wikidata/query-builder (main)

sourcepatches
$ date
--- stdout ---
Tue May 24 04:14:51 UTC 2022

--- end ---
$ git clone file:///srv/git/wikidata-query-builder.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---

--- end ---
$ git config user.name libraryupgrader
--- stdout ---

--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---

--- end ---
$ git submodule update --init
--- stdout ---

--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.

--- end ---
$ git show-ref refs/heads/master
--- stdout ---
c621a248617bddd1c3c8cf03535f5cd509bcea64 refs/heads/master

--- end ---
$ /usr/bin/npm audit --json --legacy-peer-deps
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "@netlify/build": {
      "name": "@netlify/build",
      "severity": "high",
      "via": [
        "@netlify/cache-utils",
        "@netlify/functions-utils"
      ],
      "effects": [
        "netlify-cli"
      ],
      "range": ">=0.1.31",
      "nodes": [
        "node_modules/netlify-cli/node_modules/@netlify/build"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "@netlify/cache-utils": {
      "name": "@netlify/cache-utils",
      "severity": "high",
      "via": [
        "cpy"
      ],
      "effects": [
        "@netlify/build"
      ],
      "range": "*",
      "nodes": [
        "node_modules/netlify-cli/node_modules/@netlify/cache-utils"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "@netlify/functions-utils": {
      "name": "@netlify/functions-utils",
      "severity": "high",
      "via": [
        "cpy"
      ],
      "effects": [
        "@netlify/build"
      ],
      "range": "*",
      "nodes": [
        "node_modules/netlify-cli/node_modules/@netlify/functions-utils"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "ansi-regex": {
      "name": "ansi-regex",
      "severity": "high",
      "via": [
        {
          "source": 1070273,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "high",
          "range": ">=3.0.0 <3.0.1"
        },
        {
          "source": 1070274,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "high",
          "range": ">=4.0.0 <4.1.1"
        },
        {
          "source": 1070275,
          "name": "ansi-regex",
          "dependency": "ansi-regex",
          "title": " Inefficient Regular Expression Complexity in chalk/ansi-regex",
          "url": "https://github.com/advisories/GHSA-93q8-gq69-wqmw",
          "severity": "high",
          "range": ">=5.0.0 <5.0.1"
        }
      ],
      "effects": [],
      "range": "3.0.0 || 4.0.0 - 4.1.0 || 5.0.0",
      "nodes": [
        "node_modules/netlify-cli/node_modules/@oclif/color/node_modules/ansi-regex",
        "node_modules/netlify-cli/node_modules/@oclif/plugin-help/node_modules/ansi-regex",
        "node_modules/netlify-cli/node_modules/@oclif/plugin-not-found/node_modules/ansi-regex",
        "node_modules/netlify-cli/node_modules/inquirer/node_modules/ansi-regex",
        "node_modules/netlify-cli/node_modules/inquirer/node_modules/string-width/node_modules/ansi-regex",
        "node_modules/netlify-cli/node_modules/log-update/node_modules/ansi-regex",
        "node_modules/string-width/node_modules/ansi-regex",
        "node_modules/stylelint/node_modules/ansi-regex",
        "node_modules/table/node_modules/ansi-regex",
        "node_modules/wrap-ansi/node_modules/ansi-regex"
      ],
      "fixAvailable": true
    },
    "async": {
      "name": "async",
      "severity": "high",
      "via": [
        {
          "source": 1070206,
          "name": "async",
          "dependency": "async",
          "title": "Prototype Pollution in async",
          "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25",
          "severity": "high",
          "range": "<2.6.4"
        },
        {
          "source": 1070207,
          "name": "async",
          "dependency": "async",
          "title": "Prototype Pollution in async",
          "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25",
          "severity": "high",
          "range": ">=3.0.0 <3.2.2"
        }
      ],
      "effects": [
        "hasbin"
      ],
      "range": ">=3.0.0 <3.2.2 || <2.6.4",
      "nodes": [
        "node_modules/async",
        "node_modules/netlify-cli/node_modules/async",
        "node_modules/netlify-cli/node_modules/hasbin/node_modules/async"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "cpy": {
      "name": "cpy",
      "severity": "high",
      "via": [
        "globby"
      ],
      "effects": [
        "@netlify/cache-utils",
        "@netlify/functions-utils"
      ],
      "range": "7.0.0 - 8.1.2",
      "nodes": [
        "node_modules/netlify-cli/node_modules/cpy"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "fast-glob": {
      "name": "fast-glob",
      "severity": "high",
      "via": [
        "glob-parent"
      ],
      "effects": [
        "globby"
      ],
      "range": "<=2.2.7",
      "nodes": [
        "node_modules/netlify-cli/node_modules/cpy/node_modules/fast-glob"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "follow-redirects": {
      "name": "follow-redirects",
      "severity": "high",
      "via": [
        {
          "source": 1067407,
          "name": "follow-redirects",
          "dependency": "follow-redirects",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects",
          "url": "https://github.com/advisories/GHSA-pw2r-vq6v-hr8c",
          "severity": "moderate",
          "range": "<1.14.8"
        },
        {
          "source": 1067459,
          "name": "follow-redirects",
          "dependency": "follow-redirects",
          "title": "Exposure of sensitive information in follow-redirects",
          "url": "https://github.com/advisories/GHSA-74fj-2j2h-c42q",
          "severity": "high",
          "range": "<1.14.7"
        }
      ],
      "effects": [],
      "range": "<=1.14.7",
      "nodes": [
        "node_modules/follow-redirects",
        "node_modules/netlify-cli/node_modules/follow-redirects"
      ],
      "fixAvailable": true
    },
    "glob-parent": {
      "name": "glob-parent",
      "severity": "high",
      "via": [
        {
          "source": 1067329,
          "name": "glob-parent",
          "dependency": "glob-parent",
          "title": "Regular expression denial of service in glob-parent",
          "url": "https://github.com/advisories/GHSA-ww39-953v-wcq6",
          "severity": "high",
          "range": "<5.1.2"
        }
      ],
      "effects": [
        "fast-glob"
      ],
      "range": "<5.1.2",
      "nodes": [
        "node_modules/netlify-cli/node_modules/cpy/node_modules/glob-parent"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "globby": {
      "name": "globby",
      "severity": "high",
      "via": [
        "fast-glob"
      ],
      "effects": [
        "cpy"
      ],
      "range": "8.0.0 - 9.2.0",
      "nodes": [
        "node_modules/netlify-cli/node_modules/cpy/node_modules/globby"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "hasbin": {
      "name": "hasbin",
      "severity": "high",
      "via": [
        "async"
      ],
      "effects": [
        "netlify-cli"
      ],
      "range": "*",
      "nodes": [
        "node_modules/netlify-cli/node_modules/hasbin"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "json-schema": {
      "name": "json-schema",
      "severity": "moderate",
      "via": [
        {
          "source": 1067524,
          "name": "json-schema",
          "dependency": "json-schema",
          "title": "json-schema is vulnerable to Prototype Pollution",
          "url": "https://github.com/advisories/GHSA-896r-f27r-55mw",
          "severity": "moderate",
          "range": "<0.4.0"
        }
      ],
      "effects": [
        "jsprim"
      ],
      "range": "<0.4.0",
      "nodes": [
        "node_modules/json-schema"
      ],
      "fixAvailable": true
    },
    "jsprim": {
      "name": "jsprim",
      "severity": "moderate",
      "via": [
        "json-schema"
      ],
      "effects": [],
      "range": "0.3.0 - 1.4.1 || 2.0.0 - 2.0.1",
      "nodes": [
        "node_modules/jsprim"
      ],
      "fixAvailable": true
    },
    "minimist": {
      "name": "minimist",
      "severity": "critical",
      "via": [
        {
          "source": 1067342,
          "name": "minimist",
          "dependency": "minimist",
          "title": "Prototype Pollution in minimist",
          "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h",
          "severity": "critical",
          "range": "<1.2.6"
        }
      ],
      "effects": [],
      "range": "<1.2.6",
      "nodes": [
        "node_modules/minimist",
        "node_modules/netlify-cli/node_modules/minimist"
      ],
      "fixAvailable": true
    },
    "moment": {
      "name": "moment",
      "severity": "high",
      "via": [
        {
          "source": 1070245,
          "name": "moment",
          "dependency": "moment",
          "title": "Path Traversal: 'dir/../../filename' in moment.locale",
          "url": "https://github.com/advisories/GHSA-8hfj-j24r-96c4",
          "severity": "high",
          "range": "<2.29.2"
        }
      ],
      "effects": [],
      "range": "<2.29.2",
      "nodes": [
        "node_modules/moment"
      ],
      "fixAvailable": true
    },
    "nanoid": {
      "name": "nanoid",
      "severity": "moderate",
      "via": [
        {
          "source": 1067367,
          "name": "nanoid",
          "dependency": "nanoid",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor in nanoid",
          "url": "https://github.com/advisories/GHSA-qrpm-p2h7-hrv2",
          "severity": "moderate",
          "range": ">=3.0.0 <3.1.31"
        }
      ],
      "effects": [],
      "range": "3.0.0 - 3.1.30",
      "nodes": [
        "node_modules/nanoid",
        "node_modules/netlify-cli/node_modules/nanoid"
      ],
      "fixAvailable": true
    },
    "netlify-cli": {
      "name": "netlify-cli",
      "severity": "high",
      "via": [
        "@netlify/build",
        "hasbin"
      ],
      "effects": [],
      "range": ">=2.38.0",
      "nodes": [
        "node_modules/netlify-cli"
      ],
      "fixAvailable": {
        "name": "netlify-cli",
        "version": "3.7.1",
        "isSemVerMajor": true
      }
    },
    "node-fetch": {
      "name": "node-fetch",
      "severity": "high",
      "via": [
        {
          "source": 1070022,
          "name": "node-fetch",
          "dependency": "node-fetch",
          "title": "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor",
          "url": "https://github.com/advisories/GHSA-r683-j2x4-v87g",
          "severity": "high",
          "range": "<2.6.7"
        }
      ],
      "effects": [],
      "range": "<2.6.7",
      "nodes": [
        "node_modules/netlify-cli/node_modules/node-fetch"
      ],
      "fixAvailable": true
    },
    "trim-off-newlines": {
      "name": "trim-off-newlines",
      "severity": "moderate",
      "via": [
        {
          "source": 1067447,
          "name": "trim-off-newlines",
          "dependency": "trim-off-newlines",
          "title": "Uncontrolled Resource Consumption in trim-off-newlines",
          "url": "https://github.com/advisories/GHSA-38fc-wpqx-33j7",
          "severity": "moderate",
          "range": "<1.0.3"
        }
      ],
      "effects": [],
      "range": "<1.0.3",
      "nodes": [
        "node_modules/netlify-cli/node_modules/trim-off-newlines"
      ],
      "fixAvailable": true
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 4,
      "high": 14,
      "critical": 1,
      "total": 19
    },
    "dependencies": {
      "prod": 108,
      "dev": 3372,
      "optional": 560,
      "peer": 523,
      "peerOptional": 0,
      "total": 3479
    }
  }
}

--- end ---
Upgrading n:eslint from ^7.32.0 -> 8.9.0
Upgrading n:eslint-config-wikimedia from ^0.17.0 -> 0.22.1
Upgrading n:stylelint from ^13.10.0 -> 14.0.0
$ /usr/bin/npm install
--- stdout ---

added 2887 packages, and audited 2888 packages in 40s

21 packages are looking for funding
  run `npm fund` for details

17 vulnerabilities (2 moderate, 14 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json

--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json

--- end ---
$ ./node_modules/.bin/eslint . --fix
--- stderr ---
Oops! Something went wrong! :(

ESLint: 8.9.0

Error [ERR_PACKAGE_PATH_NOT_EXPORTED]: Package subpath './lib/rules/brace-style' is not defined by "exports" in /src/repo/node_modules/eslint/package.json
    at throwExportsNotFound (internal/modules/esm/resolve.js:299:9)
    at packageExportsResolve (internal/modules/esm/resolve.js:522:3)
    at resolveExports (internal/modules/cjs/loader.js:424:36)
    at Function.Module._findPath (internal/modules/cjs/loader.js:464:31)
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:802:27)
    at Function.Module._load (internal/modules/cjs/loader.js:667:27)
    at Module.require (internal/modules/cjs/loader.js:887:19)
    at require (/src/repo/node_modules/v8-compile-cache/v8-compile-cache.js:159:20)
    at Object.<anonymous> (/src/repo/node_modules/@typescript-eslint/eslint-plugin/dist/rules/brace-style.js:6:39)
    at Module._compile (/src/repo/node_modules/v8-compile-cache/v8-compile-cache.js:192:30)
--- stdout ---

--- end ---
$ ./node_modules/.bin/eslint . -f json
--- stderr ---
Oops! Something went wrong! :(

ESLint: 8.9.0

Error [ERR_PACKAGE_PATH_NOT_EXPORTED]: Package subpath './lib/rules/brace-style' is not defined by "exports" in /src/repo/node_modules/eslint/package.json
    at throwExportsNotFound (internal/modules/esm/resolve.js:299:9)
    at packageExportsResolve (internal/modules/esm/resolve.js:522:3)
    at resolveExports (internal/modules/cjs/loader.js:424:36)
    at Function.Module._findPath (internal/modules/cjs/loader.js:464:31)
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:802:27)
    at Function.Module._load (internal/modules/cjs/loader.js:667:27)
    at Module.require (internal/modules/cjs/loader.js:887:19)
    at require (/src/repo/node_modules/v8-compile-cache/v8-compile-cache.js:159:20)
    at Object.<anonymous> (/src/repo/node_modules/@typescript-eslint/eslint-plugin/dist/rules/brace-style.js:6:39)
    at Module._compile (/src/repo/node_modules/v8-compile-cache/v8-compile-cache.js:192:30)
--- stdout ---

--- end ---
Traceback (most recent call last):
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1395, in main
    libup.run(args.repo, args.output, args.branch)
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1333, in run
    self.npm_upgrade(plan)
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1041, in npm_upgrade
    hook(update)
  File "/venv/lib/python3.9/site-packages/runner-0.1.0-py3.9.egg/runner/__init__.py", line 1121, in _handle_eslint
    errors = json.loads(self.check_call([
  File "/usr/lib/python3.9/json/__init__.py", line 346, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python3.9/json/decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib/python3.9/json/decoder.py", line 355, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

npm dependencies

Dependencies
Development dependencies

Logs

Source code is licensed under the AGPL.