This run took 92 seconds.
From a9a264a3fc9f7f035755212feb1f78e62a0aa3fd Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Mon, 23 Feb 2026 22:58:57 +0000
Subject: [PATCH] build: Updating composer dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* mediawiki/mediawiki-codesniffer: 49.0.0 → 50.0.0
* mediawiki/mediawiki-phan-config: 0.18.0 → 0.19.0
Change-Id: I9ccbef48cfad10c14bd91722bbd13f1b5790b442
---
composer.json | 4 +-
package-lock.json | 208 ++++++++++++++++++++++++++++------------------
2 files changed, 127 insertions(+), 85 deletions(-)
diff --git a/composer.json b/composer.json
index 75888dc..40dcac2 100644
--- a/composer.json
+++ b/composer.json
@@ -1,7 +1,7 @@
{
"require-dev": {
- "mediawiki/mediawiki-codesniffer": "49.0.0",
- "mediawiki/mediawiki-phan-config": "0.18.0",
+ "mediawiki/mediawiki-codesniffer": "50.0.0",
+ "mediawiki/mediawiki-phan-config": "0.19.0",
"mediawiki/minus-x": "2.0.1",
"php-parallel-lint/php-console-highlighter": "1.0.0",
"php-parallel-lint/php-parallel-lint": "1.4.0"
diff --git a/package-lock.json b/package-lock.json
index 2ec4a0a..b4fd6e8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -313,9 +313,9 @@
}
},
"node_modules/@eslint/eslintrc/node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"dependencies": {
"brace-expansion": "^1.1.7"
@@ -1148,13 +1148,25 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
+ "node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
+ "version": "4.0.4",
+ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+ "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+ "dev": true,
+ "engines": {
+ "node": "18 || 20 || >=22"
+ }
+ },
"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "5.0.3",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
+ "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
"dev": true,
"dependencies": {
- "balanced-match": "^1.0.0"
+ "balanced-match": "^4.0.2"
+ },
+ "engines": {
+ "node": "18 || 20 || >=22"
}
},
"node_modules/@typescript-eslint/typescript-estree/node_modules/debug": {
@@ -1175,12 +1187,12 @@
}
},
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "9.0.6",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.6.tgz",
+ "integrity": "sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^5.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -1395,9 +1407,9 @@
}
},
"node_modules/@wdio/config/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -4273,9 +4285,9 @@
}
},
"node_modules/eslint/node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"dependencies": {
"brace-expansion": "^1.1.7"
@@ -4647,33 +4659,51 @@
}
},
"node_modules/filelist": {
- "version": "1.0.4",
- "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
- "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==",
+ "version": "1.0.5",
+ "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.5.tgz",
+ "integrity": "sha512-ct/ckWBV/9Dg3MlvCXsLcSUyoWwv9mCKqlhLNB2DAuXR/NZolSXlQqP5dyy6guWlPXBhodZyZ5lGPQcbQDxrEQ==",
"dev": true,
"dependencies": {
- "minimatch": "^5.0.1"
+ "minimatch": "^10.2.1"
+ },
+ "engines": {
+ "node": "20 || >=22"
+ }
+ },
+ "node_modules/filelist/node_modules/balanced-match": {
+ "version": "4.0.4",
+ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+ "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+ "dev": true,
+ "engines": {
+ "node": "18 || 20 || >=22"
}
},
"node_modules/filelist/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "5.0.3",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
+ "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
"dev": true,
"dependencies": {
- "balanced-match": "^1.0.0"
+ "balanced-match": "^4.0.2"
+ },
+ "engines": {
+ "node": "18 || 20 || >=22"
}
},
"node_modules/filelist/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "10.2.2",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.2.tgz",
+ "integrity": "sha512-+G4CpNBxa5MprY+04MbgOw1v7So6n5JY166pFi9KfYwT78fxScCeSNQSNzp6dpPSW2rONOps6Ocam1wFhCgoVw==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^5.0.2"
},
"engines": {
- "node": ">=10"
+ "node": "18 || 20 || >=22"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/isaacs"
}
},
"node_modules/fill-range": {
@@ -6708,9 +6738,9 @@
}
},
"node_modules/mocha/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -7841,9 +7871,9 @@
}
},
"node_modules/readdir-glob/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -9458,9 +9488,9 @@
}
},
"node_modules/webdriverio/node_modules/minimatch": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-6.2.0.tgz",
- "integrity": "sha512-sauLxniAmvnhhRjFwPNnJKaPFYyddAgbYdeUpHULtCT/GhzdCx/MDNy+Y40lBxTQUrMzDE8e0S43Z5uqfO0REg==",
+ "version": "6.2.1",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-6.2.1.tgz",
+ "integrity": "sha512-C5ir1Ql7cVnkJLOtpgK9vf2P4ufJu9Hm9fwTznllGARCWOqBf+UB48yZwQyban6r7Lesm05ZOzO6JyVOzItjZQ==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -9836,9 +9866,9 @@
}
},
"node_modules/zip-stream/node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"dependencies": {
"brace-expansion": "^1.1.7"
@@ -10037,9 +10067,9 @@
}
},
"minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"requires": {
"brace-expansion": "^1.1.7"
@@ -10693,13 +10723,19 @@
"ts-api-utils": "^2.1.0"
},
"dependencies": {
+ "balanced-match": {
+ "version": "4.0.4",
+ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+ "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+ "dev": true
+ },
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "5.0.3",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
+ "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
"dev": true,
"requires": {
- "balanced-match": "^1.0.0"
+ "balanced-match": "^4.0.2"
}
},
"debug": {
@@ -10712,12 +10748,12 @@
}
},
"minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "9.0.6",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.6.tgz",
+ "integrity": "sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^5.0.2"
}
},
"ms": {
@@ -10877,9 +10913,9 @@
}
},
"minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -12449,9 +12485,9 @@
}
},
"minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"requires": {
"brace-expansion": "^1.1.7"
@@ -13234,30 +13270,36 @@
}
},
"filelist": {
- "version": "1.0.4",
- "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
- "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==",
+ "version": "1.0.5",
+ "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.5.tgz",
+ "integrity": "sha512-ct/ckWBV/9Dg3MlvCXsLcSUyoWwv9mCKqlhLNB2DAuXR/NZolSXlQqP5dyy6guWlPXBhodZyZ5lGPQcbQDxrEQ==",
"dev": true,
"requires": {
- "minimatch": "^5.0.1"
+ "minimatch": "^10.2.1"
},
"dependencies": {
+ "balanced-match": {
+ "version": "4.0.4",
+ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+ "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+ "dev": true
+ },
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "5.0.3",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
+ "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
"dev": true,
"requires": {
- "balanced-match": "^1.0.0"
+ "balanced-match": "^4.0.2"
}
},
"minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "10.2.2",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.2.tgz",
+ "integrity": "sha512-+G4CpNBxa5MprY+04MbgOw1v7So6n5JY166pFi9KfYwT78fxScCeSNQSNzp6dpPSW2rONOps6Ocam1wFhCgoVw==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^5.0.2"
}
}
}
@@ -14812,9 +14854,9 @@
}
},
"minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -15642,9 +15684,9 @@
}
},
"minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -16817,9 +16859,9 @@
}
},
"minimatch": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-6.2.0.tgz",
- "integrity": "sha512-sauLxniAmvnhhRjFwPNnJKaPFYyddAgbYdeUpHULtCT/GhzdCx/MDNy+Y40lBxTQUrMzDE8e0S43Z5uqfO0REg==",
+ "version": "6.2.1",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-6.2.1.tgz",
+ "integrity": "sha512-C5ir1Ql7cVnkJLOtpgK9vf2P4ufJu9Hm9fwTznllGARCWOqBf+UB48yZwQyban6r7Lesm05ZOzO6JyVOzItjZQ==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -17094,9 +17136,9 @@
}
},
"minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"requires": {
"brace-expansion": "^1.1.7"
--
2.47.3
$ date
--- stdout ---
Mon Feb 23 22:57:45 UTC 2026
--- end ---
$ git clone file:///srv/git/mediawiki-extensions-AdvancedSearch.git /src/repo --depth=1 -b master
--- stderr ---
Cloning into '/src/repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
018a91eb152b61cef2ae8c68af06cd6d006e6e66 refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@eslint/eslintrc": {
"name": "@eslint/eslintrc",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint"
],
"range": "0.0.1 || >=0.1.1",
"nodes": [
"node_modules/@eslint/eslintrc"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@humanwhocodes/config-array": {
"name": "@humanwhocodes/config-array",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint"
],
"range": "*",
"nodes": [
"node_modules/@humanwhocodes/config-array"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/eslint-plugin": {
"name": "@typescript-eslint/eslint-plugin",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/type-utils",
"@typescript-eslint/utils",
"eslint"
],
"effects": [],
"range": "<=8.55.1-alpha.3",
"nodes": [
"node_modules/@typescript-eslint/eslint-plugin"
],
"fixAvailable": true
},
"@typescript-eslint/parser": {
"name": "@typescript-eslint/parser",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"eslint"
],
"effects": [
"eslint-config-wikimedia"
],
"range": "1.1.1-alpha.0 - 8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/parser"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/type-utils": {
"name": "@typescript-eslint/type-utils",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"@typescript-eslint/utils",
"eslint"
],
"effects": [
"@typescript-eslint/eslint-plugin"
],
"range": "5.9.2-alpha.0 - 8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/type-utils"
],
"fixAvailable": true
},
"@typescript-eslint/typescript-estree": {
"name": "@typescript-eslint/typescript-estree",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils"
],
"range": "6.16.0 - 8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/utils": {
"name": "@typescript-eslint/utils",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"eslint"
],
"effects": [
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/type-utils"
],
"range": "<=8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/utils"
],
"fixAvailable": true
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/config",
"inquirer",
"recursive-readdir",
"webdriverio",
"yarn-install"
],
"effects": [
"@wdio/junit-reporter",
"@wdio/local-runner",
"@wdio/spec-reporter"
],
"range": "*",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/config": {
"name": "@wdio/config",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"@wdio/cli",
"@wdio/runner",
"devtools",
"webdriver",
"webdriverio"
],
"range": "*",
"nodes": [
"node_modules/@wdio/config"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/junit-reporter": {
"name": "@wdio/junit-reporter",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli"
],
"effects": [],
"range": "7.0.1 - 8.0.0-alpha.631",
"nodes": [
"node_modules/@wdio/junit-reporter"
],
"fixAvailable": {
"name": "@wdio/junit-reporter",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli",
"@wdio/runner"
],
"effects": [],
"range": "6.3.0 - 9.8.0",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/mocha-framework": {
"name": "@wdio/mocha-framework",
"severity": "high",
"isDirect": true,
"via": [
"mocha"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@wdio/mocha-framework"
],
"fixAvailable": false
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"gaze",
"webdriver",
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": "*",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/spec-reporter": {
"name": "@wdio/spec-reporter",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli"
],
"effects": [],
"range": "7.0.1 - 8.0.0-alpha.631",
"nodes": [
"node_modules/@wdio/spec-reporter"
],
"fixAvailable": {
"name": "@wdio/spec-reporter",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"archiver": {
"name": "archiver",
"severity": "high",
"isDirect": false,
"via": [
"archiver-utils",
"readdir-glob",
"zip-stream"
],
"effects": [
"webdriverio"
],
"range": ">=0.20.0",
"nodes": [
"node_modules/archiver"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"archiver-utils": {
"name": "archiver-utils",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"archiver",
"zip-stream"
],
"range": ">=0.2.0",
"nodes": [
"node_modules/archiver-utils",
"node_modules/zip-stream/node_modules/archiver-utils"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"cross-spawn": {
"name": "cross-spawn",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1104663,
"name": "cross-spawn",
"dependency": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.0.6"
}
],
"effects": [
"yarn-install"
],
"range": "<6.0.6",
"nodes": [
"node_modules/cross-spawn"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"devtools": {
"name": "devtools",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"puppeteer-core"
],
"effects": [],
"range": ">=5.13.0-alpha.0",
"nodes": [
"node_modules/devtools"
],
"fixAvailable": true
},
"doiuse": {
"name": "doiuse",
"severity": "high",
"isDirect": false,
"via": [
"multimatch"
],
"effects": [
"stylelint-no-unsupported-browser-features"
],
"range": ">=2.2.0",
"nodes": [
"node_modules/doiuse"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"eslint": {
"name": "eslint",
"severity": "high",
"isDirect": false,
"via": [
"@eslint/eslintrc",
"@humanwhocodes/config-array",
"file-entry-cache",
"minimatch"
],
"effects": [
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils",
"eslint-config-wikimedia",
"eslint-plugin-jsdoc",
"eslint-plugin-vue",
"grunt-eslint"
],
"range": "0.7.1 - 2.0.0-rc.1 || 4.1.0 - 10.0.0-rc.2",
"nodes": [
"node_modules/eslint"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"eslint-config-wikimedia": {
"name": "eslint-config-wikimedia",
"severity": "high",
"isDirect": true,
"via": [
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/parser",
"eslint",
"eslint-plugin-jsdoc",
"eslint-plugin-vue"
],
"effects": [],
"range": ">=0.9.0",
"nodes": [
"node_modules/eslint-config-wikimedia"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"eslint-plugin-jsdoc": {
"name": "eslint-plugin-jsdoc",
"severity": "high",
"isDirect": false,
"via": [
"eslint"
],
"effects": [
"eslint-config-wikimedia"
],
"range": "8.4.4 - 62.6.1",
"nodes": [
"node_modules/eslint-plugin-jsdoc"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"eslint-plugin-vue": {
"name": "eslint-plugin-vue",
"severity": "high",
"isDirect": false,
"via": [
"eslint"
],
"effects": [
"eslint-config-wikimedia"
],
"range": "5.0.0-beta.0 - 10.7.0",
"nodes": [
"node_modules/eslint-plugin-vue"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"external-editor": {
"name": "external-editor",
"severity": "low",
"isDirect": false,
"via": [
"tmp"
],
"effects": [
"inquirer"
],
"range": ">=1.1.1",
"nodes": [
"node_modules/external-editor"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"file-entry-cache": {
"name": "file-entry-cache",
"severity": "high",
"isDirect": false,
"via": [
"flat-cache"
],
"effects": [
"eslint"
],
"range": "4.0.0 - 7.0.2",
"nodes": [
"node_modules/file-entry-cache"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"filelist": {
"name": "filelist",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [],
"range": "0.0.2 - 1.0.4",
"nodes": [
"node_modules/filelist"
],
"fixAvailable": true
},
"flat-cache": {
"name": "flat-cache",
"severity": "high",
"isDirect": false,
"via": [
"rimraf"
],
"effects": [
"file-entry-cache"
],
"range": "1.3.4 - 4.0.0",
"nodes": [
"node_modules/flat-cache"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"form-data": {
"name": "form-data",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1109540,
"name": "form-data",
"dependency": "form-data",
"title": "form-data uses unsafe random function in form-data for choosing boundary",
"url": "https://github.com/advisories/GHSA-fjxv-7rqg-78g4",
"severity": "critical",
"cwe": [
"CWE-330"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<2.5.4"
}
],
"effects": [
"request"
],
"range": "<2.5.4",
"nodes": [
"node_modules/form-data"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"gaze": {
"name": "gaze",
"severity": "high",
"isDirect": false,
"via": [
"globule"
],
"effects": [
"@wdio/runner"
],
"range": ">=0.4.0",
"nodes": [
"node_modules/gaze"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"glob": {
"name": "glob",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@wdio/config",
"archiver-utils",
"mocha",
"rimraf"
],
"range": "3.0.0 - 10.5.0",
"nodes": [
"node_modules/@wdio/config/node_modules/glob",
"node_modules/glob",
"node_modules/mocha/node_modules/glob",
"node_modules/zip-stream/node_modules/glob"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"globule": {
"name": "globule",
"severity": "high",
"isDirect": false,
"via": [
"glob",
"minimatch"
],
"effects": [
"gaze"
],
"range": "*",
"nodes": [
"node_modules/globule"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"grunt": {
"name": "grunt",
"severity": "high",
"isDirect": true,
"via": [
"glob",
"minimatch"
],
"effects": [
"grunt-eslint"
],
"range": ">=0.4.0-a",
"nodes": [
"node_modules/grunt"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"grunt-eslint": {
"name": "grunt-eslint",
"severity": "high",
"isDirect": true,
"via": [
"eslint",
"grunt"
],
"effects": [],
"range": "<=17.3.2 || >=18.1.0",
"nodes": [
"node_modules/grunt-eslint"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "20.2.0",
"isSemVerMajor": true
}
},
"inquirer": {
"name": "inquirer",
"severity": "low",
"isDirect": false,
"via": [
"external-editor"
],
"effects": [
"@wdio/cli"
],
"range": "3.0.0 - 8.2.6 || 9.0.0 - 9.3.7",
"nodes": [
"node_modules/inquirer"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113371,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<10.2.1"
}
],
"effects": [
"@eslint/eslintrc",
"@humanwhocodes/config-array",
"@typescript-eslint/typescript-estree",
"eslint",
"filelist",
"glob",
"globule",
"grunt",
"mocha",
"multimatch",
"readdir-glob",
"recursive-readdir",
"webdriverio"
],
"range": "<10.2.1",
"nodes": [
"node_modules/@eslint/eslintrc/node_modules/minimatch",
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch",
"node_modules/@wdio/config/node_modules/minimatch",
"node_modules/eslint/node_modules/minimatch",
"node_modules/filelist/node_modules/minimatch",
"node_modules/minimatch",
"node_modules/mocha/node_modules/minimatch",
"node_modules/readdir-glob/node_modules/minimatch",
"node_modules/recursive-readdir/node_modules/minimatch",
"node_modules/webdriverio/node_modules/minimatch",
"node_modules/zip-stream/node_modules/minimatch"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"mocha": {
"name": "mocha",
"severity": "high",
"isDirect": false,
"via": [
"glob",
"minimatch"
],
"effects": [
"@wdio/mocha-framework"
],
"range": ">=1.10.0",
"nodes": [
"node_modules/mocha"
],
"fixAvailable": false
},
"multimatch": {
"name": "multimatch",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"doiuse"
],
"range": "<=7.0.0",
"nodes": [
"node_modules/multimatch"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"puppeteer-core": {
"name": "puppeteer-core",
"severity": "high",
"isDirect": false,
"via": [
"rimraf",
"tar-fs",
"ws"
],
"effects": [
"devtools",
"webdriverio"
],
"range": "<=22.11.1",
"nodes": [
"node_modules/devtools/node_modules/puppeteer-core",
"node_modules/puppeteer-core"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"qs": {
"name": "qs",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113132,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "high",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.14.1"
}
],
"effects": [
"request"
],
"range": "<6.14.1",
"nodes": [
"node_modules/qs"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"readdir-glob": {
"name": "readdir-glob",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"archiver"
],
"range": "<=2.0.1 || 2.0.3",
"nodes": [
"node_modules/readdir-glob"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"recursive-readdir": {
"name": "recursive-readdir",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@wdio/cli"
],
"range": ">=1.2.0",
"nodes": [
"node_modules/recursive-readdir"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"form-data",
"qs",
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"rimraf": {
"name": "rimraf",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"flat-cache",
"puppeteer-core"
],
"range": "2.3.0 - 3.0.2 || 4.2.0 - 5.0.10",
"nodes": [
"node_modules/rimraf"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"stylelint-config-wikimedia": {
"name": "stylelint-config-wikimedia",
"severity": "high",
"isDirect": true,
"via": [
"stylelint-no-unsupported-browser-features"
],
"effects": [],
"range": ">=0.10.2",
"nodes": [
"node_modules/stylelint-config-wikimedia"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"stylelint-no-unsupported-browser-features": {
"name": "stylelint-no-unsupported-browser-features",
"severity": "high",
"isDirect": false,
"via": [
"doiuse"
],
"effects": [
"stylelint-config-wikimedia"
],
"range": "*",
"nodes": [
"node_modules/stylelint-no-unsupported-browser-features"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"tar-fs": {
"name": "tar-fs",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1109532,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball",
"url": "https://github.com/advisories/GHSA-vj76-c3g6-qr5v",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-61"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=2.0.0 <2.1.4"
},
{
"source": 1109543,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs can extract outside the specified dir with a specific tarball",
"url": "https://github.com/advisories/GHSA-8cj5-5rvv-wf4v",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=2.0.0 <2.1.3"
},
{
"source": 1109552,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs Vulnerable to Link Following and Path Traversal via Extracting a Crafted tar File",
"url": "https://github.com/advisories/GHSA-pq67-2wwv-3xjx",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
},
"range": ">=2.0.0 <2.1.2"
}
],
"effects": [
"puppeteer-core"
],
"range": "2.0.0 - 2.1.3",
"nodes": [
"node_modules/tar-fs"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"tmp": {
"name": "tmp",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1109537,
"name": "tmp",
"dependency": "tmp",
"title": "tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter",
"url": "https://github.com/advisories/GHSA-52f5-9888-hmc6",
"severity": "low",
"cwe": [
"CWE-59"
],
"cvss": {
"score": 2.5,
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<=0.2.3"
}
],
"effects": [
"external-editor"
],
"range": "<=0.2.3",
"nodes": [
"node_modules/tmp"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "<=5.1.0",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"webdriver": {
"name": "webdriver",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config"
],
"effects": [
"@wdio/runner"
],
"range": ">=5.0.0-alpha.2",
"nodes": [
"node_modules/webdriver"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"webdriverio": {
"name": "webdriverio",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"archiver",
"devtools",
"minimatch",
"puppeteer-core",
"webdriver"
],
"effects": [
"@wdio/cli",
"@wdio/runner"
],
"range": ">=5.0.0-alpha.2",
"nodes": [
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"ws": {
"name": "ws",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098392,
"name": "ws",
"dependency": "ws",
"title": "ws affected by a DoS when handling a request with many HTTP headers",
"url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q",
"severity": "high",
"cwe": [
"CWE-476"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=8.0.0 <8.17.1"
}
],
"effects": [
"puppeteer-core"
],
"range": "8.0.0 - 8.17.0",
"nodes": [
"node_modules/devtools/node_modules/ws",
"node_modules/ws"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"yarn-install": {
"name": "yarn-install",
"severity": "high",
"isDirect": false,
"via": [
"cross-spawn"
],
"effects": [
"@wdio/cli"
],
"range": "*",
"nodes": [
"node_modules/yarn-install"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"zip-stream": {
"name": "zip-stream",
"severity": "high",
"isDirect": false,
"via": [
"archiver-utils"
],
"effects": [],
"range": "0.8.0 - 6.0.1",
"nodes": [
"node_modules/zip-stream"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 3,
"moderate": 3,
"high": 47,
"critical": 2,
"total": 55
},
"dependencies": {
"prod": 1,
"dev": 831,
"optional": 2,
"peer": 1,
"peerOptional": 0,
"total": 831
}
}
}
--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 38 installs, 0 updates, 0 removals
- Locking composer/pcre (3.3.2)
- Locking composer/semver (3.4.4)
- Locking composer/spdx-licenses (1.5.9)
- Locking composer/xdebug-handler (3.0.5)
- Locking dealerdirect/phpcodesniffer-composer-installer (v1.2.0)
- Locking doctrine/deprecations (1.1.6)
- Locking felixfbecker/advanced-json-rpc (v3.2.1)
- Locking mediawiki/mediawiki-codesniffer (v49.0.0)
- Locking mediawiki/mediawiki-phan-config (0.18.0)
- Locking mediawiki/minus-x (2.0.1)
- Locking mediawiki/phan-taint-check-plugin (8.0.0)
- Locking microsoft/tolerant-php-parser (v0.1.2)
- Locking netresearch/jsonmapper (v4.5.0)
- Locking phan/phan (5.5.2)
- Locking php-parallel-lint/php-console-color (v1.0.1)
- Locking php-parallel-lint/php-console-highlighter (v1.0.0)
- Locking php-parallel-lint/php-parallel-lint (v1.4.0)
- Locking phpcsstandards/phpcsextra (1.4.0)
- Locking phpcsstandards/phpcsutils (1.2.2)
- Locking phpdocumentor/reflection-common (2.2.0)
- Locking phpdocumentor/reflection-docblock (5.6.6)
- Locking phpdocumentor/type-resolver (1.12.0)
- Locking phpstan/phpdoc-parser (2.3.2)
- Locking psr/container (2.0.2)
- Locking psr/log (3.0.2)
- Locking sabre/event (5.1.7)
- Locking squizlabs/php_codesniffer (3.13.5)
- Locking symfony/console (v7.4.4)
- Locking symfony/deprecation-contracts (v3.6.0)
- Locking symfony/polyfill-ctype (v1.33.0)
- Locking symfony/polyfill-intl-grapheme (v1.33.0)
- Locking symfony/polyfill-intl-normalizer (v1.33.0)
- Locking symfony/polyfill-mbstring (v1.33.0)
- Locking symfony/polyfill-php80 (v1.33.0)
- Locking symfony/service-contracts (v3.6.1)
- Locking symfony/string (v8.0.4)
- Locking tysonandre/var_representation_polyfill (0.1.3)
- Locking webmozart/assert (2.1.5)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 38 installs, 0 updates, 0 removals
0 [>---------------------------] 0 [->--------------------------]
- Installing squizlabs/php_codesniffer (3.13.5): Extracting archive
- Installing dealerdirect/phpcodesniffer-composer-installer (v1.2.0): Extracting archive
- Installing composer/pcre (3.3.2): Extracting archive
- Installing phpcsstandards/phpcsutils (1.2.2): Extracting archive
- Installing phpcsstandards/phpcsextra (1.4.0): Extracting archive
- Installing symfony/polyfill-mbstring (v1.33.0): Extracting archive
- Installing composer/spdx-licenses (1.5.9): Extracting archive
- Installing composer/semver (3.4.4): Extracting archive
- Installing mediawiki/mediawiki-codesniffer (v49.0.0): Extracting archive
- Installing tysonandre/var_representation_polyfill (0.1.3): Extracting archive
- Installing symfony/polyfill-php80 (v1.33.0): Extracting archive
- Installing symfony/polyfill-intl-normalizer (v1.33.0): Extracting archive
- Installing symfony/polyfill-intl-grapheme (v1.33.0): Extracting archive
- Installing symfony/polyfill-ctype (v1.33.0): Extracting archive
- Installing symfony/string (v8.0.4): Extracting archive
- Installing symfony/deprecation-contracts (v3.6.0): Extracting archive
- Installing psr/container (2.0.2): Extracting archive
- Installing symfony/service-contracts (v3.6.1): Extracting archive
- Installing symfony/console (v7.4.4): Extracting archive
- Installing sabre/event (5.1.7): Extracting archive
- Installing netresearch/jsonmapper (v4.5.0): Extracting archive
- Installing microsoft/tolerant-php-parser (v0.1.2): Extracting archive
- Installing webmozart/assert (2.1.5): Extracting archive
- Installing phpstan/phpdoc-parser (2.3.2): Extracting archive
- Installing phpdocumentor/reflection-common (2.2.0): Extracting archive
- Installing doctrine/deprecations (1.1.6): Extracting archive
- Installing phpdocumentor/type-resolver (1.12.0): Extracting archive
- Installing phpdocumentor/reflection-docblock (5.6.6): Extracting archive
- Installing felixfbecker/advanced-json-rpc (v3.2.1): Extracting archive
- Installing psr/log (3.0.2): Extracting archive
- Installing composer/xdebug-handler (3.0.5): Extracting archive
- Installing phan/phan (5.5.2): Extracting archive
- Installing mediawiki/phan-taint-check-plugin (8.0.0): Extracting archive
- Installing mediawiki/mediawiki-phan-config (0.18.0): Extracting archive
- Installing mediawiki/minus-x (2.0.1): Extracting archive
- Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
- Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
- Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive
0/36 [>---------------------------] 0%
28/36 [=====================>------] 77%
36/36 [============================] 100%
1 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
17 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils
--- end ---
Upgrading c:mediawiki/mediawiki-codesniffer from 49.0.0 -> 50.0.0
Upgrading c:mediawiki/mediawiki-phan-config from 0.18.0 -> 0.19.0
$ /usr/bin/composer update
--- stderr ---
Loading composer repositories with package information
Updating dependencies
Lock file operations: 2 installs, 5 updates, 3 removals
- Removing microsoft/tolerant-php-parser (v0.1.2)
- Removing symfony/polyfill-php80 (v1.33.0)
- Removing tysonandre/var_representation_polyfill (0.1.3)
- Upgrading mediawiki/mediawiki-codesniffer (v49.0.0 => v50.0.0)
- Upgrading mediawiki/mediawiki-phan-config (0.18.0 => 0.19.0)
- Upgrading mediawiki/phan-taint-check-plugin (8.0.0 => 9.0.0)
- Upgrading phan/phan (5.5.2 => 6.0.1)
- Locking phan/tolerant-php-parser (v0.2.0)
- Locking phan/var_representation_polyfill (0.1.4)
- Upgrading symfony/console (v7.4.4 => v8.0.4)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 2 installs, 5 updates, 3 removals
0 [>---------------------------] 0 [->--------------------------]
- Removing tysonandre/var_representation_polyfill (0.1.3)
- Removing symfony/polyfill-php80 (v1.33.0)
- Removing microsoft/tolerant-php-parser (v0.1.2)
- Upgrading mediawiki/mediawiki-codesniffer (v49.0.0 => v50.0.0): Extracting archive
- Upgrading symfony/console (v7.4.4 => v8.0.4): Extracting archive
- Installing phan/var_representation_polyfill (0.1.4): Extracting archive
- Installing phan/tolerant-php-parser (v0.2.0): Extracting archive
- Upgrading phan/phan (5.5.2 => 6.0.1): Extracting archive
- Upgrading mediawiki/phan-taint-check-plugin (8.0.0 => 9.0.0): Extracting archive
- Upgrading mediawiki/mediawiki-phan-config (0.18.0 => 0.19.0): Extracting archive
0/7 [>---------------------------] 0%
6/7 [========================>---] 85%
7/7 [============================] 100%
Generating autoload files
16 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
No security vulnerability advisories found.
--- stdout ---
--- end ---
$ vendor/bin/phpcs --report=json
--- stdout ---
{"totals":{"errors":0,"warnings":0,"fixable":0},"files":{"\/src\/repo\/tests\/phpunit\/SearchableNamespaceListBuilderTest.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/.phan\/config.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/includes\/MimeTypeConfigurator.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/includes\/TooltipGenerator.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/tests\/phpunit\/MimeTypeConfiguratorTest.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/includes\/SearchnamespaceTokenModule.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/includes\/SearchableNamespaceListBuilder.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/tests\/phpunit\/SearchnamespaceTokenModuleTest.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/tests\/phpunit\/TooltipGeneratorTest.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/includes\/Hooks.php":{"errors":0,"warnings":0,"messages":[]},"\/src\/repo\/tests\/phpunit\/HooksTest.php":{"errors":0,"warnings":0,"messages":[]}}}
--- end ---
$ /usr/bin/composer install
--- stderr ---
Installing dependencies from lock file (including require-dev)
Verifying lock file contents can be installed on current platform.
Nothing to install, update or remove
Generating autoload files
16 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
--- end ---
$ /usr/bin/composer test
--- stderr ---
> parallel-lint . --exclude vendor --exclude node_modules
> minus-x check .
> phpcs -sp --cache
--- stdout ---
PHP 8.4.18 | 10 parallel jobs
........... 11/11 (100%)
Checked 11 files in 0.1 seconds
No syntax error found
MinusX
======
Processing /src/repo...
.............................................................
.............................................................
.............................................................
.............................................................
.............................................................
..
All good!
........... 11 / 11 (100%)
Time: 273ms; Memory: 8MB
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@eslint/eslintrc": {
"name": "@eslint/eslintrc",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint"
],
"range": "0.0.1 || >=0.1.1",
"nodes": [
"node_modules/@eslint/eslintrc"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@humanwhocodes/config-array": {
"name": "@humanwhocodes/config-array",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint"
],
"range": "*",
"nodes": [
"node_modules/@humanwhocodes/config-array"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/eslint-plugin": {
"name": "@typescript-eslint/eslint-plugin",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/type-utils",
"@typescript-eslint/utils",
"eslint"
],
"effects": [
"eslint-config-wikimedia"
],
"range": "<=8.55.1-alpha.3",
"nodes": [
"node_modules/@typescript-eslint/eslint-plugin"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/parser": {
"name": "@typescript-eslint/parser",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"eslint"
],
"effects": [],
"range": "1.1.1-alpha.0 - 8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/parser"
],
"fixAvailable": true
},
"@typescript-eslint/type-utils": {
"name": "@typescript-eslint/type-utils",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"@typescript-eslint/utils",
"eslint"
],
"effects": [
"@typescript-eslint/eslint-plugin"
],
"range": "5.9.2-alpha.0 - 8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/type-utils"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/typescript-estree": {
"name": "@typescript-eslint/typescript-estree",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils"
],
"range": "6.16.0 - 8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/utils": {
"name": "@typescript-eslint/utils",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"eslint"
],
"effects": [
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/type-utils"
],
"range": "<=8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/utils"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/config",
"inquirer",
"recursive-readdir",
"webdriverio",
"yarn-install"
],
"effects": [
"@wdio/junit-reporter",
"@wdio/local-runner",
"@wdio/spec-reporter"
],
"range": "*",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/config": {
"name": "@wdio/config",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"@wdio/cli",
"@wdio/runner",
"devtools",
"webdriver",
"webdriverio"
],
"range": "*",
"nodes": [
"node_modules/@wdio/config"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/junit-reporter": {
"name": "@wdio/junit-reporter",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli"
],
"effects": [],
"range": "7.0.1 - 8.0.0-alpha.631",
"nodes": [
"node_modules/@wdio/junit-reporter"
],
"fixAvailable": {
"name": "@wdio/junit-reporter",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli",
"@wdio/runner"
],
"effects": [],
"range": "6.3.0 - 9.8.0",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/mocha-framework": {
"name": "@wdio/mocha-framework",
"severity": "high",
"isDirect": true,
"via": [
"mocha"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@wdio/mocha-framework"
],
"fixAvailable": false
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"gaze",
"webdriver",
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": "*",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/spec-reporter": {
"name": "@wdio/spec-reporter",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli"
],
"effects": [],
"range": "7.0.1 - 8.0.0-alpha.631",
"nodes": [
"node_modules/@wdio/spec-reporter"
],
"fixAvailable": {
"name": "@wdio/spec-reporter",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"archiver": {
"name": "archiver",
"severity": "high",
"isDirect": false,
"via": [
"archiver-utils",
"readdir-glob",
"zip-stream"
],
"effects": [
"webdriverio"
],
"range": ">=0.20.0",
"nodes": [
"node_modules/archiver"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"archiver-utils": {
"name": "archiver-utils",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"archiver",
"zip-stream"
],
"range": ">=0.2.0",
"nodes": [
"node_modules/archiver-utils",
"node_modules/zip-stream/node_modules/archiver-utils"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"cross-spawn": {
"name": "cross-spawn",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1104663,
"name": "cross-spawn",
"dependency": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.0.6"
}
],
"effects": [
"yarn-install"
],
"range": "<6.0.6",
"nodes": [
"node_modules/cross-spawn"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"devtools": {
"name": "devtools",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"puppeteer-core"
],
"effects": [],
"range": ">=5.13.0-alpha.0",
"nodes": [
"node_modules/devtools"
],
"fixAvailable": true
},
"doiuse": {
"name": "doiuse",
"severity": "high",
"isDirect": false,
"via": [
"multimatch"
],
"effects": [
"stylelint-no-unsupported-browser-features"
],
"range": ">=2.2.0",
"nodes": [
"node_modules/doiuse"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"eslint": {
"name": "eslint",
"severity": "high",
"isDirect": false,
"via": [
"@eslint/eslintrc",
"@humanwhocodes/config-array",
"file-entry-cache",
"minimatch"
],
"effects": [
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils",
"eslint-config-wikimedia",
"eslint-plugin-jsdoc",
"eslint-plugin-vue",
"grunt-eslint"
],
"range": "0.7.1 - 2.0.0-rc.1 || 4.1.0 - 10.0.0-rc.2",
"nodes": [
"node_modules/eslint"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"eslint-config-wikimedia": {
"name": "eslint-config-wikimedia",
"severity": "high",
"isDirect": true,
"via": [
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/parser",
"eslint",
"eslint-plugin-jsdoc",
"eslint-plugin-vue"
],
"effects": [],
"range": ">=0.9.0",
"nodes": [
"node_modules/eslint-config-wikimedia"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"eslint-plugin-jsdoc": {
"name": "eslint-plugin-jsdoc",
"severity": "high",
"isDirect": false,
"via": [
"eslint"
],
"effects": [
"eslint-config-wikimedia"
],
"range": "8.4.4 - 62.6.1",
"nodes": [
"node_modules/eslint-plugin-jsdoc"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"eslint-plugin-vue": {
"name": "eslint-plugin-vue",
"severity": "high",
"isDirect": false,
"via": [
"eslint"
],
"effects": [
"eslint-config-wikimedia"
],
"range": "5.0.0-beta.0 - 10.7.0",
"nodes": [
"node_modules/eslint-plugin-vue"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"external-editor": {
"name": "external-editor",
"severity": "low",
"isDirect": false,
"via": [
"tmp"
],
"effects": [
"inquirer"
],
"range": ">=1.1.1",
"nodes": [
"node_modules/external-editor"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"file-entry-cache": {
"name": "file-entry-cache",
"severity": "high",
"isDirect": false,
"via": [
"flat-cache"
],
"effects": [
"eslint"
],
"range": "4.0.0 - 7.0.2",
"nodes": [
"node_modules/file-entry-cache"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"filelist": {
"name": "filelist",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [],
"range": "0.0.2 - 1.0.4",
"nodes": [
"node_modules/filelist"
],
"fixAvailable": true
},
"flat-cache": {
"name": "flat-cache",
"severity": "high",
"isDirect": false,
"via": [
"rimraf"
],
"effects": [
"file-entry-cache"
],
"range": "1.3.4 - 4.0.0",
"nodes": [
"node_modules/flat-cache"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"form-data": {
"name": "form-data",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1109540,
"name": "form-data",
"dependency": "form-data",
"title": "form-data uses unsafe random function in form-data for choosing boundary",
"url": "https://github.com/advisories/GHSA-fjxv-7rqg-78g4",
"severity": "critical",
"cwe": [
"CWE-330"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<2.5.4"
}
],
"effects": [
"request"
],
"range": "<2.5.4",
"nodes": [
"node_modules/form-data"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"gaze": {
"name": "gaze",
"severity": "high",
"isDirect": false,
"via": [
"globule"
],
"effects": [
"@wdio/runner"
],
"range": ">=0.4.0",
"nodes": [
"node_modules/gaze"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"glob": {
"name": "glob",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@wdio/config",
"archiver-utils",
"mocha",
"rimraf"
],
"range": "3.0.0 - 10.5.0",
"nodes": [
"node_modules/@wdio/config/node_modules/glob",
"node_modules/glob",
"node_modules/mocha/node_modules/glob",
"node_modules/zip-stream/node_modules/glob"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"globule": {
"name": "globule",
"severity": "high",
"isDirect": false,
"via": [
"glob",
"minimatch"
],
"effects": [
"gaze"
],
"range": "*",
"nodes": [
"node_modules/globule"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"grunt": {
"name": "grunt",
"severity": "high",
"isDirect": true,
"via": [
"glob",
"minimatch"
],
"effects": [
"grunt-eslint"
],
"range": ">=0.4.0-a",
"nodes": [
"node_modules/grunt"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"grunt-eslint": {
"name": "grunt-eslint",
"severity": "high",
"isDirect": true,
"via": [
"eslint",
"grunt"
],
"effects": [],
"range": "<=17.3.2 || >=18.1.0",
"nodes": [
"node_modules/grunt-eslint"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "20.2.0",
"isSemVerMajor": true
}
},
"inquirer": {
"name": "inquirer",
"severity": "low",
"isDirect": false,
"via": [
"external-editor"
],
"effects": [
"@wdio/cli"
],
"range": "3.0.0 - 8.2.6 || 9.0.0 - 9.3.7",
"nodes": [
"node_modules/inquirer"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113371,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<10.2.1"
}
],
"effects": [
"@eslint/eslintrc",
"@humanwhocodes/config-array",
"@typescript-eslint/typescript-estree",
"eslint",
"filelist",
"glob",
"globule",
"grunt",
"mocha",
"multimatch",
"readdir-glob",
"recursive-readdir",
"webdriverio"
],
"range": "<10.2.1",
"nodes": [
"node_modules/@eslint/eslintrc/node_modules/minimatch",
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch",
"node_modules/@wdio/config/node_modules/minimatch",
"node_modules/eslint/node_modules/minimatch",
"node_modules/filelist/node_modules/minimatch",
"node_modules/minimatch",
"node_modules/mocha/node_modules/minimatch",
"node_modules/readdir-glob/node_modules/minimatch",
"node_modules/recursive-readdir/node_modules/minimatch",
"node_modules/webdriverio/node_modules/minimatch",
"node_modules/zip-stream/node_modules/minimatch"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"mocha": {
"name": "mocha",
"severity": "high",
"isDirect": false,
"via": [
"glob",
"minimatch"
],
"effects": [
"@wdio/mocha-framework"
],
"range": ">=1.10.0",
"nodes": [
"node_modules/mocha"
],
"fixAvailable": false
},
"multimatch": {
"name": "multimatch",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"doiuse"
],
"range": "<=7.0.0",
"nodes": [
"node_modules/multimatch"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"puppeteer-core": {
"name": "puppeteer-core",
"severity": "high",
"isDirect": false,
"via": [
"rimraf",
"tar-fs",
"ws"
],
"effects": [
"devtools",
"webdriverio"
],
"range": "<=22.11.1",
"nodes": [
"node_modules/devtools/node_modules/puppeteer-core",
"node_modules/puppeteer-core"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"qs": {
"name": "qs",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113132,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "high",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.14.1"
}
],
"effects": [
"request"
],
"range": "<6.14.1",
"nodes": [
"node_modules/qs"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"readdir-glob": {
"name": "readdir-glob",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"archiver"
],
"range": "<=2.0.1 || 2.0.3",
"nodes": [
"node_modules/readdir-glob"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"recursive-readdir": {
"name": "recursive-readdir",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@wdio/cli"
],
"range": ">=1.2.0",
"nodes": [
"node_modules/recursive-readdir"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"form-data",
"qs",
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"rimraf": {
"name": "rimraf",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"flat-cache",
"puppeteer-core"
],
"range": "2.3.0 - 3.0.2 || 4.2.0 - 5.0.10",
"nodes": [
"node_modules/rimraf"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"stylelint-config-wikimedia": {
"name": "stylelint-config-wikimedia",
"severity": "high",
"isDirect": true,
"via": [
"stylelint-no-unsupported-browser-features"
],
"effects": [],
"range": ">=0.10.2",
"nodes": [
"node_modules/stylelint-config-wikimedia"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"stylelint-no-unsupported-browser-features": {
"name": "stylelint-no-unsupported-browser-features",
"severity": "high",
"isDirect": false,
"via": [
"doiuse"
],
"effects": [
"stylelint-config-wikimedia"
],
"range": "*",
"nodes": [
"node_modules/stylelint-no-unsupported-browser-features"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"tar-fs": {
"name": "tar-fs",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1109532,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball",
"url": "https://github.com/advisories/GHSA-vj76-c3g6-qr5v",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-61"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=2.0.0 <2.1.4"
},
{
"source": 1109543,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs can extract outside the specified dir with a specific tarball",
"url": "https://github.com/advisories/GHSA-8cj5-5rvv-wf4v",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=2.0.0 <2.1.3"
},
{
"source": 1109552,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs Vulnerable to Link Following and Path Traversal via Extracting a Crafted tar File",
"url": "https://github.com/advisories/GHSA-pq67-2wwv-3xjx",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
},
"range": ">=2.0.0 <2.1.2"
}
],
"effects": [
"puppeteer-core"
],
"range": "2.0.0 - 2.1.3",
"nodes": [
"node_modules/tar-fs"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"tmp": {
"name": "tmp",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1109537,
"name": "tmp",
"dependency": "tmp",
"title": "tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter",
"url": "https://github.com/advisories/GHSA-52f5-9888-hmc6",
"severity": "low",
"cwe": [
"CWE-59"
],
"cvss": {
"score": 2.5,
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<=0.2.3"
}
],
"effects": [
"external-editor"
],
"range": "<=0.2.3",
"nodes": [
"node_modules/tmp"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "<=5.1.0",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"webdriver": {
"name": "webdriver",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config"
],
"effects": [
"@wdio/runner"
],
"range": ">=5.0.0-alpha.2",
"nodes": [
"node_modules/webdriver"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"webdriverio": {
"name": "webdriverio",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"archiver",
"devtools",
"minimatch",
"puppeteer-core",
"webdriver"
],
"effects": [
"@wdio/cli",
"@wdio/runner"
],
"range": ">=5.0.0-alpha.2",
"nodes": [
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"ws": {
"name": "ws",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098392,
"name": "ws",
"dependency": "ws",
"title": "ws affected by a DoS when handling a request with many HTTP headers",
"url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q",
"severity": "high",
"cwe": [
"CWE-476"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=8.0.0 <8.17.1"
}
],
"effects": [
"puppeteer-core"
],
"range": "8.0.0 - 8.17.0",
"nodes": [
"node_modules/devtools/node_modules/ws",
"node_modules/ws"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"yarn-install": {
"name": "yarn-install",
"severity": "high",
"isDirect": false,
"via": [
"cross-spawn"
],
"effects": [
"@wdio/cli"
],
"range": "*",
"nodes": [
"node_modules/yarn-install"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"zip-stream": {
"name": "zip-stream",
"severity": "high",
"isDirect": false,
"via": [
"archiver-utils"
],
"effects": [],
"range": "0.8.0 - 6.0.1",
"nodes": [
"node_modules/zip-stream"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 3,
"moderate": 3,
"high": 47,
"critical": 2,
"total": 55
},
"dependencies": {
"prod": 1,
"dev": 831,
"optional": 2,
"peer": 1,
"peerOptional": 0,
"total": 831
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
"added": 833,
"removed": 0,
"changed": 0,
"audited": 834,
"funding": 130,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"@eslint/eslintrc": {
"name": "@eslint/eslintrc",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint"
],
"range": "0.0.1 || >=0.1.1",
"nodes": [
"node_modules/@eslint/eslintrc"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"@humanwhocodes/config-array": {
"name": "@humanwhocodes/config-array",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"eslint"
],
"range": "*",
"nodes": [
"node_modules/@humanwhocodes/config-array"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"@stylistic/eslint-plugin": {
"name": "@stylistic/eslint-plugin",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/utils"
],
"effects": [],
"range": "2.7.0-beta.0 - 5.0.0-beta.6 || >=6.0.0-beta.1",
"nodes": [
"node_modules/@stylistic/eslint-plugin"
],
"fixAvailable": true
},
"@typescript-eslint/eslint-plugin": {
"name": "@typescript-eslint/eslint-plugin",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils",
"eslint"
],
"effects": [],
"range": "<=8.56.1",
"nodes": [
"node_modules/@typescript-eslint/eslint-plugin"
],
"fixAvailable": true
},
"@typescript-eslint/parser": {
"name": "@typescript-eslint/parser",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"eslint"
],
"effects": [
"@typescript-eslint/eslint-plugin",
"eslint-config-wikimedia"
],
"range": "1.1.1-alpha.0 - 8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/parser"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/type-utils": {
"name": "@typescript-eslint/type-utils",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"@typescript-eslint/utils",
"eslint"
],
"effects": [
"@typescript-eslint/eslint-plugin"
],
"range": "5.62.1-alpha.0 - 8.56.1",
"nodes": [
"node_modules/@typescript-eslint/type-utils"
],
"fixAvailable": true
},
"@typescript-eslint/typescript-estree": {
"name": "@typescript-eslint/typescript-estree",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils"
],
"range": "6.16.0 - 8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"@typescript-eslint/utils": {
"name": "@typescript-eslint/utils",
"severity": "high",
"isDirect": false,
"via": [
"@typescript-eslint/typescript-estree",
"eslint"
],
"effects": [
"@stylistic/eslint-plugin",
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/type-utils"
],
"range": "<=8.56.1-alpha.2",
"nodes": [
"node_modules/@typescript-eslint/utils"
],
"fixAvailable": true
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/config",
"inquirer",
"recursive-readdir",
"webdriverio",
"yarn-install"
],
"effects": [
"@wdio/junit-reporter",
"@wdio/local-runner",
"@wdio/spec-reporter"
],
"range": "*",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/config": {
"name": "@wdio/config",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"@wdio/cli",
"@wdio/runner",
"devtools",
"webdriver",
"webdriverio"
],
"range": "*",
"nodes": [
"node_modules/@wdio/config"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/junit-reporter": {
"name": "@wdio/junit-reporter",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli"
],
"effects": [],
"range": "7.0.1 - 8.0.0-alpha.631",
"nodes": [
"node_modules/@wdio/junit-reporter"
],
"fixAvailable": {
"name": "@wdio/junit-reporter",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli",
"@wdio/runner"
],
"effects": [],
"range": "6.3.0 - 9.8.0",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/mocha-framework": {
"name": "@wdio/mocha-framework",
"severity": "high",
"isDirect": true,
"via": [
"mocha"
],
"effects": [],
"range": "*",
"nodes": [
"node_modules/@wdio/mocha-framework"
],
"fixAvailable": false
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"gaze",
"webdriver",
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": "*",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"@wdio/spec-reporter": {
"name": "@wdio/spec-reporter",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/cli"
],
"effects": [],
"range": "7.0.1 - 8.0.0-alpha.631",
"nodes": [
"node_modules/@wdio/spec-reporter"
],
"fixAvailable": {
"name": "@wdio/spec-reporter",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"archiver": {
"name": "archiver",
"severity": "high",
"isDirect": false,
"via": [
"archiver-utils",
"readdir-glob",
"zip-stream"
],
"effects": [
"webdriverio"
],
"range": ">=0.20.0",
"nodes": [
"node_modules/archiver"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"archiver-utils": {
"name": "archiver-utils",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"archiver",
"zip-stream"
],
"range": ">=0.2.0",
"nodes": [
"node_modules/archiver-utils",
"node_modules/zip-stream/node_modules/archiver-utils"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"cross-spawn": {
"name": "cross-spawn",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1104663,
"name": "cross-spawn",
"dependency": "cross-spawn",
"title": "Regular Expression Denial of Service (ReDoS) in cross-spawn",
"url": "https://github.com/advisories/GHSA-3xgq-45jj-v275",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.0.6"
}
],
"effects": [
"yarn-install"
],
"range": "<6.0.6",
"nodes": [
"node_modules/cross-spawn"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"devtools": {
"name": "devtools",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"puppeteer-core"
],
"effects": [],
"range": ">=5.13.0-alpha.0",
"nodes": [
"node_modules/devtools"
],
"fixAvailable": true
},
"doiuse": {
"name": "doiuse",
"severity": "high",
"isDirect": false,
"via": [
"multimatch"
],
"effects": [
"stylelint-no-unsupported-browser-features"
],
"range": ">=2.2.0",
"nodes": [
"node_modules/doiuse"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"eslint": {
"name": "eslint",
"severity": "high",
"isDirect": false,
"via": [
"@eslint/eslintrc",
"@humanwhocodes/config-array",
"file-entry-cache",
"minimatch"
],
"effects": [
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/parser",
"@typescript-eslint/type-utils",
"@typescript-eslint/utils",
"eslint-config-wikimedia",
"eslint-plugin-jsdoc",
"eslint-plugin-vue",
"grunt-eslint"
],
"range": "0.7.1 - 2.0.0-rc.1 || 4.1.0 - 10.0.0-rc.2",
"nodes": [
"node_modules/eslint"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"eslint-config-wikimedia": {
"name": "eslint-config-wikimedia",
"severity": "high",
"isDirect": true,
"via": [
"@stylistic/eslint-plugin",
"@typescript-eslint/eslint-plugin",
"@typescript-eslint/parser",
"eslint",
"eslint-plugin-jsdoc",
"eslint-plugin-vue"
],
"effects": [],
"range": ">=0.9.0",
"nodes": [
"node_modules/eslint-config-wikimedia"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"eslint-plugin-jsdoc": {
"name": "eslint-plugin-jsdoc",
"severity": "high",
"isDirect": false,
"via": [
"eslint"
],
"effects": [
"eslint-config-wikimedia"
],
"range": "8.4.4 - 62.6.1",
"nodes": [
"node_modules/eslint-plugin-jsdoc"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"eslint-plugin-vue": {
"name": "eslint-plugin-vue",
"severity": "high",
"isDirect": false,
"via": [
"eslint"
],
"effects": [
"eslint-config-wikimedia"
],
"range": "5.0.0-beta.0 - 10.7.0",
"nodes": [
"node_modules/eslint-plugin-vue"
],
"fixAvailable": {
"name": "eslint-config-wikimedia",
"version": "0.8.1",
"isSemVerMajor": true
}
},
"external-editor": {
"name": "external-editor",
"severity": "low",
"isDirect": false,
"via": [
"tmp"
],
"effects": [
"inquirer"
],
"range": ">=1.1.1",
"nodes": [
"node_modules/external-editor"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"file-entry-cache": {
"name": "file-entry-cache",
"severity": "high",
"isDirect": false,
"via": [
"flat-cache"
],
"effects": [
"eslint"
],
"range": "4.0.0 - 7.0.2",
"nodes": [
"node_modules/file-entry-cache"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"filelist": {
"name": "filelist",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [],
"range": "0.0.2 - 1.0.4",
"nodes": [
""
],
"fixAvailable": true
},
"flat-cache": {
"name": "flat-cache",
"severity": "high",
"isDirect": false,
"via": [
"rimraf"
],
"effects": [
"file-entry-cache"
],
"range": "1.3.4 - 4.0.0",
"nodes": [
"node_modules/flat-cache"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"form-data": {
"name": "form-data",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1109540,
"name": "form-data",
"dependency": "form-data",
"title": "form-data uses unsafe random function in form-data for choosing boundary",
"url": "https://github.com/advisories/GHSA-fjxv-7rqg-78g4",
"severity": "critical",
"cwe": [
"CWE-330"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<2.5.4"
}
],
"effects": [
"request"
],
"range": "<2.5.4",
"nodes": [
"node_modules/form-data"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"gaze": {
"name": "gaze",
"severity": "high",
"isDirect": false,
"via": [
"globule"
],
"effects": [
"@wdio/runner"
],
"range": ">=0.4.0",
"nodes": [
"node_modules/gaze"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"glob": {
"name": "glob",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@wdio/config",
"archiver-utils",
"mocha",
"rimraf"
],
"range": "3.0.0 - 10.5.0",
"nodes": [
"node_modules/@wdio/config/node_modules/glob",
"node_modules/glob",
"node_modules/mocha/node_modules/glob",
"node_modules/zip-stream/node_modules/glob"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"globule": {
"name": "globule",
"severity": "high",
"isDirect": false,
"via": [
"glob",
"minimatch"
],
"effects": [
"gaze"
],
"range": "*",
"nodes": [
"node_modules/globule"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"grunt": {
"name": "grunt",
"severity": "high",
"isDirect": true,
"via": [
"glob",
"minimatch"
],
"effects": [
"grunt-eslint"
],
"range": ">=0.4.0-a",
"nodes": [
"node_modules/grunt"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"grunt-eslint": {
"name": "grunt-eslint",
"severity": "high",
"isDirect": true,
"via": [
"eslint",
"grunt"
],
"effects": [],
"range": "<=17.3.2 || >=18.1.0",
"nodes": [
"node_modules/grunt-eslint"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"inquirer": {
"name": "inquirer",
"severity": "low",
"isDirect": false,
"via": [
"external-editor"
],
"effects": [
"@wdio/cli"
],
"range": "3.0.0 - 8.2.6 || 9.0.0 - 9.3.7",
"nodes": [
"node_modules/inquirer"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113371,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<10.2.1"
}
],
"effects": [
"@eslint/eslintrc",
"@humanwhocodes/config-array",
"@typescript-eslint/typescript-estree",
"eslint",
"filelist",
"glob",
"globule",
"grunt",
"mocha",
"multimatch",
"readdir-glob",
"recursive-readdir",
"webdriverio"
],
"range": "<10.2.1",
"nodes": [
"",
"",
"",
"",
"",
"",
"",
"",
"",
"node_modules/minimatch",
"node_modules/mocha/node_modules/minimatch",
"node_modules/recursive-readdir/node_modules/minimatch"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"mocha": {
"name": "mocha",
"severity": "high",
"isDirect": false,
"via": [
"glob",
"minimatch"
],
"effects": [
"@wdio/mocha-framework"
],
"range": ">=1.10.0",
"nodes": [
"node_modules/mocha"
],
"fixAvailable": false
},
"multimatch": {
"name": "multimatch",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"doiuse"
],
"range": "<=7.0.0",
"nodes": [
"node_modules/multimatch"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"puppeteer-core": {
"name": "puppeteer-core",
"severity": "high",
"isDirect": false,
"via": [
"rimraf",
"tar-fs",
"ws"
],
"effects": [
"devtools",
"webdriverio"
],
"range": "<=22.11.1",
"nodes": [
"node_modules/devtools/node_modules/puppeteer-core",
"node_modules/puppeteer-core"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"qs": {
"name": "qs",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113132,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "high",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.14.1"
}
],
"effects": [
"request"
],
"range": "<6.14.1",
"nodes": [
"node_modules/qs"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"readdir-glob": {
"name": "readdir-glob",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"archiver"
],
"range": "<=2.0.1 || 2.0.3",
"nodes": [
"node_modules/readdir-glob"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"recursive-readdir": {
"name": "recursive-readdir",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"@wdio/cli"
],
"range": ">=1.2.0",
"nodes": [
"node_modules/recursive-readdir"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"form-data",
"qs",
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"rimraf": {
"name": "rimraf",
"severity": "high",
"isDirect": false,
"via": [
"glob"
],
"effects": [
"flat-cache",
"puppeteer-core"
],
"range": "2.3.0 - 3.0.2 || 4.2.0 - 5.0.10",
"nodes": [
"node_modules/rimraf"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"stylelint-config-wikimedia": {
"name": "stylelint-config-wikimedia",
"severity": "high",
"isDirect": true,
"via": [
"stylelint-no-unsupported-browser-features"
],
"effects": [],
"range": ">=0.10.2",
"nodes": [
"node_modules/stylelint-config-wikimedia"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"stylelint-no-unsupported-browser-features": {
"name": "stylelint-no-unsupported-browser-features",
"severity": "high",
"isDirect": false,
"via": [
"doiuse"
],
"effects": [
"stylelint-config-wikimedia"
],
"range": "*",
"nodes": [
"node_modules/stylelint-no-unsupported-browser-features"
],
"fixAvailable": {
"name": "stylelint-config-wikimedia",
"version": "0.10.1",
"isSemVerMajor": true
}
},
"tar-fs": {
"name": "tar-fs",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1109532,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball",
"url": "https://github.com/advisories/GHSA-vj76-c3g6-qr5v",
"severity": "high",
"cwe": [
"CWE-22",
"CWE-61"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=2.0.0 <2.1.4"
},
{
"source": 1109543,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs can extract outside the specified dir with a specific tarball",
"url": "https://github.com/advisories/GHSA-8cj5-5rvv-wf4v",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": ">=2.0.0 <2.1.3"
},
{
"source": 1109552,
"name": "tar-fs",
"dependency": "tar-fs",
"title": "tar-fs Vulnerable to Link Following and Path Traversal via Extracting a Crafted tar File",
"url": "https://github.com/advisories/GHSA-pq67-2wwv-3xjx",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
},
"range": ">=2.0.0 <2.1.2"
}
],
"effects": [
"puppeteer-core"
],
"range": "2.0.0 - 2.1.3",
"nodes": [
"node_modules/tar-fs"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"tmp": {
"name": "tmp",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1109537,
"name": "tmp",
"dependency": "tmp",
"title": "tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter",
"url": "https://github.com/advisories/GHSA-52f5-9888-hmc6",
"severity": "low",
"cwe": [
"CWE-59"
],
"cvss": {
"score": 2.5,
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"
},
"range": "<=0.2.3"
}
],
"effects": [
"external-editor"
],
"range": "<=0.2.3",
"nodes": [
"node_modules/tmp"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "<=5.1.0",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.3.2",
"isSemVerMajor": true
}
},
"webdriver": {
"name": "webdriver",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config"
],
"effects": [
"@wdio/runner"
],
"range": ">=5.0.0-alpha.2",
"nodes": [
"node_modules/webdriver"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"webdriverio": {
"name": "webdriverio",
"severity": "high",
"isDirect": false,
"via": [
"@wdio/config",
"archiver",
"devtools",
"minimatch",
"puppeteer-core",
"webdriver"
],
"effects": [
"@wdio/cli",
"@wdio/runner"
],
"range": ">=5.0.0-alpha.2",
"nodes": [
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"ws": {
"name": "ws",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1098392,
"name": "ws",
"dependency": "ws",
"title": "ws affected by a DoS when handling a request with many HTTP headers",
"url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q",
"severity": "high",
"cwe": [
"CWE-476"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=8.0.0 <8.17.1"
}
],
"effects": [
"puppeteer-core"
],
"range": "8.0.0 - 8.17.0",
"nodes": [
"node_modules/devtools/node_modules/ws",
"node_modules/ws"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"yarn-install": {
"name": "yarn-install",
"severity": "high",
"isDirect": false,
"via": [
"cross-spawn"
],
"effects": [
"@wdio/cli"
],
"range": "*",
"nodes": [
"node_modules/yarn-install"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "9.24.0",
"isSemVerMajor": true
}
},
"zip-stream": {
"name": "zip-stream",
"severity": "high",
"isDirect": false,
"via": [
"archiver-utils"
],
"effects": [],
"range": "0.8.0 - 6.0.1",
"nodes": [
"node_modules/zip-stream"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 3,
"moderate": 3,
"high": 48,
"critical": 2,
"total": 56
},
"dependencies": {
"prod": 1,
"dev": 833,
"optional": 2,
"peer": 1,
"peerOptional": 0,
"total": 833
}
}
}
}
--- end ---
{"added": 833, "removed": 0, "changed": 0, "audited": 834, "funding": 130, "audit": {"auditReportVersion": 2, "vulnerabilities": {"@eslint/eslintrc": {"name": "@eslint/eslintrc", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": ["eslint"], "range": "0.0.1 || >=0.1.1", "nodes": ["node_modules/@eslint/eslintrc"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "@humanwhocodes/config-array": {"name": "@humanwhocodes/config-array", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": ["eslint"], "range": "*", "nodes": ["node_modules/@humanwhocodes/config-array"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "@stylistic/eslint-plugin": {"name": "@stylistic/eslint-plugin", "severity": "high", "isDirect": false, "via": ["@typescript-eslint/utils"], "effects": [], "range": "2.7.0-beta.0 - 5.0.0-beta.6 || >=6.0.0-beta.1", "nodes": ["node_modules/@stylistic/eslint-plugin"], "fixAvailable": true}, "@typescript-eslint/eslint-plugin": {"name": "@typescript-eslint/eslint-plugin", "severity": "high", "isDirect": false, "via": ["@typescript-eslint/parser", "@typescript-eslint/type-utils", "@typescript-eslint/utils", "eslint"], "effects": [], "range": "<=8.56.1", "nodes": ["node_modules/@typescript-eslint/eslint-plugin"], "fixAvailable": true}, "@typescript-eslint/parser": {"name": "@typescript-eslint/parser", "severity": "high", "isDirect": false, "via": ["@typescript-eslint/typescript-estree", "eslint"], "effects": ["@typescript-eslint/eslint-plugin", "eslint-config-wikimedia"], "range": "1.1.1-alpha.0 - 8.56.1-alpha.2", "nodes": ["node_modules/@typescript-eslint/parser"], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.8.1", "isSemVerMajor": true}}, "@typescript-eslint/type-utils": {"name": "@typescript-eslint/type-utils", "severity": "high", "isDirect": false, "via": ["@typescript-eslint/typescript-estree", "@typescript-eslint/utils", "eslint"], "effects": ["@typescript-eslint/eslint-plugin"], "range": "5.62.1-alpha.0 - 8.56.1", "nodes": ["node_modules/@typescript-eslint/type-utils"], "fixAvailable": true}, "@typescript-eslint/typescript-estree": {"name": "@typescript-eslint/typescript-estree", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": ["@typescript-eslint/parser", "@typescript-eslint/type-utils", "@typescript-eslint/utils"], "range": "6.16.0 - 8.56.1-alpha.2", "nodes": ["node_modules/@typescript-eslint/typescript-estree"], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.8.1", "isSemVerMajor": true}}, "@typescript-eslint/utils": {"name": "@typescript-eslint/utils", "severity": "high", "isDirect": false, "via": ["@typescript-eslint/typescript-estree", "eslint"], "effects": ["@stylistic/eslint-plugin", "@typescript-eslint/eslint-plugin", "@typescript-eslint/type-utils"], "range": "<=8.56.1-alpha.2", "nodes": ["node_modules/@typescript-eslint/utils"], "fixAvailable": true}, "@wdio/cli": {"name": "@wdio/cli", "severity": "high", "isDirect": true, "via": ["@wdio/config", "inquirer", "recursive-readdir", "webdriverio", "yarn-install"], "effects": ["@wdio/junit-reporter", "@wdio/local-runner", "@wdio/spec-reporter"], "range": "*", "nodes": ["node_modules/@wdio/cli"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "@wdio/config": {"name": "@wdio/config", "severity": "high", "isDirect": false, "via": ["glob"], "effects": ["@wdio/cli", "@wdio/runner", "devtools", "webdriver", "webdriverio"], "range": "*", "nodes": ["node_modules/@wdio/config"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "@wdio/junit-reporter": {"name": "@wdio/junit-reporter", "severity": "high", "isDirect": true, "via": ["@wdio/cli"], "effects": [], "range": "7.0.1 - 8.0.0-alpha.631", "nodes": ["node_modules/@wdio/junit-reporter"], "fixAvailable": {"name": "@wdio/junit-reporter", "version": "9.24.0", "isSemVerMajor": true}}, "@wdio/local-runner": {"name": "@wdio/local-runner", "severity": "high", "isDirect": true, "via": ["@wdio/cli", "@wdio/runner"], "effects": [], "range": "6.3.0 - 9.8.0", "nodes": ["node_modules/@wdio/local-runner"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.24.0", "isSemVerMajor": true}}, "@wdio/mocha-framework": {"name": "@wdio/mocha-framework", "severity": "high", "isDirect": true, "via": ["mocha"], "effects": [], "range": "*", "nodes": ["node_modules/@wdio/mocha-framework"], "fixAvailable": false}, "@wdio/runner": {"name": "@wdio/runner", "severity": "high", "isDirect": false, "via": ["@wdio/config", "gaze", "webdriver", "webdriverio"], "effects": ["@wdio/local-runner"], "range": "*", "nodes": ["node_modules/@wdio/runner"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.24.0", "isSemVerMajor": true}}, "@wdio/spec-reporter": {"name": "@wdio/spec-reporter", "severity": "high", "isDirect": true, "via": ["@wdio/cli"], "effects": [], "range": "7.0.1 - 8.0.0-alpha.631", "nodes": ["node_modules/@wdio/spec-reporter"], "fixAvailable": {"name": "@wdio/spec-reporter", "version": "9.24.0", "isSemVerMajor": true}}, "archiver": {"name": "archiver", "severity": "high", "isDirect": false, "via": ["archiver-utils", "readdir-glob", "zip-stream"], "effects": ["webdriverio"], "range": ">=0.20.0", "nodes": ["node_modules/archiver"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "archiver-utils": {"name": "archiver-utils", "severity": "high", "isDirect": false, "via": ["glob"], "effects": ["archiver", "zip-stream"], "range": ">=0.2.0", "nodes": ["node_modules/archiver-utils", "node_modules/zip-stream/node_modules/archiver-utils"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "cross-spawn": {"name": "cross-spawn", "severity": "high", "isDirect": false, "via": [{"source": 1104663, "name": "cross-spawn", "dependency": "cross-spawn", "title": "Regular Expression Denial of Service (ReDoS) in cross-spawn", "url": "https://github.com/advisories/GHSA-3xgq-45jj-v275", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<6.0.6"}], "effects": ["yarn-install"], "range": "<6.0.6", "nodes": ["node_modules/cross-spawn"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "devtools": {"name": "devtools", "severity": "high", "isDirect": false, "via": ["@wdio/config", "puppeteer-core"], "effects": [], "range": ">=5.13.0-alpha.0", "nodes": ["node_modules/devtools"], "fixAvailable": true}, "doiuse": {"name": "doiuse", "severity": "high", "isDirect": false, "via": ["multimatch"], "effects": ["stylelint-no-unsupported-browser-features"], "range": ">=2.2.0", "nodes": ["node_modules/doiuse"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.10.1", "isSemVerMajor": true}}, "eslint": {"name": "eslint", "severity": "high", "isDirect": false, "via": ["@eslint/eslintrc", "@humanwhocodes/config-array", "file-entry-cache", "minimatch"], "effects": ["@typescript-eslint/eslint-plugin", "@typescript-eslint/parser", "@typescript-eslint/type-utils", "@typescript-eslint/utils", "eslint-config-wikimedia", "eslint-plugin-jsdoc", "eslint-plugin-vue", "grunt-eslint"], "range": "0.7.1 - 2.0.0-rc.1 || 4.1.0 - 10.0.0-rc.2", "nodes": ["node_modules/eslint"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "eslint-config-wikimedia": {"name": "eslint-config-wikimedia", "severity": "high", "isDirect": true, "via": ["@stylistic/eslint-plugin", "@typescript-eslint/eslint-plugin", "@typescript-eslint/parser", "eslint", "eslint-plugin-jsdoc", "eslint-plugin-vue"], "effects": [], "range": ">=0.9.0", "nodes": ["node_modules/eslint-config-wikimedia"], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.8.1", "isSemVerMajor": true}}, "eslint-plugin-jsdoc": {"name": "eslint-plugin-jsdoc", "severity": "high", "isDirect": false, "via": ["eslint"], "effects": ["eslint-config-wikimedia"], "range": "8.4.4 - 62.6.1", "nodes": ["node_modules/eslint-plugin-jsdoc"], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.8.1", "isSemVerMajor": true}}, "eslint-plugin-vue": {"name": "eslint-plugin-vue", "severity": "high", "isDirect": false, "via": ["eslint"], "effects": ["eslint-config-wikimedia"], "range": "5.0.0-beta.0 - 10.7.0", "nodes": ["node_modules/eslint-plugin-vue"], "fixAvailable": {"name": "eslint-config-wikimedia", "version": "0.8.1", "isSemVerMajor": true}}, "external-editor": {"name": "external-editor", "severity": "low", "isDirect": false, "via": ["tmp"], "effects": ["inquirer"], "range": ">=1.1.1", "nodes": ["node_modules/external-editor"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "file-entry-cache": {"name": "file-entry-cache", "severity": "high", "isDirect": false, "via": ["flat-cache"], "effects": ["eslint"], "range": "4.0.0 - 7.0.2", "nodes": ["node_modules/file-entry-cache"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "filelist": {"name": "filelist", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": [], "range": "0.0.2 - 1.0.4", "nodes": [""], "fixAvailable": true}, "flat-cache": {"name": "flat-cache", "severity": "high", "isDirect": false, "via": ["rimraf"], "effects": ["file-entry-cache"], "range": "1.3.4 - 4.0.0", "nodes": ["node_modules/flat-cache"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "form-data": {"name": "form-data", "severity": "critical", "isDirect": false, "via": [{"source": 1109540, "name": "form-data", "dependency": "form-data", "title": "form-data uses unsafe random function in form-data for choosing boundary", "url": "https://github.com/advisories/GHSA-fjxv-7rqg-78g4", "severity": "critical", "cwe": ["CWE-330"], "cvss": {"score": 0, "vectorString": null}, "range": "<2.5.4"}], "effects": ["request"], "range": "<2.5.4", "nodes": ["node_modules/form-data"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.3.2", "isSemVerMajor": true}}, "gaze": {"name": "gaze", "severity": "high", "isDirect": false, "via": ["globule"], "effects": ["@wdio/runner"], "range": ">=0.4.0", "nodes": ["node_modules/gaze"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.24.0", "isSemVerMajor": true}}, "glob": {"name": "glob", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": ["@wdio/config", "archiver-utils", "mocha", "rimraf"], "range": "3.0.0 - 10.5.0", "nodes": ["node_modules/@wdio/config/node_modules/glob", "node_modules/glob", "node_modules/mocha/node_modules/glob", "node_modules/zip-stream/node_modules/glob"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "globule": {"name": "globule", "severity": "high", "isDirect": false, "via": ["glob", "minimatch"], "effects": ["gaze"], "range": "*", "nodes": ["node_modules/globule"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.24.0", "isSemVerMajor": true}}, "grunt": {"name": "grunt", "severity": "high", "isDirect": true, "via": ["glob", "minimatch"], "effects": ["grunt-eslint"], "range": ">=0.4.0-a", "nodes": ["node_modules/grunt"], "fixAvailable": {"name": "grunt", "version": "0.3.17", "isSemVerMajor": true}}, "grunt-eslint": {"name": "grunt-eslint", "severity": "high", "isDirect": true, "via": ["eslint", "grunt"], "effects": [], "range": "<=17.3.2 || >=18.1.0", "nodes": ["node_modules/grunt-eslint"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "inquirer": {"name": "inquirer", "severity": "low", "isDirect": false, "via": ["external-editor"], "effects": ["@wdio/cli"], "range": "3.0.0 - 8.2.6 || 9.0.0 - 9.3.7", "nodes": ["node_modules/inquirer"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "minimatch": {"name": "minimatch", "severity": "high", "isDirect": false, "via": [{"source": 1113371, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<10.2.1"}], "effects": ["@eslint/eslintrc", "@humanwhocodes/config-array", "@typescript-eslint/typescript-estree", "eslint", "filelist", "glob", "globule", "grunt", "mocha", "multimatch", "readdir-glob", "recursive-readdir", "webdriverio"], "range": "<10.2.1", "nodes": ["", "", "", "", "", "", "", "", "", "node_modules/minimatch", "node_modules/mocha/node_modules/minimatch", "node_modules/recursive-readdir/node_modules/minimatch"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "mocha": {"name": "mocha", "severity": "high", "isDirect": false, "via": ["glob", "minimatch"], "effects": ["@wdio/mocha-framework"], "range": ">=1.10.0", "nodes": ["node_modules/mocha"], "fixAvailable": false}, "multimatch": {"name": "multimatch", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": ["doiuse"], "range": "<=7.0.0", "nodes": ["node_modules/multimatch"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.10.1", "isSemVerMajor": true}}, "mwbot": {"name": "mwbot", "severity": "moderate", "isDirect": false, "via": ["request"], "effects": ["wdio-mediawiki"], "range": ">=0.1.6", "nodes": ["node_modules/mwbot"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.3.2", "isSemVerMajor": true}}, "puppeteer-core": {"name": "puppeteer-core", "severity": "high", "isDirect": false, "via": ["rimraf", "tar-fs", "ws"], "effects": ["devtools", "webdriverio"], "range": "<=22.11.1", "nodes": ["node_modules/devtools/node_modules/puppeteer-core", "node_modules/puppeteer-core"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "qs": {"name": "qs", "severity": "high", "isDirect": false, "via": [{"source": 1113132, "name": "qs", "dependency": "qs", "title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion", "url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p", "severity": "high", "cwe": ["CWE-20"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<6.14.1"}], "effects": ["request"], "range": "<6.14.1", "nodes": ["node_modules/qs"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.3.2", "isSemVerMajor": true}}, "readdir-glob": {"name": "readdir-glob", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": ["archiver"], "range": "<=2.0.1 || 2.0.3", "nodes": ["node_modules/readdir-glob"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "recursive-readdir": {"name": "recursive-readdir", "severity": "high", "isDirect": false, "via": ["minimatch"], "effects": ["@wdio/cli"], "range": ">=1.2.0", "nodes": ["node_modules/recursive-readdir"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "request": {"name": "request", "severity": "critical", "isDirect": false, "via": [{"source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": ["CWE-918"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<=2.88.2"}, "form-data", "qs", "tough-cookie"], "effects": ["mwbot"], "range": "*", "nodes": ["node_modules/request"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.3.2", "isSemVerMajor": true}}, "rimraf": {"name": "rimraf", "severity": "high", "isDirect": false, "via": ["glob"], "effects": ["flat-cache", "puppeteer-core"], "range": "2.3.0 - 3.0.2 || 4.2.0 - 5.0.10", "nodes": ["node_modules/rimraf"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "stylelint-config-wikimedia": {"name": "stylelint-config-wikimedia", "severity": "high", "isDirect": true, "via": ["stylelint-no-unsupported-browser-features"], "effects": [], "range": ">=0.10.2", "nodes": ["node_modules/stylelint-config-wikimedia"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.10.1", "isSemVerMajor": true}}, "stylelint-no-unsupported-browser-features": {"name": "stylelint-no-unsupported-browser-features", "severity": "high", "isDirect": false, "via": ["doiuse"], "effects": ["stylelint-config-wikimedia"], "range": "*", "nodes": ["node_modules/stylelint-no-unsupported-browser-features"], "fixAvailable": {"name": "stylelint-config-wikimedia", "version": "0.10.1", "isSemVerMajor": true}}, "tar-fs": {"name": "tar-fs", "severity": "high", "isDirect": false, "via": [{"source": 1109532, "name": "tar-fs", "dependency": "tar-fs", "title": "tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball", "url": "https://github.com/advisories/GHSA-vj76-c3g6-qr5v", "severity": "high", "cwe": ["CWE-22", "CWE-61"], "cvss": {"score": 0, "vectorString": null}, "range": ">=2.0.0 <2.1.4"}, {"source": 1109543, "name": "tar-fs", "dependency": "tar-fs", "title": "tar-fs can extract outside the specified dir with a specific tarball", "url": "https://github.com/advisories/GHSA-8cj5-5rvv-wf4v", "severity": "high", "cwe": ["CWE-22"], "cvss": {"score": 0, "vectorString": null}, "range": ">=2.0.0 <2.1.3"}, {"source": 1109552, "name": "tar-fs", "dependency": "tar-fs", "title": "tar-fs Vulnerable to Link Following and Path Traversal via Extracting a Crafted tar File", "url": "https://github.com/advisories/GHSA-pq67-2wwv-3xjx", "severity": "high", "cwe": ["CWE-22"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "range": ">=2.0.0 <2.1.2"}], "effects": ["puppeteer-core"], "range": "2.0.0 - 2.1.3", "nodes": ["node_modules/tar-fs"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "tmp": {"name": "tmp", "severity": "low", "isDirect": false, "via": [{"source": 1109537, "name": "tmp", "dependency": "tmp", "title": "tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter", "url": "https://github.com/advisories/GHSA-52f5-9888-hmc6", "severity": "low", "cwe": ["CWE-59"], "cvss": {"score": 2.5, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"}, "range": "<=0.2.3"}], "effects": ["external-editor"], "range": "<=0.2.3", "nodes": ["node_modules/tmp"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "tough-cookie": {"name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [{"source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": "<4.1.3"}], "effects": ["request"], "range": "<4.1.3", "nodes": ["node_modules/tough-cookie"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.3.2", "isSemVerMajor": true}}, "wdio-mediawiki": {"name": "wdio-mediawiki", "severity": "moderate", "isDirect": true, "via": ["mwbot"], "effects": [], "range": "<=5.1.0", "nodes": ["node_modules/wdio-mediawiki"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.3.2", "isSemVerMajor": true}}, "webdriver": {"name": "webdriver", "severity": "high", "isDirect": false, "via": ["@wdio/config"], "effects": ["@wdio/runner"], "range": ">=5.0.0-alpha.2", "nodes": ["node_modules/webdriver"], "fixAvailable": {"name": "@wdio/local-runner", "version": "9.24.0", "isSemVerMajor": true}}, "webdriverio": {"name": "webdriverio", "severity": "high", "isDirect": false, "via": ["@wdio/config", "archiver", "devtools", "minimatch", "puppeteer-core", "webdriver"], "effects": ["@wdio/cli", "@wdio/runner"], "range": ">=5.0.0-alpha.2", "nodes": ["node_modules/webdriverio"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "ws": {"name": "ws", "severity": "high", "isDirect": false, "via": [{"source": 1098392, "name": "ws", "dependency": "ws", "title": "ws affected by a DoS when handling a request with many HTTP headers", "url": "https://github.com/advisories/GHSA-3h5v-q93c-6h6q", "severity": "high", "cwe": ["CWE-476"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=8.0.0 <8.17.1"}], "effects": ["puppeteer-core"], "range": "8.0.0 - 8.17.0", "nodes": ["node_modules/devtools/node_modules/ws", "node_modules/ws"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "yarn-install": {"name": "yarn-install", "severity": "high", "isDirect": false, "via": ["cross-spawn"], "effects": ["@wdio/cli"], "range": "*", "nodes": ["node_modules/yarn-install"], "fixAvailable": {"name": "@wdio/cli", "version": "9.24.0", "isSemVerMajor": true}}, "zip-stream": {"name": "zip-stream", "severity": "high", "isDirect": false, "via": ["archiver-utils"], "effects": [], "range": "0.8.0 - 6.0.1", "nodes": ["node_modules/zip-stream"], "fixAvailable": true}}, "metadata": {"vulnerabilities": {"info": 0, "low": 3, "moderate": 3, "high": 48, "critical": 2, "total": 56}, "dependencies": {"prod": 1, "dev": 833, "optional": 2, "peer": 1, "peerOptional": 0, "total": 833}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated @types/easy-table@1.2.0: This is a stub types definition. easy-table provides its own type definitions, so you do not need this installed.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@7.1.7: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---
added 832 packages, and audited 833 packages in 16s
130 packages are looking for funding
run `npm fund` for details
# npm audit report
cross-spawn <6.0.6
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - https://github.com/advisories/GHSA-3xgq-45jj-v275
fix available via `npm audit fix --force`
Will install @wdio/cli@9.24.0, which is a breaking change
node_modules/cross-spawn
yarn-install *
Depends on vulnerable versions of cross-spawn
node_modules/yarn-install
@wdio/cli *
Depends on vulnerable versions of @wdio/config
Depends on vulnerable versions of inquirer
Depends on vulnerable versions of recursive-readdir
Depends on vulnerable versions of webdriverio
Depends on vulnerable versions of yarn-install
node_modules/@wdio/cli
@wdio/junit-reporter 7.0.1 - 8.0.0-alpha.631
Depends on vulnerable versions of @wdio/cli
node_modules/@wdio/junit-reporter
@wdio/local-runner 6.3.0 - 9.8.0
Depends on vulnerable versions of @wdio/cli
Depends on vulnerable versions of @wdio/runner
node_modules/@wdio/local-runner
@wdio/spec-reporter 7.0.1 - 8.0.0-alpha.631
Depends on vulnerable versions of @wdio/cli
node_modules/@wdio/spec-reporter
form-data <2.5.4
Severity: critical
form-data uses unsafe random function in form-data for choosing boundary - https://github.com/advisories/GHSA-fjxv-7rqg-78g4
fix available via `npm audit fix --force`
Will install wdio-mediawiki@6.3.2, which is a breaking change
node_modules/form-data
request *
Depends on vulnerable versions of form-data
Depends on vulnerable versions of qs
Depends on vulnerable versions of tough-cookie
node_modules/request
mwbot >=0.1.6
Depends on vulnerable versions of request
node_modules/mwbot
wdio-mediawiki <=5.1.0
Depends on vulnerable versions of mwbot
node_modules/wdio-mediawiki
minimatch <10.2.1
Severity: high
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern - https://github.com/advisories/GHSA-3ppc-4f35-3m26
fix available via `npm audit fix --force`
Will install @wdio/cli@9.24.0, which is a breaking change
node_modules/@eslint/eslintrc/node_modules/minimatch
node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch
node_modules/@wdio/config/node_modules/minimatch
node_modules/eslint/node_modules/minimatch
node_modules/minimatch
node_modules/mocha/node_modules/minimatch
node_modules/readdir-glob/node_modules/minimatch
node_modules/recursive-readdir/node_modules/minimatch
node_modules/webdriverio/node_modules/minimatch
node_modules/zip-stream/node_modules/minimatch
@eslint/eslintrc 0.0.1 || >=0.1.1
Depends on vulnerable versions of minimatch
node_modules/@eslint/eslintrc
eslint 0.7.1 - 2.0.0-rc.1 || 4.1.0 - 10.0.0-rc.2
Depends on vulnerable versions of @eslint/eslintrc
Depends on vulnerable versions of @humanwhocodes/config-array
Depends on vulnerable versions of file-entry-cache
Depends on vulnerable versions of minimatch
node_modules/eslint
@typescript-eslint/eslint-plugin <=8.56.1
Depends on vulnerable versions of @typescript-eslint/parser
Depends on vulnerable versions of @typescript-eslint/type-utils
Depends on vulnerable versions of @typescript-eslint/utils
Depends on vulnerable versions of eslint
node_modules/@typescript-eslint/eslint-plugin
@typescript-eslint/parser 1.1.1-alpha.0 - 8.56.1-alpha.2
Depends on vulnerable versions of @typescript-eslint/typescript-estree
Depends on vulnerable versions of eslint
node_modules/@typescript-eslint/parser
eslint-config-wikimedia >=0.9.0
Depends on vulnerable versions of @stylistic/eslint-plugin
Depends on vulnerable versions of @typescript-eslint/eslint-plugin
Depends on vulnerable versions of @typescript-eslint/parser
Depends on vulnerable versions of eslint
Depends on vulnerable versions of eslint-plugin-jsdoc
Depends on vulnerable versions of eslint-plugin-vue
node_modules/eslint-config-wikimedia
@typescript-eslint/type-utils 5.62.1-alpha.0 - 8.56.1
Depends on vulnerable versions of @typescript-eslint/typescript-estree
Depends on vulnerable versions of @typescript-eslint/utils
Depends on vulnerable versions of eslint
node_modules/@typescript-eslint/type-utils
@typescript-eslint/utils <=8.56.1-alpha.2
Depends on vulnerable versions of @typescript-eslint/typescript-estree
Depends on vulnerable versions of eslint
node_modules/@typescript-eslint/utils
@stylistic/eslint-plugin 2.7.0-beta.0 - 5.0.0-beta.6 || >=6.0.0-beta.1
Depends on vulnerable versions of @typescript-eslint/utils
node_modules/@stylistic/eslint-plugin
eslint-plugin-jsdoc 8.4.4 - 62.6.1
Depends on vulnerable versions of eslint
node_modules/eslint-plugin-jsdoc
eslint-plugin-vue 5.0.0-beta.0 - 10.7.0
Depends on vulnerable versions of eslint
node_modules/eslint-plugin-vue
grunt-eslint <=17.3.2 || >=18.1.0
Depends on vulnerable versions of eslint
Depends on vulnerable versions of grunt
node_modules/grunt-eslint
@humanwhocodes/config-array *
Depends on vulnerable versions of minimatch
node_modules/@humanwhocodes/config-array
@typescript-eslint/typescript-estree 6.16.0 - 8.56.1-alpha.2
Depends on vulnerable versions of minimatch
node_modules/@typescript-eslint/typescript-estree
glob 3.0.0 - 10.5.0
Depends on vulnerable versions of minimatch
node_modules/@wdio/config/node_modules/glob
node_modules/glob
node_modules/mocha/node_modules/glob
node_modules/zip-stream/node_modules/glob
@wdio/config *
Depends on vulnerable versions of glob
node_modules/@wdio/config
@wdio/runner *
Depends on vulnerable versions of @wdio/config
Depends on vulnerable versions of gaze
Depends on vulnerable versions of webdriver
Depends on vulnerable versions of webdriverio
node_modules/@wdio/runner
devtools >=5.13.0-alpha.0
Depends on vulnerable versions of @wdio/config
Depends on vulnerable versions of puppeteer-core
node_modules/devtools
webdriver >=5.0.0-alpha.2
Depends on vulnerable versions of @wdio/config
node_modules/webdriver
webdriverio >=5.0.0-alpha.2
Depends on vulnerable versions of @wdio/config
Depends on vulnerable versions of archiver
Depends on vulnerable versions of devtools
Depends on vulnerable versions of minimatch
Depends on vulnerable versions of puppeteer-core
Depends on vulnerable versions of webdriver
node_modules/webdriverio
archiver-utils >=0.2.0
Depends on vulnerable versions of glob
node_modules/archiver-utils
node_modules/zip-stream/node_modules/archiver-utils
archiver >=0.20.0
Depends on vulnerable versions of archiver-utils
Depends on vulnerable versions of readdir-glob
Depends on vulnerable versions of zip-stream
node_modules/archiver
zip-stream 0.8.0 - 6.0.1
Depends on vulnerable versions of archiver-utils
node_modules/zip-stream
mocha >=1.10.0
Depends on vulnerable versions of glob
Depends on vulnerable versions of minimatch
node_modules/mocha
@wdio/mocha-framework *
Depends on vulnerable versions of mocha
node_modules/@wdio/mocha-framework
rimraf 2.3.0 - 3.0.2 || 4.2.0 - 5.0.10
Depends on vulnerable versions of glob
node_modules/rimraf
flat-cache 1.3.4 - 4.0.0
Depends on vulnerable versions of rimraf
node_modules/flat-cache
file-entry-cache 4.0.0 - 7.0.2
Depends on vulnerable versions of flat-cache
node_modules/file-entry-cache
puppeteer-core <=22.11.1
Depends on vulnerable versions of rimraf
Depends on vulnerable versions of tar-fs
Depends on vulnerable versions of ws
node_modules/devtools/node_modules/puppeteer-core
node_modules/puppeteer-core
globule *
Depends on vulnerable versions of glob
Depends on vulnerable versions of minimatch
node_modules/globule
gaze >=0.4.0
Depends on vulnerable versions of globule
node_modules/gaze
grunt >=0.4.0-a
Depends on vulnerable versions of glob
Depends on vulnerable versions of minimatch
node_modules/grunt
multimatch <=7.0.0
Depends on vulnerable versions of minimatch
node_modules/multimatch
doiuse >=2.2.0
Depends on vulnerable versions of multimatch
node_modules/doiuse
stylelint-no-unsupported-browser-features *
Depends on vulnerable versions of doiuse
node_modules/stylelint-no-unsupported-browser-features
stylelint-config-wikimedia >=0.10.2
Depends on vulnerable versions of stylelint-no-unsupported-browser-features
node_modules/stylelint-config-wikimedia
readdir-glob <=2.0.1 || 2.0.3
Depends on vulnerable versions of minimatch
node_modules/readdir-glob
recursive-readdir >=1.2.0
Depends on vulnerable versions of minimatch
node_modules/recursive-readdir
qs <6.14.1
Severity: high
qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion - https://github.com/advisories/GHSA-6rw7-vpxm-498p
fix available via `npm audit fix --force`
Will install wdio-mediawiki@6.3.2, which is a breaking change
node_modules/qs
tar-fs 2.0.0 - 2.1.3
Severity: high
tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball - https://github.com/advisories/GHSA-vj76-c3g6-qr5v
tar-fs can extract outside the specified dir with a specific tarball - https://github.com/advisories/GHSA-8cj5-5rvv-wf4v
tar-fs Vulnerable to Link Following and Path Traversal via Extracting a Crafted tar File - https://github.com/advisories/GHSA-pq67-2wwv-3xjx
fix available via `npm audit fix --force`
Will install @wdio/cli@9.24.0, which is a breaking change
node_modules/tar-fs
tmp <=0.2.3
tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter - https://github.com/advisories/GHSA-52f5-9888-hmc6
fix available via `npm audit fix --force`
Will install @wdio/cli@9.24.0, which is a breaking change
node_modules/tmp
external-editor >=1.1.1
Depends on vulnerable versions of tmp
node_modules/external-editor
inquirer 3.0.0 - 8.2.6 || 9.0.0 - 9.3.7
Depends on vulnerable versions of external-editor
node_modules/inquirer
tough-cookie <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
fix available via `npm audit fix --force`
Will install wdio-mediawiki@6.3.2, which is a breaking change
node_modules/tough-cookie
ws 8.0.0 - 8.17.0
Severity: high
ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q
fix available via `npm audit fix --force`
Will install @wdio/cli@9.24.0, which is a breaking change
node_modules/devtools/node_modules/ws
node_modules/ws
55 vulnerabilities (3 low, 3 moderate, 47 high, 2 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated @types/easy-table@1.2.0: This is a stub types definition. easy-table provides its own type definitions, so you do not need this installed.
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@7.1.7: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---
added 832 packages, and audited 833 packages in 11s
130 packages are looking for funding
run `npm fund` for details
54 vulnerabilities (3 low, 3 moderate, 46 high, 2 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stdout ---
> test
> grunt test
Running "eslint:all" (eslint) task
/src/repo/modules/dm/ext.advancedSearch.MultiselectLookup.js
44:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
125:2 warning Prefer .then to .done no-jquery/no-done-fail
125:2 warning Prefer .then to .fail no-jquery/no-done-fail
161:2 warning Prefer .then to .done no-jquery/no-done-fail
161:2 warning Prefer .then to .fail no-jquery/no-done-fail
/src/repo/modules/ext.advancedSearch.FieldCollection.js
5:1 warning The type 'SearchField' is undefined jsdoc/no-undefined-types
18:1 warning The type 'SearchField' is undefined jsdoc/no-undefined-types
/src/repo/modules/ext.advancedSearch.FieldElementBuilder.js
7:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
15:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
37:1 warning The type 'SearchField' is undefined jsdoc/no-undefined-types
57:1 warning The type 'FieldCollection' is undefined jsdoc/no-undefined-types
/src/repo/modules/ext.advancedSearch.QueryCompiler.js
5:1 warning The type 'SearchField' is undefined jsdoc/no-undefined-types
8:1 warning The type 'SearchField' is undefined jsdoc/no-undefined-types
16:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
35:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
44:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ext.advancedSearch.SearchField.js
11:1 warning Invalid JSDoc inline tag name "see" jsdoc/check-tag-names
14:1 warning Invalid JSDoc inline tag name "see" jsdoc/check-tag-names
30:1 warning Invalid JSDoc inline tag name "see" jsdoc/check-tag-names
33:1 warning Invalid JSDoc inline tag name "see" jsdoc/check-tag-names
/src/repo/modules/ext.advancedSearch.defaultFields.js
112:11 warning All possible message keys should be documented. See https://w.wiki/4r9a for details mediawiki/msg-doc
122:5 warning All possible message keys should be documented. See https://w.wiki/4r9a for details mediawiki/msg-doc
133:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
142:11 warning All possible message keys should be documented. See https://w.wiki/4r9a for details mediawiki/msg-doc
152:1 warning The type 'FieldCollection' is undefined jsdoc/no-undefined-types
/src/repo/modules/ext.advancedSearch.init.js
109:1 warning Invalid JSDoc inline tag name "see" jsdoc/check-tag-names
199:1 warning The type 'SearchField' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.ArbitraryWordInput.js
8:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.FileTypeSelection.js
7:1 warning The type 'FileTypeOptionProvider' is undefined jsdoc/no-undefined-types
21:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
22:1 warning The type 'FileTypeOptionProvider' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.FormState.js
8:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.ImageDimensionInput.js
12:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.ImageDimensionLayout.js
10:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.LanguageSelection.js
7:1 warning The type 'LanguageOptionProvider' is undefined jsdoc/no-undefined-types
20:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
21:1 warning The type 'LanguageOptionProvider' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.NamespaceFilters.js
10:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.NamespacePresets.js
6:1 warning The type 'NamespacePresetProviders' is undefined jsdoc/no-undefined-types
27:1 warning The type 'NamespacePresetProviders' is undefined jsdoc/no-undefined-types
89:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
90:1 warning The type 'NamespacePresetProviders' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.NamespacesPreview.js
8:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.SearchPreview.js
55:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.SortPreference.js
37:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.StoreListener.js
8:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/modules/ui/ext.advancedSearch.TextInput.js
8:1 warning The type 'SearchModel' is undefined jsdoc/no-undefined-types
/src/repo/tests/qunit/dm/MultiselectLookup.test.js
180:3 warning Prefer .then to .done no-jquery/no-done-fail
198:3 warning Prefer .then to .fail no-jquery/no-done-fail
✖ 49 problems (0 errors, 49 warnings)
Running "stylelint:all" (stylelint) task
>> Linted 5 files without errors
Running "banana:AdvancedSearch" (banana) task
>> 1 message directory checked.
Done.
--- end ---
{}
{}
{}
{}
{}
{}
{}
$ package-lock-lint /src/repo/package-lock.json
--- stdout ---
Checking /src/repo/package-lock.json
--- end ---
build: Updating composer dependencies
* mediawiki/mediawiki-codesniffer: 49.0.0 → 50.0.0
* mediawiki/mediawiki-phan-config: 0.18.0 → 0.19.0
$ git add .
--- stdout ---
--- end ---
$ git commit -F /tmp/tmpk0xa4knn
--- stdout ---
[master a9a264a] build: Updating composer dependencies
2 files changed, 127 insertions(+), 85 deletions(-)
--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From a9a264a3fc9f7f035755212feb1f78e62a0aa3fd Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Mon, 23 Feb 2026 22:58:57 +0000
Subject: [PATCH] build: Updating composer dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* mediawiki/mediawiki-codesniffer: 49.0.0 → 50.0.0
* mediawiki/mediawiki-phan-config: 0.18.0 → 0.19.0
Change-Id: I9ccbef48cfad10c14bd91722bbd13f1b5790b442
---
composer.json | 4 +-
package-lock.json | 208 ++++++++++++++++++++++++++++------------------
2 files changed, 127 insertions(+), 85 deletions(-)
diff --git a/composer.json b/composer.json
index 75888dc..40dcac2 100644
--- a/composer.json
+++ b/composer.json
@@ -1,7 +1,7 @@
{
"require-dev": {
- "mediawiki/mediawiki-codesniffer": "49.0.0",
- "mediawiki/mediawiki-phan-config": "0.18.0",
+ "mediawiki/mediawiki-codesniffer": "50.0.0",
+ "mediawiki/mediawiki-phan-config": "0.19.0",
"mediawiki/minus-x": "2.0.1",
"php-parallel-lint/php-console-highlighter": "1.0.0",
"php-parallel-lint/php-parallel-lint": "1.4.0"
diff --git a/package-lock.json b/package-lock.json
index 2ec4a0a..b4fd6e8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -313,9 +313,9 @@
}
},
"node_modules/@eslint/eslintrc/node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"dependencies": {
"brace-expansion": "^1.1.7"
@@ -1148,13 +1148,25 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
+ "node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
+ "version": "4.0.4",
+ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+ "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+ "dev": true,
+ "engines": {
+ "node": "18 || 20 || >=22"
+ }
+ },
"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "5.0.3",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
+ "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
"dev": true,
"dependencies": {
- "balanced-match": "^1.0.0"
+ "balanced-match": "^4.0.2"
+ },
+ "engines": {
+ "node": "18 || 20 || >=22"
}
},
"node_modules/@typescript-eslint/typescript-estree/node_modules/debug": {
@@ -1175,12 +1187,12 @@
}
},
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "9.0.6",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.6.tgz",
+ "integrity": "sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^5.0.2"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@@ -1395,9 +1407,9 @@
}
},
"node_modules/@wdio/config/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -4273,9 +4285,9 @@
}
},
"node_modules/eslint/node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"dependencies": {
"brace-expansion": "^1.1.7"
@@ -4647,33 +4659,51 @@
}
},
"node_modules/filelist": {
- "version": "1.0.4",
- "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
- "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==",
+ "version": "1.0.5",
+ "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.5.tgz",
+ "integrity": "sha512-ct/ckWBV/9Dg3MlvCXsLcSUyoWwv9mCKqlhLNB2DAuXR/NZolSXlQqP5dyy6guWlPXBhodZyZ5lGPQcbQDxrEQ==",
"dev": true,
"dependencies": {
- "minimatch": "^5.0.1"
+ "minimatch": "^10.2.1"
+ },
+ "engines": {
+ "node": "20 || >=22"
+ }
+ },
+ "node_modules/filelist/node_modules/balanced-match": {
+ "version": "4.0.4",
+ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+ "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+ "dev": true,
+ "engines": {
+ "node": "18 || 20 || >=22"
}
},
"node_modules/filelist/node_modules/brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "5.0.3",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
+ "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
"dev": true,
"dependencies": {
- "balanced-match": "^1.0.0"
+ "balanced-match": "^4.0.2"
+ },
+ "engines": {
+ "node": "18 || 20 || >=22"
}
},
"node_modules/filelist/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "10.2.2",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.2.tgz",
+ "integrity": "sha512-+G4CpNBxa5MprY+04MbgOw1v7So6n5JY166pFi9KfYwT78fxScCeSNQSNzp6dpPSW2rONOps6Ocam1wFhCgoVw==",
"dev": true,
"dependencies": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^5.0.2"
},
"engines": {
- "node": ">=10"
+ "node": "18 || 20 || >=22"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/isaacs"
}
},
"node_modules/fill-range": {
@@ -6708,9 +6738,9 @@
}
},
"node_modules/mocha/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -7841,9 +7871,9 @@
}
},
"node_modules/readdir-glob/node_modules/minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -9458,9 +9488,9 @@
}
},
"node_modules/webdriverio/node_modules/minimatch": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-6.2.0.tgz",
- "integrity": "sha512-sauLxniAmvnhhRjFwPNnJKaPFYyddAgbYdeUpHULtCT/GhzdCx/MDNy+Y40lBxTQUrMzDE8e0S43Z5uqfO0REg==",
+ "version": "6.2.1",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-6.2.1.tgz",
+ "integrity": "sha512-C5ir1Ql7cVnkJLOtpgK9vf2P4ufJu9Hm9fwTznllGARCWOqBf+UB48yZwQyban6r7Lesm05ZOzO6JyVOzItjZQ==",
"dev": true,
"dependencies": {
"brace-expansion": "^2.0.1"
@@ -9836,9 +9866,9 @@
}
},
"node_modules/zip-stream/node_modules/minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"dependencies": {
"brace-expansion": "^1.1.7"
@@ -10037,9 +10067,9 @@
}
},
"minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"requires": {
"brace-expansion": "^1.1.7"
@@ -10693,13 +10723,19 @@
"ts-api-utils": "^2.1.0"
},
"dependencies": {
+ "balanced-match": {
+ "version": "4.0.4",
+ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+ "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+ "dev": true
+ },
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "5.0.3",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
+ "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
"dev": true,
"requires": {
- "balanced-match": "^1.0.0"
+ "balanced-match": "^4.0.2"
}
},
"debug": {
@@ -10712,12 +10748,12 @@
}
},
"minimatch": {
- "version": "9.0.5",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
- "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
+ "version": "9.0.6",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.6.tgz",
+ "integrity": "sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^5.0.2"
}
},
"ms": {
@@ -10877,9 +10913,9 @@
}
},
"minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -12449,9 +12485,9 @@
}
},
"minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"requires": {
"brace-expansion": "^1.1.7"
@@ -13234,30 +13270,36 @@
}
},
"filelist": {
- "version": "1.0.4",
- "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
- "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==",
+ "version": "1.0.5",
+ "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.5.tgz",
+ "integrity": "sha512-ct/ckWBV/9Dg3MlvCXsLcSUyoWwv9mCKqlhLNB2DAuXR/NZolSXlQqP5dyy6guWlPXBhodZyZ5lGPQcbQDxrEQ==",
"dev": true,
"requires": {
- "minimatch": "^5.0.1"
+ "minimatch": "^10.2.1"
},
"dependencies": {
+ "balanced-match": {
+ "version": "4.0.4",
+ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
+ "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
+ "dev": true
+ },
"brace-expansion": {
- "version": "2.0.2",
- "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
- "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+ "version": "5.0.3",
+ "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
+ "integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
"dev": true,
"requires": {
- "balanced-match": "^1.0.0"
+ "balanced-match": "^4.0.2"
}
},
"minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "10.2.2",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.2.tgz",
+ "integrity": "sha512-+G4CpNBxa5MprY+04MbgOw1v7So6n5JY166pFi9KfYwT78fxScCeSNQSNzp6dpPSW2rONOps6Ocam1wFhCgoVw==",
"dev": true,
"requires": {
- "brace-expansion": "^2.0.1"
+ "brace-expansion": "^5.0.2"
}
}
}
@@ -14812,9 +14854,9 @@
}
},
"minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -15642,9 +15684,9 @@
}
},
"minimatch": {
- "version": "5.1.6",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
- "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
+ "version": "5.1.7",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.7.tgz",
+ "integrity": "sha512-FjiwU9HaHW6YB3H4a1sFudnv93lvydNjz2lmyUXR6IwKhGI+bgL3SOZrBGn6kvvX2pJvhEkGSGjyTHN47O4rqA==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -16817,9 +16859,9 @@
}
},
"minimatch": {
- "version": "6.2.0",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-6.2.0.tgz",
- "integrity": "sha512-sauLxniAmvnhhRjFwPNnJKaPFYyddAgbYdeUpHULtCT/GhzdCx/MDNy+Y40lBxTQUrMzDE8e0S43Z5uqfO0REg==",
+ "version": "6.2.1",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-6.2.1.tgz",
+ "integrity": "sha512-C5ir1Ql7cVnkJLOtpgK9vf2P4ufJu9Hm9fwTznllGARCWOqBf+UB48yZwQyban6r7Lesm05ZOzO6JyVOzItjZQ==",
"dev": true,
"requires": {
"brace-expansion": "^2.0.1"
@@ -17094,9 +17136,9 @@
}
},
"minimatch": {
- "version": "3.1.2",
- "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
- "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
+ "integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
"dev": true,
"requires": {
"brace-expansion": "^1.1.7"
--
2.47.3
--- end ---