This run took 7 seconds.
$ date
--- stdout ---
Sun May 5 01:32:32 UTC 2024
--- end ---
$ git clone file:///srv/git/mediawiki-services-mathjax-node.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
ec116594ecc6d242af1a96d81ebd47c482a0546c refs/heads/master
--- end ---
$ /usr/bin/npm i --package-lock-only
--- stdout ---
up to date, audited 186 packages in 3s
75 packages are looking for funding
run `npm fund` for details
3 moderate severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
Editing .gitignore to remove package-lock.json
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"jsdom": {
"name": "jsdom",
"severity": "moderate",
"isDirect": true,
"via": [
{
"source": 1089185,
"name": "jsdom",
"dependency": "jsdom",
"title": "Insufficient Granularity of Access Control in JSDom",
"url": "https://github.com/advisories/GHSA-f4c9-cqv8-9v98",
"severity": "moderate",
"cwe": [
"CWE-1220"
],
"cvss": {
"score": 5.6,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
},
"range": "<=16.4.0"
},
"request",
"tough-cookie"
],
"effects": [],
"range": "<=16.5.3",
"nodes": [
"node_modules/jsdom"
],
"fixAvailable": {
"name": "jsdom",
"version": "24.0.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"tough-cookie"
],
"effects": [
"jsdom"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "jsdom",
"version": "24.0.0",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1096643,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"jsdom",
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "jsdom",
"version": "24.0.0",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 3,
"high": 0,
"critical": 0,
"total": 3
},
"dependencies": {
"prod": 86,
"dev": 99,
"optional": 1,
"peer": 0,
"peerOptional": 0,
"total": 185
}
}
}
--- end ---
Traceback (most recent call last):
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1737, in main
libup.run(args.repo, args.output, args.branch)
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1675, in run
plan = planner.check(repo)
^^^^^^^^^^^^^^^^^^^
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/httpplan.py", line 38, in check
resp.raise_for_status()
File "/venv/lib/python3.11/site-packages/requests/models.py", line 1021, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 502 Server Error: Bad Gateway for url: https://libraryupgrader2.wmcloud.org/plan.json?repository=mediawiki%2Fservices%2Fmathjax-node&branch=master