This run took 97 seconds.
$ date --- stdout --- Sun Nov 3 08:26:01 UTC 2024 --- end --- $ git clone file:///srv/git/mediawiki-extensions-MobileFrontend.git repo --depth=1 -b REL1_43 --- stderr --- Cloning into 'repo'... --- stdout --- --- end --- $ git config user.name libraryupgrader --- stdout --- --- end --- $ git config user.email tools.libraryupgrader@tools.wmflabs.org --- stdout --- --- end --- $ git submodule update --init --- stdout --- --- end --- $ grr init --- stdout --- Installed commit-msg hook. --- end --- $ git show-ref refs/heads/REL1_43 --- stdout --- d75f1756b6831ea9fc1febaed98a89d92668627f refs/heads/REL1_43 --- end --- $ /usr/bin/npm audit --json --- stdout --- { "auditReportVersion": 2, "vulnerabilities": { "jsdom": { "name": "jsdom", "severity": "moderate", "isDirect": true, "via": [ "request", "tough-cookie" ], "effects": [], "range": "0.1.20 || 0.2.0 - 16.5.3", "nodes": [ "node_modules/jsdom" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "less": { "name": "less", "severity": "moderate", "isDirect": true, "via": [ "request" ], "effects": [], "range": "1.4.0-b1 - 2.6.1 || 2.7.2 - 3.11.3", "nodes": [ "node_modules/less" ], "fixAvailable": { "name": "less", "version": "3.13.1", "isSemVerMajor": false } }, "path-to-regexp": { "name": "path-to-regexp", "severity": "high", "isDirect": false, "via": [ { "source": 1099558, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp outputs backtracking regular expressions", "url": "https://github.com/advisories/GHSA-9wv6-86v2-598j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=4.0.0 <6.3.0" }, { "source": 1099561, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp outputs backtracking regular expressions", "url": "https://github.com/advisories/GHSA-9wv6-86v2-598j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=0.2.0 <1.9.0" } ], "effects": [], "range": "0.2.0 - 1.8.0 || 4.0.0 - 6.2.2", "nodes": [ "node_modules/@wikimedia/mw-node-qunit/node_modules/path-to-regexp", "node_modules/path-to-regexp" ], "fixAvailable": true }, "request": { "name": "request", "severity": "moderate", "isDirect": false, "via": [ { "source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": [ "CWE-918" ], "cvss": { "score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, "range": "<=2.88.2" }, "tough-cookie" ], "effects": [ "jsdom", "less", "request-promise-core", "request-promise-native" ], "range": "*", "nodes": [ "node_modules/request" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "request-promise-core": { "name": "request-promise-core", "severity": "moderate", "isDirect": false, "via": [ "request" ], "effects": [ "request-promise-native" ], "range": "*", "nodes": [ "node_modules/request-promise-core" ], "fixAvailable": true }, "request-promise-native": { "name": "request-promise-native", "severity": "moderate", "isDirect": false, "via": [ "request", "request-promise-core", "tough-cookie" ], "effects": [], "range": ">=1.0.0", "nodes": [ "node_modules/request-promise-native" ], "fixAvailable": true }, "tough-cookie": { "name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": [ "CWE-1321" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, "range": "<4.1.3" } ], "effects": [ "jsdom", "request", "request-promise-native" ], "range": "<4.1.3", "nodes": [ "node_modules/tough-cookie" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "webpack": { "name": "webpack", "severity": "moderate", "isDirect": true, "via": [ { "source": 1099351, "name": "webpack", "dependency": "webpack", "title": "Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS", "url": "https://github.com/advisories/GHSA-4vvj-4cpr-p986", "severity": "moderate", "cwe": [ "CWE-79" ], "cvss": { "score": 6.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" }, "range": ">=5.0.0-alpha.0 <5.94.0" } ], "effects": [], "range": "5.0.0-alpha.0 - 5.93.0", "nodes": [ "node_modules/webpack" ], "fixAvailable": { "name": "webpack", "version": "5.96.1", "isSemVerMajor": false } } }, "metadata": { "vulnerabilities": { "info": 0, "low": 0, "moderate": 7, "high": 1, "critical": 0, "total": 8 }, "dependencies": { "prod": 1, "dev": 967, "optional": 8, "peer": 14, "peerOptional": 0, "total": 967 } } } --- end --- $ /usr/bin/composer install --- stderr --- No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information. Loading composer repositories with package information Updating dependencies Lock file operations: 38 installs, 0 updates, 0 removals - Locking composer/pcre (3.3.1) - Locking composer/semver (3.4.2) - Locking composer/spdx-licenses (1.5.8) - Locking composer/xdebug-handler (3.0.5) - Locking dealerdirect/phpcodesniffer-composer-installer (v1.0.0) - Locking doctrine/deprecations (1.1.3) - Locking felixfbecker/advanced-json-rpc (v3.2.1) - Locking mediawiki/mediawiki-codesniffer (v44.0.0) - Locking mediawiki/mediawiki-phan-config (0.14.0) - Locking mediawiki/minus-x (1.1.3) - Locking mediawiki/phan-taint-check-plugin (6.0.0) - Locking microsoft/tolerant-php-parser (v0.1.2) - Locking netresearch/jsonmapper (v4.5.0) - Locking phan/phan (5.4.3) - Locking php-parallel-lint/php-console-color (v1.0.1) - Locking php-parallel-lint/php-console-highlighter (v1.0.0) - Locking php-parallel-lint/php-parallel-lint (v1.4.0) - Locking phpcsstandards/phpcsextra (1.2.1) - Locking phpcsstandards/phpcsutils (1.0.11) - Locking phpdocumentor/reflection-common (2.2.0) - Locking phpdocumentor/reflection-docblock (5.4.1) - Locking phpdocumentor/type-resolver (1.8.2) - Locking phpstan/phpdoc-parser (1.33.0) - Locking psr/container (2.0.2) - Locking psr/log (3.0.2) - Locking sabre/event (5.1.7) - Locking squizlabs/php_codesniffer (3.9.0) - Locking symfony/console (v7.1.6) - Locking symfony/deprecation-contracts (v3.5.0) - Locking symfony/polyfill-ctype (v1.31.0) - Locking symfony/polyfill-intl-grapheme (v1.31.0) - Locking symfony/polyfill-intl-normalizer (v1.31.0) - Locking symfony/polyfill-mbstring (v1.31.0) - Locking symfony/polyfill-php80 (v1.31.0) - Locking symfony/service-contracts (v3.5.0) - Locking symfony/string (v7.1.6) - Locking tysonandre/var_representation_polyfill (0.1.3) - Locking webmozart/assert (1.11.0) Writing lock file Installing dependencies from lock file (including require-dev) Package operations: 38 installs, 0 updates, 0 removals 0 [>---------------------------] 0 [->--------------------------] - Installing squizlabs/php_codesniffer (3.9.0): Extracting archive - Installing dealerdirect/phpcodesniffer-composer-installer (v1.0.0): Extracting archive - Installing composer/pcre (3.3.1): Extracting archive - Installing symfony/polyfill-php80 (v1.31.0): Extracting archive - Installing phpcsstandards/phpcsutils (1.0.11): Extracting archive - Installing phpcsstandards/phpcsextra (1.2.1): Extracting archive - Installing symfony/polyfill-mbstring (v1.31.0): Extracting archive - Installing composer/spdx-licenses (1.5.8): Extracting archive - Installing composer/semver (3.4.2): Extracting archive - Installing mediawiki/mediawiki-codesniffer (v44.0.0): Extracting archive - Installing tysonandre/var_representation_polyfill (0.1.3): Extracting archive - Installing symfony/polyfill-intl-normalizer (v1.31.0): Extracting archive - Installing symfony/polyfill-intl-grapheme (v1.31.0): Extracting archive - Installing symfony/polyfill-ctype (v1.31.0): Extracting archive - Installing symfony/string (v7.1.6): Extracting archive - Installing symfony/deprecation-contracts (v3.5.0): Extracting archive - Installing psr/container (2.0.2): Extracting archive - Installing symfony/service-contracts (v3.5.0): Extracting archive - Installing symfony/console (v7.1.6): Extracting archive - Installing sabre/event (5.1.7): Extracting archive - Installing netresearch/jsonmapper (v4.5.0): Extracting archive - Installing microsoft/tolerant-php-parser (v0.1.2): Extracting archive - Installing webmozart/assert (1.11.0): Extracting archive - Installing phpstan/phpdoc-parser (1.33.0): Extracting archive - Installing phpdocumentor/reflection-common (2.2.0): Extracting archive - Installing doctrine/deprecations (1.1.3): Extracting archive - Installing phpdocumentor/type-resolver (1.8.2): Extracting archive - Installing phpdocumentor/reflection-docblock (5.4.1): Extracting archive - Installing felixfbecker/advanced-json-rpc (v3.2.1): Extracting archive - Installing psr/log (3.0.2): Extracting archive - Installing composer/xdebug-handler (3.0.5): Extracting archive - Installing phan/phan (5.4.3): Extracting archive - Installing mediawiki/phan-taint-check-plugin (6.0.0): Extracting archive - Installing mediawiki/mediawiki-phan-config (0.14.0): Extracting archive - Installing mediawiki/minus-x (1.1.3): Extracting archive - Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive - Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive - Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive 0/36 [>---------------------------] 0% 19/36 [==============>-------------] 52% 30/36 [=======================>----] 83% 36/36 [============================] 100% Generating autoload files 16 packages you are using are looking for funding. Use the `composer fund` command to find out more! --- stdout --- PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils --- end --- $ /usr/bin/npm audit --json --- stdout --- { "auditReportVersion": 2, "vulnerabilities": { "jsdom": { "name": "jsdom", "severity": "moderate", "isDirect": true, "via": [ "request", "tough-cookie" ], "effects": [], "range": "0.1.20 || 0.2.0 - 16.5.3", "nodes": [ "node_modules/jsdom" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "less": { "name": "less", "severity": "moderate", "isDirect": true, "via": [ "request" ], "effects": [], "range": "1.4.0-b1 - 2.6.1 || 2.7.2 - 3.11.3", "nodes": [ "node_modules/less" ], "fixAvailable": { "name": "less", "version": "3.13.1", "isSemVerMajor": false } }, "path-to-regexp": { "name": "path-to-regexp", "severity": "high", "isDirect": false, "via": [ { "source": 1099558, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp outputs backtracking regular expressions", "url": "https://github.com/advisories/GHSA-9wv6-86v2-598j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=4.0.0 <6.3.0" }, { "source": 1099561, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp outputs backtracking regular expressions", "url": "https://github.com/advisories/GHSA-9wv6-86v2-598j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=0.2.0 <1.9.0" } ], "effects": [], "range": "0.2.0 - 1.8.0 || 4.0.0 - 6.2.2", "nodes": [ "node_modules/@wikimedia/mw-node-qunit/node_modules/path-to-regexp", "node_modules/path-to-regexp" ], "fixAvailable": true }, "request": { "name": "request", "severity": "moderate", "isDirect": false, "via": [ { "source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": [ "CWE-918" ], "cvss": { "score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, "range": "<=2.88.2" }, "tough-cookie" ], "effects": [ "jsdom", "less", "request-promise-core", "request-promise-native" ], "range": "*", "nodes": [ "node_modules/request" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "request-promise-core": { "name": "request-promise-core", "severity": "moderate", "isDirect": false, "via": [ "request" ], "effects": [ "request-promise-native" ], "range": "*", "nodes": [ "node_modules/request-promise-core" ], "fixAvailable": true }, "request-promise-native": { "name": "request-promise-native", "severity": "moderate", "isDirect": false, "via": [ "request", "request-promise-core", "tough-cookie" ], "effects": [], "range": ">=1.0.0", "nodes": [ "node_modules/request-promise-native" ], "fixAvailable": true }, "tough-cookie": { "name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": [ "CWE-1321" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, "range": "<4.1.3" } ], "effects": [ "jsdom", "request", "request-promise-native" ], "range": "<4.1.3", "nodes": [ "node_modules/tough-cookie" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "webpack": { "name": "webpack", "severity": "moderate", "isDirect": true, "via": [ { "source": 1099351, "name": "webpack", "dependency": "webpack", "title": "Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS", "url": "https://github.com/advisories/GHSA-4vvj-4cpr-p986", "severity": "moderate", "cwe": [ "CWE-79" ], "cvss": { "score": 6.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" }, "range": ">=5.0.0-alpha.0 <5.94.0" } ], "effects": [], "range": "5.0.0-alpha.0 - 5.93.0", "nodes": [ "node_modules/webpack" ], "fixAvailable": { "name": "webpack", "version": "5.96.1", "isSemVerMajor": false } } }, "metadata": { "vulnerabilities": { "info": 0, "low": 0, "moderate": 7, "high": 1, "critical": 0, "total": 8 }, "dependencies": { "prod": 1, "dev": 967, "optional": 8, "peer": 14, "peerOptional": 0, "total": 967 } } } --- end --- Attempting to npm audit fix $ /usr/bin/npm audit fix --dry-run --only=dev --json --- stderr --- npm WARN invalid config only="dev" set in command line options npm WARN invalid config Must be one of: null, prod, production npm WARN EBADENGINE Unsupported engine { npm WARN EBADENGINE package: undefined, npm WARN EBADENGINE required: { node: '18.20.2' }, npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' } npm WARN EBADENGINE } --- stdout --- { "added": 967, "removed": 0, "changed": 0, "audited": 968, "funding": 113, "audit": { "auditReportVersion": 2, "vulnerabilities": { "jsdom": { "name": "jsdom", "severity": "moderate", "isDirect": true, "via": [ "request", "tough-cookie" ], "effects": [], "range": "0.1.20 || 0.2.0 - 16.5.3", "nodes": [ "node_modules/jsdom" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "less": { "name": "less", "severity": "moderate", "isDirect": true, "via": [ "request" ], "effects": [], "range": "1.4.0-b1 - 2.6.1 || 2.7.2 - 3.11.3", "nodes": [ "node_modules/less" ], "fixAvailable": { "name": "less", "version": "3.13.1", "isSemVerMajor": false } }, "path-to-regexp": { "name": "path-to-regexp", "severity": "high", "isDirect": false, "via": [ { "source": 1099558, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp outputs backtracking regular expressions", "url": "https://github.com/advisories/GHSA-9wv6-86v2-598j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=4.0.0 <6.3.0" }, { "source": 1099561, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp outputs backtracking regular expressions", "url": "https://github.com/advisories/GHSA-9wv6-86v2-598j", "severity": "high", "cwe": [ "CWE-1333" ], "cvss": { "score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "range": ">=0.2.0 <1.9.0" } ], "effects": [], "range": "0.2.0 - 1.8.0 || 4.0.0 - 6.2.2", "nodes": [ "", "" ], "fixAvailable": true }, "request": { "name": "request", "severity": "moderate", "isDirect": false, "via": [ { "source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": [ "CWE-918" ], "cvss": { "score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, "range": "<=2.88.2" }, "tough-cookie" ], "effects": [ "jsdom", "less", "request-promise-core", "request-promise-native" ], "range": "*", "nodes": [ "node_modules/request" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "request-promise-core": { "name": "request-promise-core", "severity": "moderate", "isDirect": false, "via": [ "request" ], "effects": [ "request-promise-native" ], "range": "*", "nodes": [ "node_modules/request-promise-core" ], "fixAvailable": true }, "request-promise-native": { "name": "request-promise-native", "severity": "moderate", "isDirect": false, "via": [ "request", "request-promise-core", "tough-cookie" ], "effects": [], "range": ">=1.0.0", "nodes": [ "node_modules/request-promise-native" ], "fixAvailable": true }, "tough-cookie": { "name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [ { "source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": [ "CWE-1321" ], "cvss": { "score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, "range": "<4.1.3" } ], "effects": [ "jsdom", "request", "request-promise-native" ], "range": "<4.1.3", "nodes": [ "node_modules/tough-cookie" ], "fixAvailable": { "name": "jsdom", "version": "25.0.1", "isSemVerMajor": true } }, "webpack": { "name": "webpack", "severity": "moderate", "isDirect": true, "via": [ { "source": 1099351, "name": "webpack", "dependency": "webpack", "title": "Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS", "url": "https://github.com/advisories/GHSA-4vvj-4cpr-p986", "severity": "moderate", "cwe": [ "CWE-79" ], "cvss": { "score": 6.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H" }, "range": ">=5.0.0-alpha.0 <5.94.0" } ], "effects": [], "range": "5.0.0-alpha.0 - 5.93.0", "nodes": [ "node_modules/webpack" ], "fixAvailable": { "name": "webpack", "version": "5.96.1", "isSemVerMajor": false } } }, "metadata": { "vulnerabilities": { "info": 0, "low": 0, "moderate": 7, "high": 1, "critical": 0, "total": 8 }, "dependencies": { "prod": 1, "dev": 967, "optional": 8, "peer": 14, "peerOptional": 0, "total": 967 } } } } --- end --- {"added": 967, "removed": 0, "changed": 0, "audited": 968, "funding": 113, "audit": {"auditReportVersion": 2, "vulnerabilities": {"jsdom": {"name": "jsdom", "severity": "moderate", "isDirect": true, "via": ["request", "tough-cookie"], "effects": [], "range": "0.1.20 || 0.2.0 - 16.5.3", "nodes": ["node_modules/jsdom"], "fixAvailable": {"name": "jsdom", "version": "25.0.1", "isSemVerMajor": true}}, "less": {"name": "less", "severity": "moderate", "isDirect": true, "via": ["request"], "effects": [], "range": "1.4.0-b1 - 2.6.1 || 2.7.2 - 3.11.3", "nodes": ["node_modules/less"], "fixAvailable": {"name": "less", "version": "3.13.1", "isSemVerMajor": false}}, "path-to-regexp": {"name": "path-to-regexp", "severity": "high", "isDirect": false, "via": [{"source": 1099558, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp outputs backtracking regular expressions", "url": "https://github.com/advisories/GHSA-9wv6-86v2-598j", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=4.0.0 <6.3.0"}, {"source": 1099561, "name": "path-to-regexp", "dependency": "path-to-regexp", "title": "path-to-regexp outputs backtracking regular expressions", "url": "https://github.com/advisories/GHSA-9wv6-86v2-598j", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=0.2.0 <1.9.0"}], "effects": [], "range": "0.2.0 - 1.8.0 || 4.0.0 - 6.2.2", "nodes": ["", ""], "fixAvailable": true}, "request": {"name": "request", "severity": "moderate", "isDirect": false, "via": [{"source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": ["CWE-918"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<=2.88.2"}, "tough-cookie"], "effects": ["jsdom", "less", "request-promise-core", "request-promise-native"], "range": "*", "nodes": ["node_modules/request"], "fixAvailable": {"name": "jsdom", "version": "25.0.1", "isSemVerMajor": true}}, "request-promise-core": {"name": "request-promise-core", "severity": "moderate", "isDirect": false, "via": ["request"], "effects": ["request-promise-native"], "range": "*", "nodes": ["node_modules/request-promise-core"], "fixAvailable": true}, "request-promise-native": {"name": "request-promise-native", "severity": "moderate", "isDirect": false, "via": ["request", "request-promise-core", "tough-cookie"], "effects": [], "range": ">=1.0.0", "nodes": ["node_modules/request-promise-native"], "fixAvailable": true}, "tough-cookie": {"name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [{"source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": "<4.1.3"}], "effects": ["jsdom", "request", "request-promise-native"], "range": "<4.1.3", "nodes": ["node_modules/tough-cookie"], "fixAvailable": {"name": "jsdom", "version": "25.0.1", "isSemVerMajor": true}}, "webpack": {"name": "webpack", "severity": "moderate", "isDirect": true, "via": [{"source": 1099351, "name": "webpack", "dependency": "webpack", "title": "Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS", "url": "https://github.com/advisories/GHSA-4vvj-4cpr-p986", "severity": "moderate", "cwe": ["CWE-79"], "cvss": {"score": 6.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}, "range": ">=5.0.0-alpha.0 <5.94.0"}], "effects": [], "range": "5.0.0-alpha.0 - 5.93.0", "nodes": ["node_modules/webpack"], "fixAvailable": {"name": "webpack", "version": "5.96.1", "isSemVerMajor": false}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 7, "high": 1, "critical": 0, "total": 8}, "dependencies": {"prod": 1, "dev": 967, "optional": 8, "peer": 14, "peerOptional": 0, "total": 967}}}} {} Upgrading n:less from 3.8.1 -> 3.13.1 {} Upgrading n:webpack from 5.89.0 -> 5.96.1 $ /usr/bin/npm audit fix --only=dev --- stderr --- npm WARN invalid config only="dev" set in command line options npm WARN invalid config Must be one of: null, prod, production npm WARN EBADENGINE Unsupported engine { npm WARN EBADENGINE package: undefined, npm WARN EBADENGINE required: { node: '18.20.2' }, npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' } npm WARN EBADENGINE } npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. npm WARN deprecated rimraf@2.7.1: Rimraf versions prior to v4 are no longer supported npm WARN deprecated request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142 npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated @humanwhocodes/config-array@0.11.14: Use @eslint/config-array instead npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm WARN deprecated domexception@1.0.1: Use your platform's native DOMException instead npm WARN deprecated glob@7.2.0: Glob versions prior to v9 are no longer supported npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead npm WARN deprecated w3c-hr-time@1.0.2: Use your platform's native performance.now() and performance.timeOrigin. npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead npm WARN deprecated samsam@1.3.0: This package has been deprecated in favour of @sinonjs/samsam npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 npm WARN deprecated sinon@4.5.0: 16.1.1 npm WARN deprecated sinon@12.0.1: 16.1.1 --- stdout --- added 964 packages, and audited 965 packages in 12s 113 packages are looking for funding run `npm fund` for details # npm audit report request * Severity: moderate Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6 Depends on vulnerable versions of tough-cookie fix available via `npm audit fix --force` Will install jsdom@25.0.1, which is a breaking change node_modules/request jsdom 0.1.20 || 0.2.0 - 16.5.3 Depends on vulnerable versions of request Depends on vulnerable versions of tough-cookie node_modules/jsdom request-promise-core * Depends on vulnerable versions of request node_modules/request-promise-core request-promise-native >=1.0.0 Depends on vulnerable versions of request Depends on vulnerable versions of request-promise-core Depends on vulnerable versions of tough-cookie node_modules/request-promise-native tough-cookie <4.1.3 Severity: moderate tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3 fix available via `npm audit fix --force` Will install jsdom@25.0.1, which is a breaking change node_modules/tough-cookie 5 moderate severity vulnerabilities To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force --- end --- Verifying that tests still pass $ /usr/bin/npm ci --- stderr --- npm WARN EBADENGINE Unsupported engine { npm WARN EBADENGINE package: undefined, npm WARN EBADENGINE required: { node: '18.20.2' }, npm WARN EBADENGINE current: { node: 'v18.19.0', npm: '9.2.0' } npm WARN EBADENGINE } npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. npm WARN deprecated rimraf@2.7.1: Rimraf versions prior to v4 are no longer supported npm WARN deprecated request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142 npm WARN deprecated har-validator@5.1.5: this library is no longer supported npm WARN deprecated @humanwhocodes/config-array@0.11.14: Use @eslint/config-array instead npm WARN deprecated abab@2.0.6: Use your platform's native atob() and btoa() methods instead npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm WARN deprecated domexception@1.0.1: Use your platform's native DOMException instead npm WARN deprecated glob@7.2.0: Glob versions prior to v9 are no longer supported npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead npm WARN deprecated w3c-hr-time@1.0.2: Use your platform's native performance.now() and performance.timeOrigin. npm WARN deprecated domexception@4.0.0: Use your platform's native DOMException instead npm WARN deprecated samsam@1.3.0: This package has been deprecated in favour of @sinonjs/samsam npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details. npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142 npm WARN deprecated sinon@4.5.0: 16.1.1 npm WARN deprecated sinon@12.0.1: 16.1.1 --- stdout --- added 964 packages, and audited 965 packages in 19s 113 packages are looking for funding run `npm fund` for details 5 moderate severity vulnerabilities To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force Run `npm audit` for details. --- end --- $ /usr/bin/npm test --- stderr --- The "se" translation has 5 translations with trailing whitespace: * mobile-frontend-editor-disabled * mobile-frontend-editor-error-preview * mobile-frontend-user-page-describe-yourself * tag-advanced_mobile_edit * mobile-frontend-mobile-option-MFShowFirstParagraphBeforeInfobox --- stdout --- > test > npm -s run lint && bash ./dev-scripts/svg_check.sh && npm -s run coverage && npm -s run test:bundle && npm -s run jsdoc Checked 1 message directory. /src/repo/src/mobile.editor.overlay/EditorOverlayBase.js 261:1 warning This line has a length of 103. Maximum allowed is 100 max-len /src/repo/src/mobile.editor.overlay/VisualEditorOverlay.js 181:1 warning Expected 1 lines after block description jsdoc/tag-lines 198:1 warning Expected 1 lines after block description jsdoc/tag-lines /src/repo/src/mobile.init/mobile.init.js 4:1 warning Expected 1 lines after block description jsdoc/tag-lines /src/repo/src/mobile.languages.structured/LanguageSearcher.js 10:1 warning This line has a length of 107. Maximum allowed is 100 max-len 145:1 warning Expected 1 lines after block description jsdoc/tag-lines /src/repo/src/mobile.special.mobileoptions.scripts.js 124:1 warning Expected 1 lines after block description jsdoc/tag-lines /src/repo/src/mobile.special.watchlist.scripts/mobile.special.watchlist.scripts.js 6:1 warning Expected 1 lines after block description jsdoc/tag-lines /src/repo/src/mobile.startup/CtaDrawer.js 34:1 warning This line has a length of 118. Maximum allowed is 100 max-len /src/repo/src/mobile.startup/PageHTMLParser.js 14:1 warning Expected JSDoc block to be aligned jsdoc/check-alignment 182:13 warning Found non-literal argument to RegExp Constructor security/detect-non-literal-regexp /src/repo/src/mobile.startup/isCollapsedByDefault.js 4:1 warning Expected 1 lines after block description jsdoc/tag-lines /src/repo/src/mobile.startup/languageOverlay/languageOverlay.js 26:1 warning Expected 1 lines after block description jsdoc/tag-lines /src/repo/src/mobile.startup/mobile.startup.js 49:1 warning Expected 1 lines after block description jsdoc/tag-lines 87:1 warning Expected 1 lines after block description jsdoc/tag-lines 93:1 warning Expected 1 lines after block description jsdoc/tag-lines 99:1 warning Expected 1 lines after block description jsdoc/tag-lines /src/repo/src/mobile.startup/promoCampaign/promoCampaign.js 89:1 warning This line has a length of 107. Maximum allowed is 100 max-len /src/repo/src/mobile.startup/search/SearchGateway.js 75:10 warning Found non-literal argument to RegExp Constructor security/detect-non-literal-regexp /src/repo/src/mobile.startup/search/searchHeader.js 15:1 warning This line has a length of 110. Maximum allowed is 100 max-len /src/repo/src/mobile.startup/sectionCollapsing.js 7:1 warning Expected @param names to be "content, headingText, icon, isCollapsed". Got "container, headingText, icon, isCollapsed" jsdoc/check-param-names 33:1 warning Expected @param names to be "content, headingText, icon". Got "container, headingText, icon" jsdoc/check-param-names /src/repo/tests/node-qunit/importable.test.js 69:4 warning Found non-literal argument in require security/detect-non-literal-require /src/repo/tests/node-qunit/mobile.startup/CtaDrawer.test.js 100:12 warning Found non-literal argument to RegExp Constructor security/detect-non-literal-regexp 121:12 warning Found non-literal argument to RegExp Constructor security/detect-non-literal-regexp /src/repo/tests/node-qunit/mobile.startup/PageHTMLParser.test.js 215:1 warning This line has a length of 111. Maximum allowed is 100 max-len 222:1 warning This line has a length of 108. Maximum allowed is 100 max-len ✖ 27 problems (0 errors, 27 warnings) 0 errors and 13 warnings potentially fixable with the `--fix` option. TAP version 13 ok 1 MobileFrontend imports > All our code is importable in headless Node.js ok 2 MobileFrontend mobile.editor.overlay/EditorGateway > #getContent (no section) ok 3 MobileFrontend mobile.editor.overlay/EditorGateway > #getContent ok 4 MobileFrontend mobile.editor.overlay/EditorGateway > #getContent, missing section ok 5 MobileFrontend mobile.editor.overlay/EditorGateway > #getBlockInfo ok 6 MobileFrontend mobile.editor.overlay/EditorGateway > #save, success ok 7 MobileFrontend mobile.editor.overlay/EditorGateway > #save, new page ok 8 MobileFrontend mobile.editor.overlay/EditorGateway > #save, submit CAPTCHA ok 9 MobileFrontend mobile.editor.overlay/EditorGateway > #save, request failure ok 10 MobileFrontend mobile.editor.overlay/EditorGateway > #save, API failure ok 11 MobileFrontend mobile.editor.overlay/EditorGateway > #save, CAPTCHA response with image URL ok 12 MobileFrontend mobile.editor.overlay/EditorGateway > #save, AbuseFilter warning ok 13 MobileFrontend mobile.editor.overlay/EditorGateway > #save, AbuseFilter disallow ok 14 MobileFrontend mobile.editor.overlay/EditorGateway > #save, AbuseFilter other ok 15 MobileFrontend mobile.editor.overlay/EditorGateway > #save, extension errors ok 16 MobileFrontend mobile.editor.overlay/EditorGateway > #save, read-only error ok 17 MobileFrontend mobile.editor.overlay/EditorGateway > #save, unknown errors ok 18 MobileFrontend mobile.editor.overlay/EditorGateway > #save, without changes ok 19 MobileFrontend mobile.editor.overlay/EditorGateway > #EditorGateway ok 20 MobileFrontend mobile.editor.overlay/EditorGateway > #EditorGateway, check without sectionLine ok 21 MobileFrontend mobile.editor.overlay/EditorGateway > #EditorGateway, check with sectionLine ok 22 MobileFrontend mobile.editor.overlay/EditorGateway > #save, when token has expired ok 23 MobileFrontend mobile.editor.overlay/SourceEditorOverlay > #initialize, blocked user ok 24 MobileFrontend mobile.editor.overlay/SourceEditorOverlay > #initialize, with given page and section ok 25 MobileFrontend mobile.editor.overlay/SourceEditorOverlay > #initialize, without a section ok 26 MobileFrontend mobile.editor.overlay/SourceEditorOverlay > #preview ok 27 MobileFrontend mobile.editor.overlay/SourceEditorOverlay > #initialize, as anonymous ok 28 MobileFrontend mobile.editor.overlay/identifyLeadParagraph > identifyLeadParagraph ok 29 MobileFrontend editorLoadingOverlay.js > editorLoadingOverlay calls the callbacks ok 30 MobileFrontend LanguageSearcher.js > renders output ok 31 MobileFrontend LanguageSearcher.js > saves the language count when link is clicked ok 32 MobileFrontend LanguageSearcher.js > without variants, input event filters languages ok 33 MobileFrontend LanguageSearcher.js > with variants, input event filters languages ok 34 MobileFrontend mobile.languages.structured/util.test.js > #getFrequentlyUsedLanguages ok 35 MobileFrontend mobile.languages.structured/util.test.js > #saveLanguageUsageCount ok 36 MobileFrontend mobile.languages.structured/util.test.js > #getStructuredLanguages ok 37 MobileFrontend mobile.languages.structured/util.test.js > #getStructuredLanguages device language ok 38 MobileFrontend mobile.languages.structured/util.test.js > #getStructuredLanguages variants ok 39 MobileFrontend mobile.mediaViewer/ImageCarousel.js > Shows details bar and image with successful api response ok 40 MobileFrontend mobile.mediaViewer/ImageCarousel.js > Shows error message with failed api response ok 41 MobileFrontend mobile.mediaViewer/ImageCarousel.js > Toggling of details is disabled when overlay has load failure ok 42 MobileFrontend mobile.mediaViewer/ImageCarousel.js > Toggling of details is enabled when overlay loads successfully ok 43 MobileFrontend mobile.mediaViewer/ImageGateway > #findSizeBucket ok 44 MobileFrontend mobile.mediaViewer/ImageGateway > ImageGateway#getThumb (missing page) ok 45 mobile.special.mobileoptions.scripts > addClientPreferencesToForm (named user) ok 46 MobileFrontend ScrollEndEventEmitter.js > initializes properly ok 47 MobileFrontend ScrollEndEventEmitter.js > emits scroll end event ok 48 MobileFrontend ScrollEndEventEmitter.js > doesn't emit when disabled ok 49 MobileFrontend WatchList.js > In watched mode ok 50 MobileFrontend WatchListGateway.js > loadWatchlist() loads results from the first page ok 51 MobileFrontend WatchListGateway.js > loadWatchlist() loads results from the second page from last item of first ok 52 MobileFrontend WatchListGateway.js > loadWatchlist() doesn't throw an error when no pages are returned ok 53 MobileFrontend WatchListGateway.js > loadWatchlist() marks pages as new if necessary ok 54 MobileFrontend Browser.js > isIos() ok 55 MobileFrontend Browser.js > Methods are cached ok 56 MobileFrontend Browser.js > isWideScreen() ok 57 MobileFrontend Browser.js > supportsTouchEvents() ok 58 MobileFrontend Button.js > creates a link if passed href option ok 59 MobileFrontend Button.js > does not add href attribute when not a link ok 60 MobileFrontend CtaDrawer.js > redirectParams() > empty props, default URL ok 61 MobileFrontend CtaDrawer.js > redirectParams() > empty props, nondefault URL ok 62 MobileFrontend CtaDrawer.js > redirectParams() > nonempty props ok 63 MobileFrontend CtaDrawer.js > signUpParams() > empty props ok 64 MobileFrontend CtaDrawer.js > signUpParams() > nonempty props ok 65 MobileFrontend CtaDrawer.js > HTML > defaults ok 66 MobileFrontend CtaDrawer.js > HTML > overrides ok 67 MobileFrontend Drawer.js > visible on show() ok 68 MobileFrontend Drawer.js > accepts onShow and events ok 69 MobileFrontend Drawer.js > hidden on hide() ok 70 MobileFrontend Drawer.js > hidden on mask click ok 71 MobileFrontend Drawer.js > HTML is valid ok 72 MobileFrontend Icon.js > getIconClasses generates icon classes using icon ok 73 MobileFrontend Icon.js > getIconClasses generates icon classes using custom icon prefix ok 74 MobileFrontend Icon.js > getRotationClasses returns rotation classes ok 75 MobileFrontend Icon.js > getGlyphClassName uses icon prefix ok 76 MobileFrontend Icon.js > getGlyphClassName does not use icon prefix if not provided ok 77 MobileFrontend Icon.js > adds small classes ok 78 MobileFrontend IconButton.js > creates a link if passed href option ok 79 MobileFrontend IconButton.js > does not add href attribute when not a link ok 80 MobileFrontend IconButton.js > adds disabled attribute when a button ok 81 MobileFrontend IconButton.js > does not add disabled attribute when not a button ok 82 MobileFrontend IconButton.js > adds additional classes ok 83 MobileFrontend: Overlay.js > Simple overlay ok 84 MobileFrontend: Overlay.js > #make ok 85 MobileFrontend: Overlay.js > HTML overlay ok 86 MobileFrontend: Overlay.js > headerActions property ok 87 MobileFrontend: Overlay.js > onBeforeExit ok 88 MobileFrontend: Overlay.js > Close overlay ok 89 MobileFrontend mobile.startup/OverlayManager > #getSingleton (hash present and overlay not managed) ok 90 MobileFrontend mobile.startup/OverlayManager > #getSingleton (hash present and overlay managed) ok 91 MobileFrontend mobile.startup/OverlayManager > #getSingleton ok 92 MobileFrontend mobile.startup/OverlayManager > #add ok 93 MobileFrontend mobile.startup/OverlayManager > #show ok 94 MobileFrontend mobile.startup/OverlayManager > #add, with current path ok 95 MobileFrontend mobile.startup/OverlayManager > #add, with string literal (matching) ok 96 MobileFrontend mobile.startup/OverlayManager > #add, with string literal (not matching) ok 97 MobileFrontend mobile.startup/OverlayManager > #replaceCurrent ok 98 MobileFrontend mobile.startup/OverlayManager > route with params ok 99 MobileFrontend mobile.startup/OverlayManager > hide when route changes ok 100 MobileFrontend mobile.startup/OverlayManager > go back (change route) if overlay hidden but not by route change ok 101 MobileFrontend mobile.startup/OverlayManager > go back if overlayManager still matches ok 102 MobileFrontend mobile.startup/OverlayManager > go back if overlayManager still matches (non-regex) ok 103 MobileFrontend mobile.startup/OverlayManager > do not go back (change route) if overlay hidden by change in route ok 104 MobileFrontend mobile.startup/OverlayManager > preventDefault called when you cancel an exit request ok 105 MobileFrontend mobile.startup/OverlayManager > Browser back can be overidden ok 106 MobileFrontend mobile.startup/OverlayManager > stacked overlays ok 107 MobileFrontend mobile.startup/OverlayManager > prevent route change ok 108 MobileFrontend mobile.startup/OverlayManager > stack increases and decreases at right times ok 109 MobileFrontend mobile.startup/OverlayManager > replace overlay when route event path is equal to current path ok 110 MobileFrontend Page.js > #isMainPage ok 111 MobileFrontend PageHTMLParser.js > #findInSectionLead ok 112 MobileFrontend PageHTMLParser.js > #getThumbnail ok 113 MobileFrontend PageHTMLParser.js > #getThumbnails ok 114 MobileFrontend PageHTMLParser.js > #getLanguages ok 115 MobileFrontend PageHTMLParser.js > #getLanguages (no hyphen) ok 116 MobileFrontend PageHTMLParser.js > #getLanguages (T349000) ok 117 MobileFrontend Section.js > initialize with options ok 118 MobileFrontend Section.js > initialize with subsections ok 119 MobileFrontend Toggler.js > Mobile mode - Toggle section ok 120 MobileFrontend Toggler.js > Mobile mode - Clicking a hash link to reveal an already open section ok 121 MobileFrontend Toggler.js > Mobile mode - Reveal element ok 122 MobileFrontend Toggler.js > Mobile mode - Clicking hash links ok 123 MobileFrontend Toggler.js > Mobile mode - Tap event toggles section ok 124 MobileFrontend Toggler.js > Accessibility - Verify ARIA attributes ok 125 MobileFrontend Toggler.js > Tablet mode - Open by default ok 126 MobileFrontend Toggler.js > Tablet mode - Open by default 2 ok 127 MobileFrontend Toggler.js > Accessibility - Pressing space/ enter toggles a heading ok 128 MobileFrontend Toggler.js > Clicking a link within a heading isn't triggering a toggle ok 129 MobileFrontend Toggler.js > Toggling a section stores its state. ok 130 MobileFrontend Toggler.js > Expanding already expanded section does not toggle it. ok 131 MobileFrontend Toggler.js > MobileFrontend toggle.js - Expand stored sections. ok 132 MobileFrontend Toggler.js > MobileFrontend toggle.js - T320753: Presence of class disables toggling. ok 133 MobileFrontend mobile.startup/View > View ok 134 MobileFrontend mobile.startup/View > View, jQuery proxy functions ok 135 MobileFrontend mobile.startup/View > View#preRender ok 136 MobileFrontend mobile.startup/View > View#postRender ok 137 MobileFrontend mobile.startup/View > View#delegateEvents ok 138 MobileFrontend mobile.startup/View > View#render (with isTemplateMode) ok 139 MobileFrontend mobile.startup/View > View#render events (with isTemplateMode) ok 140 MobileFrontend mobile.startup/View > View with className option ok 141 MobileFrontend mobile.startup/View > View.make() ok 142 MobileFrontend amcOutreach/AmcEnableForm.js > renders correctly ok 143 MobileFrontend amcOutreachDrawer.js > returns a drawer ok 144 MobileFrontend amcOutreachDrawer.js > calls promoCampaign.makeActionIneligible and onBeforeHide callback when dismissed ok 145 MobileFrontend amcOutreachDrawer.js > calls promoCampaign.makeActionIneligible and toast.showOnPageReload when user enables ok 146 MobileFrontend cache.js > cache set() and get() ok 147 MobileFrontend extendSearchParams.js > it throws if the feature is invalid ok 148 MobileFrontend extendSearchParams.js > it extends the parameters ok 149 MobileFrontend extendSearchParams.js > it doesn't include Wikibase-specific parameters if the feature is disabled ok 150 MobileFrontend extendSearchParams.js > it adds the MobileFrontend configuration to given terms types ok 151 MobileFrontend extendSearchParams.js > it prioritizes MobileFrontend configuration ok 152 MobileFrontend extendSearchParams.js > it is variadic ok 153 MobileFrontend icons.js > #cancel() ok 154 MobileFrontend icons.js > #cancel(variant) ok 155 MobileFrontend icons.js > #cancel(, props) ok 156 MobileFrontend icons.js > #spinner(props) ok 157 MobileFrontend icons.js > #spinner() ok 158 MobileFrontend getDeviceLanguage > returns language code of device in lowercase ok 159 MobileFrontend languageOverlay.js > #constructor ok 160 MobileFrontend lazyImageLoader.js > #queryPlaceholders() empty ok 161 MobileFrontend lazyImageLoader.js > #queryPlaceholders() nonempty ok 162 MobileFrontend lazyImageLoader.js > #loadImage() copy attributes ok 163 MobileFrontend lazyImageLoader.js > #loadImage() loaded ok 164 MobileFrontend lazyImageLoader.js > #loadImage() load error ok 165 MobileFrontend lazyImageLoader.js > #loadImages() empty ok 166 MobileFrontend lazyImageLoader.js > #loadImages() nonempty ok 167 MobileFrontend lazyImageLoader.js > #loadImages() plural ok 168 MobileFrontend lazyImageLoader.js > #loadImages() one fails to load, one succeeds ok 169 MobileFrontend mfExtend.test.js > mfExtend() - extending from constructor ok 170 MobileFrontend mfExtend.test.js > mfExtend() - extending from object ok 171 MobileFrontend mfExtend.test.js > mfExtend() - extending from constructor with overrides ok 172 MobileFrontend ModuleLoader > #require ok 173 MobileFrontend ModuleLoader > #define ok 174 MobileFrontend pageJSONParser > .parse() ok 175 MobileFrontend promisedView.js > #constructor happyView ok 176 MobileFrontend promisedView.js > #constructor when promise rejects but not to a sadView ok 177 MobileFrontend promisedView.js > #constructor when promise rejects to a sadView ok 178 MobileFrontend promoCampaign.js > #showIfEligible throws when invalid ok 179 MobileFrontend promoCampaign.js > #showIfEligible when campaign off ok 180 MobileFrontend promoCampaign.js > #showIfEligible when user ineligible ok 181 MobileFrontend promoCampaign.js > #showIfEligible when storage is not available ok 182 MobileFrontend promoCampaign.js > #showIfEligible when storage key is ineligible ok 183 MobileFrontend promoCampaign.js > #showIfEligible when eligible ok 184 MobileFrontend promoCampaign.js > #showIfEligible when eligible and passed additional args ok 185 MobileFrontend promoCampaign.js > #makeActionIneligible when successful ok 186 MobileFrontend promoCampaign.js > #makeActionIneligible when unsuccessful ok 187 MobileFrontend promoCampaign.js > #makeActionIneligible when invalid action ok 188 MobileFrontend promoCampaign.js > #makeAllActionsIneligible ok 189 MobileFrontend promoCampaign.js > #isCampaignActive when true ok 190 MobileFrontend promoCampaign.js > #isCampaignActive when false ok 191 MobileFrontend ReferencesHtmlScraperGateway.test.js > getReference() checking good reference ok 192 MobileFrontend ReferencesHtmlScraperGateway.test.js > getReference() checking bad reference ok 193 MobileFrontend ReferencesHtmlScraperGateway.test.js > getReference() adds an extra class for external links ok 194 MobileFrontend: references > Bad reference not shown ok 195 MobileFrontend: references > Good reference causes render ok 196 MobileFrontend: references > Reference failure renders error in drawer ok 197 MobileFrontend: references > makeOnNestedReferenceClickHandler runs when associated with link ok 198 MobileFrontend: SearchGateway > ._highlightSearchTerm ok 199 MobileFrontend: SearchGateway > show redirect targets ok 200 MobileFrontend: SearchGateway > MobileFrontend SearchGateway (Wikidata Descriptions) > Wikidata Description in search results ok 201 MobileFrontend mobile.startup/SearchOverlay.js > renders correctly ok 202 MobileFrontend mobile.startup/SearchOverlay.js > resetSearch ok 203 MobileFrontend mobile.startup/SearchOverlay.js > onClickOverlayContent ok 204 MobileFrontend mobile.startup/SearchResultsView.js > renders correctly ok 205 MobileFrontend time.js > timeAgo() ok 206 MobileFrontend util.js > Promise.all() success ok 207 MobileFrontend util.js > Promise.all() reject ok 208 MobileFrontend util.js > escapeSelector() ok 209 MobileFrontend util.js > docReady() ok 210 MobileFrontend util.js > Deferred() - resolve ok 211 MobileFrontend util.js > Deferred() - reject ok 212 MobileFrontend util.js > getDocument() ok 213 MobileFrontend util.js > getWindow() ok 214 MobileFrontend util.js > parseHTML() ok 215 MobileFrontend util.js > extend() ok 216 MobileFrontend Watchstar.js > Render a watchstar ok 217 MobileFrontend: WatchstarGateway.js > getStatuses(nonempty) ok 218 MobileFrontend: WatchstarGateway.js > getStatuses(empty) ok 219 MobileFrontend: WatchstarGateway.js > getStatusesByID(nonempty) ok 220 MobileFrontend: WatchstarGateway.js > getStatusesByID(empty) ok 221 MobileFrontend: WatchstarGateway.js > getStatusesByTitle(nonempty) ok 222 MobileFrontend: WatchstarGateway.js > getStatusesByTitle(empty) ok 223 MobileFrontend: WatchstarGateway.js > _unmarshalGetResponse(nonempty) ok 224 MobileFrontend: WatchstarGateway.js > _unmarshalGetResponse(empty) ok 225 MobileFrontend mobile.startup/WatchstarPageList > Watchlist status check if no ids ok 226 MobileFrontend mobile.startup/WatchstarPageList > Checks watchlist status once 1..226 # pass 226 # skip 0 # todo 0 # fail 0 ----------------------------------|---------|----------|---------|---------|------------------------ File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s ----------------------------------|---------|----------|---------|---------|------------------------ All files | 64.92 | 51.82 | 59.17 | 64.91 | mobile.editor.overlay | 39.94 | 28.69 | 32.37 | 39.85 | BlockMessageDetails.js | 9.43 | 0 | 0 | 9.43 | 16-146 EditorGateway.js | 92.13 | 83.33 | 93.75 | 92.13 | ...116-117,235,299-303 EditorOverlayBase.js | 34.91 | 15.21 | 29.26 | 34.91 | ...584,672,720,724-809 SourceEditorOverlay.js | 41.37 | 27.27 | 29.72 | 41.37 | ...345,394,412,429-620 VisualEditorOverlay.js | 11.3 | 0 | 0 | 11.3 | 27-114,148-335 blockMessageDrawer.js | 21.73 | 0 | 25 | 21.73 | 31-58 identifyLeadParagraph.js | 94.11 | 83.33 | 100 | 93.75 | 23 parseBlockInfo.js | 69.56 | 62.5 | 75 | 69.56 | 27,37,46-47,61-65 saveFailureMessage.js | 11.11 | 0 | 0 | 11.11 | 12-28 setPreferredEditor.js | 20 | 0 | 0 | 20 | 7-12 mobile.init | 16.97 | 1.35 | 10 | 16.97 | editor.js | 6.73 | 0 | 0 | 6.73 | 32-575,579-586 editorLoadingOverlay.js | 69.69 | 50 | 62.5 | 69.69 | 38,43,59-74 fakeToolbar.js | 100 | 100 | 100 | 100 | lazyLoadedImages.js | 14.28 | 0 | 0 | 14.28 | 18-63,75-76,80 toggling.js | 5.55 | 0 | 0 | 5.55 | 3-54 mobile.languages.structured | 89.56 | 81.66 | 86.95 | 89.56 | LanguageSearcher.js | 90.19 | 95 | 80 | 90.19 | 151-157 mobile.languages.structured.js | 100 | 100 | 100 | 100 | rtlLanguages.js | 100 | 100 | 100 | 100 | util.js | 88.33 | 75 | 92.3 | 88.33 | 48,65,138-140,171,181 mobile.mediaViewer | 81.48 | 52 | 81.81 | 81.48 | ImageCarousel.js | 78.64 | 41.66 | 80 | 78.64 | ...289,338-339,346,367 ImageGateway.js | 95.23 | 78.57 | 100 | 95.23 | 56 LoadErrorMessage.js | 81.81 | 100 | 66.66 | 81.81 | 74-76 mobile.special.watchlist.scripts | 83.69 | 72.72 | 72.72 | 83.69 | ScrollEndEventEmitter.js | 80 | 60 | 87.5 | 80 | 130-136 WatchList.js | 74.19 | 50 | 44.44 | 74.19 | 39,93-126 WatchListGateway.js | 96.77 | 87.5 | 100 | 96.77 | 51 mobile.startup | 83 | 75.83 | 77.02 | 83.13 | Anchor.js | 100 | 100 | 100 | 100 | Browser.js | 96.66 | 93.75 | 100 | 96.66 | 71 Button.js | 95 | 83.33 | 100 | 95 | 34 CtaDrawer.js | 100 | 100 | 100 | 100 | Drawer.js | 100 | 100 | 90.9 | 100 | Icon.js | 94.44 | 87.5 | 100 | 94.44 | 48-50 IconButton.js | 100 | 87.5 | 100 | 100 | 56-59 LanguageInfo.js | 20 | 0 | 0 | 21.05 | 11,25-60 MessageBox.js | 100 | 100 | 100 | 100 | Overlay.js | 89.79 | 70 | 84.61 | 89.79 | 52,107,110,162-163 OverlayManager.js | 99.05 | 94.73 | 100 | 99.02 | 58 Page.js | 53.84 | 74.28 | 58.33 | 53.84 | ...132,153-163,184-191 PageHTMLParser.js | 95.83 | 93.61 | 92.3 | 95.77 | 44,90,239 PageList.js | 100 | 50 | 100 | 100 | 60 Section.js | 100 | 100 | 100 | 100 | Skin.js | 24.32 | 0 | 0 | 24.32 | 24-30,51-121,131-138 Thumbnail.js | 88.88 | 100 | 75 | 88.88 | 48 Toggler.js | 88.8 | 76.38 | 85 | 89.51 | ...312,326,351-357,375 View.js | 92.42 | 75 | 88.23 | 92.3 | 188,202-205,363 actionParams.js | 100 | 50 | 100 | 100 | 17 cache.js | 100 | 100 | 50 | 100 | currentPage.js | 90.9 | 75 | 100 | 90.9 | 26 currentPageHTMLParser.js | 83.33 | 50 | 100 | 83.33 | 19 eventBusSingleton.js | 100 | 100 | 100 | 100 | extendSearchParams.js | 94.44 | 70 | 100 | 94.44 | 67 headers.js | 100 | 100 | 100 | 100 | icons.js | 100 | 81.25 | 100 | 100 | 117,133-134 isCollapsedByDefault.js | 100 | 100 | 100 | 100 | loadingOverlay.js | 50 | 100 | 0 | 50 | 13-18 mfExtend.js | 100 | 100 | 100 | 100 | mobile.startup.js | 79.31 | 100 | 0 | 79.31 | 84-185 moduleLoader.js | 73.91 | 50 | 66.66 | 73.91 | 45-47,78-100 moduleLoaderSingleton.js | 100 | 100 | 100 | 100 | promisedView.js | 100 | 100 | 100 | 100 | sectionCollapsing.js | 6.06 | 0 | 0 | 6.25 | 15-82 showOnPageReload.js | 41.66 | 25 | 50 | 41.66 | 14-16,39-46 time.js | 24.24 | 9.09 | 16.66 | 24.24 | 32-144 util.js | 100 | 83.33 | 100 | 100 | 17 mobile.startup/amcOutreach | 84.37 | 50 | 75 | 84.37 | AmcEnableForm.js | 100 | 100 | 100 | 100 | amcOutreach.js | 61.53 | 0 | 0 | 61.53 | 51-94 amcOutreachDrawer.js | 100 | 100 | 100 | 100 | mobile.startup/languageOverlay | 79.31 | 100 | 54.54 | 82.14 | getDeviceLanguage.js | 100 | 100 | 100 | 100 | languageInfoOverlay.js | 54.54 | 100 | 0 | 60 | 15-39 languageOverlay.js | 93.33 | 100 | 83.33 | 93.33 | 34 mobile.startup/lazyImages | 93.33 | 88.88 | 100 | 93.33 | lazyImageLoader.js | 93.33 | 88.88 | 100 | 93.33 | 63,70 mobile.startup/mediaViewer | 63.63 | 100 | 0 | 63.63 | overlay.js | 63.63 | 100 | 0 | 63.63 | 22-39 mobile.startup/page | 100 | 87.5 | 100 | 100 | pageJSONParser.js | 100 | 87.5 | 100 | 100 | 19 mobile.startup/promoCampaign | 100 | 100 | 100 | 100 | promoCampaign.js | 100 | 100 | 100 | 100 | mobile.startup/references | 83.33 | 75 | 78.57 | 83.33 | ReferencesGateway.js | 100 | 100 | 100 | 100 | ReferencesHtmlScraperGateway.js | 95 | 87.5 | 100 | 95 | 43 references.js | 74.28 | 68.75 | 66.66 | 74.28 | 56,69,136-149 mobile.startup/search | 62.14 | 32 | 53.33 | 62.06 | SearchGateway.js | 91.66 | 50 | 84.61 | 91.3 | 56-57,176,183 SearchHeaderView.js | 57.14 | 0 | 66.66 | 57.14 | 34-39,71-76 SearchOverlay.js | 36.47 | 16.66 | 19.04 | 36.9 | ...200,207-210,224-305 SearchResultsView.js | 100 | 100 | 100 | 100 | searchHeader.js | 100 | 100 | 100 | 100 | mobile.startup/watchstar | 89.77 | 69.23 | 91.3 | 89.77 | WatchstarGateway.js | 84 | 80 | 90 | 84 | 116-123 WatchstarPageList.js | 95.45 | 75 | 100 | 95.45 | 93,127 watchstar.js | 84.21 | 50 | 50 | 84.21 | 27-30 ----------------------------------|---------|----------|---------|---------|------------------------ Checking the contents of resources/dist I will now check that you built them using the correct Node.js version v18.20.4. Note: You are using v18.19.0. Building assets... You are not running the required node version --- end --- Traceback (most recent call last): File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1864, in main libup.run(args.repo, args.output, args.branch) File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1809, in run self.npm_audit_fix(new_npm_audit) File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 275, in npm_audit_fix self.npm_test() File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 325, in npm_test self.check_call(["npm", "test"]) File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/shell2.py", line 59, in check_call res.check_returncode() File "/usr/lib/python3.11/subprocess.py", line 502, in check_returncode raise CalledProcessError(self.returncode, self.args, self.stdout, subprocess.CalledProcessError: Command '['/usr/bin/npm', 'test']' returned non-zero exit status 1.