"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
},
"range": "<=2.7.3"
}
],
"effects": [
"jsdoc",
"jsdoc-wmf-theme"
],
"range": "*",
"nodes": [
"node_modules/taffydb"
],
"fixAvailable": false
},
"y18n": {
"name": "y18n",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1091234,
"name": "y18n",
"dependency": "y18n",
"title": "Prototype Pollution in y18n",
"url": "https://github.com/advisories/GHSA-c4w7-xm78-47vh",
"severity": "high",
"cwe": [
"CWE-20",
"CWE-915",
"CWE-1321"
],
"cvss": {
"score": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
},
"range": "=4.0.0"
}
],
"effects": [],
"range": "4.0.0",
"nodes": [
"node_modules/y18n"
],
"fixAvailable": true
},
"yargs-unparser": {
"name": "yargs-unparser",
"severity": "critical",
"isDirect": false,
"via": [
"flat"
],
"effects": [
"mocha"
],
"range": "<=1.6.3",
"nodes": [
"node_modules/yargs-unparser"
],
"fixAvailable": {
"name": "mocha",
"version": "10.2.0",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 4,
"high": 11,
"critical": 4,
"total": 19
},
"dependencies": {
"prod": 31,
"dev": 279,
"optional": 1,
"peer": 0,
"peerOptional": 0,
"total": 309
}
}
}
--- end ---
Upgrading n:eslint-config-wikimedia from 0.18.0 -> 0.24.0
$ /usr/bin/npm install
--- stderr ---
npm WARN deprecated flat@4.1.0: Fixed a prototype pollution security issue in 4.1.0, please upgrade to ^4.1.1 or ^5.0.1.
npm WARN deprecated debug@3.2.6: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated formidable@1.2.2: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated superagent@5.1.0: Please upgrade to v7.0.2+ of superagent. We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing. See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>.
--- stdout ---
added 356 packages, and audited 357 packages in 5s
60 packages are looking for funding
run `npm fund` for details
17 vulnerabilities (3 moderate, 10 high, 4 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
$ ./node_modules/.bin/eslint . --fix
--- stdout ---
/src/repo/lib/wiki.js
24:15 error 'params' is already declared in the upper scope on line 37 column 8 no-shadow
✖ 1 problem (1 error, 0 warnings)
--- end ---
$ ./node_modules/.bin/eslint . -f json
--- stdout ---
[{"filePath":"/src/repo/.eslintrc.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/.jsdoc.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/.mocharc.yaml","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/configs/example.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/configs/quibble.apache.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/configs/quibble.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/index.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/REST.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/action_clients.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/actionapi.js","messages":[],"suppressedMessages":[{"ruleId":"max-len","severity":1,"message":"This line has a length of 101. Maximum allowed is 100.","line":266,"column":1,"nodeType":"Program","messageId":"max","endLine":266,"endColumn":96,"suppressions":[{"kind":"directive","justification":""}]},{"ruleId":"max-len","severity":1,"message":"This line has a length of 120. Maximum allowed is 100.","line":267,"column":1,"nodeType":"Program","messageId":"max","endLine":267,"endColumn":115,"suppressions":[{"kind":"directive","justification":""}]}],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/assert.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/clientFactory.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/config.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/utils.js","messages":[],"suppressedMessages":[{"ruleId":"no-promise-executor-return","severity":2,"message":"Return values from promise executor functions cannot be read.","line":38,"column":35,"nodeType":"CallExpression","messageId":"returnsValue","endLine":38,"endColumn":58,"suppressions":[{"kind":"directive","justification":""}]}],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/lib/wiki.js","messages":[{"ruleId":"no-shadow","severity":2,"message":"'params' is already declared in the upper scope on line 37 column 8.","line":24,"column":15,"nodeType":"Identifier","messageId":"noShadow","endLine":24,"endColumn":21}],"suppressedMessages":[],"errorCount":1,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"source":"'use strict';\n\nconst supertest = require('supertest');\nconst crypto = require('crypto');\nconst querystring = require('querystring');\nconst { assert } = require('./assert');\nconst config = require('./config')();\n\n/**\n * Runs some pending jobs.\n *\n * @param {number} n The number of jobs to run.\n * @return {Promise<number>} Zero if there are no more jobs to be run,\n * and a number grater than zero if there are more jobs ready to be run.\n * That number may or may not represent the number of jobs remaining\n * in the queue.\n */\nconst runJobs = async (n = 1) => {\n\tif (!config.secret_key) {\n\t\tthrow new Error('Missing secret_key configuration value. ' +\n 'Set secret_key to the value of $wgSecretKey from LocalSettings.php');\n\t}\n\n\tconst sig = (params) => {\n\t\tconst data = {};\n\t\tconst keys = Object.keys(params).sort();\n\n\t\tfor (const k of keys) {\n\t\t\tdata[k] = params[k];\n\t\t}\n\n\t\tconst s = querystring.stringify(data);\n\t\tconst hmac = crypto.createHmac('sha1', config.secret_key).update(s);\n\t\treturn hmac.digest('hex');\n\t};\n\n\tconst params = {\n\t\ttitle: 'Special:RunJobs',\n\t\tmaxjobs: n,\n\t\tmaxtime: Math.max(n * 10, 60),\n\t\tasync: '', // false\n\t\tstats: '1', // true\n\t\ttasks: '', // what does this mean?\n\t\tsigexpiry: Math.ceil(Date.now() / 1000 + 60 * 60) // one hour\n\t};\n\n\tparams.signature = sig(params);\n\n\tconst response = await supertest.agent(config.base_uri).post('index.php').type('form').send(params);\n\n\tassert.isDefined(response.body.reached, `Text: ${response.text}`);\n\n\tif (response.body.reached === 'none-ready') {\n\t\t// The backend reports that no more jobs are ready.\n\t\treturn 0;\n\t} else {\n\t\t// If response.body.jobs is empty, we may be hitting an infinite\n\t\t// loop here. That should not happen.\n\t\tassert.isNotEmpty(response.body.jobs);\n\n\t\t// There is no reliable way to get the current size of the job queue.\n\t\t// Just return some number to indicate that there is more work to be done.\n\t\treturn 100;\n\t}\n};\n\n/**\n * Returns a promise that will resolve when all jobs in the wiki's job queue\n * have been run.\n *\n * @return {Promise<void>}\n */\nconst runAllJobs = async () => {\n\tconst log = () => {}; // TODO: allow optional logging\n\n\twhile (true) {\n\t\tlog('Running jobs...');\n\t\tconst jobsRemaining = await runJobs(10);\n\n\t\tif (jobsRemaining) {\n\t\t\tlog(`Still ${jobsRemaining} in the queue.`);\n\t\t} else {\n\t\t\tbreak;\n\t\t}\n\t}\n};\n\nconst getSecretKey = () => {\n\treturn config.secret_key || null;\n};\n\nmodule.exports = {\n\trunAllJobs,\n\tgetSecretKey\n};\n","usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/package-lock.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/package.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/test/.eslintrc.json","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/test/Actionapi.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/test/ClientFactoryTest.js","messages":[],"suppressedMessages":[],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]},{"filePath":"/src/repo/test/Config.js","messages":[],"suppressedMessages":[{"ruleId":"node/no-unsupported-features/node-builtins","severity":2,"message":"The 'fs.promises' is not supported until Node.js 11.14.0 (backported: ^10.17.0). The configured version range is '>= 10.0.0'.","line":7,"column":13,"nodeType":"MemberExpression","messageId":"unsupported","endLine":7,"endColumn":24,"suppressions":[{"kind":"directive","justification":""}]}],"errorCount":0,"fatalErrorCount":0,"warningCount":0,"fixableErrorCount":0,"fixableWarningCount":0,"usedDeprecatedRules":[{"ruleId":"no-new-require","replacedBy":[]},{"ruleId":"no-process-exit","replacedBy":[]}]}]
--- end ---
$ /usr/bin/npm ci --legacy-peer-deps
--- stderr ---
npm WARN deprecated flat@4.1.0: Fixed a prototype pollution security issue in 4.1.0, please upgrade to ^4.1.1 or ^5.0.1.
npm WARN deprecated debug@3.2.6: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated formidable@1.2.2: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated superagent@5.1.0: Please upgrade to v7.0.2+ of superagent. We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing. See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>.
--- stdout ---
added 356 packages, and audited 357 packages in 4s
60 packages are looking for funding
run `npm fund` for details
17 vulnerabilities (3 moderate, 10 high, 4 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stderr ---
Error: Missing local config! Please create a .api-testing.config.json config
at module.exports (/src/repo/lib/config.js:29:10)
at Object.<anonymous> (/src/repo/lib/actionapi.js:6:35)
at Module._compile (node:internal/modules/cjs/loader:1126:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1180:10)
at Module.load (node:internal/modules/cjs/loader:1004:32)
at Function.Module._load (node:internal/modules/cjs/loader:839:12)
at Module.require (node:internal/modules/cjs/loader:1028:19)
at require (node:internal/modules/cjs/helpers:102:18)
at Object.<anonymous> (/src/repo/lib/action_clients.js:4:16)
at Module._compile (node:internal/modules/cjs/loader:1126:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1180:10)
at Module.load (node:internal/modules/cjs/loader:1004:32)
at Function.Module._load (node:internal/modules/cjs/loader:839:12)
at Module.require (node:internal/modules/cjs/loader:1028:19)
at require (node:internal/modules/cjs/helpers:102:18)
at Object.<anonymous> (/src/repo/index.js:4:10)
at Module._compile (node:internal/modules/cjs/loader:1126:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1180:10)
at Module.load (node:internal/modules/cjs/loader:1004:32)
at Function.Module._load (node:internal/modules/cjs/loader:839:12)
at Module.require (node:internal/modules/cjs/loader:1028:19)
at require (node:internal/modules/cjs/helpers:102:18)
at Object.<anonymous> (/src/repo/test/Actionapi.js:3:28)
at Module._compile (node:internal/modules/cjs/loader:1126:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1180:10)
at Module.load (node:internal/modules/cjs/loader:1004:32)
at Function.Module._load (node:internal/modules/cjs/loader:839:12)
at Module.require (node:internal/modules/cjs/loader:1028:19)
at require (node:internal/modules/cjs/helpers:102:18)
at requireOrImport (/src/repo/node_modules/mocha/lib/esm-utils.js:15:12)
at Object.exports.loadFilesAsync (/src/repo/node_modules/mocha/lib/esm-utils.js:28:26)
at Mocha.loadFilesAsync (/src/repo/node_modules/mocha/lib/mocha.js:386:19)
at singleRun (/src/repo/node_modules/mocha/lib/cli/run-helpers.js:149:15)
at exports.runMocha (/src/repo/node_modules/mocha/lib/cli/run-helpers.js:186:11)
at Object.exports.handler (/src/repo/node_modules/mocha/lib/cli/run.js:319:11)
at /src/repo/node_modules/yargs/lib/command.js:241:49
--- stdout ---
> api-testing@1.6.0 test
> npm run lint && mocha --parallel
> api-testing@1.6.0 lint
> eslint --cache .
/src/repo/lib/wiki.js
24:15 warning 'params' is already declared in the upper scope on line 37 column 8 no-shadow
✖ 1 problem (0 errors, 1 warning)
--- end ---
Traceback (most recent call last):
File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1400, in main
libup.run(args.repo, args.output, args.branch)
File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1338, in run
self.npm_upgrade(plan)
File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1049, in npm_upgrade
self.npm_test()
File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 287, in npm_test
self.check_call(['npm', 'test'])
File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/shell2.py", line 54, in check_call
res.check_returncode()
File "/usr/lib/python3.9/subprocess.py", line 460, in check_returncode
raise CalledProcessError(self.returncode, self.args, self.stdout,
subprocess.CalledProcessError: Command '['/usr/bin/npm', 'test']' returned non-zero exit status 1.