This run took 41 seconds.
$ date
--- stdout ---
Wed Jun 11 00:11:19 UTC 2025
--- end ---
$ git clone file:///srv/git/labs-striker.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
beee8eb05cef7f16de8fec16864cac249683e297 refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@typescript-eslint/typescript-estree": {
"name": "@typescript-eslint/typescript-estree",
"severity": "low",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@typescript-eslint/utils"
],
"range": ">=6.16.0",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree"
],
"fixAvailable": true
},
"@typescript-eslint/utils": {
"name": "@typescript-eslint/utils",
"severity": "low",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree"
],
"effects": [],
"range": ">=6.16.0",
"nodes": [
"node_modules/@typescript-eslint/utils"
],
"fixAvailable": true
},
"brace-expansion": {
"name": "brace-expansion",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1105422,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion Regular Expression Denial of Service vulnerability",
"url": "https://github.com/advisories/GHSA-v6h2-p8h4-qcjw",
"severity": "low",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 3.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=2.0.1 <=4.0.0"
}
],
"effects": [
"minimatch"
],
"range": ">=2.0.1",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion",
"node_modules/eslint-plugin-n/node_modules/brace-expansion"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"eslint-config-wikimedia": {
"name": "eslint-config-wikimedia",
"severity": "low",
"isDirect": true,
"via": [
"eslint-plugin-n"
],
"effects": [],
"range": ">=0.28.0",
"nodes": [
"node_modules/eslint-config-wikimedia"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"eslint-plugin-n": {
"name": "eslint-plugin-n",
"severity": "low",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint-config-wikimedia"
],
"range": ">=17.0.0-0",
"nodes": [
"node_modules/eslint-plugin-n"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "low",
"isDirect": false,
"via": [
"brace-expansion"
],
"effects": [
"@typescript-eslint/typescript-estree",
"eslint-plugin-n"
],
"range": ">=5.0.0",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch",
"node_modules/eslint-plugin-n/node_modules/minimatch"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 6,
"moderate": 0,
"high": 0,
"critical": 0,
"total": 6
},
"dependencies": {
"prod": 35,
"dev": 392,
"optional": 55,
"peer": 18,
"peerOptional": 0,
"total": 499
}
}
}
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@typescript-eslint/typescript-estree": {
"name": "@typescript-eslint/typescript-estree",
"severity": "low",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@typescript-eslint/utils"
],
"range": ">=6.16.0",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree"
],
"fixAvailable": true
},
"@typescript-eslint/utils": {
"name": "@typescript-eslint/utils",
"severity": "low",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree"
],
"effects": [],
"range": ">=6.16.0",
"nodes": [
"node_modules/@typescript-eslint/utils"
],
"fixAvailable": true
},
"brace-expansion": {
"name": "brace-expansion",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1105422,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion Regular Expression Denial of Service vulnerability",
"url": "https://github.com/advisories/GHSA-v6h2-p8h4-qcjw",
"severity": "low",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 3.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=2.0.1 <=4.0.0"
}
],
"effects": [
"minimatch"
],
"range": ">=2.0.1",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion",
"node_modules/eslint-plugin-n/node_modules/brace-expansion"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"eslint-config-wikimedia": {
"name": "eslint-config-wikimedia",
"severity": "low",
"isDirect": true,
"via": [
"eslint-plugin-n"
],
"effects": [],
"range": ">=0.28.0",
"nodes": [
"node_modules/eslint-config-wikimedia"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"eslint-plugin-n": {
"name": "eslint-plugin-n",
"severity": "low",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint-config-wikimedia"
],
"range": ">=17.0.0-0",
"nodes": [
"node_modules/eslint-plugin-n"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "low",
"isDirect": false,
"via": [
"brace-expansion"
],
"effects": [
"@typescript-eslint/typescript-estree",
"eslint-plugin-n"
],
"range": ">=5.0.0",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch",
"node_modules/eslint-plugin-n/node_modules/minimatch"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 6,
"moderate": 0,
"high": 0,
"critical": 0,
"total": 6
},
"dependencies": {
"prod": 35,
"dev": 392,
"optional": 55,
"peer": 18,
"peerOptional": 0,
"total": 499
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
"added": 503,
"removed": 0,
"changed": 0,
"audited": 504,
"funding": 101,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"@typescript-eslint/typescript-estree": {
"name": "@typescript-eslint/typescript-estree",
"severity": "low",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@typescript-eslint/utils"
],
"range": ">=6.16.0",
"nodes": [
""
],
"fixAvailable": true
},
"@typescript-eslint/utils": {
"name": "@typescript-eslint/utils",
"severity": "low",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree"
],
"effects": [],
"range": ">=6.16.0",
"nodes": [
""
],
"fixAvailable": true
},
"brace-expansion": {
"name": "brace-expansion",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1105422,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion Regular Expression Denial of Service vulnerability",
"url": "https://github.com/advisories/GHSA-v6h2-p8h4-qcjw",
"severity": "low",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 3.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=2.0.1 <=4.0.0"
}
],
"effects": [
"minimatch"
],
"range": ">=2.0.1",
"nodes": [
"",
"node_modules/eslint-plugin-n/node_modules/brace-expansion"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"eslint-config-wikimedia": {
"name": "eslint-config-wikimedia",
"severity": "low",
"isDirect": true,
"via": [
"eslint-plugin-n"
],
"effects": [],
"range": ">=0.28.0",
"nodes": [
"node_modules/eslint-config-wikimedia"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"eslint-plugin-n": {
"name": "eslint-plugin-n",
"severity": "low",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint-config-wikimedia"
],
"range": ">=17.0.0-0",
"nodes": [
""
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "low",
"isDirect": false,
"via": [
"brace-expansion"
],
"effects": [
"@typescript-eslint/typescript-estree",
"eslint-plugin-n"
],
"range": ">=5.0.0",
"nodes": [
"",
"node_modules/eslint-plugin-n/node_modules/minimatch"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.27.0",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 6,
"moderate": 0,
"high": 0,
"critical": 0,
"total": 6
},
"dependencies": {
"prod": 35,
"dev": 396,
"optional": 55,
"peer": 18,
"peerOptional": 0,
"total": 503
}
}
}
}
--- end ---
{"added": 503, "removed": 0, "changed": 0, "audited": 504, "funding": 101, "audit": {"auditReportVersion": 2, "vulnerabilities": {"@typescript-eslint/typescript-estree": {"name": "@typescript-eslint/typescript-estree", "severity": "low", "isDirect": false, "via": ["minimatch"], "effects": ["@typescript-eslint/utils"], "range": ">=6.16.0", "nodes": [""], "fixAvailable": true}, "@typescript-eslint/utils": {"name": "@typescript-eslint/utils", "severity": "low", "isDirect": false, "via": ["@typescript-eslint/typescript-estree"], "effects": [], "range": ">=6.16.0", "nodes": [""], "fixAvailable": true}, "brace-expansion": {"name": "brace-expansion", "severity": "low", "isDirect": false, "via": [{"source": 1105422, "name": "brace-expansion", "dependency": "brace-expansion", "title": "brace-expansion Regular Expression Denial of Service vulnerability", "url": "https://github.com/advisories/GHSA-v6h2-p8h4-qcjw", "severity": "low", "cwe": ["CWE-400"], "cvss": {"score": 3.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}, "range": ">=2.0.1 <=4.0.0"}], "effects": ["minimatch"], "range": ">=2.0.1", "nodes": ["", "node_modules/eslint-plugin-n/node_modules/brace-expansion"], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.27.0", "isSemVerMajor": true}}, "eslint-config-wikimedia": {"name": "eslint-config-wikimedia", "severity": "low", "isDirect": true, "via": ["eslint-plugin-n"], "effects": [], "range": ">=0.28.0", "nodes": ["node_modules/eslint-config-wikimedia"], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.27.0", "isSemVerMajor": true}}, "eslint-plugin-n": {"name": "eslint-plugin-n", "severity": "low", "isDirect": false, "via": ["minimatch"], "effects": ["eslint-config-wikimedia"], "range": ">=17.0.0-0", "nodes": [""], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.27.0", "isSemVerMajor": true}}, "minimatch": {"name": "minimatch", "severity": "low", "isDirect": false, "via": ["brace-expansion"], "effects": ["@typescript-eslint/typescript-estree", "eslint-plugin-n"], "range": ">=5.0.0", "nodes": ["", "node_modules/eslint-plugin-n/node_modules/minimatch"], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.27.0", "isSemVerMajor": true}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 6, "moderate": 0, "high": 0, "critical": 0, "total": 6}, "dependencies": {"prod": 35, "dev": 396, "optional": 55, "peer": 18, "peerOptional": 0, "total": 503}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated osenv@0.1.5: This package is no longer supported.
npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.1.7: Glob versions prior to v9 are no longer supported
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---
added 460 packages, and audited 461 packages in 7s
101 packages are looking for funding
run `npm fund` for details
# npm audit report
brace-expansion >=2.0.1
brace-expansion Regular Expression Denial of Service vulnerability - https://github.com/advisories/GHSA-v6h2-p8h4-qcjw
fix available via `npm audit fix --force`
Will install eslint-config-wikimedia@0.27.0, which is a breaking change
node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion
node_modules/eslint-plugin-n/node_modules/brace-expansion
minimatch >=5.0.0
Depends on vulnerable versions of brace-expansion
node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch
node_modules/eslint-plugin-n/node_modules/minimatch
@typescript-eslint/typescript-estree >=6.16.0
Depends on vulnerable versions of minimatch
node_modules/@typescript-eslint/typescript-estree
@typescript-eslint/utils >=6.16.0
Depends on vulnerable versions of @typescript-eslint/typescript-estree
node_modules/@typescript-eslint/utils
eslint-plugin-n >=17.0.0-0
Depends on vulnerable versions of @typescript-eslint/utils
Depends on vulnerable versions of minimatch
node_modules/eslint-plugin-n
eslint-config-wikimedia >=0.28.0
Depends on vulnerable versions of eslint-plugin-n
node_modules/eslint-config-wikimedia
6 low severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated osenv@0.1.5: This package is no longer supported.
npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.1.7: Glob versions prior to v9 are no longer supported
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---
added 460 packages, and audited 461 packages in 7s
101 packages are looking for funding
run `npm fund` for details
6 low severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stdout ---
> test
> grunt test
Running "eslint:all" (eslint) task
/src/repo/docker-compose.yaml
114:15 error Must use plain style scalar yml/plain-scalar
122:9 error Must use block style sequences yml/block-sequence
123:11 error Must use plain style scalar yml/plain-scalar
124:11 error Must use plain style scalar yml/plain-scalar
125:11 error Must use plain style scalar yml/plain-scalar
126:11 error Must use plain style scalar yml/plain-scalar
127:11 error Must use plain style scalar yml/plain-scalar
230:12 error Must use plain style scalar yml/plain-scalar
231:5 error Expected space after '#' in comment yml/spaced-comment
331:15 error Must use plain style scalar yml/plain-scalar
364:31 error Strings must use doublequote yml/quotes
✖ 11 problems (11 errors, 0 warnings)
11 errors and 0 warnings potentially fixable with the `--fix` option.
Warning: Task "eslint:all" failed. Use --force to continue.
Aborted due to warnings.
--- end ---
Traceback (most recent call last):
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 2026, in main
libup.run(args.repo, args.output, args.branch)
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1968, in run
self.npm_audit_fix(new_npm_audit)
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 275, in npm_audit_fix
self.npm_test()
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 325, in npm_test
self.check_call(["npm", "test"])
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/shell2.py", line 63, in check_call
res.check_returncode()
File "/usr/lib/python3.11/subprocess.py", line 502, in check_returncode
raise CalledProcessError(self.returncode, self.args, self.stdout,
subprocess.CalledProcessError: Command '['/usr/bin/npm', 'test']' returned non-zero exit status 3.