This run took 79 seconds.
From d75789256f91ad45e1731e1ba1414ee3c7b24161 Mon Sep 17 00:00:00 2001 From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org> Date: Sun, 28 Apr 2024 19:00:48 +0000 Subject: [PATCH] build: Updating jsdoc-wmf-theme to 1.0.0 Change-Id: Ie074014a33752369034cc1176f336ff9f1382e02 --- package-lock.json | 56 ++++++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 34 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index a11a868..05fee45 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "grunt-contrib-uglify": "5.2.2", "jsdoc": "4.0.2", "jsdoc-class-hierarchy": "1.1.2", - "jsdoc-wmf-theme": "0.0.12", + "jsdoc-wmf-theme": "1.0.0", "karma": "6.3.18", "karma-chrome-launcher": "3.1.0", "karma-coverage": "2.0.3", @@ -6384,16 +6384,29 @@ } }, "node_modules/jsdoc-wmf-theme": { - "version": "0.0.12", - "resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.12.tgz", - "integrity": "sha512-nuM3TZ91hYWr0GcWr0ECccUMaqxmfQaQTrvqh6n2OSCJj1PRYLMAX7ME3iR+3NX8yBI5MLA+SoiZMwDq/B6pdg==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-1.0.0.tgz", + "integrity": "sha512-DAR0Rna+X5/Hzlmt297Y05BLPGdUfBUBXfdMwiSJjh8cpLZxt9lHjw2SYnzOpPAPuJYWW3t6MkoJMG0i9cv+uQ==", "dev": true, "dependencies": { + "@jsdoc/salty": "^0.2.7", "@wikimedia/codex-design-tokens": "1.1.1", "domino": "^2.1.6", "lunr": "2.3.9", - "normalize.css": "8.0.1", - "taffydb": "^2.7.3" + "marked": "^12.0.1", + "normalize.css": "8.0.1" + } + }, + "node_modules/jsdoc-wmf-theme/node_modules/marked": { + "version": "12.0.2", + "resolved": "https://registry.npmjs.org/marked/-/marked-12.0.2.tgz", + "integrity": "sha512-qXUm7e/YKFoqFPYPa3Ukg9xlI5cyAtGmyEIzMfW//m6kXwCy2Ps9DYf5ioijFKQ8qyuscrHoY04iJGctu2Kg0Q==", + "dev": true, + "bin": { + "marked": "bin/marked.js" + }, + "engines": { + "node": ">= 18" } }, "node_modules/jsdoc/node_modules/escape-string-regexp": { @@ -9392,12 +9405,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/taffydb": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.7.3.tgz", - "integrity": "sha512-GQ3gtYFSOAxSMN/apGtDKKkbJf+8izz5YfbGqIsUc7AMiQOapARZ76dhilRY2h39cynYxBFdafQo5HUL5vgkrg==", - "dev": true - }, "node_modules/tar-fs": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz", @@ -15309,16 +15316,25 @@ "dev": true }, "jsdoc-wmf-theme": { - "version": "0.0.12", - "resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.12.tgz", - "integrity": "sha512-nuM3TZ91hYWr0GcWr0ECccUMaqxmfQaQTrvqh6n2OSCJj1PRYLMAX7ME3iR+3NX8yBI5MLA+SoiZMwDq/B6pdg==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-1.0.0.tgz", + "integrity": "sha512-DAR0Rna+X5/Hzlmt297Y05BLPGdUfBUBXfdMwiSJjh8cpLZxt9lHjw2SYnzOpPAPuJYWW3t6MkoJMG0i9cv+uQ==", "dev": true, "requires": { + "@jsdoc/salty": "^0.2.7", "@wikimedia/codex-design-tokens": "1.1.1", "domino": "^2.1.6", "lunr": "2.3.9", - "normalize.css": "8.0.1", - "taffydb": "^2.7.3" + "marked": "^12.0.1", + "normalize.css": "8.0.1" + }, + "dependencies": { + "marked": { + "version": "12.0.2", + "resolved": "https://registry.npmjs.org/marked/-/marked-12.0.2.tgz", + "integrity": "sha512-qXUm7e/YKFoqFPYPa3Ukg9xlI5cyAtGmyEIzMfW//m6kXwCy2Ps9DYf5ioijFKQ8qyuscrHoY04iJGctu2Kg0Q==", + "dev": true + } } }, "jsesc": { @@ -17678,12 +17694,6 @@ "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", "dev": true }, - "taffydb": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.7.3.tgz", - "integrity": "sha512-GQ3gtYFSOAxSMN/apGtDKKkbJf+8izz5YfbGqIsUc7AMiQOapARZ76dhilRY2h39cynYxBFdafQo5HUL5vgkrg==", - "dev": true - }, "tar-fs": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz", diff --git a/package.json b/package.json index e1fc67e..7f97b52 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ "grunt-contrib-uglify": "5.2.2", "jsdoc": "4.0.2", "jsdoc-class-hierarchy": "1.1.2", - "jsdoc-wmf-theme": "0.0.12", + "jsdoc-wmf-theme": "1.0.0", "karma": "6.3.18", "karma-chrome-launcher": "3.1.0", "karma-coverage": "2.0.3", -- 2.39.2
$ date --- stdout --- Sun Apr 28 18:59:47 UTC 2024 --- end --- $ git clone file:///srv/git/oojs-core.git repo --depth=1 -b master --- stderr --- Cloning into 'repo'... --- stdout --- --- end --- $ git config user.name libraryupgrader --- stdout --- --- end --- $ git config user.email tools.libraryupgrader@tools.wmflabs.org --- stdout --- --- end --- $ git submodule update --init --- stdout --- --- end --- $ grr init --- stdout --- Installed commit-msg hook. --- end --- $ git show-ref refs/heads/master --- stdout --- 8a2d4caa3629ccc03712824df269863b904f8a5f refs/heads/master --- end --- $ /usr/bin/npm audit --json --- stdout --- { "auditReportVersion": 2, "vulnerabilities": { "bin-version": { "name": "bin-version", "severity": "high", "isDirect": false, "via": [ "find-versions" ], "effects": [ "bin-version-check" ], "range": "<=4.0.0", "nodes": [ "node_modules/bin-version" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "bin-version-check": { "name": "bin-version-check", "severity": "high", "isDirect": false, "via": [ "bin-version" ], "effects": [ "bin-wrapper" ], "range": "<=4.0.0", "nodes": [ "node_modules/bin-version-check" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "bin-wrapper": { "name": "bin-wrapper", "severity": "high", "isDirect": false, "via": [ "bin-version-check", "download" ], "effects": [ "saucelabs" ], "range": ">=0.4.0", "nodes": [ "node_modules/bin-wrapper" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "cacheable-request": { "name": "cacheable-request", "severity": "high", "isDirect": false, "via": [ "http-cache-semantics" ], "effects": [ "got" ], "range": "0.1.0 - 2.1.4", "nodes": [ "node_modules/download/node_modules/cacheable-request" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "download": { "name": "download", "severity": "moderate", "isDirect": false, "via": [ "got" ], "effects": [ "bin-wrapper" ], "range": ">=4.0.0", "nodes": [ "node_modules/download" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "find-versions": { "name": "find-versions", "severity": "high", "isDirect": false, "via": [ "semver-regex" ], "effects": [ "bin-version" ], "range": "<=3.2.0", "nodes": [ "node_modules/find-versions" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "got": { "name": "got", "severity": "high", "isDirect": false, "via": [ { "source": 1088948, "name": "got", "dependency": "got", "title": "Got allows a redirect to a UNIX socket", "url": "https://github.com/advisories/GHSA-pfrx-2q88-qq97", "severity": "moderate", "cwe": [], "cvss": { "score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, "range": "<11.8.5" }, "cacheable-request" ], "effects": [ "download" ], "range": "<=11.8.3", "nodes": [ "node_modules/download/node_modules/got" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "gulp-util": { "name": "gulp-util", "severity": "high", "isDirect": false, "via": [ "lodash.template" ], "effects": [ "remap-istanbul" ], "range": ">=1.1.0", "nodes": [ "node_modules/gulp-util" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "http-cache-semantics": { "name": "http-cache-semantics", "severity": "high", "isDirect": false, "via": [ { "source": 1092316, "name": "http-cache-semantics", "dependency": "http-cache-semantics", "title": "http-cache-semantics vulnerable to Regular Expression Denial of Service", "url": "https://github.com/advisories/GHSA-rc47-6667-2j5j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<4.1.1" } ], "effects": [ "cacheable-request" ], "range": "<4.1.1", "nodes": [ "node_modules/download/node_modules/http-cache-semantics" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "jsdoc-wmf-theme": { "name": "jsdoc-wmf-theme", "severity": "high", "isDirect": true, "via": [ "taffydb" ], "effects": [], "range": "<=0.0.12", "nodes": [ "node_modules/jsdoc-wmf-theme" ], "fixAvailable": { "name": "jsdoc-wmf-theme", "version": "1.0.0", "isSemVerMajor": true } }, "karma-remap-istanbul": { "name": "karma-remap-istanbul", "severity": "high", "isDirect": true, "via": [ "remap-istanbul" ], "effects": [], "range": ">=0.0.3", "nodes": [ "node_modules/karma-remap-istanbul" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "karma-sauce-launcher": { "name": "karma-sauce-launcher", "severity": "moderate", "isDirect": true, "via": [ "saucelabs" ], "effects": [], "range": ">=4.1.5", "nodes": [ "node_modules/karma-sauce-launcher" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "lodash.template": { "name": "lodash.template", "severity": "high", "isDirect": false, "via": [ { "source": 1096993, "name": "lodash.template", "dependency": "lodash.template", "title": "Command Injection in lodash", "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "severity": "high", "cwe": [ "CWE-77", "CWE-94" ], "cvss": { "score": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, "range": "<=4.5.0" } ], "effects": [ "gulp-util" ], "range": "*", "nodes": [ "node_modules/lodash.template" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "meow": { "name": "meow", "severity": "high", "isDirect": false, "via": [ "trim-newlines" ], "effects": [], "range": "3.4.0 - 5.0.0", "nodes": [ "node_modules/meow" ], "fixAvailable": true }, "remap-istanbul": { "name": "remap-istanbul", "severity": "high", "isDirect": false, "via": [ "gulp-util" ], "effects": [ "karma-remap-istanbul" ], "range": "<=0.9.6", "nodes": [ "node_modules/remap-istanbul" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "saucelabs": { "name": "saucelabs", "severity": "moderate", "isDirect": false, "via": [ "bin-wrapper" ], "effects": [ "karma-sauce-launcher" ], "range": "4.1.0 - 7.1.2", "nodes": [ "node_modules/saucelabs" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "semver-regex": { "name": "semver-regex", "severity": "high", "isDirect": false, "via": [ { "source": 1092475, "name": "semver-regex", "dependency": "semver-regex", "title": "semver-regex Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-44c6-4v22-4mhx", "severity": "high", "cwe": [ "CWE-400", "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<3.1.3" }, { "source": 1092605, "name": "semver-regex", "dependency": "semver-regex", "title": "Regular expression denial of service in semver-regex", "url": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch", "severity": "low", "cwe": [ "CWE-1333" ], "cvss": { "score": 0, "vectorString": null }, "range": "<3.1.4" } ], "effects": [ "find-versions" ], "range": "<=3.1.3", "nodes": [ "node_modules/semver-regex" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "taffydb": { "name": "taffydb", "severity": "high", "isDirect": false, "via": [ { "source": 1089386, "name": "taffydb", "dependency": "taffydb", "title": "TaffyDB can allow access to any data items in the DB", "url": "https://github.com/advisories/GHSA-mxhp-79qh-mcx6", "severity": "high", "cwe": [ "CWE-20", "CWE-668" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, "range": "<=2.7.3" } ], "effects": [ "jsdoc-wmf-theme" ], "range": "*", "nodes": [ "node_modules/taffydb" ], "fixAvailable": { "name": "jsdoc-wmf-theme", "version": "1.0.0", "isSemVerMajor": true } }, "trim-newlines": { "name": "trim-newlines", "severity": "high", "isDirect": false, "via": [ { "source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": [ "CWE-400" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<3.0.1" } ], "effects": [ "meow" ], "range": "<3.0.1", "nodes": [ "node_modules/trim-newlines" ], "fixAvailable": true } }, "metadata": { "vulnerabilities": { "info": 0, "low": 0, "moderate": 3, "high": 16, "critical": 0, "total": 19 }, "dependencies": { "prod": 1, "dev": 924, "optional": 3, "peer": 1, "peerOptional": 0, "total": 924 } } } --- end --- Upgrading n:jsdoc-wmf-theme from 0.0.12 -> 1.0.0 $ /usr/bin/npm install --- stderr --- npm WARN deprecated gulp-util@3.0.7: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5 npm WARN deprecated istanbul@0.4.5: This module is no longer maintained, try this instead: npm WARN deprecated npm i nyc npm WARN deprecated Visit https://istanbul.js.org/integrations for other alternatives. --- stdout --- added 923 packages, and audited 924 packages in 6s 92 packages are looking for funding run `npm fund` for details 17 vulnerabilities (3 moderate, 14 high) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force Run `npm audit` for details. --- end --- $ package-lock-lint package-lock.json --- stdout --- Checking package-lock.json --- end --- $ /usr/bin/npm ci --- stderr --- npm WARN deprecated gulp-util@3.0.7: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5 npm WARN deprecated istanbul@0.4.5: This module is no longer maintained, try this instead: npm WARN deprecated npm i nyc npm WARN deprecated Visit https://istanbul.js.org/integrations for other alternatives. --- stdout --- added 923 packages, and audited 924 packages in 8s 92 packages are looking for funding run `npm fund` for details 17 vulnerabilities (3 moderate, 14 high) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force Run `npm audit` for details. --- end --- $ /usr/bin/npm test --- stderr --- (node:142) Warning: Accessing non-existent property 'VERSION' of module exports inside circular dependency (Use `node --trace-warnings ...` to show where the warning was created) --- stdout --- > oojs@7.0.1 test > npm run build-dev && karma start && qunit --require ./tests/setup-node tests/unit/ && npm run lint > oojs@7.0.1 build-dev > grunt build-dev Running "set-meta" task Running "set-dev" task Running "clean:dist" (clean) task >> 0 paths cleaned. Running "concat:dev" (concat) task Done. [32m28 04 2024 19:00:10.323:INFO [karma-server]: [39mKarma v6.3.18 server started at http://localhost:9876/ [32m28 04 2024 19:00:10.325:INFO [launcher]: [39mLaunching browsers FirefoxHeadless, ChromeCustom with concurrency unlimited [32m28 04 2024 19:00:10.328:INFO [launcher]: [39mStarting browser FirefoxHeadless [32m28 04 2024 19:00:10.338:INFO [launcher]: [39mStarting browser ChromeHeadless [32m28 04 2024 19:00:13.246:INFO [Chrome Headless 123.0.6312.86 (Linux x86_64)]: [39mConnected on socket fdpjLXcYC1OfBcsUAAAB with id 24690792 ............................................................ Chrome Headless 123.0.6312.86 (Linux x86_64): Executed 60 of 60 SUCCESS (0.147 secs / 0.084 secs) [32m28 04 2024 19:00:15.943:INFO [Firefox 115.0 (Linux x86_64)]: [39mConnected on socket yd7YiyAmky99j6zCAAAD with id 9765527 ............................................................ Firefox 115.0 (Linux x86_64): Executed 60 of 60 SUCCESS (0.181 secs / 0.148 secs) TOTAL: 120 SUCCESS TOTAL: 120 SUCCESS =============================== Coverage summary =============================== Statements : 100% ( 449/449 ) Branches : 100% ( 270/270 ) Functions : 100% ( 60/60 ) Lines : 100% ( 432/432 ) ================================================================================ TAP version 13 ok 1 EmitterList > addItems ok 2 EmitterList > moveItem ok 3 EmitterList > clearItems ok 4 EmitterList > removeItems ok 5 EmitterList > aggregate ok 6 EmitterList > Events ok 7 EventEmitter > on ok 8 EventEmitter > once ok 9 EventEmitter > once - nested ok 10 EventEmitter > once - off ok 11 EventEmitter > emit ok 12 EventEmitter > off ok 13 EventEmitter > connect ok 14 EventEmitter > disconnect( host ) ok 15 EventEmitter > disconnect( host, methods ) ok 16 EventEmitter > disconnect( host, array methods ) ok 17 EventEmitter > disconnect( host, unbound methods ) ok 18 EventEmitter > chainable ok 19 Factory > invalid registration ok 20 Factory > registeration and lookup [Class.key] ok 21 Factory > registeration and lookup [Class.static.name] ok 22 Factory > registeration and lookup [key and name] ok 23 Factory > registeration and lookup [unknown] ok 24 Factory > invalid creation ok 25 Factory > valid creation ok 26 Registry > register/unregister ok 27 Registry > lookup ok 28 SortedEmitterList > addItems ok 29 SortedEmitterList > Events ok 30 core > initClass ok 31 core > inheritClass ok 32 core > mixinClass ok 33 core > isSubclass ok 34 core > getProp( Object ) ok 35 core > getProp( Function ) ok 36 core > getProp( Array ) ok 37 core > setProp( Object ) ok 38 core > setProp( Function ) ok 39 core > setProp( Array ) ok 40 core > deleteProp( Object ) ok 41 core > deleteProp( Function ) ok 42 core > deleteProp( Array ) ok 43 core > cloneObject ok 44 core > getObjectValues ok 45 core > binarySearch ok 46 core > compare ok 47 core > compare( Node, Node ) ok 48 core > compare( Object, Object, Boolean asymmetrical ) ok 49 core > copy( source ) ok 50 core > copy( source, Function leafCallback ) ok 51 core > copy( source, Function leafCallback, Function nodeCallback ) ok 52 core > getHash: Basic usage ok 53 core > getHash: Complex usage ok 54 core > unique ok 55 core > simpleArrayUnion ok 56 core > simpleArrayIntersection ok 57 core > simpleArrayDifference ok 58 util > isPlainObject 1..58 # pass 58 # skip 0 # todo 0 # fail 0 > oojs@7.0.1 lint > eslint --cache . --- end --- $ /usr/bin/npm audit --json --- stdout --- { "auditReportVersion": 2, "vulnerabilities": { "bin-version": { "name": "bin-version", "severity": "high", "isDirect": false, "via": [ "find-versions" ], "effects": [ "bin-version-check" ], "range": "<=4.0.0", "nodes": [ "node_modules/bin-version" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "bin-version-check": { "name": "bin-version-check", "severity": "high", "isDirect": false, "via": [ "bin-version" ], "effects": [ "bin-wrapper" ], "range": "<=4.0.0", "nodes": [ "node_modules/bin-version-check" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "bin-wrapper": { "name": "bin-wrapper", "severity": "high", "isDirect": false, "via": [ "bin-version-check", "download" ], "effects": [ "saucelabs" ], "range": ">=0.4.0", "nodes": [ "node_modules/bin-wrapper" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "cacheable-request": { "name": "cacheable-request", "severity": "high", "isDirect": false, "via": [ "http-cache-semantics" ], "effects": [ "got" ], "range": "0.1.0 - 2.1.4", "nodes": [ "node_modules/download/node_modules/cacheable-request" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "download": { "name": "download", "severity": "moderate", "isDirect": false, "via": [ "got" ], "effects": [ "bin-wrapper" ], "range": ">=4.0.0", "nodes": [ "node_modules/download" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "find-versions": { "name": "find-versions", "severity": "high", "isDirect": false, "via": [ "semver-regex" ], "effects": [ "bin-version" ], "range": "<=3.2.0", "nodes": [ "node_modules/find-versions" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "got": { "name": "got", "severity": "high", "isDirect": false, "via": [ { "source": 1088948, "name": "got", "dependency": "got", "title": "Got allows a redirect to a UNIX socket", "url": "https://github.com/advisories/GHSA-pfrx-2q88-qq97", "severity": "moderate", "cwe": [], "cvss": { "score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, "range": "<11.8.5" }, "cacheable-request" ], "effects": [ "download" ], "range": "<=11.8.3", "nodes": [ "node_modules/download/node_modules/got" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "gulp-util": { "name": "gulp-util", "severity": "high", "isDirect": false, "via": [ "lodash.template" ], "effects": [ "remap-istanbul" ], "range": ">=1.1.0", "nodes": [ "node_modules/gulp-util" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "http-cache-semantics": { "name": "http-cache-semantics", "severity": "high", "isDirect": false, "via": [ { "source": 1092316, "name": "http-cache-semantics", "dependency": "http-cache-semantics", "title": "http-cache-semantics vulnerable to Regular Expression Denial of Service", "url": "https://github.com/advisories/GHSA-rc47-6667-2j5j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<4.1.1" } ], "effects": [ "cacheable-request" ], "range": "<4.1.1", "nodes": [ "node_modules/download/node_modules/http-cache-semantics" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "karma-remap-istanbul": { "name": "karma-remap-istanbul", "severity": "high", "isDirect": true, "via": [ "remap-istanbul" ], "effects": [], "range": ">=0.0.3", "nodes": [ "node_modules/karma-remap-istanbul" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "karma-sauce-launcher": { "name": "karma-sauce-launcher", "severity": "moderate", "isDirect": true, "via": [ "saucelabs" ], "effects": [], "range": ">=4.1.5", "nodes": [ "node_modules/karma-sauce-launcher" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "lodash.template": { "name": "lodash.template", "severity": "high", "isDirect": false, "via": [ { "source": 1096993, "name": "lodash.template", "dependency": "lodash.template", "title": "Command Injection in lodash", "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "severity": "high", "cwe": [ "CWE-77", "CWE-94" ], "cvss": { "score": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, "range": "<=4.5.0" } ], "effects": [ "gulp-util" ], "range": "*", "nodes": [ "node_modules/lodash.template" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "meow": { "name": "meow", "severity": "high", "isDirect": false, "via": [ "trim-newlines" ], "effects": [], "range": "3.4.0 - 5.0.0", "nodes": [ "node_modules/meow" ], "fixAvailable": true }, "remap-istanbul": { "name": "remap-istanbul", "severity": "high", "isDirect": false, "via": [ "gulp-util" ], "effects": [ "karma-remap-istanbul" ], "range": "<=0.9.6", "nodes": [ "node_modules/remap-istanbul" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "saucelabs": { "name": "saucelabs", "severity": "moderate", "isDirect": false, "via": [ "bin-wrapper" ], "effects": [ "karma-sauce-launcher" ], "range": "4.1.0 - 7.1.2", "nodes": [ "node_modules/saucelabs" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "semver-regex": { "name": "semver-regex", "severity": "high", "isDirect": false, "via": [ { "source": 1092475, "name": "semver-regex", "dependency": "semver-regex", "title": "semver-regex Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-44c6-4v22-4mhx", "severity": "high", "cwe": [ "CWE-400", "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<3.1.3" }, { "source": 1092605, "name": "semver-regex", "dependency": "semver-regex", "title": "Regular expression denial of service in semver-regex", "url": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch", "severity": "low", "cwe": [ "CWE-1333" ], "cvss": { "score": 0, "vectorString": null }, "range": "<3.1.4" } ], "effects": [ "find-versions" ], "range": "<=3.1.3", "nodes": [ "node_modules/semver-regex" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "trim-newlines": { "name": "trim-newlines", "severity": "high", "isDirect": false, "via": [ { "source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": [ "CWE-400" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<3.0.1" } ], "effects": [ "meow" ], "range": "<3.0.1", "nodes": [ "node_modules/trim-newlines" ], "fixAvailable": true } }, "metadata": { "vulnerabilities": { "info": 0, "low": 0, "moderate": 3, "high": 14, "critical": 0, "total": 17 }, "dependencies": { "prod": 1, "dev": 924, "optional": 3, "peer": 1, "peerOptional": 0, "total": 924 } } } --- end --- Attempting to npm audit fix $ /usr/bin/npm audit fix --dry-run --only=dev --json --- stderr --- npm WARN invalid config only="dev" set in command line options npm WARN invalid config Must be one of: null, prod, production --- stdout --- { "added": 1, "removed": 0, "changed": 0, "audited": 925, "funding": 92, "audit": { "auditReportVersion": 2, "vulnerabilities": { "bin-version": { "name": "bin-version", "severity": "high", "isDirect": false, "via": [ "find-versions" ], "effects": [ "bin-version-check" ], "range": "<=4.0.0", "nodes": [ "node_modules/bin-version" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "bin-version-check": { "name": "bin-version-check", "severity": "high", "isDirect": false, "via": [ "bin-version" ], "effects": [ "bin-wrapper" ], "range": "<=4.0.0", "nodes": [ "node_modules/bin-version-check" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "bin-wrapper": { "name": "bin-wrapper", "severity": "high", "isDirect": false, "via": [ "bin-version-check", "download" ], "effects": [ "saucelabs" ], "range": ">=0.4.0", "nodes": [ "node_modules/bin-wrapper" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "cacheable-request": { "name": "cacheable-request", "severity": "high", "isDirect": false, "via": [ "http-cache-semantics" ], "effects": [ "got" ], "range": "0.1.0 - 2.1.4", "nodes": [ "node_modules/download/node_modules/cacheable-request" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "download": { "name": "download", "severity": "moderate", "isDirect": false, "via": [ "got" ], "effects": [ "bin-wrapper" ], "range": ">=4.0.0", "nodes": [ "node_modules/download" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "find-versions": { "name": "find-versions", "severity": "high", "isDirect": false, "via": [ "semver-regex" ], "effects": [ "bin-version" ], "range": "<=3.2.0", "nodes": [ "node_modules/find-versions" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "got": { "name": "got", "severity": "high", "isDirect": false, "via": [ { "source": 1088948, "name": "got", "dependency": "got", "title": "Got allows a redirect to a UNIX socket", "url": "https://github.com/advisories/GHSA-pfrx-2q88-qq97", "severity": "moderate", "cwe": [], "cvss": { "score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, "range": "<11.8.5" }, "cacheable-request" ], "effects": [ "download" ], "range": "<=11.8.3", "nodes": [ "node_modules/download/node_modules/got" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "gulp-util": { "name": "gulp-util", "severity": "high", "isDirect": false, "via": [ "lodash.template" ], "effects": [ "remap-istanbul" ], "range": ">=1.1.0", "nodes": [ "node_modules/gulp-util" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "http-cache-semantics": { "name": "http-cache-semantics", "severity": "high", "isDirect": false, "via": [ { "source": 1092316, "name": "http-cache-semantics", "dependency": "http-cache-semantics", "title": "http-cache-semantics vulnerable to Regular Expression Denial of Service", "url": "https://github.com/advisories/GHSA-rc47-6667-2j5j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<4.1.1" } ], "effects": [ "cacheable-request" ], "range": "<4.1.1", "nodes": [ "node_modules/download/node_modules/http-cache-semantics" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "karma-remap-istanbul": { "name": "karma-remap-istanbul", "severity": "high", "isDirect": true, "via": [ "remap-istanbul" ], "effects": [], "range": ">=0.0.3", "nodes": [ "node_modules/karma-remap-istanbul" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "karma-sauce-launcher": { "name": "karma-sauce-launcher", "severity": "moderate", "isDirect": true, "via": [ "saucelabs" ], "effects": [], "range": ">=4.1.5", "nodes": [ "node_modules/karma-sauce-launcher" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "lodash.template": { "name": "lodash.template", "severity": "high", "isDirect": false, "via": [ { "source": 1096993, "name": "lodash.template", "dependency": "lodash.template", "title": "Command Injection in lodash", "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "severity": "high", "cwe": [ "CWE-77", "CWE-94" ], "cvss": { "score": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, "range": "<=4.5.0" } ], "effects": [ "gulp-util" ], "range": "*", "nodes": [ "node_modules/lodash.template" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "meow": { "name": "meow", "severity": "high", "isDirect": false, "via": [ "trim-newlines" ], "effects": [], "range": "3.4.0 - 5.0.0", "nodes": [ "node_modules/meow" ], "fixAvailable": true }, "remap-istanbul": { "name": "remap-istanbul", "severity": "high", "isDirect": false, "via": [ "gulp-util" ], "effects": [ "karma-remap-istanbul" ], "range": "<=0.9.6", "nodes": [ "node_modules/remap-istanbul" ], "fixAvailable": { "name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true } }, "saucelabs": { "name": "saucelabs", "severity": "moderate", "isDirect": false, "via": [ "bin-wrapper" ], "effects": [ "karma-sauce-launcher" ], "range": "4.1.0 - 7.1.2", "nodes": [ "node_modules/saucelabs" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "semver-regex": { "name": "semver-regex", "severity": "high", "isDirect": false, "via": [ { "source": 1092475, "name": "semver-regex", "dependency": "semver-regex", "title": "semver-regex Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-44c6-4v22-4mhx", "severity": "high", "cwe": [ "CWE-400", "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<3.1.3" }, { "source": 1092605, "name": "semver-regex", "dependency": "semver-regex", "title": "Regular expression denial of service in semver-regex", "url": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch", "severity": "low", "cwe": [ "CWE-1333" ], "cvss": { "score": 0, "vectorString": null }, "range": "<3.1.4" } ], "effects": [ "find-versions" ], "range": "<=3.1.3", "nodes": [ "node_modules/semver-regex" ], "fixAvailable": { "name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true } }, "trim-newlines": { "name": "trim-newlines", "severity": "high", "isDirect": false, "via": [ { "source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": [ "CWE-400" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": "<3.0.1" } ], "effects": [ "meow" ], "range": "<3.0.1", "nodes": [ "node_modules/trim-newlines" ], "fixAvailable": true } }, "metadata": { "vulnerabilities": { "info": 0, "low": 0, "moderate": 3, "high": 14, "critical": 0, "total": 17 }, "dependencies": { "prod": 1, "dev": 924, "optional": 3, "peer": 1, "peerOptional": 0, "total": 924 } } } } --- end --- {"added": 1, "removed": 0, "changed": 0, "audited": 925, "funding": 92, "audit": {"auditReportVersion": 2, "vulnerabilities": {"bin-version": {"name": "bin-version", "severity": "high", "isDirect": false, "via": ["find-versions"], "effects": ["bin-version-check"], "range": "<=4.0.0", "nodes": ["node_modules/bin-version"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "bin-version-check": {"name": "bin-version-check", "severity": "high", "isDirect": false, "via": ["bin-version"], "effects": ["bin-wrapper"], "range": "<=4.0.0", "nodes": ["node_modules/bin-version-check"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "bin-wrapper": {"name": "bin-wrapper", "severity": "high", "isDirect": false, "via": ["bin-version-check", "download"], "effects": ["saucelabs"], "range": ">=0.4.0", "nodes": ["node_modules/bin-wrapper"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "cacheable-request": {"name": "cacheable-request", "severity": "high", "isDirect": false, "via": ["http-cache-semantics"], "effects": ["got"], "range": "0.1.0 - 2.1.4", "nodes": ["node_modules/download/node_modules/cacheable-request"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "download": {"name": "download", "severity": "moderate", "isDirect": false, "via": ["got"], "effects": ["bin-wrapper"], "range": ">=4.0.0", "nodes": ["node_modules/download"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "find-versions": {"name": "find-versions", "severity": "high", "isDirect": false, "via": ["semver-regex"], "effects": ["bin-version"], "range": "<=3.2.0", "nodes": ["node_modules/find-versions"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "got": {"name": "got", "severity": "high", "isDirect": false, "via": [{"source": 1088948, "name": "got", "dependency": "got", "title": "Got allows a redirect to a UNIX socket", "url": "https://github.com/advisories/GHSA-pfrx-2q88-qq97", "severity": "moderate", "cwe": [], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "range": "<11.8.5"}, "cacheable-request"], "effects": ["download"], "range": "<=11.8.3", "nodes": ["node_modules/download/node_modules/got"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "gulp-util": {"name": "gulp-util", "severity": "high", "isDirect": false, "via": ["lodash.template"], "effects": ["remap-istanbul"], "range": ">=1.1.0", "nodes": ["node_modules/gulp-util"], "fixAvailable": {"name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true}}, "http-cache-semantics": {"name": "http-cache-semantics", "severity": "high", "isDirect": false, "via": [{"source": 1092316, "name": "http-cache-semantics", "dependency": "http-cache-semantics", "title": "http-cache-semantics vulnerable to Regular Expression Denial of Service", "url": "https://github.com/advisories/GHSA-rc47-6667-2j5j", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<4.1.1"}], "effects": ["cacheable-request"], "range": "<4.1.1", "nodes": ["node_modules/download/node_modules/http-cache-semantics"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "karma-remap-istanbul": {"name": "karma-remap-istanbul", "severity": "high", "isDirect": true, "via": ["remap-istanbul"], "effects": [], "range": ">=0.0.3", "nodes": ["node_modules/karma-remap-istanbul"], "fixAvailable": {"name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true}}, "karma-sauce-launcher": {"name": "karma-sauce-launcher", "severity": "moderate", "isDirect": true, "via": ["saucelabs"], "effects": [], "range": ">=4.1.5", "nodes": ["node_modules/karma-sauce-launcher"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "lodash.template": {"name": "lodash.template", "severity": "high", "isDirect": false, "via": [{"source": 1096993, "name": "lodash.template", "dependency": "lodash.template", "title": "Command Injection in lodash", "url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm", "severity": "high", "cwe": ["CWE-77", "CWE-94"], "cvss": {"score": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=4.5.0"}], "effects": ["gulp-util"], "range": "*", "nodes": ["node_modules/lodash.template"], "fixAvailable": {"name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true}}, "meow": {"name": "meow", "severity": "high", "isDirect": false, "via": ["trim-newlines"], "effects": [], "range": "3.4.0 - 5.0.0", "nodes": ["node_modules/meow"], "fixAvailable": true}, "remap-istanbul": {"name": "remap-istanbul", "severity": "high", "isDirect": false, "via": ["gulp-util"], "effects": ["karma-remap-istanbul"], "range": "<=0.9.6", "nodes": ["node_modules/remap-istanbul"], "fixAvailable": {"name": "karma-remap-istanbul", "version": "0.0.2", "isSemVerMajor": true}}, "saucelabs": {"name": "saucelabs", "severity": "moderate", "isDirect": false, "via": ["bin-wrapper"], "effects": ["karma-sauce-launcher"], "range": "4.1.0 - 7.1.2", "nodes": ["node_modules/saucelabs"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "semver-regex": {"name": "semver-regex", "severity": "high", "isDirect": false, "via": [{"source": 1092475, "name": "semver-regex", "dependency": "semver-regex", "title": "semver-regex Regular Expression Denial of Service (ReDOS)", "url": "https://github.com/advisories/GHSA-44c6-4v22-4mhx", "severity": "high", "cwe": ["CWE-400", "CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.3"}, {"source": 1092605, "name": "semver-regex", "dependency": "semver-regex", "title": "Regular expression denial of service in semver-regex", "url": "https://github.com/advisories/GHSA-4x5v-gmq8-25ch", "severity": "low", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<3.1.4"}], "effects": ["find-versions"], "range": "<=3.1.3", "nodes": ["node_modules/semver-regex"], "fixAvailable": {"name": "karma-sauce-launcher", "version": "4.1.4", "isSemVerMajor": true}}, "trim-newlines": {"name": "trim-newlines", "severity": "high", "isDirect": false, "via": [{"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}], "effects": ["meow"], "range": "<3.0.1", "nodes": ["node_modules/trim-newlines"], "fixAvailable": true}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 3, "high": 14, "critical": 0, "total": 17}, "dependencies": {"prod": 1, "dev": 924, "optional": 3, "peer": 1, "peerOptional": 0, "total": 924}}}} $ /usr/bin/npm audit fix --only=dev --- stderr --- npm WARN invalid config only="dev" set in command line options npm WARN invalid config Must be one of: null, prod, production --- stdout --- up to date, audited 924 packages in 2s 92 packages are looking for funding run `npm fund` for details # npm audit report got <=11.8.3 Severity: high Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97 Depends on vulnerable versions of cacheable-request fix available via `npm audit fix --force` Will install karma-sauce-launcher@4.1.4, which is a breaking change node_modules/download/node_modules/got download >=4.0.0 Depends on vulnerable versions of got node_modules/download bin-wrapper >=0.4.0 Depends on vulnerable versions of bin-version-check Depends on vulnerable versions of download node_modules/bin-wrapper saucelabs 4.1.0 - 7.1.2 Depends on vulnerable versions of bin-wrapper node_modules/saucelabs karma-sauce-launcher >=4.1.5 Depends on vulnerable versions of saucelabs node_modules/karma-sauce-launcher http-cache-semantics <4.1.1 Severity: high http-cache-semantics vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-rc47-6667-2j5j fix available via `npm audit fix --force` Will install karma-sauce-launcher@4.1.4, which is a breaking change node_modules/download/node_modules/http-cache-semantics cacheable-request 0.1.0 - 2.1.4 Depends on vulnerable versions of http-cache-semantics node_modules/download/node_modules/cacheable-request lodash.template * Severity: high Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm fix available via `npm audit fix --force` Will install karma-remap-istanbul@0.0.2, which is a breaking change node_modules/lodash.template gulp-util >=1.1.0 Depends on vulnerable versions of lodash.template node_modules/gulp-util remap-istanbul <=0.9.6 Depends on vulnerable versions of gulp-util node_modules/remap-istanbul karma-remap-istanbul >=0.0.3 Depends on vulnerable versions of remap-istanbul node_modules/karma-remap-istanbul semver-regex <=3.1.3 Severity: high semver-regex Regular Expression Denial of Service (ReDOS) - https://github.com/advisories/GHSA-44c6-4v22-4mhx Regular expression denial of service in semver-regex - https://github.com/advisories/GHSA-4x5v-gmq8-25ch fix available via `npm audit fix --force` Will install karma-sauce-launcher@4.1.4, which is a breaking change node_modules/semver-regex find-versions <=3.2.0 Depends on vulnerable versions of semver-regex node_modules/find-versions bin-version <=4.0.0 Depends on vulnerable versions of find-versions node_modules/bin-version bin-version-check <=4.0.0 Depends on vulnerable versions of bin-version node_modules/bin-version-check trim-newlines <3.0.1 Severity: high Uncontrolled Resource Consumption in trim-newlines - https://github.com/advisories/GHSA-7p7h-4mm5-852v fix available via `npm audit fix` node_modules/trim-newlines meow 3.4.0 - 5.0.0 Depends on vulnerable versions of trim-newlines node_modules/meow 17 vulnerabilities (3 moderate, 14 high) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force --- end --- $ package-lock-lint package-lock.json --- stdout --- Checking package-lock.json --- end --- Verifying that tests still pass $ /usr/bin/npm ci --- stderr --- npm WARN deprecated gulp-util@3.0.7: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5 npm WARN deprecated istanbul@0.4.5: This module is no longer maintained, try this instead: npm WARN deprecated npm i nyc npm WARN deprecated Visit https://istanbul.js.org/integrations for other alternatives. --- stdout --- added 923 packages, and audited 924 packages in 7s 92 packages are looking for funding run `npm fund` for details 17 vulnerabilities (3 moderate, 14 high) To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force Run `npm audit` for details. --- end --- $ /usr/bin/npm test --- stderr --- (node:589) Warning: Accessing non-existent property 'VERSION' of module exports inside circular dependency (Use `node --trace-warnings ...` to show where the warning was created) --- stdout --- > oojs@7.0.1 test > npm run build-dev && karma start && qunit --require ./tests/setup-node tests/unit/ && npm run lint > oojs@7.0.1 build-dev > grunt build-dev Running "set-meta" task Running "set-dev" task Running "clean:dist" (clean) task >> 2 paths cleaned. Running "concat:dev" (concat) task Done. [32m28 04 2024 19:00:40.933:INFO [karma-server]: [39mKarma v6.3.18 server started at http://localhost:9876/ [32m28 04 2024 19:00:40.935:INFO [launcher]: [39mLaunching browsers FirefoxHeadless, ChromeCustom with concurrency unlimited [32m28 04 2024 19:00:40.938:INFO [launcher]: [39mStarting browser FirefoxHeadless [32m28 04 2024 19:00:41.015:INFO [launcher]: [39mStarting browser ChromeHeadless [32m28 04 2024 19:00:42.756:INFO [Chrome Headless 123.0.6312.86 (Linux x86_64)]: [39mConnected on socket BJx_-bql_nEQFGvVAAAB with id 8813500 ............................................................ Chrome Headless 123.0.6312.86 (Linux x86_64): Executed 60 of 60 SUCCESS (0.094 secs / 0.072 secs) [32m28 04 2024 19:00:44.077:INFO [Firefox 115.0 (Linux x86_64)]: [39mConnected on socket zahk674Hqrpw3s5RAAAD with id 68589573 ............................................................ Firefox 115.0 (Linux x86_64): Executed 60 of 60 SUCCESS (0.121 secs / 0.093 secs) TOTAL: 120 SUCCESS TOTAL: 120 SUCCESS =============================== Coverage summary =============================== Statements : 100% ( 449/449 ) Branches : 100% ( 270/270 ) Functions : 100% ( 60/60 ) Lines : 100% ( 432/432 ) ================================================================================ TAP version 13 ok 1 EmitterList > addItems ok 2 EmitterList > moveItem ok 3 EmitterList > clearItems ok 4 EmitterList > removeItems ok 5 EmitterList > aggregate ok 6 EmitterList > Events ok 7 EventEmitter > on ok 8 EventEmitter > once ok 9 EventEmitter > once - nested ok 10 EventEmitter > once - off ok 11 EventEmitter > emit ok 12 EventEmitter > off ok 13 EventEmitter > connect ok 14 EventEmitter > disconnect( host ) ok 15 EventEmitter > disconnect( host, methods ) ok 16 EventEmitter > disconnect( host, array methods ) ok 17 EventEmitter > disconnect( host, unbound methods ) ok 18 EventEmitter > chainable ok 19 Factory > invalid registration ok 20 Factory > registeration and lookup [Class.key] ok 21 Factory > registeration and lookup [Class.static.name] ok 22 Factory > registeration and lookup [key and name] ok 23 Factory > registeration and lookup [unknown] ok 24 Factory > invalid creation ok 25 Factory > valid creation ok 26 Registry > register/unregister ok 27 Registry > lookup ok 28 SortedEmitterList > addItems ok 29 SortedEmitterList > Events ok 30 core > initClass ok 31 core > inheritClass ok 32 core > mixinClass ok 33 core > isSubclass ok 34 core > getProp( Object ) ok 35 core > getProp( Function ) ok 36 core > getProp( Array ) ok 37 core > setProp( Object ) ok 38 core > setProp( Function ) ok 39 core > setProp( Array ) ok 40 core > deleteProp( Object ) ok 41 core > deleteProp( Function ) ok 42 core > deleteProp( Array ) ok 43 core > cloneObject ok 44 core > getObjectValues ok 45 core > binarySearch ok 46 core > compare ok 47 core > compare( Node, Node ) ok 48 core > compare( Object, Object, Boolean asymmetrical ) ok 49 core > copy( source ) ok 50 core > copy( source, Function leafCallback ) ok 51 core > copy( source, Function leafCallback, Function nodeCallback ) ok 52 core > getHash: Basic usage ok 53 core > getHash: Complex usage ok 54 core > unique ok 55 core > simpleArrayUnion ok 56 core > simpleArrayIntersection ok 57 core > simpleArrayDifference ok 58 util > isPlainObject 1..58 # pass 58 # skip 0 # todo 0 # fail 0 > oojs@7.0.1 lint > eslint --cache . --- end --- {"1095100": {"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}} {"1095100": {"source": 1095100, "name": "trim-newlines", "dependency": "trim-newlines", "title": "Uncontrolled Resource Consumption in trim-newlines", "url": "https://github.com/advisories/GHSA-7p7h-4mm5-852v", "severity": "high", "cwe": ["CWE-400"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.0.1"}} $ package-lock-lint package-lock.json --- stdout --- Checking package-lock.json --- end --- build: Updating jsdoc-wmf-theme to 1.0.0 $ git add . --- stdout --- --- end --- $ git commit -F /tmp/tmp5tu57n4s --- stdout --- [master d757892] build: Updating jsdoc-wmf-theme to 1.0.0 2 files changed, 34 insertions(+), 24 deletions(-) --- end --- $ git format-patch HEAD~1 --stdout --- stdout --- From d75789256f91ad45e1731e1ba1414ee3c7b24161 Mon Sep 17 00:00:00 2001 From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org> Date: Sun, 28 Apr 2024 19:00:48 +0000 Subject: [PATCH] build: Updating jsdoc-wmf-theme to 1.0.0 Change-Id: Ie074014a33752369034cc1176f336ff9f1382e02 --- package-lock.json | 56 ++++++++++++++++++++++++++++------------------- package.json | 2 +- 2 files changed, 34 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index a11a868..05fee45 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "grunt-contrib-uglify": "5.2.2", "jsdoc": "4.0.2", "jsdoc-class-hierarchy": "1.1.2", - "jsdoc-wmf-theme": "0.0.12", + "jsdoc-wmf-theme": "1.0.0", "karma": "6.3.18", "karma-chrome-launcher": "3.1.0", "karma-coverage": "2.0.3", @@ -6384,16 +6384,29 @@ } }, "node_modules/jsdoc-wmf-theme": { - "version": "0.0.12", - "resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.12.tgz", - "integrity": "sha512-nuM3TZ91hYWr0GcWr0ECccUMaqxmfQaQTrvqh6n2OSCJj1PRYLMAX7ME3iR+3NX8yBI5MLA+SoiZMwDq/B6pdg==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-1.0.0.tgz", + "integrity": "sha512-DAR0Rna+X5/Hzlmt297Y05BLPGdUfBUBXfdMwiSJjh8cpLZxt9lHjw2SYnzOpPAPuJYWW3t6MkoJMG0i9cv+uQ==", "dev": true, "dependencies": { + "@jsdoc/salty": "^0.2.7", "@wikimedia/codex-design-tokens": "1.1.1", "domino": "^2.1.6", "lunr": "2.3.9", - "normalize.css": "8.0.1", - "taffydb": "^2.7.3" + "marked": "^12.0.1", + "normalize.css": "8.0.1" + } + }, + "node_modules/jsdoc-wmf-theme/node_modules/marked": { + "version": "12.0.2", + "resolved": "https://registry.npmjs.org/marked/-/marked-12.0.2.tgz", + "integrity": "sha512-qXUm7e/YKFoqFPYPa3Ukg9xlI5cyAtGmyEIzMfW//m6kXwCy2Ps9DYf5ioijFKQ8qyuscrHoY04iJGctu2Kg0Q==", + "dev": true, + "bin": { + "marked": "bin/marked.js" + }, + "engines": { + "node": ">= 18" } }, "node_modules/jsdoc/node_modules/escape-string-regexp": { @@ -9392,12 +9405,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/taffydb": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.7.3.tgz", - "integrity": "sha512-GQ3gtYFSOAxSMN/apGtDKKkbJf+8izz5YfbGqIsUc7AMiQOapARZ76dhilRY2h39cynYxBFdafQo5HUL5vgkrg==", - "dev": true - }, "node_modules/tar-fs": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz", @@ -15309,16 +15316,25 @@ "dev": true }, "jsdoc-wmf-theme": { - "version": "0.0.12", - "resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-0.0.12.tgz", - "integrity": "sha512-nuM3TZ91hYWr0GcWr0ECccUMaqxmfQaQTrvqh6n2OSCJj1PRYLMAX7ME3iR+3NX8yBI5MLA+SoiZMwDq/B6pdg==", + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/jsdoc-wmf-theme/-/jsdoc-wmf-theme-1.0.0.tgz", + "integrity": "sha512-DAR0Rna+X5/Hzlmt297Y05BLPGdUfBUBXfdMwiSJjh8cpLZxt9lHjw2SYnzOpPAPuJYWW3t6MkoJMG0i9cv+uQ==", "dev": true, "requires": { + "@jsdoc/salty": "^0.2.7", "@wikimedia/codex-design-tokens": "1.1.1", "domino": "^2.1.6", "lunr": "2.3.9", - "normalize.css": "8.0.1", - "taffydb": "^2.7.3" + "marked": "^12.0.1", + "normalize.css": "8.0.1" + }, + "dependencies": { + "marked": { + "version": "12.0.2", + "resolved": "https://registry.npmjs.org/marked/-/marked-12.0.2.tgz", + "integrity": "sha512-qXUm7e/YKFoqFPYPa3Ukg9xlI5cyAtGmyEIzMfW//m6kXwCy2Ps9DYf5ioijFKQ8qyuscrHoY04iJGctu2Kg0Q==", + "dev": true + } } }, "jsesc": { @@ -17678,12 +17694,6 @@ "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==", "dev": true }, - "taffydb": { - "version": "2.7.3", - "resolved": "https://registry.npmjs.org/taffydb/-/taffydb-2.7.3.tgz", - "integrity": "sha512-GQ3gtYFSOAxSMN/apGtDKKkbJf+8izz5YfbGqIsUc7AMiQOapARZ76dhilRY2h39cynYxBFdafQo5HUL5vgkrg==", - "dev": true - }, "tar-fs": { "version": "2.1.1", "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz", diff --git a/package.json b/package.json index e1fc67e..7f97b52 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ "grunt-contrib-uglify": "5.2.2", "jsdoc": "4.0.2", "jsdoc-class-hierarchy": "1.1.2", - "jsdoc-wmf-theme": "0.0.12", + "jsdoc-wmf-theme": "1.0.0", "karma": "6.3.18", "karma-chrome-launcher": "3.1.0", "karma-coverage": "2.0.3", -- 2.39.2 --- end ---