oojs/core (main)

sourcepatches
From 58fc7ad5555bc38e1b4ed450a2ade1ba5f514fe8 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Mon, 22 Apr 2024 07:15:05 +0000
Subject: [PATCH] build: Updating jsdoc-wmf-theme to 0.0.13

Change-Id: Ie3c24e3daa1ceb8a1878f7edbadc04d9f45f359b
---
 package-lock.json | 34 +++++++++++-----------------------
 package.json      |  2 +-
 2 files changed, 12 insertions(+), 24 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index a11a868..4ddefb6 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -16,7 +16,7 @@
 				"grunt-contrib-uglify": "5.2.2",
 				"jsdoc": "4.0.2",
 				"jsdoc-class-hierarchy": "1.1.2",
-				"jsdoc-wmf-theme": "0.0.12",
+				"jsdoc-wmf-theme": "0.0.13",
 				"karma": "6.3.18",
 				"karma-chrome-launcher": "3.1.0",
 				"karma-coverage": "2.0.3",
@@ -6384,16 +6384,16 @@
 			}
 		},
 		"node_modules/jsdoc-wmf-theme": {
-			"version": "0.0.12",
-			"resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.12.tgz",
-			"integrity": "sha512-nuM3TZ91hYWr0GcWr0ECccUMaqxmfQaQTrvqh6n2OSCJj1PRYLMAX7ME3iR+3NX8yBI5MLA+SoiZMwDq/B6pdg==",
+			"version": "0.0.13",
+			"resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.13.tgz",
+			"integrity": "sha512-H8h0Xut3J9UGBJECAQAFbF8MVGGNA2PKFpNW4z9Go2DC/wby4Q/hn3reBJ3lB9/j+molyt8UVrO0Z+eA5nOyhw==",
 			"dev": true,
 			"dependencies": {
+				"@jsdoc/salty": "^0.2.7",
 				"@wikimedia/codex-design-tokens": "1.1.1",
 				"domino": "^2.1.6",
 				"lunr": "2.3.9",
-				"normalize.css": "8.0.1",
-				"taffydb": "^2.7.3"
+				"normalize.css": "8.0.1"
 			}
 		},
 		"node_modules/jsdoc/node_modules/escape-string-regexp": {
@@ -9392,12 +9392,6 @@
 				"url": "https://github.com/sponsors/ljharb"
 			}
 		},
-		"node_modules/taffydb": {
-			"version": "2.7.3",
-			"resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.7.3.tgz",
-			"integrity": "sha512-GQ3gtYFSOAxSMN/apGtDKKkbJf+8izz5YfbGqIsUc7AMiQOapARZ76dhilRY2h39cynYxBFdafQo5HUL5vgkrg==",
-			"dev": true
-		},
 		"node_modules/tar-fs": {
 			"version": "2.1.1",
 			"resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz",
@@ -15309,16 +15303,16 @@
 			"dev": true
 		},
 		"jsdoc-wmf-theme": {
-			"version": "0.0.12",
-			"resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.12.tgz",
-			"integrity": "sha512-nuM3TZ91hYWr0GcWr0ECccUMaqxmfQaQTrvqh6n2OSCJj1PRYLMAX7ME3iR+3NX8yBI5MLA+SoiZMwDq/B6pdg==",
+			"version": "0.0.13",
+			"resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.13.tgz",
+			"integrity": "sha512-H8h0Xut3J9UGBJECAQAFbF8MVGGNA2PKFpNW4z9Go2DC/wby4Q/hn3reBJ3lB9/j+molyt8UVrO0Z+eA5nOyhw==",
 			"dev": true,
 			"requires": {
+				"@jsdoc/salty": "^0.2.7",
 				"@wikimedia/codex-design-tokens": "1.1.1",
 				"domino": "^2.1.6",
 				"lunr": "2.3.9",
-				"normalize.css": "8.0.1",
-				"taffydb": "^2.7.3"
+				"normalize.css": "8.0.1"
 			}
 		},
 		"jsesc": {
@@ -17678,12 +17672,6 @@
 			"integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==",
 			"dev": true
 		},
-		"taffydb": {
-			"version": "2.7.3",
-			"resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.7.3.tgz",
-			"integrity": "sha512-GQ3gtYFSOAxSMN/apGtDKKkbJf+8izz5YfbGqIsUc7AMiQOapARZ76dhilRY2h39cynYxBFdafQo5HUL5vgkrg==",
-			"dev": true
-		},
 		"tar-fs": {
 			"version": "2.1.1",
 			"resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz",
diff --git a/package.json b/package.json
index e1fc67e..1e90f0d 100644
--- a/package.json
+++ b/package.json
@@ -39,7 +39,7 @@
 		"grunt-contrib-uglify": "5.2.2",
 		"jsdoc": "4.0.2",
 		"jsdoc-class-hierarchy": "1.1.2",
-		"jsdoc-wmf-theme": "0.0.12",
+		"jsdoc-wmf-theme": "0.0.13",
 		"karma": "6.3.18",
 		"karma-chrome-launcher": "3.1.0",
 		"karma-coverage": "2.0.3",
-- 
2.39.2

$ date
--- stdout ---
Mon Apr 22 07:14:03 UTC 2024

--- end ---
$ git clone file:///srv/git/oojs-core.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---

--- end ---
$ git config user.name libraryupgrader
--- stdout ---

--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---

--- end ---
$ git submodule update --init
--- stdout ---

--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.

--- end ---
$ git show-ref refs/heads/master
--- stdout ---
8a2d4caa3629ccc03712824df269863b904f8a5f refs/heads/master

--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "bin-version": {
      "name": "bin-version",
      "severity": "high",
      "isDirect": false,
      "via": [
        "find-versions"
      ],
      "effects": [
        "bin-version-check"
      ],
      "range": "<=4.0.0",
      "nodes": [
        "node_modules/bin-version"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "bin-version-check": {
      "name": "bin-version-check",
      "severity": "high",
      "isDirect": false,
      "via": [
        "bin-version"
      ],
      "effects": [
        "bin-wrapper"
      ],
      "range": "<=4.0.0",
      "nodes": [
        "node_modules/bin-version-check"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "bin-wrapper": {
      "name": "bin-wrapper",
      "severity": "high",
      "isDirect": false,
      "via": [
        "bin-version-check",
        "download"
      ],
      "effects": [
        "saucelabs"
      ],
      "range": ">=0.4.0",
      "nodes": [
        "node_modules/bin-wrapper"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "cacheable-request": {
      "name": "cacheable-request",
      "severity": "high",
      "isDirect": false,
      "via": [
        "http-cache-semantics"
      ],
      "effects": [
        "got"
      ],
      "range": "0.1.0 - 2.1.4",
      "nodes": [
        "node_modules/download/node_modules/cacheable-request"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "download": {
      "name": "download",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        "got"
      ],
      "effects": [
        "bin-wrapper"
      ],
      "range": ">=4.0.0",
      "nodes": [
        "node_modules/download"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "find-versions": {
      "name": "find-versions",
      "severity": "high",
      "isDirect": false,
      "via": [
        "semver-regex"
      ],
      "effects": [
        "bin-version"
      ],
      "range": "<=3.2.0",
      "nodes": [
        "node_modules/find-versions"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "got": {
      "name": "got",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1088948,
          "name": "got",
          "dependency": "got",
          "title": "Got allows a redirect to a UNIX socket",
          "url": "https://github.com/advisories/GHSA-pfrx-2q88-qq97",
          "severity": "moderate",
          "cwe": [],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
          },
          "range": "<11.8.5"
        },
        "cacheable-request"
      ],
      "effects": [
        "download"
      ],
      "range": "<=11.8.3",
      "nodes": [
        "node_modules/download/node_modules/got"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "gulp-util": {
      "name": "gulp-util",
      "severity": "high",
      "isDirect": false,
      "via": [
        "lodash.template"
      ],
      "effects": [
        "remap-istanbul"
      ],
      "range": ">=1.1.0",
      "nodes": [
        "node_modules/gulp-util"
      ],
      "fixAvailable": {
        "name": "karma-remap-istanbul",
        "version": "0.0.2",
        "isSemVerMajor": true
      }
    },
    "http-cache-semantics": {
      "name": "http-cache-semantics",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1092316,
          "name": "http-cache-semantics",
          "dependency": "http-cache-semantics",
          "title": "http-cache-semantics vulnerable to Regular Expression Denial of Service",
          "url": "https://github.com/advisories/GHSA-rc47-6667-2j5j",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<4.1.1"
        }
      ],
      "effects": [
        "cacheable-request"
      ],
      "range": "<4.1.1",
      "nodes": [
        "node_modules/download/node_modules/http-cache-semantics"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "jsdoc-wmf-theme": {
      "name": "jsdoc-wmf-theme",
      "severity": "high",
      "isDirect": true,
      "via": [
        "taffydb"
      ],
      "effects": [],
      "range": "<=0.0.12",
      "nodes": [
        "node_modules/jsdoc-wmf-theme"
      ],
      "fixAvailable": {
        "name": "jsdoc-wmf-theme",
        "version": "1.0.0",
        "isSemVerMajor": true
      }
    },
    "karma-remap-istanbul": {
      "name": "karma-remap-istanbul",
      "severity": "high",
      "isDirect": true,
      "via": [
        "remap-istanbul"
      ],
      "effects": [],
      "range": ">=0.0.3",
      "nodes": [
        "node_modules/karma-remap-istanbul"
      ],
      "fixAvailable": {
        "name": "karma-remap-istanbul",
        "version": "0.0.2",
        "isSemVerMajor": true
      }
    },
    "karma-sauce-launcher": {
      "name": "karma-sauce-launcher",
      "severity": "moderate",
      "isDirect": true,
      "via": [
        "saucelabs"
      ],
      "effects": [],
      "range": ">=4.1.5",
      "nodes": [
        "node_modules/karma-sauce-launcher"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "lodash.template": {
      "name": "lodash.template",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1096993,
          "name": "lodash.template",
          "dependency": "lodash.template",
          "title": "Command Injection in lodash",
          "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
          "severity": "high",
          "cwe": [
            "CWE-77",
            "CWE-94"
          ],
          "cvss": {
            "score": 7.2,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
          },
          "range": "<=4.5.0"
        }
      ],
      "effects": [
        "gulp-util"
      ],
      "range": "*",
      "nodes": [
        "node_modules/lodash.template"
      ],
      "fixAvailable": {
        "name": "karma-remap-istanbul",
        "version": "0.0.2",
        "isSemVerMajor": true
      }
    },
    "meow": {
      "name": "meow",
      "severity": "high",
      "isDirect": false,
      "via": [
        "trim-newlines"
      ],
      "effects": [],
      "range": "3.4.0 - 5.0.0",
      "nodes": [
        "node_modules/meow"
      ],
      "fixAvailable": true
    },
    "remap-istanbul": {
      "name": "remap-istanbul",
      "severity": "high",
      "isDirect": false,
      "via": [
        "gulp-util"
      ],
      "effects": [
        "karma-remap-istanbul"
      ],
      "range": "<=0.9.6",
      "nodes": [
        "node_modules/remap-istanbul"
      ],
      "fixAvailable": {
        "name": "karma-remap-istanbul",
        "version": "0.0.2",
        "isSemVerMajor": true
      }
    },
    "saucelabs": {
      "name": "saucelabs",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        "bin-wrapper"
      ],
      "effects": [
        "karma-sauce-launcher"
      ],
      "range": "4.1.0 - 7.1.2",
      "nodes": [
        "node_modules/saucelabs"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "semver-regex": {
      "name": "semver-regex",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1092475,
          "name": "semver-regex",
          "dependency": "semver-regex",
          "title": "semver-regex Regular Expression Denial of Service (ReDOS)",
          "url": "https://github.com/advisories/GHSA-44c6-4v22-4mhx",
          "severity": "high",
          "cwe": [
            "CWE-400",
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.1.3"
        },
        {
          "source": 1092605,
          "name": "semver-regex",
          "dependency": "semver-regex",
          "title": "Regular expression denial of service in semver-regex",
          "url": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch",
          "severity": "low",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 0,
            "vectorString": null
          },
          "range": "<3.1.4"
        }
      ],
      "effects": [
        "find-versions"
      ],
      "range": "<=3.1.3",
      "nodes": [
        "node_modules/semver-regex"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "taffydb": {
      "name": "taffydb",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1089386,
          "name": "taffydb",
          "dependency": "taffydb",
          "title": "TaffyDB can allow access to any data items in the DB",
          "url": "https://github.com/advisories/GHSA-mxhp-79qh-mcx6",
          "severity": "high",
          "cwe": [
            "CWE-20",
            "CWE-668"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
          },
          "range": "<=2.7.3"
        }
      ],
      "effects": [
        "jsdoc-wmf-theme"
      ],
      "range": "*",
      "nodes": [
        "node_modules/taffydb"
      ],
      "fixAvailable": {
        "name": "jsdoc-wmf-theme",
        "version": "1.0.0",
        "isSemVerMajor": true
      }
    },
    "trim-newlines": {
      "name": "trim-newlines",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1095100,
          "name": "trim-newlines",
          "dependency": "trim-newlines",
          "title": "Uncontrolled Resource Consumption in trim-newlines",
          "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
          "severity": "high",
          "cwe": [
            "CWE-400"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.0.1"
        }
      ],
      "effects": [
        "meow"
      ],
      "range": "<3.0.1",
      "nodes": [
        "node_modules/trim-newlines"
      ],
      "fixAvailable": true
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 3,
      "high": 16,
      "critical": 0,
      "total": 19
    },
    "dependencies": {
      "prod": 1,
      "dev": 924,
      "optional": 3,
      "peer": 1,
      "peerOptional": 0,
      "total": 924
    }
  }
}

--- end ---
Upgrading n:jsdoc-wmf-theme from 0.0.12 -> 0.0.13
$ /usr/bin/npm install
--- stderr ---
npm WARN deprecated gulp-util@3.0.7: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated istanbul@0.4.5: This module is no longer maintained, try this instead:
npm WARN deprecated   npm i nyc
npm WARN deprecated Visit https://istanbul.js.org/integrations for other alternatives.
--- stdout ---

added 922 packages, and audited 923 packages in 7s

92 packages are looking for funding
  run `npm fund` for details

17 vulnerabilities (3 moderate, 14 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json

--- end ---
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated gulp-util@3.0.7: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated istanbul@0.4.5: This module is no longer maintained, try this instead:
npm WARN deprecated   npm i nyc
npm WARN deprecated Visit https://istanbul.js.org/integrations for other alternatives.
--- stdout ---

added 922 packages, and audited 923 packages in 8s

92 packages are looking for funding
  run `npm fund` for details

17 vulnerabilities (3 moderate, 14 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

--- end ---
$ /usr/bin/npm test
--- stderr ---
(node:142) Warning: Accessing non-existent property 'VERSION' of module exports inside circular dependency
(Use `node --trace-warnings ...` to show where the warning was created)
--- stdout ---

> oojs@7.0.1 test
> npm run build-dev && karma start && qunit --require ./tests/setup-node tests/unit/ && npm run lint


> oojs@7.0.1 build-dev
> grunt build-dev

Running "set-meta" task

Running "set-dev" task

Running "clean:dist" (clean) task
>> 0 paths cleaned.

Running "concat:dev" (concat) task

Done.
22 04 2024 07:14:26.674:INFO [karma-server]: Karma v6.3.18 server started at http://localhost:9876/
22 04 2024 07:14:26.676:INFO [launcher]: Launching browsers FirefoxHeadless, ChromeCustom with concurrency unlimited
22 04 2024 07:14:26.680:INFO [launcher]: Starting browser FirefoxHeadless
22 04 2024 07:14:26.688:INFO [launcher]: Starting browser ChromeHeadless
22 04 2024 07:14:29.038:INFO [Chrome Headless 123.0.6312.86 (Linux x86_64)]: Connected on socket R8rMmZ50muwatMFvAAAB with id 71307306
............................................................
Chrome Headless 123.0.6312.86 (Linux x86_64): Executed 60 of 60 SUCCESS (0.141 secs / 0.11 secs)
22 04 2024 07:14:32.037:INFO [Firefox 115.0 (Linux x86_64)]: Connected on socket niUOZPW5TmhVDqyIAAAD with id 45629552
............................................................
Firefox 115.0 (Linux x86_64): Executed 60 of 60 SUCCESS (0.114 secs / 0.112 secs)
TOTAL: 120 SUCCESS
TOTAL: 120 SUCCESS

=============================== Coverage summary ===============================
Statements   : 100% ( 449/449 )
Branches     : 100% ( 270/270 )
Functions    : 100% ( 60/60 )
Lines        : 100% ( 432/432 )
================================================================================
TAP version 13
ok 1 EmitterList > addItems
ok 2 EmitterList > moveItem
ok 3 EmitterList > clearItems
ok 4 EmitterList > removeItems
ok 5 EmitterList > aggregate
ok 6 EmitterList > Events
ok 7 EventEmitter > on
ok 8 EventEmitter > once
ok 9 EventEmitter > once - nested
ok 10 EventEmitter > once - off
ok 11 EventEmitter > emit
ok 12 EventEmitter > off
ok 13 EventEmitter > connect
ok 14 EventEmitter > disconnect( host )
ok 15 EventEmitter > disconnect( host, methods )
ok 16 EventEmitter > disconnect( host, array methods )
ok 17 EventEmitter > disconnect( host, unbound methods )
ok 18 EventEmitter > chainable
ok 19 Factory > invalid registration
ok 20 Factory > registeration and lookup [Class.key]
ok 21 Factory > registeration and lookup [Class.static.name]
ok 22 Factory > registeration and lookup [key and name]
ok 23 Factory > registeration and lookup [unknown]
ok 24 Factory > invalid creation
ok 25 Factory > valid creation
ok 26 Registry > register/unregister
ok 27 Registry > lookup
ok 28 SortedEmitterList > addItems
ok 29 SortedEmitterList > Events
ok 30 core > initClass
ok 31 core > inheritClass
ok 32 core > mixinClass
ok 33 core > isSubclass
ok 34 core > getProp( Object )
ok 35 core > getProp( Function )
ok 36 core > getProp( Array )
ok 37 core > setProp( Object )
ok 38 core > setProp( Function )
ok 39 core > setProp( Array )
ok 40 core > deleteProp( Object )
ok 41 core > deleteProp( Function )
ok 42 core > deleteProp( Array )
ok 43 core > cloneObject
ok 44 core > getObjectValues
ok 45 core > binarySearch
ok 46 core > compare
ok 47 core > compare( Node, Node )
ok 48 core > compare( Object, Object, Boolean asymmetrical )
ok 49 core > copy( source )
ok 50 core > copy( source, Function leafCallback )
ok 51 core > copy( source, Function leafCallback, Function nodeCallback )
ok 52 core > getHash: Basic usage
ok 53 core > getHash: Complex usage
ok 54 core > unique
ok 55 core > simpleArrayUnion
ok 56 core > simpleArrayIntersection
ok 57 core > simpleArrayDifference
ok 58 util > isPlainObject
1..58
# pass 58
# skip 0
# todo 0
# fail 0

> oojs@7.0.1 lint
> eslint --cache .


--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "bin-version": {
      "name": "bin-version",
      "severity": "high",
      "isDirect": false,
      "via": [
        "find-versions"
      ],
      "effects": [
        "bin-version-check"
      ],
      "range": "<=4.0.0",
      "nodes": [
        "node_modules/bin-version"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "bin-version-check": {
      "name": "bin-version-check",
      "severity": "high",
      "isDirect": false,
      "via": [
        "bin-version"
      ],
      "effects": [
        "bin-wrapper"
      ],
      "range": "<=4.0.0",
      "nodes": [
        "node_modules/bin-version-check"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "bin-wrapper": {
      "name": "bin-wrapper",
      "severity": "high",
      "isDirect": false,
      "via": [
        "bin-version-check",
        "download"
      ],
      "effects": [
        "saucelabs"
      ],
      "range": ">=0.4.0",
      "nodes": [
        "node_modules/bin-wrapper"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "cacheable-request": {
      "name": "cacheable-request",
      "severity": "high",
      "isDirect": false,
      "via": [
        "http-cache-semantics"
      ],
      "effects": [
        "got"
      ],
      "range": "0.1.0 - 2.1.4",
      "nodes": [
        "node_modules/download/node_modules/cacheable-request"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "download": {
      "name": "download",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        "got"
      ],
      "effects": [
        "bin-wrapper"
      ],
      "range": ">=4.0.0",
      "nodes": [
        "node_modules/download"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "find-versions": {
      "name": "find-versions",
      "severity": "high",
      "isDirect": false,
      "via": [
        "semver-regex"
      ],
      "effects": [
        "bin-version"
      ],
      "range": "<=3.2.0",
      "nodes": [
        "node_modules/find-versions"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "got": {
      "name": "got",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1088948,
          "name": "got",
          "dependency": "got",
          "title": "Got allows a redirect to a UNIX socket",
          "url": "https://github.com/advisories/GHSA-pfrx-2q88-qq97",
          "severity": "moderate",
          "cwe": [],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
          },
          "range": "<11.8.5"
        },
        "cacheable-request"
      ],
      "effects": [
        "download"
      ],
      "range": "<=11.8.3",
      "nodes": [
        "node_modules/download/node_modules/got"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "gulp-util": {
      "name": "gulp-util",
      "severity": "high",
      "isDirect": false,
      "via": [
        "lodash.template"
      ],
      "effects": [
        "remap-istanbul"
      ],
      "range": ">=1.1.0",
      "nodes": [
        "node_modules/gulp-util"
      ],
      "fixAvailable": {
        "name": "karma-remap-istanbul",
        "version": "0.0.2",
        "isSemVerMajor": true
      }
    },
    "http-cache-semantics": {
      "name": "http-cache-semantics",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1092316,
          "name": "http-cache-semantics",
          "dependency": "http-cache-semantics",
          "title": "http-cache-semantics vulnerable to Regular Expression Denial of Service",
          "url": "https://github.com/advisories/GHSA-rc47-6667-2j5j",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<4.1.1"
        }
      ],
      "effects": [
        "cacheable-request"
      ],
      "range": "<4.1.1",
      "nodes": [
        "node_modules/download/node_modules/http-cache-semantics"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "karma-remap-istanbul": {
      "name": "karma-remap-istanbul",
      "severity": "high",
      "isDirect": true,
      "via": [
        "remap-istanbul"
      ],
      "effects": [],
      "range": ">=0.0.3",
      "nodes": [
        "node_modules/karma-remap-istanbul"
      ],
      "fixAvailable": {
        "name": "karma-remap-istanbul",
        "version": "0.0.2",
        "isSemVerMajor": true
      }
    },
    "karma-sauce-launcher": {
      "name": "karma-sauce-launcher",
      "severity": "moderate",
      "isDirect": true,
      "via": [
        "saucelabs"
      ],
      "effects": [],
      "range": ">=4.1.5",
      "nodes": [
        "node_modules/karma-sauce-launcher"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "lodash.template": {
      "name": "lodash.template",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1096993,
          "name": "lodash.template",
          "dependency": "lodash.template",
          "title": "Command Injection in lodash",
          "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
          "severity": "high",
          "cwe": [
            "CWE-77",
            "CWE-94"
          ],
          "cvss": {
            "score": 7.2,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
          },
          "range": "<=4.5.0"
        }
      ],
      "effects": [
        "gulp-util"
      ],
      "range": "*",
      "nodes": [
        "node_modules/lodash.template"
      ],
      "fixAvailable": {
        "name": "karma-remap-istanbul",
        "version": "0.0.2",
        "isSemVerMajor": true
      }
    },
    "meow": {
      "name": "meow",
      "severity": "high",
      "isDirect": false,
      "via": [
        "trim-newlines"
      ],
      "effects": [],
      "range": "3.4.0 - 5.0.0",
      "nodes": [
        "node_modules/meow"
      ],
      "fixAvailable": true
    },
    "remap-istanbul": {
      "name": "remap-istanbul",
      "severity": "high",
      "isDirect": false,
      "via": [
        "gulp-util"
      ],
      "effects": [
        "karma-remap-istanbul"
      ],
      "range": "<=0.9.6",
      "nodes": [
        "node_modules/remap-istanbul"
      ],
      "fixAvailable": {
        "name": "karma-remap-istanbul",
        "version": "0.0.2",
        "isSemVerMajor": true
      }
    },
    "saucelabs": {
      "name": "saucelabs",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        "bin-wrapper"
      ],
      "effects": [
        "karma-sauce-launcher"
      ],
      "range": "4.1.0 - 7.1.2",
      "nodes": [
        "node_modules/saucelabs"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "semver-regex": {
      "name": "semver-regex",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1092475,
          "name": "semver-regex",
          "dependency": "semver-regex",
          "title": "semver-regex Regular Expression Denial of Service (ReDOS)",
          "url": "https://github.com/advisories/GHSA-44c6-4v22-4mhx",
          "severity": "high",
          "cwe": [
            "CWE-400",
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.1.3"
        },
        {
          "source": 1092605,
          "name": "semver-regex",
          "dependency": "semver-regex",
          "title": "Regular expression denial of service in semver-regex",
          "url": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch",
          "severity": "low",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 0,
            "vectorString": null
          },
          "range": "<3.1.4"
        }
      ],
      "effects": [
        "find-versions"
      ],
      "range": "<=3.1.3",
      "nodes": [
        "node_modules/semver-regex"
      ],
      "fixAvailable": {
        "name": "karma-sauce-launcher",
        "version": "4.1.4",
        "isSemVerMajor": true
      }
    },
    "trim-newlines": {
      "name": "trim-newlines",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1095100,
          "name": "trim-newlines",
          "dependency": "trim-newlines",
          "title": "Uncontrolled Resource Consumption in trim-newlines",
          "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
          "severity": "high",
          "cwe": [
            "CWE-400"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.0.1"
        }
      ],
      "effects": [
        "meow"
      ],
      "range": "<3.0.1",
      "nodes": [
        "node_modules/trim-newlines"
      ],
      "fixAvailable": true
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 3,
      "high": 14,
      "critical": 0,
      "total": 17
    },
    "dependencies": {
      "prod": 1,
      "dev": 923,
      "optional": 3,
      "peer": 1,
      "peerOptional": 0,
      "total": 923
    }
  }
}

--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
  "added": 1,
  "removed": 0,
  "changed": 0,
  "audited": 924,
  "funding": 92,
  "audit": {
    "auditReportVersion": 2,
    "vulnerabilities": {
      "bin-version": {
        "name": "bin-version",
        "severity": "high",
        "isDirect": false,
        "via": [
          "find-versions"
        ],
        "effects": [
          "bin-version-check"
        ],
        "range": "<=4.0.0",
        "nodes": [
          "node_modules/bin-version"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "bin-version-check": {
        "name": "bin-version-check",
        "severity": "high",
        "isDirect": false,
        "via": [
          "bin-version"
        ],
        "effects": [
          "bin-wrapper"
        ],
        "range": "<=4.0.0",
        "nodes": [
          "node_modules/bin-version-check"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "bin-wrapper": {
        "name": "bin-wrapper",
        "severity": "high",
        "isDirect": false,
        "via": [
          "bin-version-check",
          "download"
        ],
        "effects": [
          "saucelabs"
        ],
        "range": ">=0.4.0",
        "nodes": [
          "node_modules/bin-wrapper"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "cacheable-request": {
        "name": "cacheable-request",
        "severity": "high",
        "isDirect": false,
        "via": [
          "http-cache-semantics"
        ],
        "effects": [
          "got"
        ],
        "range": "0.1.0 - 2.1.4",
        "nodes": [
          "node_modules/download/node_modules/cacheable-request"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "download": {
        "name": "download",
        "severity": "moderate",
        "isDirect": false,
        "via": [
          "got"
        ],
        "effects": [
          "bin-wrapper"
        ],
        "range": ">=4.0.0",
        "nodes": [
          "node_modules/download"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "find-versions": {
        "name": "find-versions",
        "severity": "high",
        "isDirect": false,
        "via": [
          "semver-regex"
        ],
        "effects": [
          "bin-version"
        ],
        "range": "<=3.2.0",
        "nodes": [
          "node_modules/find-versions"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "got": {
        "name": "got",
        "severity": "high",
        "isDirect": false,
        "via": [
          {
            "source": 1088948,
            "name": "got",
            "dependency": "got",
            "title": "Got allows a redirect to a UNIX socket",
            "url": "https://github.com/advisories/GHSA-pfrx-2q88-qq97",
            "severity": "moderate",
            "cwe": [],
            "cvss": {
              "score": 5.3,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
            },
            "range": "<11.8.5"
          },
          "cacheable-request"
        ],
        "effects": [
          "download"
        ],
        "range": "<=11.8.3",
        "nodes": [
          "node_modules/download/node_modules/got"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "gulp-util": {
        "name": "gulp-util",
        "severity": "high",
        "isDirect": false,
        "via": [
          "lodash.template"
        ],
        "effects": [
          "remap-istanbul"
        ],
        "range": ">=1.1.0",
        "nodes": [
          "node_modules/gulp-util"
        ],
        "fixAvailable": {
          "name": "karma-remap-istanbul",
          "version": "0.0.2",
          "isSemVerMajor": true
        }
      },
      "http-cache-semantics": {
        "name": "http-cache-semantics",
        "severity": "high",
        "isDirect": false,
        "via": [
          {
            "source": 1092316,
            "name": "http-cache-semantics",
            "dependency": "http-cache-semantics",
            "title": "http-cache-semantics vulnerable to Regular Expression Denial of Service",
            "url": "https://github.com/advisories/GHSA-rc47-6667-2j5j",
            "severity": "high",
            "cwe": [
              "CWE-1333"
            ],
            "cvss": {
              "score": 7.5,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
            },
            "range": "<4.1.1"
          }
        ],
        "effects": [
          "cacheable-request"
        ],
        "range": "<4.1.1",
        "nodes": [
          "node_modules/download/node_modules/http-cache-semantics"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "karma-remap-istanbul": {
        "name": "karma-remap-istanbul",
        "severity": "high",
        "isDirect": true,
        "via": [
          "remap-istanbul"
        ],
        "effects": [],
        "range": ">=0.0.3",
        "nodes": [
          "node_modules/karma-remap-istanbul"
        ],
        "fixAvailable": {
          "name": "karma-remap-istanbul",
          "version": "0.0.2",
          "isSemVerMajor": true
        }
      },
      "karma-sauce-launcher": {
        "name": "karma-sauce-launcher",
        "severity": "moderate",
        "isDirect": true,
        "via": [
          "saucelabs"
        ],
        "effects": [],
        "range": ">=4.1.5",
        "nodes": [
          "node_modules/karma-sauce-launcher"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "lodash.template": {
        "name": "lodash.template",
        "severity": "high",
        "isDirect": false,
        "via": [
          {
            "source": 1096993,
            "name": "lodash.template",
            "dependency": "lodash.template",
            "title": "Command Injection in lodash",
            "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
            "severity": "high",
            "cwe": [
              "CWE-77",
              "CWE-94"
            ],
            "cvss": {
              "score": 7.2,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
            },
            "range": "<=4.5.0"
          }
        ],
        "effects": [
          "gulp-util"
        ],
        "range": "*",
        "nodes": [
          "node_modules/lodash.template"
        ],
        "fixAvailable": {
          "name": "karma-remap-istanbul",
          "version": "0.0.2",
          "isSemVerMajor": true
        }
      },
      "meow": {
        "name": "meow",
        "severity": "high",
        "isDirect": false,
        "via": [
          "trim-newlines"
        ],
        "effects": [],
        "range": "3.4.0 - 5.0.0",
        "nodes": [
          "node_modules/meow"
        ],
        "fixAvailable": true
      },
      "remap-istanbul": {
        "name": "remap-istanbul",
        "severity": "high",
        "isDirect": false,
        "via": [
          "gulp-util"
        ],
        "effects": [
          "karma-remap-istanbul"
        ],
        "range": "<=0.9.6",
        "nodes": [
          "node_modules/remap-istanbul"
        ],
        "fixAvailable": {
          "name": "karma-remap-istanbul",
          "version": "0.0.2",
          "isSemVerMajor": true
        }
      },
      "saucelabs": {
        "name": "saucelabs",
        "severity": "moderate",
        "isDirect": false,
        "via": [
          "bin-wrapper"
        ],
        "effects": [
          "karma-sauce-launcher"
        ],
        "range": "4.1.0 - 7.1.2",
        "nodes": [
          "node_modules/saucelabs"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "semver-regex": {
        "name": "semver-regex",
        "severity": "high",
        "isDirect": false,
        "via": [
          {
            "source": 1092475,
            "name": "semver-regex",
            "dependency": "semver-regex",
            "title": "semver-regex Regular Expression Denial of Service (ReDOS)",
            "url": "https://github.com/advisories/GHSA-44c6-4v22-4mhx",
            "severity": "high",
            "cwe": [
              "CWE-400",
              "CWE-1333"
            ],
            "cvss": {
              "score": 7.5,
              "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
            },
            "range": "<3.1.3"
          },
          {
            "source": 1092605,
            "name": "semver-regex",
            "dependency": "semver-regex",
            "title": "Regular expression denial of service in semver-regex",
            "url": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch",
            "severity": "low",
            "cwe": [
              "CWE-1333"
            ],
            "cvss": {
              "score": 0,
              "vectorString": null
            },
            "range": "<3.1.4"
          }
        ],
        "effects": [
          "find-versions"
        ],
        "range": "<=3.1.3",
        "nodes": [
          "node_modules/semver-regex"
        ],
        "fixAvailable": {
          "name": "karma-sauce-launcher",
          "version": "4.1.4",
          "isSemVerMajor": true
        }
      },
      "trim-newlines": {
        "name": "trim-newlines",
        "severity": "high",
        "isDirect": false,
        "via": [
          {
            "source": 1095100,
            "name": "trim-newlines",
            "dependency": "trim-newlines",
            "title": "Uncontrolled Resource Consumption in trim-newlines",
            "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v",
            "severity": "high",
            "cwe": [
              "CWE-400"
            ],
            "cvss": {
              "score": 7.5,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
            },
            "range": "<3.0.1"
          }
        ],
        "effects": [
          "meow"
        ],
        "range": "<3.0.1",
        "nodes": [
          "node_modules/trim-newlines"
        ],
        "fixAvailable": true
      }
    },
    "metadata": {
      "vulnerabilities": {
        "info": 0,
        "low": 0,
        "moderate": 3,
        "high": 14,
        "critical": 0,
        "total": 17
      },
      "dependencies": {
        "prod": 1,
        "dev": 923,
        "optional": 3,
        "peer": 1,
        "peerOptional": 0,
        "total": 923
      }
    }
  }
}

--- end ---
{"added": 1, "removed": 0, "changed": 0, "audited": 924, "funding": 92, "audit": {"auditReportVersion": 2, "vulnerabilities": {"bin-version": {"name": "bin-version", "severity": "high", "isDirect": false, "via": ["find-versions"], "effects": ["bin-version-check"], "range": "<=4.0.0", "nodes": ["node_modules/bin-version"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "bin-version-check": {"name": "bin-version-check", "severity": "high", "isDirect": false, "via": ["bin-version"], "effects": ["bin-wrapper"], "range": "<=4.0.0", "nodes": ["node_modules/bin-version-check"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "bin-wrapper": {"name": "bin-wrapper", "severity": "high", "isDirect": false, "via": ["bin-version-check", "download"], "effects": ["saucelabs"], "range": ">=0.4.0", "nodes": ["node_modules/bin-wrapper"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "cacheable-request": {"name": "cacheable-request", "severity": "high", "isDirect": false, "via": ["http-cache-semantics"], "effects": ["got"], "range": "0.1.0 - 2.1.4", "nodes": ["node_modules/download/node_modules/cacheable-request"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "download": {"name": "download", "severity": "moderate", "isDirect": false, "via": ["got"], "effects": ["bin-wrapper"], "range": ">=4.0.0", "nodes": ["node_modules/download"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "find-versions": {"name": "find-versions", "severity": "high", "isDirect": false, "via": ["semver-regex"], "effects": ["bin-version"], "range": "<=3.2.0", "nodes": ["node_modules/find-versions"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "got": {"name": "got", "severity": "high", "isDirect": false, "via": [{"source": 1088948, "name": "got", "dependency": "got", "title": "Got allows a redirect to a UNIX socket", "url": "https://github.com/advisories/GHSA-pfrx-2q88-qq97", "severity": "moderate", "cwe": [], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "range": "<11.8.5"}, "cacheable-request"], "effects": ["download"], "range": "<=11.8.3", "nodes": ["node_modules/download/node_modules/got"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "gulp-util": {"name": "gulp-util", "severity": "high", "isDirect": false, "via": ["lodash.template"], "effects": ["remap-istanbul"], "range": ">=1.1.0", "nodes": ["node_modules/gulp-util"], "fixAvailable": {"name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true}}, "http-cache-semantics": {"name": "http-cache-semantics", "severity": "high", "isDirect": false, "via": [{"source": 1092316, "name": "http-cache-semantics", "dependency": "http-cache-semantics", "title": "http-cache-semantics vulnerable to Regular Expression Denial of Service", "url": "https://github.com/advisories/GHSA-rc47-6667-2j5j", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<4.1.1"}], "effects": ["cacheable-request"], "range": "<4.1.1", "nodes": ["node_modules/download/node_modules/http-cache-semantics"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "karma-remap-istanbul": {"name": "karma-remap-istanbul", "severity": "high", "isDirect": true, "via": ["remap-istanbul"], "effects": [], "range": ">=0.0.3", "nodes": ["node_modules/karma-remap-istanbul"], "fixAvailable": {"name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true}}, "karma-sauce-launcher": {"name": "karma-sauce-launcher", "severity": "moderate", "isDirect": true, "via": ["saucelabs"], "effects": [], "range": ">=4.1.5", "nodes": ["node_modules/karma-sauce-launcher"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "lodash.template": {"name": "lodash.template", "severity": "high", "isDirect": false, "via": [{"source": 1096993, "name": "lodash.template", "dependency": "lodash.template", "title": "Command Injection in lodash", "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "severity": "high", "cwe": ["CWE-77", "CWE-94"], "cvss": {"score": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=4.5.0"}], "effects": ["gulp-util"], "range": "*", "nodes": ["node_modules/lodash.template"], "fixAvailable": {"name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true}}, "meow": {"name": "meow", "severity": "high", "isDirect": false, "via": ["trim-newlines"], "effects": [], "range": "3.4.0 - 5.0.0", "nodes": ["node_modules/meow"], "fixAvailable": true}, "remap-istanbul": {"name": "remap-istanbul", "severity": "high", "isDirect": false, "via": ["gulp-util"], "effects": ["karma-remap-istanbul"], "range": "<=0.9.6", "nodes": ["node_modules/remap-istanbul"], "fixAvailable": {"name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true}}, "saucelabs": {"name": "saucelabs", "severity": "moderate", "isDirect": false, "via": ["bin-wrapper"], "effects": ["karma-sauce-launcher"], "range": "4.1.0 - 7.1.2", "nodes": ["node_modules/saucelabs"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "semver-regex": {"name": "semver-regex", "severity": "high", "isDirect": false, "via": [{"source": 1092475, "name": "semver-regex", "dependency": "semver-regex", "title": "semver-regex Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-44c6-4v22-4mhx", "severity": "high", "cwe": ["CWE-400", "CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.3"}, {"source": 1092605, "name": "semver-regex", "dependency": "semver-regex", "title": "Regular expression denial of service in semver-regex", "url": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch", "severity": "low", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<3.1.4"}], "effects": ["find-versions"], "range": "<=3.1.3", "nodes": ["node_modules/semver-regex"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "trim-newlines": {"name": "trim-newlines", "severity": "high", "isDirect": false, "via": [{"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}], "effects": ["meow"], "range": "<3.0.1", "nodes": ["node_modules/trim-newlines"], "fixAvailable": true}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 3, "high": 14, "critical": 0, "total": 17}, "dependencies": {"prod": 1, "dev": 923, "optional": 3, "peer": 1, "peerOptional": 0, "total": 923}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---

up to date, audited 923 packages in 2s

92 packages are looking for funding
  run `npm fund` for details

# npm audit report

got  <=11.8.3
Severity: high
Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97
Depends on vulnerable versions of cacheable-request
fix available via `npm audit fix --force`
Will install karma-sauce-launcher@4.1.4, which is a breaking change
node_modules/download/node_modules/got
  download  >=4.0.0
  Depends on vulnerable versions of got
  node_modules/download
    bin-wrapper  >=0.4.0
    Depends on vulnerable versions of bin-version-check
    Depends on vulnerable versions of download
    node_modules/bin-wrapper
      saucelabs  4.1.0 - 7.1.2
      Depends on vulnerable versions of bin-wrapper
      node_modules/saucelabs
        karma-sauce-launcher  >=4.1.5
        Depends on vulnerable versions of saucelabs
        node_modules/karma-sauce-launcher

http-cache-semantics  <4.1.1
Severity: high
http-cache-semantics vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-rc47-6667-2j5j
fix available via `npm audit fix --force`
Will install karma-sauce-launcher@4.1.4, which is a breaking change
node_modules/download/node_modules/http-cache-semantics
  cacheable-request  0.1.0 - 2.1.4
  Depends on vulnerable versions of http-cache-semantics
  node_modules/download/node_modules/cacheable-request

lodash.template  *
Severity: high
Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm
fix available via `npm audit fix --force`
Will install karma-remap-istanbul@0.0.2, which is a breaking change
node_modules/lodash.template
  gulp-util  >=1.1.0
  Depends on vulnerable versions of lodash.template
  node_modules/gulp-util
    remap-istanbul  <=0.9.6
    Depends on vulnerable versions of gulp-util
    node_modules/remap-istanbul
      karma-remap-istanbul  >=0.0.3
      Depends on vulnerable versions of remap-istanbul
      node_modules/karma-remap-istanbul

semver-regex  <=3.1.3
Severity: high
semver-regex Regular Expression Denial of Service (ReDOS) - https://github.com/advisories/GHSA-44c6-4v22-4mhx
Regular expression denial of service in semver-regex - https://github.com/advisories/GHSA-4x5v-gmq8-25ch
fix available via `npm audit fix --force`
Will install karma-sauce-launcher@4.1.4, which is a breaking change
node_modules/semver-regex
  find-versions  <=3.2.0
  Depends on vulnerable versions of semver-regex
  node_modules/find-versions
    bin-version  <=4.0.0
    Depends on vulnerable versions of find-versions
    node_modules/bin-version
      bin-version-check  <=4.0.0
      Depends on vulnerable versions of bin-version
      node_modules/bin-version-check

trim-newlines  <3.0.1
Severity: high
Uncontrolled Resource Consumption in trim-newlines - https://github.com/advisories/GHSA-7p7h-4mm5-852v
fix available via `npm audit fix`
node_modules/trim-newlines
  meow  3.4.0 - 5.0.0
  Depends on vulnerable versions of trim-newlines
  node_modules/meow

17 vulnerabilities (3 moderate, 14 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json

--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated gulp-util@3.0.7: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated istanbul@0.4.5: This module is no longer maintained, try this instead:
npm WARN deprecated   npm i nyc
npm WARN deprecated Visit https://istanbul.js.org/integrations for other alternatives.
--- stdout ---

added 922 packages, and audited 923 packages in 7s

92 packages are looking for funding
  run `npm fund` for details

17 vulnerabilities (3 moderate, 14 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

--- end ---
$ /usr/bin/npm test
--- stderr ---
(node:595) Warning: Accessing non-existent property 'VERSION' of module exports inside circular dependency
(Use `node --trace-warnings ...` to show where the warning was created)
--- stdout ---

> oojs@7.0.1 test
> npm run build-dev && karma start && qunit --require ./tests/setup-node tests/unit/ && npm run lint


> oojs@7.0.1 build-dev
> grunt build-dev

Running "set-meta" task

Running "set-dev" task

Running "clean:dist" (clean) task
>> 2 paths cleaned.

Running "concat:dev" (concat) task

Done.
22 04 2024 07:14:57.065:INFO [karma-server]: Karma v6.3.18 server started at http://localhost:9876/
22 04 2024 07:14:57.067:INFO [launcher]: Launching browsers FirefoxHeadless, ChromeCustom with concurrency unlimited
22 04 2024 07:14:57.097:INFO [launcher]: Starting browser FirefoxHeadless
22 04 2024 07:14:57.112:INFO [launcher]: Starting browser ChromeHeadless
22 04 2024 07:14:58.753:INFO [Chrome Headless 123.0.6312.86 (Linux x86_64)]: Connected on socket bVgR3LBcCgZ8RK1uAAAB with id 27767548
............................................................
Chrome Headless 123.0.6312.86 (Linux x86_64): Executed 60 of 60 SUCCESS (0.105 secs / 0.075 secs)
22 04 2024 07:15:00.168:INFO [Firefox 115.0 (Linux x86_64)]: Connected on socket TZRcPQ7Wt75D_NQ5AAAD with id 80530618
............................................................
Firefox 115.0 (Linux x86_64): Executed 60 of 60 SUCCESS (0.184 secs / 0.083 secs)
TOTAL: 120 SUCCESS
TOTAL: 120 SUCCESS

=============================== Coverage summary ===============================
Statements   : 100% ( 449/449 )
Branches     : 100% ( 270/270 )
Functions    : 100% ( 60/60 )
Lines        : 100% ( 432/432 )
================================================================================
TAP version 13
ok 1 EmitterList > addItems
ok 2 EmitterList > moveItem
ok 3 EmitterList > clearItems
ok 4 EmitterList > removeItems
ok 5 EmitterList > aggregate
ok 6 EmitterList > Events
ok 7 EventEmitter > on
ok 8 EventEmitter > once
ok 9 EventEmitter > once - nested
ok 10 EventEmitter > once - off
ok 11 EventEmitter > emit
ok 12 EventEmitter > off
ok 13 EventEmitter > connect
ok 14 EventEmitter > disconnect( host )
ok 15 EventEmitter > disconnect( host, methods )
ok 16 EventEmitter > disconnect( host, array methods )
ok 17 EventEmitter > disconnect( host, unbound methods )
ok 18 EventEmitter > chainable
ok 19 Factory > invalid registration
ok 20 Factory > registeration and lookup [Class.key]
ok 21 Factory > registeration and lookup [Class.static.name]
ok 22 Factory > registeration and lookup [key and name]
ok 23 Factory > registeration and lookup [unknown]
ok 24 Factory > invalid creation
ok 25 Factory > valid creation
ok 26 Registry > register/unregister
ok 27 Registry > lookup
ok 28 SortedEmitterList > addItems
ok 29 SortedEmitterList > Events
ok 30 core > initClass
ok 31 core > inheritClass
ok 32 core > mixinClass
ok 33 core > isSubclass
ok 34 core > getProp( Object )
ok 35 core > getProp( Function )
ok 36 core > getProp( Array )
ok 37 core > setProp( Object )
ok 38 core > setProp( Function )
ok 39 core > setProp( Array )
ok 40 core > deleteProp( Object )
ok 41 core > deleteProp( Function )
ok 42 core > deleteProp( Array )
ok 43 core > cloneObject
ok 44 core > getObjectValues
ok 45 core > binarySearch
ok 46 core > compare
ok 47 core > compare( Node, Node )
ok 48 core > compare( Object, Object, Boolean asymmetrical )
ok 49 core > copy( source )
ok 50 core > copy( source, Function leafCallback )
ok 51 core > copy( source, Function leafCallback, Function nodeCallback )
ok 52 core > getHash: Basic usage
ok 53 core > getHash: Complex usage
ok 54 core > unique
ok 55 core > simpleArrayUnion
ok 56 core > simpleArrayIntersection
ok 57 core > simpleArrayDifference
ok 58 util > isPlainObject
1..58
# pass 58
# skip 0
# todo 0
# fail 0

> oojs@7.0.1 lint
> eslint --cache .


--- end ---
{"1095100": {"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}}
{"1095100": {"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}}
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json

--- end ---
build: Updating jsdoc-wmf-theme to 0.0.13

$ git add .
--- stdout ---

--- end ---
$ git commit -F /tmp/tmp1_vlczxl
--- stdout ---
[master 58fc7ad] build: Updating jsdoc-wmf-theme to 0.0.13
 2 files changed, 12 insertions(+), 24 deletions(-)

--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From 58fc7ad5555bc38e1b4ed450a2ade1ba5f514fe8 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Mon, 22 Apr 2024 07:15:05 +0000
Subject: [PATCH] build: Updating jsdoc-wmf-theme to 0.0.13

Change-Id: Ie3c24e3daa1ceb8a1878f7edbadc04d9f45f359b
---
 package-lock.json | 34 +++++++++++-----------------------
 package.json      |  2 +-
 2 files changed, 12 insertions(+), 24 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index a11a868..4ddefb6 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -16,7 +16,7 @@
 				"grunt-contrib-uglify": "5.2.2",
 				"jsdoc": "4.0.2",
 				"jsdoc-class-hierarchy": "1.1.2",
-				"jsdoc-wmf-theme": "0.0.12",
+				"jsdoc-wmf-theme": "0.0.13",
 				"karma": "6.3.18",
 				"karma-chrome-launcher": "3.1.0",
 				"karma-coverage": "2.0.3",
@@ -6384,16 +6384,16 @@
 			}
 		},
 		"node_modules/jsdoc-wmf-theme": {
-			"version": "0.0.12",
-			"resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.12.tgz",
-			"integrity": "sha512-nuM3TZ91hYWr0GcWr0ECccUMaqxmfQaQTrvqh6n2OSCJj1PRYLMAX7ME3iR+3NX8yBI5MLA+SoiZMwDq/B6pdg==",
+			"version": "0.0.13",
+			"resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.13.tgz",
+			"integrity": "sha512-H8h0Xut3J9UGBJECAQAFbF8MVGGNA2PKFpNW4z9Go2DC/wby4Q/hn3reBJ3lB9/j+molyt8UVrO0Z+eA5nOyhw==",
 			"dev": true,
 			"dependencies": {
+				"@jsdoc/salty": "^0.2.7",
 				"@wikimedia/codex-design-tokens": "1.1.1",
 				"domino": "^2.1.6",
 				"lunr": "2.3.9",
-				"normalize.css": "8.0.1",
-				"taffydb": "^2.7.3"
+				"normalize.css": "8.0.1"
 			}
 		},
 		"node_modules/jsdoc/node_modules/escape-string-regexp": {
@@ -9392,12 +9392,6 @@
 				"url": "https://github.com/sponsors/ljharb"
 			}
 		},
-		"node_modules/taffydb": {
-			"version": "2.7.3",
-			"resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.7.3.tgz",
-			"integrity": "sha512-GQ3gtYFSOAxSMN/apGtDKKkbJf+8izz5YfbGqIsUc7AMiQOapARZ76dhilRY2h39cynYxBFdafQo5HUL5vgkrg==",
-			"dev": true
-		},
 		"node_modules/tar-fs": {
 			"version": "2.1.1",
 			"resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz",
@@ -15309,16 +15303,16 @@
 			"dev": true
 		},
 		"jsdoc-wmf-theme": {
-			"version": "0.0.12",
-			"resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.12.tgz",
-			"integrity": "sha512-nuM3TZ91hYWr0GcWr0ECccUMaqxmfQaQTrvqh6n2OSCJj1PRYLMAX7ME3iR+3NX8yBI5MLA+SoiZMwDq/B6pdg==",
+			"version": "0.0.13",
+			"resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.13.tgz",
+			"integrity": "sha512-H8h0Xut3J9UGBJECAQAFbF8MVGGNA2PKFpNW4z9Go2DC/wby4Q/hn3reBJ3lB9/j+molyt8UVrO0Z+eA5nOyhw==",
 			"dev": true,
 			"requires": {
+				"@jsdoc/salty": "^0.2.7",
 				"@wikimedia/codex-design-tokens": "1.1.1",
 				"domino": "^2.1.6",
 				"lunr": "2.3.9",
-				"normalize.css": "8.0.1",
-				"taffydb": "^2.7.3"
+				"normalize.css": "8.0.1"
 			}
 		},
 		"jsesc": {
@@ -17678,12 +17672,6 @@
 			"integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==",
 			"dev": true
 		},
-		"taffydb": {
-			"version": "2.7.3",
-			"resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.7.3.tgz",
-			"integrity": "sha512-GQ3gtYFSOAxSMN/apGtDKKkbJf+8izz5YfbGqIsUc7AMiQOapARZ76dhilRY2h39cynYxBFdafQo5HUL5vgkrg==",
-			"dev": true
-		},
 		"tar-fs": {
 			"version": "2.1.1",
 			"resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz",
diff --git a/package.json b/package.json
index e1fc67e..1e90f0d 100644
--- a/package.json
+++ b/package.json
@@ -39,7 +39,7 @@
 		"grunt-contrib-uglify": "5.2.2",
 		"jsdoc": "4.0.2",
 		"jsdoc-class-hierarchy": "1.1.2",
-		"jsdoc-wmf-theme": "0.0.12",
+		"jsdoc-wmf-theme": "0.0.13",
 		"karma": "6.3.18",
 		"karma-chrome-launcher": "3.1.0",
 		"karma-coverage": "2.0.3",
-- 
2.39.2


--- end ---

npm dependencies

Development dependencies

Logs

Source code is licensed under the AGPL.