unicodejs (main)

sourcepatches
From 97e2257572fdb61a1bdc8eefc838fe7a468f45fa Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sat, 15 May 2021 18:41:40 +0000
Subject: [PATCH] build: Updating lodash to 4.17.21

* https://npmjs.com/advisories/1673 (CVE-2021-23337)

Change-Id: Ica5fd01423473dc78cf1728db94e6ac167cdb270
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 70f9760..53ee5d2 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2663,9 +2663,9 @@
 			}
 		},
 		"lodash": {
-			"version": "4.17.20",
-			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz",
-			"integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==",
+			"version": "4.17.21",
+			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+			"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
 			"dev": true
 		},
 		"lodash.memoize": {
-- 
2.20.1

$ date
Sat May 15 18:40:47 UTC 2021

$ git clone file:///srv/git/unicodejs.git repo --depth=1 -b master
Cloning into 'repo'...

$ git config user.name libraryupgrader

$ git config user.email tools.libraryupgrader@tools.wmflabs.org

$ git submodule update --init

$ grr init
Installed commit-msg hook.

$ git show-ref refs/heads/master
71c1c408ad4ec239c64b73edf3563c3cac9b43ec refs/heads/master

Attempting to npm audit fix
$ npm audit fix --only=dev

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

Thank you for using core-js ( https://github.com/zloirock/core-js ) for polyfilling JavaScript standard library!

The project needs your help! Please consider supporting of core-js on Open Collective or Patreon: 
> https://opencollective.com/core-js 
> https://www.patreon.com/zloirock 

Also, the author of core-js ( https://github.com/zloirock ) is looking for a good job -)

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

added 434 packages from 989 contributors in 15.043s

41 packages are looking for funding
  run `npm fund` for details

fixed 47 of 47 vulnerabilities in 435 scanned packages

$ npm audit fix --only=dev
npm WARN grunt-karma@4.0.0 requires a peer of karma@^4.0.0 || ^5.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

up to date in 2.431s

41 packages are looking for funding
  run `npm fund` for details

fixed 0 of 0 vulnerabilities in 435 scanned packages

$ npm audit fix --only=dev
npm WARN grunt-karma@4.0.0 requires a peer of karma@^4.0.0 || ^5.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

up to date in 2.243s

41 packages are looking for funding
  run `npm fund` for details

fixed 0 of 0 vulnerabilities in 435 scanned packages

Verifying that tests still pass
$ npm ci
npm WARN prepare removing existing node_modules/ before installation

> core-js@3.10.1 postinstall /src/repo/node_modules/core-js
> node -e "try{require('./postinstall')}catch(e){}"

added 435 packages in 8.017s

$ npm test

> unicodejs@13.0.3 test /src/repo
> grunt test

Running "set-meta" task

Running "set-dev" task

Running "clean:dist" (clean) task
>> 0 paths cleaned.

Running "concat:all" (concat) task

Running "copy:dist" (copy) task
Copied 4 files

Running "eslint:all" (eslint) task

Running "karma:chrome" (karma) task
15 05 2021 18:41:31.767:WARN [karma-server]: Passing raw CLI options to `new Server(config, done)` is deprecated. Use `parseConfig(configFilePath, cliOptions, {promiseConfig: true, throwErrors: true})` to prepare a processed `Config` instance and pass that as the `config` argument instead.
15 05 2021 18:41:32.721:INFO [karma-server]: Karma v6.3.2 server started at http://localhost:9876/
15 05 2021 18:41:32.722:INFO [launcher]: Launching browsers ChromeCustom with concurrency unlimited
15 05 2021 18:41:32.726:INFO [launcher]: Starting browser ChromeHeadless
15 05 2021 18:41:33.564:INFO [Chrome Headless 89.0.4389.114 (Linux x86_64)]: Connected on socket cm5FvIv7TPWehiIWAAAB with id 17910221
.........
Chrome Headless 89.0.4389.114 (Linux x86_64): Executed 9 of 9 SUCCESS (0.148 secs / 0.13 secs)

=============================== Coverage summary ===============================
Statements   : 100% ( 252/252 )
Branches     : 100% ( 238/238 )
Functions    : 100% ( 25/25 )
Lines        : 100% ( 250/250 )
================================================================================

Running "karma:firefox" (karma) task
15 05 2021 18:41:34.031:WARN [karma-server]: Passing raw CLI options to `new Server(config, done)` is deprecated. Use `parseConfig(configFilePath, cliOptions, {promiseConfig: true, throwErrors: true})` to prepare a processed `Config` instance and pass that as the `config` argument instead.
15 05 2021 18:41:34.386:INFO [karma-server]: Karma v6.3.2 server started at http://localhost:9876/
15 05 2021 18:41:34.387:INFO [launcher]: Launching browsers FirefoxHeadless with concurrency unlimited
15 05 2021 18:41:34.389:INFO [launcher]: Starting browser FirefoxHeadless
15 05 2021 18:41:39.872:INFO [Firefox 78.0 (Linux x86_64)]: Connected on socket 57ROf-AalliECurZAAAD with id 23445374
.........
Firefox 78.0 (Linux x86_64): Executed 9 of 9 SUCCESS (0.271 secs / 0.22 secs)

=============================== Coverage summary ===============================
Statements   : 100% ( 252/252 )
Branches     : 100% ( 238/238 )
Functions    : 100% ( 25/25 )
Lines        : 100% ( 250/250 )
================================================================================

Done.

Upgrading n:lodash from 4.17.20 -> 4.17.21
$ git add .

$ git commit -F /tmp/tmpyz0qtz_y
[master 97e2257] build: Updating lodash to 4.17.21
 1 file changed, 3 insertions(+), 3 deletions(-)

$ git format-patch HEAD~1 --stdout
From 97e2257572fdb61a1bdc8eefc838fe7a468f45fa Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sat, 15 May 2021 18:41:40 +0000
Subject: [PATCH] build: Updating lodash to 4.17.21

* https://npmjs.com/advisories/1673 (CVE-2021-23337)

Change-Id: Ica5fd01423473dc78cf1728db94e6ac167cdb270
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 70f9760..53ee5d2 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2663,9 +2663,9 @@
 			}
 		},
 		"lodash": {
-			"version": "4.17.20",
-			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz",
-			"integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==",
+			"version": "4.17.21",
+			"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+			"integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
 			"dev": true
 		},
 		"lodash.memoize": {
-- 
2.20.1

npm dependencies

Development dependencies

Logs

Source code is licensed under the AGPL.