This run took 83 seconds.
From 6a18cf0e1cc89b6d33f38cdc1db4b4bb766fc9de Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sun, 15 Mar 2026 21:48:37 +0000
Subject: [PATCH] build: Updating npm dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* flatted: 3.3.1 → 3.4.1
* https://github.com/advisories/GHSA-25h7-pfq9-p65f
* undici: 6.23.0, 7.18.2 → 6.24.1, 7.24.3
* https://github.com/advisories/GHSA-2mjp-6q6p-2qxm
* https://github.com/advisories/GHSA-4992-7rv2-5pvq
* https://github.com/advisories/GHSA-f269-vfmq-vjvj
* https://github.com/advisories/GHSA-phc3-fgpg-7m6h
* https://github.com/advisories/GHSA-v9p9-hfj2-hcw8
* https://github.com/advisories/GHSA-vrm6-8vpv-qv8q
Change-Id: Ie09b6c63a30f155f5c6058316f0f389c8d9861c4
---
package-lock.json | 551 +++++++++++++++++++++++++++-------------------
1 file changed, 325 insertions(+), 226 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index f9b2ae7..736c91f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1067,30 +1067,30 @@
}
},
"node_modules/@jest/diff-sequences": {
- "version": "30.0.1",
- "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz",
- "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.3.0.tgz",
+ "integrity": "sha512-cG51MVnLq1ecVUaQ3fr6YuuAOitHK1S4WUJHnsPFE/quQr33ADUx1FfrTCpMCRxvy0Yr9BThKpDjSlcTi91tMA==",
"dev": true,
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/@jest/expect-utils": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.5.tgz",
- "integrity": "sha512-F3lmTT7CXWYywoVUGTCmom0vXq3HTTkaZyTAzIy+bXSBizB7o5qzlC9VCtq0arOa8GqmNsbg/cE9C6HLn7Szew==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.3.0.tgz",
+ "integrity": "sha512-j0+W5iQQ8hBh7tHZkTQv3q2Fh/M7Je72cIsYqC4OaktgtO7v1So9UTjp6uPBHIaB6beoF/RRsCgMJKvti0wADA==",
"dev": true,
"dependencies": {
- "@jest/get-type": "30.0.1"
+ "@jest/get-type": "30.1.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/@jest/get-type": {
- "version": "30.0.1",
- "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz",
- "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==",
+ "version": "30.1.0",
+ "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.1.0.tgz",
+ "integrity": "sha512-eMbZE2hUnx1WV0pmURZY9XoXPkUYjpc55mb0CrhtdWLtzMQPFvu/rZkTLZFTsdaVQa+Tr4eWAteqcUzoawq/uA==",
"dev": true,
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
@@ -1122,9 +1122,9 @@
}
},
"node_modules/@jest/types": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.5.tgz",
- "integrity": "sha512-aREYa3aku9SSnea4aX6bhKn4bgv3AXkgijoQgbYV3yvbiGt6z+MQ85+6mIhx9DsKW2BuB/cLR/A+tcMThx+KLQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.3.0.tgz",
+ "integrity": "sha512-JHm87k7bA33hpBngtU8h6UBub/fqqA9uXfw+21j5Hmk7ooPHlboRNxHq0JcMtC+n8VJGP1mcfnD3Mk+XKe1oSw==",
"dev": true,
"dependencies": {
"@jest/pattern": "30.0.1",
@@ -1140,9 +1140,9 @@
}
},
"node_modules/@jridgewell/sourcemap-codec": {
- "version": "1.5.0",
- "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz",
- "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==",
+ "version": "1.5.5",
+ "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+ "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
"dev": true
},
"node_modules/@mdn/browser-compat-data": {
@@ -1216,17 +1216,17 @@
}
},
"node_modules/@puppeteer/browsers": {
- "version": "2.10.5",
- "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.10.5.tgz",
- "integrity": "sha512-eifa0o+i8dERnngJwKrfp3dEq7ia5XFyoqB17S4gK8GhsQE4/P8nxOfQSE0zQHxzzLo/cmF+7+ywEQ7wK7Fb+w==",
+ "version": "2.13.0",
+ "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.13.0.tgz",
+ "integrity": "sha512-46BZJYJjc/WwmKjsvDFykHtXrtomsCIrwYQPOP7VfMJoZY2bsDF9oROBABR3paDjDcmkUye1Pb1BqdcdiipaWA==",
"dev": true,
"dependencies": {
- "debug": "^4.4.1",
+ "debug": "^4.4.3",
"extract-zip": "^2.0.1",
"progress": "^2.0.3",
"proxy-agent": "^6.5.0",
- "semver": "^7.7.2",
- "tar-fs": "^3.0.8",
+ "semver": "^7.7.4",
+ "tar-fs": "^3.1.1",
"yargs": "^17.7.2"
},
"bin": {
@@ -1284,9 +1284,9 @@
"dev": true
},
"node_modules/@sinclair/typebox": {
- "version": "0.34.38",
- "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.38.tgz",
- "integrity": "sha512-HpkxMmc2XmZKhvaKIZZThlHmx1L0I/V1hWK1NubtlFnr6ZqdiOpV72TKudZUNQjZNsyDBay72qFEhEvb+bcwcA==",
+ "version": "0.34.48",
+ "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.48.tgz",
+ "integrity": "sha512-kKJTNuK3AQOrgjjotVxMrCn1sUJwM76wMszfq1kdU4uYVJjvEWuFQ6HgvLt4Xz3fSmZlTOxJ/Ie13KnIcWQXFA==",
"dev": true
},
"node_modules/@sindresorhus/merge-streams": {
@@ -1661,9 +1661,9 @@
}
},
"node_modules/@types/yargs": {
- "version": "17.0.33",
- "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz",
- "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==",
+ "version": "17.0.35",
+ "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.35.tgz",
+ "integrity": "sha512-qUHkeCyQFxMXg79wQfTtfndEC+N9ZZg76HJftDJp+qH2tV7Gj4OJi7l+PiWwJ+pWtW8GwSmqsDj/oymhrTWXjg==",
"dev": true,
"dependencies": {
"@types/yargs-parser": "*"
@@ -2049,6 +2049,41 @@
"url": "https://opencollective.com/vitest"
}
},
+ "node_modules/@vitest/utils": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.1.0.tgz",
+ "integrity": "sha512-XfPXT6a8TZY3dcGY8EdwsBulFCIw+BeeX0RZn2x/BtiY/75YGh8FeWGG8QISN/WhaqSrE2OrlDgtF8q5uhOTmw==",
+ "dev": true,
+ "dependencies": {
+ "@vitest/pretty-format": "4.1.0",
+ "convert-source-map": "^2.0.0",
+ "tinyrainbow": "^3.0.3"
+ },
+ "funding": {
+ "url": "https://opencollective.com/vitest"
+ }
+ },
+ "node_modules/@vitest/utils/node_modules/@vitest/pretty-format": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.0.tgz",
+ "integrity": "sha512-3RZLZlh88Ib0J7NQTRATfc/3ZPOnSUn2uDBUoGNn5T36+bALixmzphN26OUD3LRXWkJu4H0s5vvUeqBiw+kS0A==",
+ "dev": true,
+ "dependencies": {
+ "tinyrainbow": "^3.0.3"
+ },
+ "funding": {
+ "url": "https://opencollective.com/vitest"
+ }
+ },
+ "node_modules/@vitest/utils/node_modules/tinyrainbow": {
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+ "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
+ "dev": true,
+ "engines": {
+ "node": ">=14.0.0"
+ }
+ },
"node_modules/@wdio/cli": {
"version": "9.18.4",
"resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-9.18.4.tgz",
@@ -4319,9 +4354,9 @@
}
},
"node_modules/cheerio/node_modules/undici": {
- "version": "7.18.2",
- "resolved": "https://registry.npmjs.org/undici/-/undici-7.18.2.tgz",
- "integrity": "sha512-y+8YjDFzWdQlSE9N5nzKMT3g4a5UBX1HKowfdXh0uvAnTaqqwqB92Jt4UXBAeKekDs5IaDKyJFR4X1gYVCgXcw==",
+ "version": "7.24.3",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-7.24.3.tgz",
+ "integrity": "sha512-eJdUmK/Wrx2d+mnWWmwwLRyA7OQCkLap60sk3dOK4ViZR7DKwwptwuIvFBg2HaiP9ESaEdhtpSymQPvytpmkCA==",
"dev": true,
"engines": {
"node": ">=20.18.1"
@@ -4547,6 +4582,12 @@
"integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==",
"dev": true
},
+ "node_modules/convert-source-map": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
+ "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==",
+ "dev": true
+ },
"node_modules/core-js-compat": {
"version": "3.37.1",
"resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.37.1.tgz",
@@ -5124,9 +5165,9 @@
}
},
"node_modules/debug": {
- "version": "4.4.1",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz",
- "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==",
+ "version": "4.4.3",
+ "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+ "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"dev": true,
"dependencies": {
"ms": "^2.1.3"
@@ -5152,6 +5193,15 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/deep-eql": {
+ "version": "5.0.2",
+ "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-5.0.2.tgz",
+ "integrity": "sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==",
+ "dev": true,
+ "engines": {
+ "node": ">=6"
+ }
+ },
"node_modules/deep-is": {
"version": "0.1.4",
"resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz",
@@ -6664,35 +6714,35 @@
}
},
"node_modules/expect": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.5.tgz",
- "integrity": "sha512-P0te2pt+hHI5qLJkIR+iMvS+lYUZml8rKKsohVHAGY+uClp9XVbdyYNJOIjSRpHVp8s8YqxJCiHUkSYZGr8rtQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/expect/-/expect-30.3.0.tgz",
+ "integrity": "sha512-1zQrciTiQfRdo7qJM1uG4navm8DayFa2TgCSRlzUyNkhcJ6XUZF3hjnpkyr3VhAqPH7i/9GkG7Tv5abz6fqz0Q==",
"dev": true,
"dependencies": {
- "@jest/expect-utils": "30.0.5",
- "@jest/get-type": "30.0.1",
- "jest-matcher-utils": "30.0.5",
- "jest-message-util": "30.0.5",
- "jest-mock": "30.0.5",
- "jest-util": "30.0.5"
+ "@jest/expect-utils": "30.3.0",
+ "@jest/get-type": "30.1.0",
+ "jest-matcher-utils": "30.3.0",
+ "jest-message-util": "30.3.0",
+ "jest-mock": "30.3.0",
+ "jest-util": "30.3.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/expect-webdriverio": {
- "version": "5.4.1",
- "resolved": "https://registry.npmjs.org/expect-webdriverio/-/expect-webdriverio-5.4.1.tgz",
- "integrity": "sha512-jH4qhahRNGPWbCCVcCpLDl/kvFJ1eOzVnrd1K/sG1RhKr6bZsgZQUiOE3bafVqSOfKP+ay8bM/VagP4+XsO9Xw==",
+ "version": "5.6.5",
+ "resolved": "https://registry.npmjs.org/expect-webdriverio/-/expect-webdriverio-5.6.5.tgz",
+ "integrity": "sha512-5ot+Apo0bEvMD/nqzWymQpgyWnOdu0kVpmahLx5T7NzUc6RyifucZ24Gsfr6F6C8yRGBhmoFh7ZeY+W9kteEBQ==",
"dev": true,
"dependencies": {
- "@vitest/snapshot": "^3.2.4",
- "expect": "^30.0.0",
- "jest-matcher-utils": "^30.0.0",
- "lodash.isequal": "^4.5.0"
+ "@vitest/snapshot": "^4.0.16",
+ "deep-eql": "^5.0.2",
+ "expect": "^30.2.0",
+ "jest-matcher-utils": "^30.2.0"
},
"engines": {
- "node": ">=18 || >=20 || >=22"
+ "node": ">=20"
},
"peerDependencies": {
"@wdio/globals": "^9.0.0",
@@ -6712,25 +6762,26 @@
}
},
"node_modules/expect-webdriverio/node_modules/@vitest/pretty-format": {
- "version": "3.2.4",
- "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-3.2.4.tgz",
- "integrity": "sha512-IVNZik8IVRJRTr9fxlitMKeJeXFFFN0JaB9PHPGQ8NKQbGpfjlTx9zO4RefN8gp7eqjNy8nyK3NZmBzOPeIxtA==",
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.0.tgz",
+ "integrity": "sha512-3RZLZlh88Ib0J7NQTRATfc/3ZPOnSUn2uDBUoGNn5T36+bALixmzphN26OUD3LRXWkJu4H0s5vvUeqBiw+kS0A==",
"dev": true,
"dependencies": {
- "tinyrainbow": "^2.0.0"
+ "tinyrainbow": "^3.0.3"
},
"funding": {
"url": "https://opencollective.com/vitest"
}
},
"node_modules/expect-webdriverio/node_modules/@vitest/snapshot": {
- "version": "3.2.4",
- "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-3.2.4.tgz",
- "integrity": "sha512-dEYtS7qQP2CjU27QBC5oUOxLE/v5eLkGqPE0ZKEIDGMs4vKWe7IjgLOeauHsR0D5YuuycGRO5oSRXnwnmA78fQ==",
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.1.0.tgz",
+ "integrity": "sha512-0Vy9euT1kgsnj1CHttwi9i9o+4rRLEaPRSOJ5gyv579GJkNpgJK+B4HSv/rAWixx2wdAFci1X4CEPjiu2bXIMg==",
"dev": true,
"dependencies": {
- "@vitest/pretty-format": "3.2.4",
- "magic-string": "^0.30.17",
+ "@vitest/pretty-format": "4.1.0",
+ "@vitest/utils": "4.1.0",
+ "magic-string": "^0.30.21",
"pathe": "^2.0.3"
},
"funding": {
@@ -6744,9 +6795,9 @@
"dev": true
},
"node_modules/expect-webdriverio/node_modules/tinyrainbow": {
- "version": "2.0.0",
- "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-2.0.0.tgz",
- "integrity": "sha512-op4nsTR47R6p0vMUUoYl/a+ljLFVtlfaXkLQmqfLR1qHma1h/ysYk4hEXZ880bf2CYgTskvTa/e196Vd5dDQXw==",
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+ "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
"dev": true,
"engines": {
"node": ">=14.0.0"
@@ -7105,9 +7156,9 @@
}
},
"node_modules/flatted": {
- "version": "3.3.1",
- "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
- "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==",
+ "version": "3.4.1",
+ "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.1.tgz",
+ "integrity": "sha512-IxfVbRFVlV8V/yRaGzk0UVIcsKKHMSfYw66T/u4nTwlWteQePsxe//LjudR1AMX4tZW3WFCh3Zqa/sjlqpbURQ==",
"dev": true
},
"node_modules/for-in": {
@@ -8329,48 +8380,48 @@
}
},
"node_modules/jest-diff": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.5.tgz",
- "integrity": "sha512-1UIqE9PoEKaHcIKvq2vbibrCog4Y8G0zmOxgQUVEiTqwR5hJVMCoDsN1vFvI5JvwD37hjueZ1C4l2FyGnfpE0A==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.3.0.tgz",
+ "integrity": "sha512-n3q4PDQjS4LrKxfWB3Z5KNk1XjXtZTBwQp71OP0Jo03Z6V60x++K5L8k6ZrW8MY8pOFylZvHM0zsjS1RqlHJZQ==",
"dev": true,
"dependencies": {
- "@jest/diff-sequences": "30.0.1",
- "@jest/get-type": "30.0.1",
+ "@jest/diff-sequences": "30.3.0",
+ "@jest/get-type": "30.1.0",
"chalk": "^4.1.2",
- "pretty-format": "30.0.5"
+ "pretty-format": "30.3.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/jest-matcher-utils": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.5.tgz",
- "integrity": "sha512-uQgGWt7GOrRLP1P7IwNWwK1WAQbq+m//ZY0yXygyfWp0rJlksMSLQAA4wYQC3b6wl3zfnchyTx+k3HZ5aPtCbQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.3.0.tgz",
+ "integrity": "sha512-HEtc9uFQgaUHkC7nLSlQL3Tph4Pjxt/yiPvkIrrDCt9jhoLIgxaubo1G+CFOnmHYMxHwwdaSN7mkIFs6ZK8OhA==",
"dev": true,
"dependencies": {
- "@jest/get-type": "30.0.1",
+ "@jest/get-type": "30.1.0",
"chalk": "^4.1.2",
- "jest-diff": "30.0.5",
- "pretty-format": "30.0.5"
+ "jest-diff": "30.3.0",
+ "pretty-format": "30.3.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/jest-message-util": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.5.tgz",
- "integrity": "sha512-NAiDOhsK3V7RU0Aa/HnrQo+E4JlbarbmI3q6Pi4KcxicdtjV82gcIUrejOtczChtVQR4kddu1E1EJlW6EN9IyA==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.3.0.tgz",
+ "integrity": "sha512-Z/j4Bo+4ySJ+JPJN3b2Qbl9hDq3VrXmnjjGEWD/x0BCXeOXPTV1iZYYzl2X8c1MaCOL+ewMyNBcm88sboE6YWw==",
"dev": true,
"dependencies": {
"@babel/code-frame": "^7.27.1",
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/stack-utils": "^2.0.3",
"chalk": "^4.1.2",
"graceful-fs": "^4.2.11",
- "micromatch": "^4.0.8",
- "pretty-format": "30.0.5",
+ "picomatch": "^4.0.3",
+ "pretty-format": "30.3.0",
"slash": "^3.0.0",
"stack-utils": "^2.0.6"
},
@@ -8378,15 +8429,27 @@
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
+ "node_modules/jest-message-util/node_modules/picomatch": {
+ "version": "4.0.3",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+ "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+ "dev": true,
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/jonschlinkert"
+ }
+ },
"node_modules/jest-mock": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.5.tgz",
- "integrity": "sha512-Od7TyasAAQX/6S+QCbN6vZoWOMwlTtzzGuxJku1GhGanAjz9y+QsQkpScDmETvdc9aSXyJ/Op4rhpMYBWW91wQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.3.0.tgz",
+ "integrity": "sha512-OTzICK8CpE+t4ndhKrwlIdbM6Pn8j00lvmSmq5ejiO+KxukbLjgOflKWMn3KE34EZdQm5RqTuKj+5RIEniYhog==",
"dev": true,
"dependencies": {
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/node": "*",
- "jest-util": "30.0.5"
+ "jest-util": "30.3.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
@@ -8402,17 +8465,17 @@
}
},
"node_modules/jest-util": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.5.tgz",
- "integrity": "sha512-pvyPWssDZR0FlfMxCBoc0tvM8iUEskaRFALUtGQYzVEAqisAztmy+R8LnU14KT4XA0H/a5HMVTXat1jLne010g==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.3.0.tgz",
+ "integrity": "sha512-/jZDa00a3Sz7rdyu55NLrQCIrbyIkbBxareejQI315f/i8HjYN+ZWsDLLpoQSiUIEIyZF/R8fDg3BmB8AtHttg==",
"dev": true,
"dependencies": {
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/node": "*",
"chalk": "^4.1.2",
"ci-info": "^4.2.0",
"graceful-fs": "^4.2.11",
- "picomatch": "^4.0.2"
+ "picomatch": "^4.0.3"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
@@ -8776,13 +8839,6 @@
"integrity": "sha512-uHaJFihxmJcEX3kT4I23ABqKKalJ/zDrDg0lsFtc1h+3uw49SIJ5beyhx5ExVRti3AvKoOJngIj7xz3oylPdWQ==",
"dev": true
},
- "node_modules/lodash.isequal": {
- "version": "4.5.0",
- "resolved": "https://registry.npmjs.org/lodash.isequal/-/lodash.isequal-4.5.0.tgz",
- "integrity": "sha512-pDo3lu8Jhfjqls6GkMgpahsF9kCyayhgykjyLMNFTKWrpVdAQtYyB4muAMWozBB4ig/dtWAmsMxLEI8wuz+DYQ==",
- "deprecated": "This package is deprecated. Use require('node:util').isDeepStrictEqual instead.",
- "dev": true
- },
"node_modules/lodash.memoize": {
"version": "4.1.2",
"resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz",
@@ -8864,12 +8920,12 @@
}
},
"node_modules/magic-string": {
- "version": "0.30.17",
- "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.17.tgz",
- "integrity": "sha512-sNPKHvyjVf7gyjwS4xGTaW/mCnF8wnjtifKBEhxfZ7E/S8tQ0rssrwGNn6q8JH/ohItJfSQp9mBtQYuTlH5QnA==",
+ "version": "0.30.21",
+ "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.21.tgz",
+ "integrity": "sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==",
"dev": true,
"dependencies": {
- "@jridgewell/sourcemap-codec": "^1.5.0"
+ "@jridgewell/sourcemap-codec": "^1.5.5"
}
},
"node_modules/make-dir": {
@@ -9904,9 +9960,9 @@
}
},
"node_modules/pretty-format": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.5.tgz",
- "integrity": "sha512-D1tKtYvByrBkFLe2wHJl2bwMJIiT8rW+XA+TiataH79/FszLQMrpGEvzUVkzPau7OCO0Qnrhpe87PqtOAIB8Yw==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.3.0.tgz",
+ "integrity": "sha512-oG4T3wCbfeuvljnyAzhBvpN45E8iOTXCU/TD3zXW80HA3dQ4ahdqMkWGiPWZvjpQwlbyHrPTWUAqUzGzv4l1JQ==",
"dev": true,
"dependencies": {
"@jest/schemas": "30.0.5",
@@ -10700,9 +10756,9 @@
}
},
"node_modules/semver": {
- "version": "7.7.2",
- "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz",
- "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==",
+ "version": "7.7.4",
+ "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz",
+ "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==",
"dev": true,
"bin": {
"semver": "bin/semver.js"
@@ -11666,9 +11722,9 @@
}
},
"node_modules/undici": {
- "version": "6.23.0",
- "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
- "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
+ "version": "6.24.1",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz",
+ "integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==",
"dev": true,
"engines": {
"node": ">=18.17"
@@ -13054,24 +13110,24 @@
}
},
"@jest/diff-sequences": {
- "version": "30.0.1",
- "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz",
- "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.3.0.tgz",
+ "integrity": "sha512-cG51MVnLq1ecVUaQ3fr6YuuAOitHK1S4WUJHnsPFE/quQr33ADUx1FfrTCpMCRxvy0Yr9BThKpDjSlcTi91tMA==",
"dev": true
},
"@jest/expect-utils": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.5.tgz",
- "integrity": "sha512-F3lmTT7CXWYywoVUGTCmom0vXq3HTTkaZyTAzIy+bXSBizB7o5qzlC9VCtq0arOa8GqmNsbg/cE9C6HLn7Szew==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.3.0.tgz",
+ "integrity": "sha512-j0+W5iQQ8hBh7tHZkTQv3q2Fh/M7Je72cIsYqC4OaktgtO7v1So9UTjp6uPBHIaB6beoF/RRsCgMJKvti0wADA==",
"dev": true,
"requires": {
- "@jest/get-type": "30.0.1"
+ "@jest/get-type": "30.1.0"
}
},
"@jest/get-type": {
- "version": "30.0.1",
- "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz",
- "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==",
+ "version": "30.1.0",
+ "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.1.0.tgz",
+ "integrity": "sha512-eMbZE2hUnx1WV0pmURZY9XoXPkUYjpc55mb0CrhtdWLtzMQPFvu/rZkTLZFTsdaVQa+Tr4eWAteqcUzoawq/uA==",
"dev": true
},
"@jest/pattern": {
@@ -13094,9 +13150,9 @@
}
},
"@jest/types": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.5.tgz",
- "integrity": "sha512-aREYa3aku9SSnea4aX6bhKn4bgv3AXkgijoQgbYV3yvbiGt6z+MQ85+6mIhx9DsKW2BuB/cLR/A+tcMThx+KLQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.3.0.tgz",
+ "integrity": "sha512-JHm87k7bA33hpBngtU8h6UBub/fqqA9uXfw+21j5Hmk7ooPHlboRNxHq0JcMtC+n8VJGP1mcfnD3Mk+XKe1oSw==",
"dev": true,
"requires": {
"@jest/pattern": "30.0.1",
@@ -13109,9 +13165,9 @@
}
},
"@jridgewell/sourcemap-codec": {
- "version": "1.5.0",
- "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz",
- "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==",
+ "version": "1.5.5",
+ "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+ "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
"dev": true
},
"@mdn/browser-compat-data": {
@@ -13163,17 +13219,17 @@
}
},
"@puppeteer/browsers": {
- "version": "2.10.5",
- "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.10.5.tgz",
- "integrity": "sha512-eifa0o+i8dERnngJwKrfp3dEq7ia5XFyoqB17S4gK8GhsQE4/P8nxOfQSE0zQHxzzLo/cmF+7+ywEQ7wK7Fb+w==",
+ "version": "2.13.0",
+ "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.13.0.tgz",
+ "integrity": "sha512-46BZJYJjc/WwmKjsvDFykHtXrtomsCIrwYQPOP7VfMJoZY2bsDF9oROBABR3paDjDcmkUye1Pb1BqdcdiipaWA==",
"dev": true,
"requires": {
- "debug": "^4.4.1",
+ "debug": "^4.4.3",
"extract-zip": "^2.0.1",
"progress": "^2.0.3",
"proxy-agent": "^6.5.0",
- "semver": "^7.7.2",
- "tar-fs": "^3.0.8",
+ "semver": "^7.7.4",
+ "tar-fs": "^3.1.1",
"yargs": "^17.7.2"
},
"dependencies": {
@@ -13218,9 +13274,9 @@
"dev": true
},
"@sinclair/typebox": {
- "version": "0.34.38",
- "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.38.tgz",
- "integrity": "sha512-HpkxMmc2XmZKhvaKIZZThlHmx1L0I/V1hWK1NubtlFnr6ZqdiOpV72TKudZUNQjZNsyDBay72qFEhEvb+bcwcA==",
+ "version": "0.34.48",
+ "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.48.tgz",
+ "integrity": "sha512-kKJTNuK3AQOrgjjotVxMrCn1sUJwM76wMszfq1kdU4uYVJjvEWuFQ6HgvLt4Xz3fSmZlTOxJ/Ie13KnIcWQXFA==",
"dev": true
},
"@sindresorhus/merge-streams": {
@@ -13498,9 +13554,9 @@
}
},
"@types/yargs": {
- "version": "17.0.33",
- "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz",
- "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==",
+ "version": "17.0.35",
+ "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.35.tgz",
+ "integrity": "sha512-qUHkeCyQFxMXg79wQfTtfndEC+N9ZZg76HJftDJp+qH2tV7Gj4OJi7l+PiWwJ+pWtW8GwSmqsDj/oymhrTWXjg==",
"dev": true,
"requires": {
"@types/yargs-parser": "*"
@@ -13736,6 +13792,34 @@
"pathe": "^1.1.2"
}
},
+ "@vitest/utils": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.1.0.tgz",
+ "integrity": "sha512-XfPXT6a8TZY3dcGY8EdwsBulFCIw+BeeX0RZn2x/BtiY/75YGh8FeWGG8QISN/WhaqSrE2OrlDgtF8q5uhOTmw==",
+ "dev": true,
+ "requires": {
+ "@vitest/pretty-format": "4.1.0",
+ "convert-source-map": "^2.0.0",
+ "tinyrainbow": "^3.0.3"
+ },
+ "dependencies": {
+ "@vitest/pretty-format": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.0.tgz",
+ "integrity": "sha512-3RZLZlh88Ib0J7NQTRATfc/3ZPOnSUn2uDBUoGNn5T36+bALixmzphN26OUD3LRXWkJu4H0s5vvUeqBiw+kS0A==",
+ "dev": true,
+ "requires": {
+ "tinyrainbow": "^3.0.3"
+ }
+ },
+ "tinyrainbow": {
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+ "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
+ "dev": true
+ }
+ }
+ },
"@wdio/cli": {
"version": "9.18.4",
"resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-9.18.4.tgz",
@@ -15301,9 +15385,9 @@
}
},
"undici": {
- "version": "7.18.2",
- "resolved": "https://registry.npmjs.org/undici/-/undici-7.18.2.tgz",
- "integrity": "sha512-y+8YjDFzWdQlSE9N5nzKMT3g4a5UBX1HKowfdXh0uvAnTaqqwqB92Jt4UXBAeKekDs5IaDKyJFR4X1gYVCgXcw==",
+ "version": "7.24.3",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-7.24.3.tgz",
+ "integrity": "sha512-eJdUmK/Wrx2d+mnWWmwwLRyA7OQCkLap60sk3dOK4ViZR7DKwwptwuIvFBg2HaiP9ESaEdhtpSymQPvytpmkCA==",
"dev": true
}
}
@@ -15480,6 +15564,12 @@
"integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==",
"dev": true
},
+ "convert-source-map": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
+ "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==",
+ "dev": true
+ },
"core-js-compat": {
"version": "3.37.1",
"resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.37.1.tgz",
@@ -15896,9 +15986,9 @@
"dev": true
},
"debug": {
- "version": "4.4.1",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz",
- "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==",
+ "version": "4.4.3",
+ "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+ "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"dev": true,
"requires": {
"ms": "^2.1.3"
@@ -15910,6 +16000,12 @@
"integrity": "sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==",
"dev": true
},
+ "deep-eql": {
+ "version": "5.0.2",
+ "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-5.0.2.tgz",
+ "integrity": "sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==",
+ "dev": true
+ },
"deep-is": {
"version": "0.1.4",
"resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz",
@@ -16960,48 +17056,49 @@
}
},
"expect": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.5.tgz",
- "integrity": "sha512-P0te2pt+hHI5qLJkIR+iMvS+lYUZml8rKKsohVHAGY+uClp9XVbdyYNJOIjSRpHVp8s8YqxJCiHUkSYZGr8rtQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/expect/-/expect-30.3.0.tgz",
+ "integrity": "sha512-1zQrciTiQfRdo7qJM1uG4navm8DayFa2TgCSRlzUyNkhcJ6XUZF3hjnpkyr3VhAqPH7i/9GkG7Tv5abz6fqz0Q==",
"dev": true,
"requires": {
- "@jest/expect-utils": "30.0.5",
- "@jest/get-type": "30.0.1",
- "jest-matcher-utils": "30.0.5",
- "jest-message-util": "30.0.5",
- "jest-mock": "30.0.5",
- "jest-util": "30.0.5"
+ "@jest/expect-utils": "30.3.0",
+ "@jest/get-type": "30.1.0",
+ "jest-matcher-utils": "30.3.0",
+ "jest-message-util": "30.3.0",
+ "jest-mock": "30.3.0",
+ "jest-util": "30.3.0"
}
},
"expect-webdriverio": {
- "version": "5.4.1",
- "resolved": "https://registry.npmjs.org/expect-webdriverio/-/expect-webdriverio-5.4.1.tgz",
- "integrity": "sha512-jH4qhahRNGPWbCCVcCpLDl/kvFJ1eOzVnrd1K/sG1RhKr6bZsgZQUiOE3bafVqSOfKP+ay8bM/VagP4+XsO9Xw==",
+ "version": "5.6.5",
+ "resolved": "https://registry.npmjs.org/expect-webdriverio/-/expect-webdriverio-5.6.5.tgz",
+ "integrity": "sha512-5ot+Apo0bEvMD/nqzWymQpgyWnOdu0kVpmahLx5T7NzUc6RyifucZ24Gsfr6F6C8yRGBhmoFh7ZeY+W9kteEBQ==",
"dev": true,
"requires": {
- "@vitest/snapshot": "^3.2.4",
- "expect": "^30.0.0",
- "jest-matcher-utils": "^30.0.0",
- "lodash.isequal": "^4.5.0"
+ "@vitest/snapshot": "^4.0.16",
+ "deep-eql": "^5.0.2",
+ "expect": "^30.2.0",
+ "jest-matcher-utils": "^30.2.0"
},
"dependencies": {
"@vitest/pretty-format": {
- "version": "3.2.4",
- "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-3.2.4.tgz",
- "integrity": "sha512-IVNZik8IVRJRTr9fxlitMKeJeXFFFN0JaB9PHPGQ8NKQbGpfjlTx9zO4RefN8gp7eqjNy8nyK3NZmBzOPeIxtA==",
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.0.tgz",
+ "integrity": "sha512-3RZLZlh88Ib0J7NQTRATfc/3ZPOnSUn2uDBUoGNn5T36+bALixmzphN26OUD3LRXWkJu4H0s5vvUeqBiw+kS0A==",
"dev": true,
"requires": {
- "tinyrainbow": "^2.0.0"
+ "tinyrainbow": "^3.0.3"
}
},
"@vitest/snapshot": {
- "version": "3.2.4",
- "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-3.2.4.tgz",
- "integrity": "sha512-dEYtS7qQP2CjU27QBC5oUOxLE/v5eLkGqPE0ZKEIDGMs4vKWe7IjgLOeauHsR0D5YuuycGRO5oSRXnwnmA78fQ==",
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.1.0.tgz",
+ "integrity": "sha512-0Vy9euT1kgsnj1CHttwi9i9o+4rRLEaPRSOJ5gyv579GJkNpgJK+B4HSv/rAWixx2wdAFci1X4CEPjiu2bXIMg==",
"dev": true,
"requires": {
- "@vitest/pretty-format": "3.2.4",
- "magic-string": "^0.30.17",
+ "@vitest/pretty-format": "4.1.0",
+ "@vitest/utils": "4.1.0",
+ "magic-string": "^0.30.21",
"pathe": "^2.0.3"
}
},
@@ -17012,9 +17109,9 @@
"dev": true
},
"tinyrainbow": {
- "version": "2.0.0",
- "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-2.0.0.tgz",
- "integrity": "sha512-op4nsTR47R6p0vMUUoYl/a+ljLFVtlfaXkLQmqfLR1qHma1h/ysYk4hEXZ880bf2CYgTskvTa/e196Vd5dDQXw==",
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+ "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
"dev": true
}
}
@@ -17275,9 +17372,9 @@
}
},
"flatted": {
- "version": "3.3.1",
- "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
- "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==",
+ "version": "3.4.1",
+ "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.1.tgz",
+ "integrity": "sha512-IxfVbRFVlV8V/yRaGzk0UVIcsKKHMSfYw66T/u4nTwlWteQePsxe//LjudR1AMX4tZW3WFCh3Zqa/sjlqpbURQ==",
"dev": true
},
"for-in": {
@@ -18165,55 +18262,63 @@
}
},
"jest-diff": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.5.tgz",
- "integrity": "sha512-1UIqE9PoEKaHcIKvq2vbibrCog4Y8G0zmOxgQUVEiTqwR5hJVMCoDsN1vFvI5JvwD37hjueZ1C4l2FyGnfpE0A==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.3.0.tgz",
+ "integrity": "sha512-n3q4PDQjS4LrKxfWB3Z5KNk1XjXtZTBwQp71OP0Jo03Z6V60x++K5L8k6ZrW8MY8pOFylZvHM0zsjS1RqlHJZQ==",
"dev": true,
"requires": {
- "@jest/diff-sequences": "30.0.1",
- "@jest/get-type": "30.0.1",
+ "@jest/diff-sequences": "30.3.0",
+ "@jest/get-type": "30.1.0",
"chalk": "^4.1.2",
- "pretty-format": "30.0.5"
+ "pretty-format": "30.3.0"
}
},
"jest-matcher-utils": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.5.tgz",
- "integrity": "sha512-uQgGWt7GOrRLP1P7IwNWwK1WAQbq+m//ZY0yXygyfWp0rJlksMSLQAA4wYQC3b6wl3zfnchyTx+k3HZ5aPtCbQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.3.0.tgz",
+ "integrity": "sha512-HEtc9uFQgaUHkC7nLSlQL3Tph4Pjxt/yiPvkIrrDCt9jhoLIgxaubo1G+CFOnmHYMxHwwdaSN7mkIFs6ZK8OhA==",
"dev": true,
"requires": {
- "@jest/get-type": "30.0.1",
+ "@jest/get-type": "30.1.0",
"chalk": "^4.1.2",
- "jest-diff": "30.0.5",
- "pretty-format": "30.0.5"
+ "jest-diff": "30.3.0",
+ "pretty-format": "30.3.0"
}
},
"jest-message-util": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.5.tgz",
- "integrity": "sha512-NAiDOhsK3V7RU0Aa/HnrQo+E4JlbarbmI3q6Pi4KcxicdtjV82gcIUrejOtczChtVQR4kddu1E1EJlW6EN9IyA==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.3.0.tgz",
+ "integrity": "sha512-Z/j4Bo+4ySJ+JPJN3b2Qbl9hDq3VrXmnjjGEWD/x0BCXeOXPTV1iZYYzl2X8c1MaCOL+ewMyNBcm88sboE6YWw==",
"dev": true,
"requires": {
"@babel/code-frame": "^7.27.1",
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/stack-utils": "^2.0.3",
"chalk": "^4.1.2",
"graceful-fs": "^4.2.11",
- "micromatch": "^4.0.8",
- "pretty-format": "30.0.5",
+ "picomatch": "^4.0.3",
+ "pretty-format": "30.3.0",
"slash": "^3.0.0",
"stack-utils": "^2.0.6"
+ },
+ "dependencies": {
+ "picomatch": {
+ "version": "4.0.3",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+ "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+ "dev": true
+ }
}
},
"jest-mock": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.5.tgz",
- "integrity": "sha512-Od7TyasAAQX/6S+QCbN6vZoWOMwlTtzzGuxJku1GhGanAjz9y+QsQkpScDmETvdc9aSXyJ/Op4rhpMYBWW91wQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.3.0.tgz",
+ "integrity": "sha512-OTzICK8CpE+t4ndhKrwlIdbM6Pn8j00lvmSmq5ejiO+KxukbLjgOflKWMn3KE34EZdQm5RqTuKj+5RIEniYhog==",
"dev": true,
"requires": {
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/node": "*",
- "jest-util": "30.0.5"
+ "jest-util": "30.3.0"
}
},
"jest-regex-util": {
@@ -18223,17 +18328,17 @@
"dev": true
},
"jest-util": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.5.tgz",
- "integrity": "sha512-pvyPWssDZR0FlfMxCBoc0tvM8iUEskaRFALUtGQYzVEAqisAztmy+R8LnU14KT4XA0H/a5HMVTXat1jLne010g==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.3.0.tgz",
+ "integrity": "sha512-/jZDa00a3Sz7rdyu55NLrQCIrbyIkbBxareejQI315f/i8HjYN+ZWsDLLpoQSiUIEIyZF/R8fDg3BmB8AtHttg==",
"dev": true,
"requires": {
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/node": "*",
"chalk": "^4.1.2",
"ci-info": "^4.2.0",
"graceful-fs": "^4.2.11",
- "picomatch": "^4.0.2"
+ "picomatch": "^4.0.3"
},
"dependencies": {
"picomatch": {
@@ -18543,12 +18648,6 @@
"integrity": "sha512-uHaJFihxmJcEX3kT4I23ABqKKalJ/zDrDg0lsFtc1h+3uw49SIJ5beyhx5ExVRti3AvKoOJngIj7xz3oylPdWQ==",
"dev": true
},
- "lodash.isequal": {
- "version": "4.5.0",
- "resolved": "https://registry.npmjs.org/lodash.isequal/-/lodash.isequal-4.5.0.tgz",
- "integrity": "sha512-pDo3lu8Jhfjqls6GkMgpahsF9kCyayhgykjyLMNFTKWrpVdAQtYyB4muAMWozBB4ig/dtWAmsMxLEI8wuz+DYQ==",
- "dev": true
- },
"lodash.memoize": {
"version": "4.1.2",
"resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz",
@@ -18614,12 +18713,12 @@
"dev": true
},
"magic-string": {
- "version": "0.30.17",
- "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.17.tgz",
- "integrity": "sha512-sNPKHvyjVf7gyjwS4xGTaW/mCnF8wnjtifKBEhxfZ7E/S8tQ0rssrwGNn6q8JH/ohItJfSQp9mBtQYuTlH5QnA==",
+ "version": "0.30.21",
+ "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.21.tgz",
+ "integrity": "sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==",
"dev": true,
"requires": {
- "@jridgewell/sourcemap-codec": "^1.5.0"
+ "@jridgewell/sourcemap-codec": "^1.5.5"
}
},
"make-dir": {
@@ -19364,9 +19463,9 @@
"dev": true
},
"pretty-format": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.5.tgz",
- "integrity": "sha512-D1tKtYvByrBkFLe2wHJl2bwMJIiT8rW+XA+TiataH79/FszLQMrpGEvzUVkzPau7OCO0Qnrhpe87PqtOAIB8Yw==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.3.0.tgz",
+ "integrity": "sha512-oG4T3wCbfeuvljnyAzhBvpN45E8iOTXCU/TD3zXW80HA3dQ4ahdqMkWGiPWZvjpQwlbyHrPTWUAqUzGzv4l1JQ==",
"dev": true,
"requires": {
"@jest/schemas": "30.0.5",
@@ -19959,9 +20058,9 @@
}
},
"semver": {
- "version": "7.7.2",
- "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz",
- "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==",
+ "version": "7.7.4",
+ "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz",
+ "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==",
"dev": true
},
"serialize-error": {
@@ -20628,9 +20727,9 @@
}
},
"undici": {
- "version": "6.23.0",
- "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
- "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
+ "version": "6.24.1",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz",
+ "integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==",
"dev": true
},
"undici-types": {
--
2.47.3
$ date
--- stdout ---
Sun Mar 15 21:47:25 UTC 2026
--- end ---
$ git clone file:///srv/git/mediawiki-extensions-ProofreadPage.git /src/repo --depth=1 -b REL1_45
--- stderr ---
Cloning into '/src/repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/REL1_45
--- stdout ---
96a2392c8a47753386fae0dd8ab16b67c85bdb4a refs/heads/REL1_45
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@puppeteer/browsers": {
"name": "@puppeteer/browsers",
"severity": "moderate",
"isDirect": false,
"via": [
"extract-zip"
],
"effects": [
"@wdio/utils"
],
"range": "*",
"nodes": [
"node_modules/@puppeteer/browsers"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "moderate",
"isDirect": true,
"via": [
"@wdio/config",
"@wdio/globals",
"@wdio/utils",
"webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/config": {
"name": "@wdio/config",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/utils"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/config",
"node_modules/@wdio/config"
],
"fixAvailable": true
},
"@wdio/globals": {
"name": "@wdio/globals",
"severity": "moderate",
"isDirect": false,
"via": [
"expect-webdriverio",
"webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/globals",
"node_modules/@wdio/globals"
],
"fixAvailable": true
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "moderate",
"isDirect": true,
"via": [
"@wdio/runner",
"expect-webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/mocha-framework": {
"name": "@wdio/mocha-framework",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/utils",
"mocha"
],
"effects": [],
"range": ">=6.1.19",
"nodes": [
"node_modules/@wdio/mocha-framework"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/globals",
"@wdio/utils",
"expect-webdriverio",
"webdriver",
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/utils": {
"name": "@wdio/utils",
"severity": "moderate",
"isDirect": false,
"via": [
"@puppeteer/browsers"
],
"effects": [
"@wdio/cli",
"@wdio/config",
"@wdio/mocha-framework",
"@wdio/runner",
"webdriver",
"webdriverio"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/utils",
"node_modules/@wdio/config/node_modules/@wdio/utils",
"node_modules/@wdio/runner/node_modules/@wdio/utils",
"node_modules/@wdio/utils",
"node_modules/webdriver/node_modules/@wdio/utils",
"node_modules/webdriverio/node_modules/@wdio/utils"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"expect-webdriverio": {
"name": "expect-webdriverio",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/globals",
"webdriverio"
],
"effects": [
"@wdio/globals",
"@wdio/local-runner",
"@wdio/runner"
],
"range": "4.0.0-alpha.0 - 4.0.0-alpha.6 || >=4.2.8",
"nodes": [
"node_modules/expect-webdriverio"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"extract-zip": {
"name": "extract-zip",
"severity": "moderate",
"isDirect": false,
"via": [
"yauzl"
],
"effects": [
"@puppeteer/browsers"
],
"range": "*",
"nodes": [
"node_modules/extract-zip"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"flatted": {
"name": "flatted",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114526,
"name": "flatted",
"dependency": "flatted",
"title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f",
"severity": "high",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.4.0"
}
],
"effects": [],
"range": "<3.4.0",
"nodes": [
"node_modules/flatted"
],
"fixAvailable": true
},
"form-data": {
"name": "form-data",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1109540,
"name": "form-data",
"dependency": "form-data",
"title": "form-data uses unsafe random function in form-data for choosing boundary",
"url": "https://github.com/advisories/GHSA-fjxv-7rqg-78g4",
"severity": "critical",
"cwe": [
"CWE-330"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<2.5.4"
}
],
"effects": [
"request"
],
"range": "<2.5.4",
"nodes": [
"node_modules/form-data"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"grunt": {
"name": "grunt",
"severity": "high",
"isDirect": true,
"via": [
"minimatch"
],
"effects": [
"grunt-eslint"
],
"range": ">=0.4.0-a",
"nodes": [
"node_modules/grunt"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"grunt-eslint": {
"name": "grunt-eslint",
"severity": "high",
"isDirect": true,
"via": [
"grunt"
],
"effects": [],
"range": "<=1.0.0 || >=18.1.0",
"nodes": [
"node_modules/grunt-eslint"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113459,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<3.1.3"
},
{
"source": 1113538,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.3"
},
{
"source": 1113546,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.4"
}
],
"effects": [
"grunt"
],
"range": "<=3.1.3",
"nodes": [
"node_modules/grunt/node_modules/minimatch"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"mocha": {
"name": "mocha",
"severity": "high",
"isDirect": false,
"via": [
"serialize-javascript"
],
"effects": [
"@wdio/mocha-framework"
],
"range": "8.0.0 - 12.0.0-beta-2",
"nodes": [
"node_modules/mocha"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"qs": {
"name": "qs",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113719,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "moderate",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<6.14.1"
}
],
"effects": [
"request"
],
"range": "<6.14.1",
"nodes": [
"node_modules/qs"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"form-data",
"qs",
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"serialize-javascript": {
"name": "serialize-javascript",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113686,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()",
"url": "https://github.com/advisories/GHSA-5c6j-r48x-rmvq",
"severity": "high",
"cwe": [
"CWE-96"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=7.0.2"
}
],
"effects": [
"mocha"
],
"range": "<=7.0.2",
"nodes": [
"node_modules/serialize-javascript"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"undici": {
"name": "undici",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114591,
"name": "undici",
"dependency": "undici",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj",
"severity": "high",
"cwe": [
"CWE-248",
"CWE-1284"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114592,
"name": "undici",
"dependency": "undici",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj",
"severity": "high",
"cwe": [
"CWE-248",
"CWE-1284"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=6.0.0 <6.24.0"
},
{
"source": 1114593,
"name": "undici",
"dependency": "undici",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm",
"severity": "moderate",
"cwe": [
"CWE-444"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114594,
"name": "undici",
"dependency": "undici",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm",
"severity": "moderate",
"cwe": [
"CWE-444"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": "<6.24.0"
},
{
"source": 1114637,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q",
"severity": "high",
"cwe": [
"CWE-409"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114638,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q",
"severity": "high",
"cwe": [
"CWE-409"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.24.0"
},
{
"source": 1114639,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8",
"severity": "high",
"cwe": [
"CWE-248"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114640,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8",
"severity": "high",
"cwe": [
"CWE-248"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.24.0"
},
{
"source": 1114641,
"name": "undici",
"dependency": "undici",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq",
"severity": "moderate",
"cwe": [
"CWE-93"
],
"cvss": {
"score": 4.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114642,
"name": "undici",
"dependency": "undici",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq",
"severity": "moderate",
"cwe": [
"CWE-93"
],
"cvss": {
"score": 4.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"
},
"range": "<6.24.0"
},
{
"source": 1114643,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS",
"url": "https://github.com/advisories/GHSA-phc3-fgpg-7m6h",
"severity": "moderate",
"cwe": [
"CWE-770"
],
"cvss": {
"score": 5.9,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.17.0 <7.24.0"
}
],
"effects": [],
"range": "<=6.23.0 || 7.0.0 - 7.23.0",
"nodes": [
"node_modules/cheerio/node_modules/undici",
"node_modules/undici"
],
"fixAvailable": true
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "<=5.1.0",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"webdriver": {
"name": "webdriver",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/utils"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/webdriver",
"node_modules/webdriver"
],
"fixAvailable": true
},
"webdriverio": {
"name": "webdriverio",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/utils",
"webdriver"
],
"effects": [
"@wdio/globals",
"expect-webdriverio"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/webdriverio",
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"yauzl": {
"name": "yauzl",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1114530,
"name": "yauzl",
"dependency": "yauzl",
"title": "yauzl contains an off-by-one error",
"url": "https://github.com/advisories/GHSA-gmq8-994r-jv83",
"severity": "moderate",
"cwe": [
"CWE-193"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<3.2.1"
}
],
"effects": [
"extract-zip"
],
"range": "<3.2.1",
"nodes": [
"node_modules/yauzl"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 16,
"high": 8,
"critical": 2,
"total": 26
},
"dependencies": {
"prod": 1,
"dev": 966,
"optional": 43,
"peer": 5,
"peerOptional": 0,
"total": 966
}
}
}
--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 39 installs, 0 updates, 0 removals
- Locking composer/installers (v2.3.0)
- Locking composer/pcre (3.3.2)
- Locking composer/semver (3.4.4)
- Locking composer/spdx-licenses (1.5.9)
- Locking composer/xdebug-handler (3.0.5)
- Locking dealerdirect/phpcodesniffer-composer-installer (v1.2.0)
- Locking doctrine/deprecations (1.1.6)
- Locking felixfbecker/advanced-json-rpc (v3.2.1)
- Locking mediawiki/mediawiki-codesniffer (v48.0.0)
- Locking mediawiki/mediawiki-phan-config (0.17.0)
- Locking mediawiki/minus-x (1.1.3)
- Locking mediawiki/phan-taint-check-plugin (7.0.0)
- Locking microsoft/tolerant-php-parser (v0.1.2)
- Locking netresearch/jsonmapper (v4.5.0)
- Locking phan/phan (5.5.1)
- Locking php-parallel-lint/php-console-color (v1.0.1)
- Locking php-parallel-lint/php-console-highlighter (v1.0.0)
- Locking php-parallel-lint/php-parallel-lint (v1.4.0)
- Locking phpcsstandards/phpcsextra (1.4.0)
- Locking phpcsstandards/phpcsutils (1.1.1)
- Locking phpdocumentor/reflection-common (2.2.0)
- Locking phpdocumentor/reflection-docblock (5.6.6)
- Locking phpdocumentor/type-resolver (1.12.0)
- Locking phpstan/phpdoc-parser (2.3.2)
- Locking psr/container (2.0.2)
- Locking psr/log (3.0.2)
- Locking sabre/event (5.1.7)
- Locking squizlabs/php_codesniffer (3.13.2)
- Locking symfony/console (v7.4.7)
- Locking symfony/deprecation-contracts (v3.6.0)
- Locking symfony/polyfill-ctype (v1.33.0)
- Locking symfony/polyfill-intl-grapheme (v1.33.0)
- Locking symfony/polyfill-intl-normalizer (v1.33.0)
- Locking symfony/polyfill-mbstring (v1.33.0)
- Locking symfony/polyfill-php80 (v1.33.0)
- Locking symfony/service-contracts (v3.6.1)
- Locking symfony/string (v8.0.6)
- Locking tysonandre/var_representation_polyfill (0.1.3)
- Locking webmozart/assert (2.1.6)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 39 installs, 0 updates, 0 removals
0 [>---------------------------] 0 [->--------------------------]
- Installing composer/installers (v2.3.0): Extracting archive
- Installing squizlabs/php_codesniffer (3.13.2): Extracting archive
- Installing dealerdirect/phpcodesniffer-composer-installer (v1.2.0): Extracting archive
- Installing composer/pcre (3.3.2): Extracting archive
- Installing phpcsstandards/phpcsutils (1.1.1): Extracting archive
- Installing phpcsstandards/phpcsextra (1.4.0): Extracting archive
- Installing symfony/polyfill-mbstring (v1.33.0): Extracting archive
- Installing composer/spdx-licenses (1.5.9): Extracting archive
- Installing composer/semver (3.4.4): Extracting archive
- Installing mediawiki/mediawiki-codesniffer (v48.0.0): Extracting archive
- Installing tysonandre/var_representation_polyfill (0.1.3): Extracting archive
- Installing symfony/polyfill-php80 (v1.33.0): Extracting archive
- Installing symfony/polyfill-intl-normalizer (v1.33.0): Extracting archive
- Installing symfony/polyfill-intl-grapheme (v1.33.0): Extracting archive
- Installing symfony/polyfill-ctype (v1.33.0): Extracting archive
- Installing symfony/string (v8.0.6): Extracting archive
- Installing symfony/deprecation-contracts (v3.6.0): Extracting archive
- Installing psr/container (2.0.2): Extracting archive
- Installing symfony/service-contracts (v3.6.1): Extracting archive
- Installing symfony/console (v7.4.7): Extracting archive
- Installing sabre/event (5.1.7): Extracting archive
- Installing netresearch/jsonmapper (v4.5.0): Extracting archive
- Installing microsoft/tolerant-php-parser (v0.1.2): Extracting archive
- Installing webmozart/assert (2.1.6): Extracting archive
- Installing phpstan/phpdoc-parser (2.3.2): Extracting archive
- Installing phpdocumentor/reflection-common (2.2.0): Extracting archive
- Installing doctrine/deprecations (1.1.6): Extracting archive
- Installing phpdocumentor/type-resolver (1.12.0): Extracting archive
- Installing phpdocumentor/reflection-docblock (5.6.6): Extracting archive
- Installing felixfbecker/advanced-json-rpc (v3.2.1): Extracting archive
- Installing psr/log (3.0.2): Extracting archive
- Installing composer/xdebug-handler (3.0.5): Extracting archive
- Installing phan/phan (5.5.1): Extracting archive
- Installing mediawiki/phan-taint-check-plugin (7.0.0): Extracting archive
- Installing mediawiki/mediawiki-phan-config (0.17.0): Extracting archive
- Installing mediawiki/minus-x (1.1.3): Extracting archive
- Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
- Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
- Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive
0/36 [>---------------------------] 0%
29/36 [======================>-----] 80%
36/36 [============================] 100%
1 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
18 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"@puppeteer/browsers": {
"name": "@puppeteer/browsers",
"severity": "moderate",
"isDirect": false,
"via": [
"extract-zip"
],
"effects": [
"@wdio/utils"
],
"range": "*",
"nodes": [
"node_modules/@puppeteer/browsers"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "moderate",
"isDirect": true,
"via": [
"@wdio/config",
"@wdio/globals",
"@wdio/utils",
"webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/config": {
"name": "@wdio/config",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/utils"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/config",
"node_modules/@wdio/config"
],
"fixAvailable": true
},
"@wdio/globals": {
"name": "@wdio/globals",
"severity": "moderate",
"isDirect": false,
"via": [
"expect-webdriverio",
"webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/globals",
"node_modules/@wdio/globals"
],
"fixAvailable": true
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "moderate",
"isDirect": true,
"via": [
"@wdio/runner",
"expect-webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/mocha-framework": {
"name": "@wdio/mocha-framework",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/utils",
"mocha"
],
"effects": [],
"range": ">=6.1.19",
"nodes": [
"node_modules/@wdio/mocha-framework"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/globals",
"@wdio/utils",
"expect-webdriverio",
"webdriver",
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/utils": {
"name": "@wdio/utils",
"severity": "moderate",
"isDirect": false,
"via": [
"@puppeteer/browsers"
],
"effects": [
"@wdio/cli",
"@wdio/config",
"@wdio/mocha-framework",
"@wdio/runner",
"webdriver",
"webdriverio"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/utils",
"node_modules/@wdio/config/node_modules/@wdio/utils",
"node_modules/@wdio/runner/node_modules/@wdio/utils",
"node_modules/@wdio/utils",
"node_modules/webdriver/node_modules/@wdio/utils",
"node_modules/webdriverio/node_modules/@wdio/utils"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"expect-webdriverio": {
"name": "expect-webdriverio",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/globals",
"webdriverio"
],
"effects": [
"@wdio/globals",
"@wdio/local-runner",
"@wdio/runner"
],
"range": "4.0.0-alpha.0 - 4.0.0-alpha.6 || >=4.2.8",
"nodes": [
"node_modules/expect-webdriverio"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"extract-zip": {
"name": "extract-zip",
"severity": "moderate",
"isDirect": false,
"via": [
"yauzl"
],
"effects": [
"@puppeteer/browsers"
],
"range": "*",
"nodes": [
"node_modules/extract-zip"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"flatted": {
"name": "flatted",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114526,
"name": "flatted",
"dependency": "flatted",
"title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f",
"severity": "high",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.4.0"
}
],
"effects": [],
"range": "<3.4.0",
"nodes": [
"node_modules/flatted"
],
"fixAvailable": true
},
"form-data": {
"name": "form-data",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1109540,
"name": "form-data",
"dependency": "form-data",
"title": "form-data uses unsafe random function in form-data for choosing boundary",
"url": "https://github.com/advisories/GHSA-fjxv-7rqg-78g4",
"severity": "critical",
"cwe": [
"CWE-330"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<2.5.4"
}
],
"effects": [
"request"
],
"range": "<2.5.4",
"nodes": [
"node_modules/form-data"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"grunt": {
"name": "grunt",
"severity": "high",
"isDirect": true,
"via": [
"minimatch"
],
"effects": [
"grunt-eslint"
],
"range": ">=0.4.0-a",
"nodes": [
"node_modules/grunt"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"grunt-eslint": {
"name": "grunt-eslint",
"severity": "high",
"isDirect": true,
"via": [
"grunt"
],
"effects": [],
"range": "<=1.0.0 || >=18.1.0",
"nodes": [
"node_modules/grunt-eslint"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113459,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<3.1.3"
},
{
"source": 1113538,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.3"
},
{
"source": 1113546,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.4"
}
],
"effects": [
"grunt"
],
"range": "<=3.1.3",
"nodes": [
"node_modules/grunt/node_modules/minimatch"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"mocha": {
"name": "mocha",
"severity": "high",
"isDirect": false,
"via": [
"serialize-javascript"
],
"effects": [
"@wdio/mocha-framework"
],
"range": "8.0.0 - 12.0.0-beta-2",
"nodes": [
"node_modules/mocha"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"qs": {
"name": "qs",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113719,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "moderate",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<6.14.1"
}
],
"effects": [
"request"
],
"range": "<6.14.1",
"nodes": [
"node_modules/qs"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"form-data",
"qs",
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"serialize-javascript": {
"name": "serialize-javascript",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113686,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()",
"url": "https://github.com/advisories/GHSA-5c6j-r48x-rmvq",
"severity": "high",
"cwe": [
"CWE-96"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=7.0.2"
}
],
"effects": [
"mocha"
],
"range": "<=7.0.2",
"nodes": [
"node_modules/serialize-javascript"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"undici": {
"name": "undici",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114591,
"name": "undici",
"dependency": "undici",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj",
"severity": "high",
"cwe": [
"CWE-248",
"CWE-1284"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114592,
"name": "undici",
"dependency": "undici",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj",
"severity": "high",
"cwe": [
"CWE-248",
"CWE-1284"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=6.0.0 <6.24.0"
},
{
"source": 1114593,
"name": "undici",
"dependency": "undici",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm",
"severity": "moderate",
"cwe": [
"CWE-444"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114594,
"name": "undici",
"dependency": "undici",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm",
"severity": "moderate",
"cwe": [
"CWE-444"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": "<6.24.0"
},
{
"source": 1114637,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q",
"severity": "high",
"cwe": [
"CWE-409"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114638,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q",
"severity": "high",
"cwe": [
"CWE-409"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.24.0"
},
{
"source": 1114639,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8",
"severity": "high",
"cwe": [
"CWE-248"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114640,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8",
"severity": "high",
"cwe": [
"CWE-248"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.24.0"
},
{
"source": 1114641,
"name": "undici",
"dependency": "undici",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq",
"severity": "moderate",
"cwe": [
"CWE-93"
],
"cvss": {
"score": 4.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114642,
"name": "undici",
"dependency": "undici",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq",
"severity": "moderate",
"cwe": [
"CWE-93"
],
"cvss": {
"score": 4.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"
},
"range": "<6.24.0"
},
{
"source": 1114643,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS",
"url": "https://github.com/advisories/GHSA-phc3-fgpg-7m6h",
"severity": "moderate",
"cwe": [
"CWE-770"
],
"cvss": {
"score": 5.9,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.17.0 <7.24.0"
}
],
"effects": [],
"range": "<=6.23.0 || 7.0.0 - 7.23.0",
"nodes": [
"node_modules/cheerio/node_modules/undici",
"node_modules/undici"
],
"fixAvailable": true
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "<=5.1.0",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"webdriver": {
"name": "webdriver",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/utils"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/webdriver",
"node_modules/webdriver"
],
"fixAvailable": true
},
"webdriverio": {
"name": "webdriverio",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/utils",
"webdriver"
],
"effects": [
"@wdio/globals",
"expect-webdriverio"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/webdriverio",
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"yauzl": {
"name": "yauzl",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1114530,
"name": "yauzl",
"dependency": "yauzl",
"title": "yauzl contains an off-by-one error",
"url": "https://github.com/advisories/GHSA-gmq8-994r-jv83",
"severity": "moderate",
"cwe": [
"CWE-193"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<3.2.1"
}
],
"effects": [
"extract-zip"
],
"range": "<3.2.1",
"nodes": [
"node_modules/yauzl"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 16,
"high": 8,
"critical": 2,
"total": 26
},
"dependencies": {
"prod": 1,
"dev": 966,
"optional": 43,
"peer": 5,
"peerOptional": 0,
"total": 966
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
"added": 971,
"removed": 0,
"changed": 0,
"audited": 972,
"funding": 209,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"@puppeteer/browsers": {
"name": "@puppeteer/browsers",
"severity": "moderate",
"isDirect": false,
"via": [
"extract-zip"
],
"effects": [
"@wdio/utils"
],
"range": "*",
"nodes": [
"",
"node_modules/@puppeteer/browsers"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"@wdio/cli": {
"name": "@wdio/cli",
"severity": "moderate",
"isDirect": true,
"via": [
"@wdio/config",
"@wdio/globals",
"@wdio/utils",
"webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli"
],
"fixAvailable": {
"name": "@wdio/cli",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/config": {
"name": "@wdio/config",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/utils"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/config",
"node_modules/@wdio/config"
],
"fixAvailable": true
},
"@wdio/globals": {
"name": "@wdio/globals",
"severity": "moderate",
"isDirect": false,
"via": [
"expect-webdriverio",
"webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/globals",
"node_modules/@wdio/globals"
],
"fixAvailable": true
},
"@wdio/local-runner": {
"name": "@wdio/local-runner",
"severity": "moderate",
"isDirect": true,
"via": [
"@wdio/runner",
"expect-webdriverio"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/local-runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/mocha-framework": {
"name": "@wdio/mocha-framework",
"severity": "high",
"isDirect": true,
"via": [
"@wdio/utils",
"mocha"
],
"effects": [],
"range": ">=6.1.19",
"nodes": [
"node_modules/@wdio/mocha-framework"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"@wdio/runner": {
"name": "@wdio/runner",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/globals",
"@wdio/utils",
"expect-webdriverio",
"webdriver",
"webdriverio"
],
"effects": [
"@wdio/local-runner"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/runner"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"@wdio/utils": {
"name": "@wdio/utils",
"severity": "moderate",
"isDirect": false,
"via": [
"@puppeteer/browsers"
],
"effects": [
"@wdio/cli",
"@wdio/config",
"@wdio/mocha-framework",
"@wdio/runner",
"webdriver",
"webdriverio"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/@wdio/utils",
"node_modules/@wdio/config/node_modules/@wdio/utils",
"node_modules/@wdio/runner/node_modules/@wdio/utils",
"node_modules/@wdio/utils",
"node_modules/webdriver/node_modules/@wdio/utils",
"node_modules/webdriverio/node_modules/@wdio/utils"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"expect-webdriverio": {
"name": "expect-webdriverio",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/globals",
"webdriverio"
],
"effects": [
"@wdio/globals",
"@wdio/local-runner",
"@wdio/runner"
],
"range": "4.0.0-alpha.0 - 4.0.0-alpha.6 || >=4.2.8",
"nodes": [
"",
"node_modules/expect-webdriverio"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"extract-zip": {
"name": "extract-zip",
"severity": "moderate",
"isDirect": false,
"via": [
"yauzl"
],
"effects": [
"@puppeteer/browsers"
],
"range": "*",
"nodes": [
"node_modules/extract-zip"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"flatted": {
"name": "flatted",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114526,
"name": "flatted",
"dependency": "flatted",
"title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase",
"url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f",
"severity": "high",
"cwe": [
"CWE-674"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.4.0"
}
],
"effects": [],
"range": "<3.4.0",
"nodes": [
""
],
"fixAvailable": true
},
"form-data": {
"name": "form-data",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1109540,
"name": "form-data",
"dependency": "form-data",
"title": "form-data uses unsafe random function in form-data for choosing boundary",
"url": "https://github.com/advisories/GHSA-fjxv-7rqg-78g4",
"severity": "critical",
"cwe": [
"CWE-330"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<2.5.4"
}
],
"effects": [
"request"
],
"range": "<2.5.4",
"nodes": [
"node_modules/form-data"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"grunt": {
"name": "grunt",
"severity": "high",
"isDirect": true,
"via": [
"minimatch"
],
"effects": [
"grunt-eslint"
],
"range": ">=0.4.0-a",
"nodes": [
"node_modules/grunt"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"grunt-eslint": {
"name": "grunt-eslint",
"severity": "high",
"isDirect": true,
"via": [
"grunt"
],
"effects": [],
"range": "<=1.0.0 || >=18.1.0",
"nodes": [
"node_modules/grunt-eslint"
],
"fixAvailable": {
"name": "grunt-eslint",
"version": "18.0.0",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113459,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<3.1.3"
},
{
"source": 1113538,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.3"
},
{
"source": 1113546,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.4"
}
],
"effects": [
"grunt"
],
"range": "<=3.1.3",
"nodes": [
"node_modules/grunt/node_modules/minimatch"
],
"fixAvailable": {
"name": "grunt",
"version": "0.3.17",
"isSemVerMajor": true
}
},
"mocha": {
"name": "mocha",
"severity": "high",
"isDirect": false,
"via": [
"serialize-javascript"
],
"effects": [
"@wdio/mocha-framework"
],
"range": "8.0.0 - 12.0.0-beta-2",
"nodes": [
"node_modules/mocha"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"mwbot": {
"name": "mwbot",
"severity": "moderate",
"isDirect": false,
"via": [
"request"
],
"effects": [
"wdio-mediawiki"
],
"range": ">=0.1.6",
"nodes": [
"node_modules/mwbot"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"qs": {
"name": "qs",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1113719,
"name": "qs",
"dependency": "qs",
"title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
"url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p",
"severity": "moderate",
"cwe": [
"CWE-20"
],
"cvss": {
"score": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<6.14.1"
}
],
"effects": [
"request"
],
"range": "<6.14.1",
"nodes": [
"node_modules/qs"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"request": {
"name": "request",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1096727,
"name": "request",
"dependency": "request",
"title": "Server-Side Request Forgery in Request",
"url": "https://github.com/advisories/GHSA-p8p7-x288-28g6",
"severity": "moderate",
"cwe": [
"CWE-918"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<=2.88.2"
},
"form-data",
"qs",
"tough-cookie"
],
"effects": [
"mwbot"
],
"range": "*",
"nodes": [
"node_modules/request"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"serialize-javascript": {
"name": "serialize-javascript",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113686,
"name": "serialize-javascript",
"dependency": "serialize-javascript",
"title": "Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()",
"url": "https://github.com/advisories/GHSA-5c6j-r48x-rmvq",
"severity": "high",
"cwe": [
"CWE-96"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": "<=7.0.2"
}
],
"effects": [
"mocha"
],
"range": "<=7.0.2",
"nodes": [
"node_modules/serialize-javascript"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
},
"tough-cookie": {
"name": "tough-cookie",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1097682,
"name": "tough-cookie",
"dependency": "tough-cookie",
"title": "tough-cookie Prototype Pollution vulnerability",
"url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3",
"severity": "moderate",
"cwe": [
"CWE-1321"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
},
"range": "<4.1.3"
}
],
"effects": [
"request"
],
"range": "<4.1.3",
"nodes": [
"node_modules/tough-cookie"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"undici": {
"name": "undici",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1114591,
"name": "undici",
"dependency": "undici",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj",
"severity": "high",
"cwe": [
"CWE-248",
"CWE-1284"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114592,
"name": "undici",
"dependency": "undici",
"title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client",
"url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj",
"severity": "high",
"cwe": [
"CWE-248",
"CWE-1284"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=6.0.0 <6.24.0"
},
{
"source": 1114593,
"name": "undici",
"dependency": "undici",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm",
"severity": "moderate",
"cwe": [
"CWE-444"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114594,
"name": "undici",
"dependency": "undici",
"title": "Undici has an HTTP Request/Response Smuggling issue",
"url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm",
"severity": "moderate",
"cwe": [
"CWE-444"
],
"cvss": {
"score": 6.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
},
"range": "<6.24.0"
},
{
"source": 1114637,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q",
"severity": "high",
"cwe": [
"CWE-409"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114638,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression",
"url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q",
"severity": "high",
"cwe": [
"CWE-409"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.24.0"
},
{
"source": 1114639,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8",
"severity": "high",
"cwe": [
"CWE-248"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114640,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation",
"url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8",
"severity": "high",
"cwe": [
"CWE-248"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<6.24.0"
},
{
"source": 1114641,
"name": "undici",
"dependency": "undici",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq",
"severity": "moderate",
"cwe": [
"CWE-93"
],
"cvss": {
"score": 4.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"
},
"range": ">=7.0.0 <7.24.0"
},
{
"source": 1114642,
"name": "undici",
"dependency": "undici",
"title": "Undici has CRLF Injection in undici via `upgrade` option",
"url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq",
"severity": "moderate",
"cwe": [
"CWE-93"
],
"cvss": {
"score": 4.6,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"
},
"range": "<6.24.0"
},
{
"source": 1114643,
"name": "undici",
"dependency": "undici",
"title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS",
"url": "https://github.com/advisories/GHSA-phc3-fgpg-7m6h",
"severity": "moderate",
"cwe": [
"CWE-770"
],
"cvss": {
"score": 5.9,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": ">=7.17.0 <7.24.0"
}
],
"effects": [],
"range": "<=6.23.0 || 7.0.0 - 7.23.0",
"nodes": [
"",
""
],
"fixAvailable": true
},
"wdio-mediawiki": {
"name": "wdio-mediawiki",
"severity": "moderate",
"isDirect": true,
"via": [
"mwbot"
],
"effects": [],
"range": "<=5.1.0",
"nodes": [
"node_modules/wdio-mediawiki"
],
"fixAvailable": {
"name": "wdio-mediawiki",
"version": "6.4.0",
"isSemVerMajor": true
}
},
"webdriver": {
"name": "webdriver",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/utils"
],
"effects": [],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/webdriver",
"node_modules/webdriver"
],
"fixAvailable": true
},
"webdriverio": {
"name": "webdriverio",
"severity": "moderate",
"isDirect": false,
"via": [
"@wdio/config",
"@wdio/utils",
"webdriver"
],
"effects": [
"@wdio/globals",
"expect-webdriverio"
],
"range": ">=8.15.0",
"nodes": [
"node_modules/@wdio/cli/node_modules/webdriverio",
"node_modules/webdriverio"
],
"fixAvailable": {
"name": "@wdio/local-runner",
"version": "8.14.6",
"isSemVerMajor": true
}
},
"yauzl": {
"name": "yauzl",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1114530,
"name": "yauzl",
"dependency": "yauzl",
"title": "yauzl contains an off-by-one error",
"url": "https://github.com/advisories/GHSA-gmq8-994r-jv83",
"severity": "moderate",
"cwe": [
"CWE-193"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": "<3.2.1"
}
],
"effects": [
"extract-zip"
],
"range": "<3.2.1",
"nodes": [
"node_modules/yauzl"
],
"fixAvailable": {
"name": "@wdio/mocha-framework",
"version": "6.1.17",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 16,
"high": 8,
"critical": 2,
"total": 26
},
"dependencies": {
"prod": 1,
"dev": 971,
"optional": 43,
"peer": 5,
"peerOptional": 0,
"total": 971
}
}
}
}
--- end ---
{"added": 971, "removed": 0, "changed": 0, "audited": 972, "funding": 209, "audit": {"auditReportVersion": 2, "vulnerabilities": {"@puppeteer/browsers": {"name": "@puppeteer/browsers", "severity": "moderate", "isDirect": false, "via": ["extract-zip"], "effects": ["@wdio/utils"], "range": "*", "nodes": ["", "node_modules/@puppeteer/browsers"], "fixAvailable": {"name": "@wdio/mocha-framework", "version": "6.1.17", "isSemVerMajor": true}}, "@wdio/cli": {"name": "@wdio/cli", "severity": "moderate", "isDirect": true, "via": ["@wdio/config", "@wdio/globals", "@wdio/utils", "webdriverio"], "effects": [], "range": ">=8.15.0", "nodes": ["node_modules/@wdio/cli"], "fixAvailable": {"name": "@wdio/cli", "version": "8.14.6", "isSemVerMajor": true}}, "@wdio/config": {"name": "@wdio/config", "severity": "moderate", "isDirect": false, "via": ["@wdio/utils"], "effects": [], "range": ">=8.15.0", "nodes": ["node_modules/@wdio/cli/node_modules/@wdio/config", "node_modules/@wdio/config"], "fixAvailable": true}, "@wdio/globals": {"name": "@wdio/globals", "severity": "moderate", "isDirect": false, "via": ["expect-webdriverio", "webdriverio"], "effects": [], "range": ">=8.15.0", "nodes": ["node_modules/@wdio/cli/node_modules/@wdio/globals", "node_modules/@wdio/globals"], "fixAvailable": true}, "@wdio/local-runner": {"name": "@wdio/local-runner", "severity": "moderate", "isDirect": true, "via": ["@wdio/runner", "expect-webdriverio"], "effects": [], "range": ">=8.15.0", "nodes": ["node_modules/@wdio/local-runner"], "fixAvailable": {"name": "@wdio/local-runner", "version": "8.14.6", "isSemVerMajor": true}}, "@wdio/mocha-framework": {"name": "@wdio/mocha-framework", "severity": "high", "isDirect": true, "via": ["@wdio/utils", "mocha"], "effects": [], "range": ">=6.1.19", "nodes": ["node_modules/@wdio/mocha-framework"], "fixAvailable": {"name": "@wdio/mocha-framework", "version": "6.1.17", "isSemVerMajor": true}}, "@wdio/runner": {"name": "@wdio/runner", "severity": "moderate", "isDirect": false, "via": ["@wdio/config", "@wdio/globals", "@wdio/utils", "expect-webdriverio", "webdriver", "webdriverio"], "effects": ["@wdio/local-runner"], "range": ">=8.15.0", "nodes": ["node_modules/@wdio/runner"], "fixAvailable": {"name": "@wdio/local-runner", "version": "8.14.6", "isSemVerMajor": true}}, "@wdio/utils": {"name": "@wdio/utils", "severity": "moderate", "isDirect": false, "via": ["@puppeteer/browsers"], "effects": ["@wdio/cli", "@wdio/config", "@wdio/mocha-framework", "@wdio/runner", "webdriver", "webdriverio"], "range": ">=8.15.0", "nodes": ["node_modules/@wdio/cli/node_modules/@wdio/utils", "node_modules/@wdio/config/node_modules/@wdio/utils", "node_modules/@wdio/runner/node_modules/@wdio/utils", "node_modules/@wdio/utils", "node_modules/webdriver/node_modules/@wdio/utils", "node_modules/webdriverio/node_modules/@wdio/utils"], "fixAvailable": {"name": "@wdio/mocha-framework", "version": "6.1.17", "isSemVerMajor": true}}, "expect-webdriverio": {"name": "expect-webdriverio", "severity": "moderate", "isDirect": false, "via": ["@wdio/globals", "webdriverio"], "effects": ["@wdio/globals", "@wdio/local-runner", "@wdio/runner"], "range": "4.0.0-alpha.0 - 4.0.0-alpha.6 || >=4.2.8", "nodes": ["", "node_modules/expect-webdriverio"], "fixAvailable": {"name": "@wdio/local-runner", "version": "8.14.6", "isSemVerMajor": true}}, "extract-zip": {"name": "extract-zip", "severity": "moderate", "isDirect": false, "via": ["yauzl"], "effects": ["@puppeteer/browsers"], "range": "*", "nodes": ["node_modules/extract-zip"], "fixAvailable": {"name": "@wdio/mocha-framework", "version": "6.1.17", "isSemVerMajor": true}}, "flatted": {"name": "flatted", "severity": "high", "isDirect": false, "via": [{"source": 1114526, "name": "flatted", "dependency": "flatted", "title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase", "url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f", "severity": "high", "cwe": ["CWE-674"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.4.0"}], "effects": [], "range": "<3.4.0", "nodes": [""], "fixAvailable": true}, "form-data": {"name": "form-data", "severity": "critical", "isDirect": false, "via": [{"source": 1109540, "name": "form-data", "dependency": "form-data", "title": "form-data uses unsafe random function in form-data for choosing boundary", "url": "https://github.com/advisories/GHSA-fjxv-7rqg-78g4", "severity": "critical", "cwe": ["CWE-330"], "cvss": {"score": 0, "vectorString": null}, "range": "<2.5.4"}], "effects": ["request"], "range": "<2.5.4", "nodes": ["node_modules/form-data"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.4.0", "isSemVerMajor": true}}, "grunt": {"name": "grunt", "severity": "high", "isDirect": true, "via": ["minimatch"], "effects": ["grunt-eslint"], "range": ">=0.4.0-a", "nodes": ["node_modules/grunt"], "fixAvailable": {"name": "grunt", "version": "0.3.17", "isSemVerMajor": true}}, "grunt-eslint": {"name": "grunt-eslint", "severity": "high", "isDirect": true, "via": ["grunt"], "effects": [], "range": "<=1.0.0 || >=18.1.0", "nodes": ["node_modules/grunt-eslint"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "minimatch": {"name": "minimatch", "severity": "high", "isDirect": false, "via": [{"source": 1113459, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<3.1.3"}, {"source": 1113538, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.3"}, {"source": 1113546, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.4"}], "effects": ["grunt"], "range": "<=3.1.3", "nodes": ["node_modules/grunt/node_modules/minimatch"], "fixAvailable": {"name": "grunt", "version": "0.3.17", "isSemVerMajor": true}}, "mocha": {"name": "mocha", "severity": "high", "isDirect": false, "via": ["serialize-javascript"], "effects": ["@wdio/mocha-framework"], "range": "8.0.0 - 12.0.0-beta-2", "nodes": ["node_modules/mocha"], "fixAvailable": {"name": "@wdio/mocha-framework", "version": "6.1.17", "isSemVerMajor": true}}, "mwbot": {"name": "mwbot", "severity": "moderate", "isDirect": false, "via": ["request"], "effects": ["wdio-mediawiki"], "range": ">=0.1.6", "nodes": ["node_modules/mwbot"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.4.0", "isSemVerMajor": true}}, "qs": {"name": "qs", "severity": "moderate", "isDirect": false, "via": [{"source": 1113719, "name": "qs", "dependency": "qs", "title": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion", "url": "https://github.com/advisories/GHSA-6rw7-vpxm-498p", "severity": "moderate", "cwe": ["CWE-20"], "cvss": {"score": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<6.14.1"}], "effects": ["request"], "range": "<6.14.1", "nodes": ["node_modules/qs"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.4.0", "isSemVerMajor": true}}, "request": {"name": "request", "severity": "critical", "isDirect": false, "via": [{"source": 1096727, "name": "request", "dependency": "request", "title": "Server-Side Request Forgery in Request", "url": "https://github.com/advisories/GHSA-p8p7-x288-28g6", "severity": "moderate", "cwe": ["CWE-918"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<=2.88.2"}, "form-data", "qs", "tough-cookie"], "effects": ["mwbot"], "range": "*", "nodes": ["node_modules/request"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.4.0", "isSemVerMajor": true}}, "serialize-javascript": {"name": "serialize-javascript", "severity": "high", "isDirect": false, "via": [{"source": 1113686, "name": "serialize-javascript", "dependency": "serialize-javascript", "title": "Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()", "url": "https://github.com/advisories/GHSA-5c6j-r48x-rmvq", "severity": "high", "cwe": ["CWE-96"], "cvss": {"score": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "range": "<=7.0.2"}], "effects": ["mocha"], "range": "<=7.0.2", "nodes": ["node_modules/serialize-javascript"], "fixAvailable": {"name": "@wdio/mocha-framework", "version": "6.1.17", "isSemVerMajor": true}}, "tough-cookie": {"name": "tough-cookie", "severity": "moderate", "isDirect": false, "via": [{"source": 1097682, "name": "tough-cookie", "dependency": "tough-cookie", "title": "tough-cookie Prototype Pollution vulnerability", "url": "https://github.com/advisories/GHSA-72xf-g2v4-qvf3", "severity": "moderate", "cwe": ["CWE-1321"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}, "range": "<4.1.3"}], "effects": ["request"], "range": "<4.1.3", "nodes": ["node_modules/tough-cookie"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.4.0", "isSemVerMajor": true}}, "undici": {"name": "undici", "severity": "high", "isDirect": false, "via": [{"source": 1114591, "name": "undici", "dependency": "undici", "title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client", "url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj", "severity": "high", "cwe": ["CWE-248", "CWE-1284"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.0.0 <7.24.0"}, {"source": 1114592, "name": "undici", "dependency": "undici", "title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client", "url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj", "severity": "high", "cwe": ["CWE-248", "CWE-1284"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=6.0.0 <6.24.0"}, {"source": 1114593, "name": "undici", "dependency": "undici", "title": "Undici has an HTTP Request/Response Smuggling issue", "url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm", "severity": "moderate", "cwe": ["CWE-444"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "range": ">=7.0.0 <7.24.0"}, {"source": 1114594, "name": "undici", "dependency": "undici", "title": "Undici has an HTTP Request/Response Smuggling issue", "url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm", "severity": "moderate", "cwe": ["CWE-444"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "range": "<6.24.0"}, {"source": 1114637, "name": "undici", "dependency": "undici", "title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression", "url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q", "severity": "high", "cwe": ["CWE-409"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.0.0 <7.24.0"}, {"source": 1114638, "name": "undici", "dependency": "undici", "title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression", "url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q", "severity": "high", "cwe": ["CWE-409"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<6.24.0"}, {"source": 1114639, "name": "undici", "dependency": "undici", "title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation", "url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8", "severity": "high", "cwe": ["CWE-248"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.0.0 <7.24.0"}, {"source": 1114640, "name": "undici", "dependency": "undici", "title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation", "url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8", "severity": "high", "cwe": ["CWE-248"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<6.24.0"}, {"source": 1114641, "name": "undici", "dependency": "undici", "title": "Undici has CRLF Injection in undici via `upgrade` option", "url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq", "severity": "moderate", "cwe": ["CWE-93"], "cvss": {"score": 4.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}, "range": ">=7.0.0 <7.24.0"}, {"source": 1114642, "name": "undici", "dependency": "undici", "title": "Undici has CRLF Injection in undici via `upgrade` option", "url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq", "severity": "moderate", "cwe": ["CWE-93"], "cvss": {"score": 4.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}, "range": "<6.24.0"}, {"source": 1114643, "name": "undici", "dependency": "undici", "title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS", "url": "https://github.com/advisories/GHSA-phc3-fgpg-7m6h", "severity": "moderate", "cwe": ["CWE-770"], "cvss": {"score": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.17.0 <7.24.0"}], "effects": [], "range": "<=6.23.0 || 7.0.0 - 7.23.0", "nodes": ["", ""], "fixAvailable": true}, "wdio-mediawiki": {"name": "wdio-mediawiki", "severity": "moderate", "isDirect": true, "via": ["mwbot"], "effects": [], "range": "<=5.1.0", "nodes": ["node_modules/wdio-mediawiki"], "fixAvailable": {"name": "wdio-mediawiki", "version": "6.4.0", "isSemVerMajor": true}}, "webdriver": {"name": "webdriver", "severity": "moderate", "isDirect": false, "via": ["@wdio/config", "@wdio/utils"], "effects": [], "range": ">=8.15.0", "nodes": ["node_modules/@wdio/cli/node_modules/webdriver", "node_modules/webdriver"], "fixAvailable": true}, "webdriverio": {"name": "webdriverio", "severity": "moderate", "isDirect": false, "via": ["@wdio/config", "@wdio/utils", "webdriver"], "effects": ["@wdio/globals", "expect-webdriverio"], "range": ">=8.15.0", "nodes": ["node_modules/@wdio/cli/node_modules/webdriverio", "node_modules/webdriverio"], "fixAvailable": {"name": "@wdio/local-runner", "version": "8.14.6", "isSemVerMajor": true}}, "yauzl": {"name": "yauzl", "severity": "moderate", "isDirect": false, "via": [{"source": 1114530, "name": "yauzl", "dependency": "yauzl", "title": "yauzl contains an off-by-one error", "url": "https://github.com/advisories/GHSA-gmq8-994r-jv83", "severity": "moderate", "cwe": ["CWE-193"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<3.2.1"}], "effects": ["extract-zip"], "range": "<3.2.1", "nodes": ["node_modules/yauzl"], "fixAvailable": {"name": "@wdio/mocha-framework", "version": "6.1.17", "isSemVerMajor": true}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 16, "high": 8, "critical": 2, "total": 26}, "dependencies": {"prod": 1, "dev": 971, "optional": 43, "peer": 5, "peerOptional": 0, "total": 971}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated node-domexception@1.0.0: Use your platform's native DOMException instead
--- stdout ---
added 946 packages, and audited 947 packages in 16s
209 packages are looking for funding
run `npm fund` for details
# npm audit report
form-data <2.5.4
Severity: critical
form-data uses unsafe random function in form-data for choosing boundary - https://github.com/advisories/GHSA-fjxv-7rqg-78g4
fix available via `npm audit fix --force`
Will install wdio-mediawiki@6.4.0, which is a breaking change
node_modules/form-data
request *
Depends on vulnerable versions of form-data
Depends on vulnerable versions of qs
Depends on vulnerable versions of tough-cookie
node_modules/request
mwbot >=0.1.6
Depends on vulnerable versions of request
node_modules/mwbot
wdio-mediawiki <=5.1.0
Depends on vulnerable versions of mwbot
node_modules/wdio-mediawiki
minimatch <=3.1.3
Severity: high
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern - https://github.com/advisories/GHSA-3ppc-4f35-3m26
minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments - https://github.com/advisories/GHSA-7r86-cg39-jmmj
minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions - https://github.com/advisories/GHSA-23c5-xmqv-rm74
fix available via `npm audit fix --force`
Will install grunt@0.3.17, which is a breaking change
node_modules/grunt/node_modules/minimatch
grunt >=0.4.0-a
Depends on vulnerable versions of minimatch
node_modules/grunt
grunt-eslint <=1.0.0 || >=18.1.0
Depends on vulnerable versions of grunt
node_modules/grunt-eslint
qs <6.14.1
Severity: moderate
qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion - https://github.com/advisories/GHSA-6rw7-vpxm-498p
fix available via `npm audit fix --force`
Will install wdio-mediawiki@6.4.0, which is a breaking change
node_modules/qs
serialize-javascript <=7.0.2
Severity: high
Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString() - https://github.com/advisories/GHSA-5c6j-r48x-rmvq
fix available via `npm audit fix --force`
Will install @wdio/mocha-framework@6.1.17, which is a breaking change
node_modules/serialize-javascript
mocha 8.0.0 - 12.0.0-beta-2
Depends on vulnerable versions of serialize-javascript
node_modules/mocha
@wdio/mocha-framework >=6.1.19
Depends on vulnerable versions of @wdio/utils
Depends on vulnerable versions of mocha
node_modules/@wdio/mocha-framework
tough-cookie <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
fix available via `npm audit fix --force`
Will install wdio-mediawiki@6.4.0, which is a breaking change
node_modules/tough-cookie
yauzl <3.2.1
Severity: moderate
yauzl contains an off-by-one error - https://github.com/advisories/GHSA-gmq8-994r-jv83
fix available via `npm audit fix --force`
Will install @wdio/cli@8.14.6, which is a breaking change
node_modules/yauzl
extract-zip *
Depends on vulnerable versions of yauzl
node_modules/extract-zip
@puppeteer/browsers *
Depends on vulnerable versions of extract-zip
node_modules/@puppeteer/browsers
@wdio/utils >=8.15.0
Depends on vulnerable versions of @puppeteer/browsers
node_modules/@wdio/cli/node_modules/@wdio/utils
node_modules/@wdio/config/node_modules/@wdio/utils
node_modules/@wdio/runner/node_modules/@wdio/utils
node_modules/@wdio/utils
node_modules/webdriver/node_modules/@wdio/utils
node_modules/webdriverio/node_modules/@wdio/utils
@wdio/cli >=8.15.0
Depends on vulnerable versions of @wdio/config
Depends on vulnerable versions of @wdio/globals
Depends on vulnerable versions of @wdio/utils
Depends on vulnerable versions of webdriverio
node_modules/@wdio/cli
@wdio/config >=8.15.0
Depends on vulnerable versions of @wdio/utils
node_modules/@wdio/cli/node_modules/@wdio/config
node_modules/@wdio/config
@wdio/runner >=8.15.0
Depends on vulnerable versions of @wdio/config
Depends on vulnerable versions of @wdio/globals
Depends on vulnerable versions of @wdio/utils
Depends on vulnerable versions of expect-webdriverio
Depends on vulnerable versions of webdriver
Depends on vulnerable versions of webdriverio
node_modules/@wdio/runner
@wdio/local-runner >=8.15.0
Depends on vulnerable versions of @wdio/runner
Depends on vulnerable versions of expect-webdriverio
node_modules/@wdio/local-runner
webdriver >=8.15.0
Depends on vulnerable versions of @wdio/config
Depends on vulnerable versions of @wdio/utils
node_modules/@wdio/cli/node_modules/webdriver
node_modules/webdriver
webdriverio >=8.15.0
Depends on vulnerable versions of @wdio/config
Depends on vulnerable versions of @wdio/utils
Depends on vulnerable versions of webdriver
node_modules/@wdio/cli/node_modules/webdriverio
node_modules/webdriverio
@wdio/globals >=8.15.0
Depends on vulnerable versions of expect-webdriverio
Depends on vulnerable versions of webdriverio
node_modules/@wdio/cli/node_modules/@wdio/globals
node_modules/@wdio/globals
expect-webdriverio 4.0.0-alpha.0 - 4.0.0-alpha.6 || >=4.2.8
Depends on vulnerable versions of @wdio/globals
Depends on vulnerable versions of webdriverio
node_modules/expect-webdriverio
24 vulnerabilities (16 moderate, 6 high, 2 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated node-domexception@1.0.0: Use your platform's native DOMException instead
--- stdout ---
added 946 packages, and audited 947 packages in 24s
209 packages are looking for funding
run `npm fund` for details
24 vulnerabilities (16 moderate, 6 high, 2 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stdout ---
> test
> grunt test
Running "eslint:all" (eslint) task
/src/repo/modules/index.pagelist/PagelistInputWidget.DialogModel.js
57:2 warning Prefer .then to .done no-jquery/no-done-fail
/src/repo/modules/index.pagelist/PagelistInputWidget.Model.js
196:2 warning Prefer .then to .done no-jquery/no-done-fail
/src/repo/modules/index.pagelist/init.js
6:1 warning @internal should not have a name jsdoc/valid-types
/src/repo/modules/page.editinsequence/PageModel.js
138:1 warning The type 'pageModelUpdated' is undefined jsdoc/no-undefined-types
280:1 warning The type 'pageModelUpdated' is undefined jsdoc/no-undefined-types
/src/repo/modules/page.editinsequence/PagelistModel.js
33:2 warning Prefer .then to .done no-jquery/no-done-fail
98:1 warning The type 'pageListReady' is undefined jsdoc/no-undefined-types
99:1 warning The type 'pageUpdated' is undefined jsdoc/no-undefined-types
100:1 warning The type 'lastReached' is undefined jsdoc/no-undefined-types
101:1 warning The type 'firstReached' is undefined jsdoc/no-undefined-types
145:1 warning The type 'pageUpdated' is undefined jsdoc/no-undefined-types
146:1 warning The type 'lastReached' is undefined jsdoc/no-undefined-types
181:1 warning The type 'pageUpdated' is undefined jsdoc/no-undefined-types
182:1 warning The type 'firstReached' is undefined jsdoc/no-undefined-types
/src/repo/modules/page/OpenseadragonController.js
22:1 warning JSDoc @return declaration present but return expression not available in function jsdoc/require-returns-check
/src/repo/modules/page/ext.proofreadpage.page.edit.js
362:1 warning @internal should not have a name jsdoc/valid-types
/src/repo/modules/ve/node/ve.ui.MWPagesInspector.js
72:2 warning Prefer .then to .done no-jquery/no-done-fail
✖ 17 problems (0 errors, 17 warnings)
Running "stylelint:all" (stylelint) task
>> modules/ext.proofreadpage.base.less
>> 6:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 7:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 8:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 9:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 10:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 13:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 14:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 15:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 16:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 17:1 ⚠ Unexpected browser feature "css-paged-media" is not supported by Safari 12,13,14,15,11.1,12.1,13.1,14.1,15.1,15.2-15.3,15.4,15.5,15.6,16.0,16.1,16.2,16.3,16.4,16.5,16.6,17.0,17.1,17.2,17.3,17.4,17.5,17.6,18.0,18.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5,13.0-13.1,13.2,13.3,13.4-13.7,14.0-14.4,14.5-14.8,15.0-15.1,15.2-15.3,15.4,15.5,15.6-15.8,16.0,16.1,16.2,16.3,16.4,16.5,16.6-16.7,17.0,17.1,17.2,17.3,17.4,17.5,17.6-17.7,18.0,18.1, Android Browser 131 plugin/no-unsupported-browser-features
>> 78:1 ⚠ Unexpected browser feature "prefers-color-scheme" is not supported by Safari 12,11.1, Safari on iOS 11.3-11.4,12.0-12.1,12.2-12.5 plugin/no-unsupported-browser-features
>>
>> ⚠ 11 problems (0 errors, 11 warnings)
⚠ 11 warnings
>> Linted 12 files without errors
Running "banana:ProofreadPage" (banana) task
>> 2 message directories checked.
Done.
--- end ---
{}
{}
{"1114526": {"source": 1114526, "name": "flatted", "dependency": "flatted", "title": "flatted vulnerable to unbounded recursion DoS in parse() revive phase", "url": "https://github.com/advisories/GHSA-25h7-pfq9-p65f", "severity": "high", "cwe": ["CWE-674"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.4.0"}}
Upgrading n:flatted from 3.3.1 -> 3.4.1
{"1114591": {"source": 1114591, "name": "undici", "dependency": "undici", "title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client", "url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj", "severity": "high", "cwe": ["CWE-248", "CWE-1284"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.0.0 <7.24.0"}, "1114592": {"source": 1114592, "name": "undici", "dependency": "undici", "title": "Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client", "url": "https://github.com/advisories/GHSA-f269-vfmq-vjvj", "severity": "high", "cwe": ["CWE-248", "CWE-1284"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=6.0.0 <6.24.0"}, "1114593": {"source": 1114593, "name": "undici", "dependency": "undici", "title": "Undici has an HTTP Request/Response Smuggling issue", "url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm", "severity": "moderate", "cwe": ["CWE-444"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "range": ">=7.0.0 <7.24.0"}, "1114594": {"source": 1114594, "name": "undici", "dependency": "undici", "title": "Undici has an HTTP Request/Response Smuggling issue", "url": "https://github.com/advisories/GHSA-2mjp-6q6p-2qxm", "severity": "moderate", "cwe": ["CWE-444"], "cvss": {"score": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "range": "<6.24.0"}, "1114637": {"source": 1114637, "name": "undici", "dependency": "undici", "title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression", "url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q", "severity": "high", "cwe": ["CWE-409"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.0.0 <7.24.0"}, "1114638": {"source": 1114638, "name": "undici", "dependency": "undici", "title": "Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression", "url": "https://github.com/advisories/GHSA-vrm6-8vpv-qv8q", "severity": "high", "cwe": ["CWE-409"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<6.24.0"}, "1114639": {"source": 1114639, "name": "undici", "dependency": "undici", "title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation", "url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8", "severity": "high", "cwe": ["CWE-248"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.0.0 <7.24.0"}, "1114640": {"source": 1114640, "name": "undici", "dependency": "undici", "title": "Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation", "url": "https://github.com/advisories/GHSA-v9p9-hfj2-hcw8", "severity": "high", "cwe": ["CWE-248"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<6.24.0"}, "1114641": {"source": 1114641, "name": "undici", "dependency": "undici", "title": "Undici has CRLF Injection in undici via `upgrade` option", "url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq", "severity": "moderate", "cwe": ["CWE-93"], "cvss": {"score": 4.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}, "range": ">=7.0.0 <7.24.0"}, "1114642": {"source": 1114642, "name": "undici", "dependency": "undici", "title": "Undici has CRLF Injection in undici via `upgrade` option", "url": "https://github.com/advisories/GHSA-4992-7rv2-5pvq", "severity": "moderate", "cwe": ["CWE-93"], "cvss": {"score": 4.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}, "range": "<6.24.0"}, "1114643": {"source": 1114643, "name": "undici", "dependency": "undici", "title": "Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS", "url": "https://github.com/advisories/GHSA-phc3-fgpg-7m6h", "severity": "moderate", "cwe": ["CWE-770"], "cvss": {"score": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=7.17.0 <7.24.0"}}
Upgrading n:undici from 6.23.0, 7.18.2 -> 6.24.1, 7.24.3
{}
$ package-lock-lint /src/repo/package-lock.json
--- stdout ---
Checking /src/repo/package-lock.json
--- end ---
build: Updating npm dependencies
* flatted: 3.3.1 → 3.4.1
* https://github.com/advisories/GHSA-25h7-pfq9-p65f
* undici: 6.23.0, 7.18.2 → 6.24.1, 7.24.3
* https://github.com/advisories/GHSA-2mjp-6q6p-2qxm
* https://github.com/advisories/GHSA-4992-7rv2-5pvq
* https://github.com/advisories/GHSA-f269-vfmq-vjvj
* https://github.com/advisories/GHSA-phc3-fgpg-7m6h
* https://github.com/advisories/GHSA-v9p9-hfj2-hcw8
* https://github.com/advisories/GHSA-vrm6-8vpv-qv8q
$ git add .
--- stdout ---
--- end ---
$ git commit -F /tmp/tmpnpxduh9z
--- stdout ---
[REL1_45 6a18cf0] build: Updating npm dependencies
1 file changed, 325 insertions(+), 226 deletions(-)
--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From 6a18cf0e1cc89b6d33f38cdc1db4b4bb766fc9de Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Sun, 15 Mar 2026 21:48:37 +0000
Subject: [PATCH] build: Updating npm dependencies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* flatted: 3.3.1 → 3.4.1
* https://github.com/advisories/GHSA-25h7-pfq9-p65f
* undici: 6.23.0, 7.18.2 → 6.24.1, 7.24.3
* https://github.com/advisories/GHSA-2mjp-6q6p-2qxm
* https://github.com/advisories/GHSA-4992-7rv2-5pvq
* https://github.com/advisories/GHSA-f269-vfmq-vjvj
* https://github.com/advisories/GHSA-phc3-fgpg-7m6h
* https://github.com/advisories/GHSA-v9p9-hfj2-hcw8
* https://github.com/advisories/GHSA-vrm6-8vpv-qv8q
Change-Id: Ie09b6c63a30f155f5c6058316f0f389c8d9861c4
---
package-lock.json | 551 +++++++++++++++++++++++++++-------------------
1 file changed, 325 insertions(+), 226 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index f9b2ae7..736c91f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1067,30 +1067,30 @@
}
},
"node_modules/@jest/diff-sequences": {
- "version": "30.0.1",
- "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz",
- "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.3.0.tgz",
+ "integrity": "sha512-cG51MVnLq1ecVUaQ3fr6YuuAOitHK1S4WUJHnsPFE/quQr33ADUx1FfrTCpMCRxvy0Yr9BThKpDjSlcTi91tMA==",
"dev": true,
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/@jest/expect-utils": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.5.tgz",
- "integrity": "sha512-F3lmTT7CXWYywoVUGTCmom0vXq3HTTkaZyTAzIy+bXSBizB7o5qzlC9VCtq0arOa8GqmNsbg/cE9C6HLn7Szew==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.3.0.tgz",
+ "integrity": "sha512-j0+W5iQQ8hBh7tHZkTQv3q2Fh/M7Je72cIsYqC4OaktgtO7v1So9UTjp6uPBHIaB6beoF/RRsCgMJKvti0wADA==",
"dev": true,
"dependencies": {
- "@jest/get-type": "30.0.1"
+ "@jest/get-type": "30.1.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/@jest/get-type": {
- "version": "30.0.1",
- "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz",
- "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==",
+ "version": "30.1.0",
+ "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.1.0.tgz",
+ "integrity": "sha512-eMbZE2hUnx1WV0pmURZY9XoXPkUYjpc55mb0CrhtdWLtzMQPFvu/rZkTLZFTsdaVQa+Tr4eWAteqcUzoawq/uA==",
"dev": true,
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
@@ -1122,9 +1122,9 @@
}
},
"node_modules/@jest/types": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.5.tgz",
- "integrity": "sha512-aREYa3aku9SSnea4aX6bhKn4bgv3AXkgijoQgbYV3yvbiGt6z+MQ85+6mIhx9DsKW2BuB/cLR/A+tcMThx+KLQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.3.0.tgz",
+ "integrity": "sha512-JHm87k7bA33hpBngtU8h6UBub/fqqA9uXfw+21j5Hmk7ooPHlboRNxHq0JcMtC+n8VJGP1mcfnD3Mk+XKe1oSw==",
"dev": true,
"dependencies": {
"@jest/pattern": "30.0.1",
@@ -1140,9 +1140,9 @@
}
},
"node_modules/@jridgewell/sourcemap-codec": {
- "version": "1.5.0",
- "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz",
- "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==",
+ "version": "1.5.5",
+ "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+ "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
"dev": true
},
"node_modules/@mdn/browser-compat-data": {
@@ -1216,17 +1216,17 @@
}
},
"node_modules/@puppeteer/browsers": {
- "version": "2.10.5",
- "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.10.5.tgz",
- "integrity": "sha512-eifa0o+i8dERnngJwKrfp3dEq7ia5XFyoqB17S4gK8GhsQE4/P8nxOfQSE0zQHxzzLo/cmF+7+ywEQ7wK7Fb+w==",
+ "version": "2.13.0",
+ "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.13.0.tgz",
+ "integrity": "sha512-46BZJYJjc/WwmKjsvDFykHtXrtomsCIrwYQPOP7VfMJoZY2bsDF9oROBABR3paDjDcmkUye1Pb1BqdcdiipaWA==",
"dev": true,
"dependencies": {
- "debug": "^4.4.1",
+ "debug": "^4.4.3",
"extract-zip": "^2.0.1",
"progress": "^2.0.3",
"proxy-agent": "^6.5.0",
- "semver": "^7.7.2",
- "tar-fs": "^3.0.8",
+ "semver": "^7.7.4",
+ "tar-fs": "^3.1.1",
"yargs": "^17.7.2"
},
"bin": {
@@ -1284,9 +1284,9 @@
"dev": true
},
"node_modules/@sinclair/typebox": {
- "version": "0.34.38",
- "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.38.tgz",
- "integrity": "sha512-HpkxMmc2XmZKhvaKIZZThlHmx1L0I/V1hWK1NubtlFnr6ZqdiOpV72TKudZUNQjZNsyDBay72qFEhEvb+bcwcA==",
+ "version": "0.34.48",
+ "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.48.tgz",
+ "integrity": "sha512-kKJTNuK3AQOrgjjotVxMrCn1sUJwM76wMszfq1kdU4uYVJjvEWuFQ6HgvLt4Xz3fSmZlTOxJ/Ie13KnIcWQXFA==",
"dev": true
},
"node_modules/@sindresorhus/merge-streams": {
@@ -1661,9 +1661,9 @@
}
},
"node_modules/@types/yargs": {
- "version": "17.0.33",
- "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz",
- "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==",
+ "version": "17.0.35",
+ "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.35.tgz",
+ "integrity": "sha512-qUHkeCyQFxMXg79wQfTtfndEC+N9ZZg76HJftDJp+qH2tV7Gj4OJi7l+PiWwJ+pWtW8GwSmqsDj/oymhrTWXjg==",
"dev": true,
"dependencies": {
"@types/yargs-parser": "*"
@@ -2049,6 +2049,41 @@
"url": "https://opencollective.com/vitest"
}
},
+ "node_modules/@vitest/utils": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.1.0.tgz",
+ "integrity": "sha512-XfPXT6a8TZY3dcGY8EdwsBulFCIw+BeeX0RZn2x/BtiY/75YGh8FeWGG8QISN/WhaqSrE2OrlDgtF8q5uhOTmw==",
+ "dev": true,
+ "dependencies": {
+ "@vitest/pretty-format": "4.1.0",
+ "convert-source-map": "^2.0.0",
+ "tinyrainbow": "^3.0.3"
+ },
+ "funding": {
+ "url": "https://opencollective.com/vitest"
+ }
+ },
+ "node_modules/@vitest/utils/node_modules/@vitest/pretty-format": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.0.tgz",
+ "integrity": "sha512-3RZLZlh88Ib0J7NQTRATfc/3ZPOnSUn2uDBUoGNn5T36+bALixmzphN26OUD3LRXWkJu4H0s5vvUeqBiw+kS0A==",
+ "dev": true,
+ "dependencies": {
+ "tinyrainbow": "^3.0.3"
+ },
+ "funding": {
+ "url": "https://opencollective.com/vitest"
+ }
+ },
+ "node_modules/@vitest/utils/node_modules/tinyrainbow": {
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+ "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
+ "dev": true,
+ "engines": {
+ "node": ">=14.0.0"
+ }
+ },
"node_modules/@wdio/cli": {
"version": "9.18.4",
"resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-9.18.4.tgz",
@@ -4319,9 +4354,9 @@
}
},
"node_modules/cheerio/node_modules/undici": {
- "version": "7.18.2",
- "resolved": "https://registry.npmjs.org/undici/-/undici-7.18.2.tgz",
- "integrity": "sha512-y+8YjDFzWdQlSE9N5nzKMT3g4a5UBX1HKowfdXh0uvAnTaqqwqB92Jt4UXBAeKekDs5IaDKyJFR4X1gYVCgXcw==",
+ "version": "7.24.3",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-7.24.3.tgz",
+ "integrity": "sha512-eJdUmK/Wrx2d+mnWWmwwLRyA7OQCkLap60sk3dOK4ViZR7DKwwptwuIvFBg2HaiP9ESaEdhtpSymQPvytpmkCA==",
"dev": true,
"engines": {
"node": ">=20.18.1"
@@ -4547,6 +4582,12 @@
"integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==",
"dev": true
},
+ "node_modules/convert-source-map": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
+ "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==",
+ "dev": true
+ },
"node_modules/core-js-compat": {
"version": "3.37.1",
"resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.37.1.tgz",
@@ -5124,9 +5165,9 @@
}
},
"node_modules/debug": {
- "version": "4.4.1",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz",
- "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==",
+ "version": "4.4.3",
+ "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+ "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"dev": true,
"dependencies": {
"ms": "^2.1.3"
@@ -5152,6 +5193,15 @@
"url": "https://github.com/sponsors/sindresorhus"
}
},
+ "node_modules/deep-eql": {
+ "version": "5.0.2",
+ "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-5.0.2.tgz",
+ "integrity": "sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==",
+ "dev": true,
+ "engines": {
+ "node": ">=6"
+ }
+ },
"node_modules/deep-is": {
"version": "0.1.4",
"resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz",
@@ -6664,35 +6714,35 @@
}
},
"node_modules/expect": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.5.tgz",
- "integrity": "sha512-P0te2pt+hHI5qLJkIR+iMvS+lYUZml8rKKsohVHAGY+uClp9XVbdyYNJOIjSRpHVp8s8YqxJCiHUkSYZGr8rtQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/expect/-/expect-30.3.0.tgz",
+ "integrity": "sha512-1zQrciTiQfRdo7qJM1uG4navm8DayFa2TgCSRlzUyNkhcJ6XUZF3hjnpkyr3VhAqPH7i/9GkG7Tv5abz6fqz0Q==",
"dev": true,
"dependencies": {
- "@jest/expect-utils": "30.0.5",
- "@jest/get-type": "30.0.1",
- "jest-matcher-utils": "30.0.5",
- "jest-message-util": "30.0.5",
- "jest-mock": "30.0.5",
- "jest-util": "30.0.5"
+ "@jest/expect-utils": "30.3.0",
+ "@jest/get-type": "30.1.0",
+ "jest-matcher-utils": "30.3.0",
+ "jest-message-util": "30.3.0",
+ "jest-mock": "30.3.0",
+ "jest-util": "30.3.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/expect-webdriverio": {
- "version": "5.4.1",
- "resolved": "https://registry.npmjs.org/expect-webdriverio/-/expect-webdriverio-5.4.1.tgz",
- "integrity": "sha512-jH4qhahRNGPWbCCVcCpLDl/kvFJ1eOzVnrd1K/sG1RhKr6bZsgZQUiOE3bafVqSOfKP+ay8bM/VagP4+XsO9Xw==",
+ "version": "5.6.5",
+ "resolved": "https://registry.npmjs.org/expect-webdriverio/-/expect-webdriverio-5.6.5.tgz",
+ "integrity": "sha512-5ot+Apo0bEvMD/nqzWymQpgyWnOdu0kVpmahLx5T7NzUc6RyifucZ24Gsfr6F6C8yRGBhmoFh7ZeY+W9kteEBQ==",
"dev": true,
"dependencies": {
- "@vitest/snapshot": "^3.2.4",
- "expect": "^30.0.0",
- "jest-matcher-utils": "^30.0.0",
- "lodash.isequal": "^4.5.0"
+ "@vitest/snapshot": "^4.0.16",
+ "deep-eql": "^5.0.2",
+ "expect": "^30.2.0",
+ "jest-matcher-utils": "^30.2.0"
},
"engines": {
- "node": ">=18 || >=20 || >=22"
+ "node": ">=20"
},
"peerDependencies": {
"@wdio/globals": "^9.0.0",
@@ -6712,25 +6762,26 @@
}
},
"node_modules/expect-webdriverio/node_modules/@vitest/pretty-format": {
- "version": "3.2.4",
- "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-3.2.4.tgz",
- "integrity": "sha512-IVNZik8IVRJRTr9fxlitMKeJeXFFFN0JaB9PHPGQ8NKQbGpfjlTx9zO4RefN8gp7eqjNy8nyK3NZmBzOPeIxtA==",
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.0.tgz",
+ "integrity": "sha512-3RZLZlh88Ib0J7NQTRATfc/3ZPOnSUn2uDBUoGNn5T36+bALixmzphN26OUD3LRXWkJu4H0s5vvUeqBiw+kS0A==",
"dev": true,
"dependencies": {
- "tinyrainbow": "^2.0.0"
+ "tinyrainbow": "^3.0.3"
},
"funding": {
"url": "https://opencollective.com/vitest"
}
},
"node_modules/expect-webdriverio/node_modules/@vitest/snapshot": {
- "version": "3.2.4",
- "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-3.2.4.tgz",
- "integrity": "sha512-dEYtS7qQP2CjU27QBC5oUOxLE/v5eLkGqPE0ZKEIDGMs4vKWe7IjgLOeauHsR0D5YuuycGRO5oSRXnwnmA78fQ==",
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.1.0.tgz",
+ "integrity": "sha512-0Vy9euT1kgsnj1CHttwi9i9o+4rRLEaPRSOJ5gyv579GJkNpgJK+B4HSv/rAWixx2wdAFci1X4CEPjiu2bXIMg==",
"dev": true,
"dependencies": {
- "@vitest/pretty-format": "3.2.4",
- "magic-string": "^0.30.17",
+ "@vitest/pretty-format": "4.1.0",
+ "@vitest/utils": "4.1.0",
+ "magic-string": "^0.30.21",
"pathe": "^2.0.3"
},
"funding": {
@@ -6744,9 +6795,9 @@
"dev": true
},
"node_modules/expect-webdriverio/node_modules/tinyrainbow": {
- "version": "2.0.0",
- "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-2.0.0.tgz",
- "integrity": "sha512-op4nsTR47R6p0vMUUoYl/a+ljLFVtlfaXkLQmqfLR1qHma1h/ysYk4hEXZ880bf2CYgTskvTa/e196Vd5dDQXw==",
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+ "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
"dev": true,
"engines": {
"node": ">=14.0.0"
@@ -7105,9 +7156,9 @@
}
},
"node_modules/flatted": {
- "version": "3.3.1",
- "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
- "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==",
+ "version": "3.4.1",
+ "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.1.tgz",
+ "integrity": "sha512-IxfVbRFVlV8V/yRaGzk0UVIcsKKHMSfYw66T/u4nTwlWteQePsxe//LjudR1AMX4tZW3WFCh3Zqa/sjlqpbURQ==",
"dev": true
},
"node_modules/for-in": {
@@ -8329,48 +8380,48 @@
}
},
"node_modules/jest-diff": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.5.tgz",
- "integrity": "sha512-1UIqE9PoEKaHcIKvq2vbibrCog4Y8G0zmOxgQUVEiTqwR5hJVMCoDsN1vFvI5JvwD37hjueZ1C4l2FyGnfpE0A==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.3.0.tgz",
+ "integrity": "sha512-n3q4PDQjS4LrKxfWB3Z5KNk1XjXtZTBwQp71OP0Jo03Z6V60x++K5L8k6ZrW8MY8pOFylZvHM0zsjS1RqlHJZQ==",
"dev": true,
"dependencies": {
- "@jest/diff-sequences": "30.0.1",
- "@jest/get-type": "30.0.1",
+ "@jest/diff-sequences": "30.3.0",
+ "@jest/get-type": "30.1.0",
"chalk": "^4.1.2",
- "pretty-format": "30.0.5"
+ "pretty-format": "30.3.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/jest-matcher-utils": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.5.tgz",
- "integrity": "sha512-uQgGWt7GOrRLP1P7IwNWwK1WAQbq+m//ZY0yXygyfWp0rJlksMSLQAA4wYQC3b6wl3zfnchyTx+k3HZ5aPtCbQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.3.0.tgz",
+ "integrity": "sha512-HEtc9uFQgaUHkC7nLSlQL3Tph4Pjxt/yiPvkIrrDCt9jhoLIgxaubo1G+CFOnmHYMxHwwdaSN7mkIFs6ZK8OhA==",
"dev": true,
"dependencies": {
- "@jest/get-type": "30.0.1",
+ "@jest/get-type": "30.1.0",
"chalk": "^4.1.2",
- "jest-diff": "30.0.5",
- "pretty-format": "30.0.5"
+ "jest-diff": "30.3.0",
+ "pretty-format": "30.3.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
"node_modules/jest-message-util": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.5.tgz",
- "integrity": "sha512-NAiDOhsK3V7RU0Aa/HnrQo+E4JlbarbmI3q6Pi4KcxicdtjV82gcIUrejOtczChtVQR4kddu1E1EJlW6EN9IyA==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.3.0.tgz",
+ "integrity": "sha512-Z/j4Bo+4ySJ+JPJN3b2Qbl9hDq3VrXmnjjGEWD/x0BCXeOXPTV1iZYYzl2X8c1MaCOL+ewMyNBcm88sboE6YWw==",
"dev": true,
"dependencies": {
"@babel/code-frame": "^7.27.1",
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/stack-utils": "^2.0.3",
"chalk": "^4.1.2",
"graceful-fs": "^4.2.11",
- "micromatch": "^4.0.8",
- "pretty-format": "30.0.5",
+ "picomatch": "^4.0.3",
+ "pretty-format": "30.3.0",
"slash": "^3.0.0",
"stack-utils": "^2.0.6"
},
@@ -8378,15 +8429,27 @@
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
}
},
+ "node_modules/jest-message-util/node_modules/picomatch": {
+ "version": "4.0.3",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+ "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+ "dev": true,
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/jonschlinkert"
+ }
+ },
"node_modules/jest-mock": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.5.tgz",
- "integrity": "sha512-Od7TyasAAQX/6S+QCbN6vZoWOMwlTtzzGuxJku1GhGanAjz9y+QsQkpScDmETvdc9aSXyJ/Op4rhpMYBWW91wQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.3.0.tgz",
+ "integrity": "sha512-OTzICK8CpE+t4ndhKrwlIdbM6Pn8j00lvmSmq5ejiO+KxukbLjgOflKWMn3KE34EZdQm5RqTuKj+5RIEniYhog==",
"dev": true,
"dependencies": {
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/node": "*",
- "jest-util": "30.0.5"
+ "jest-util": "30.3.0"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
@@ -8402,17 +8465,17 @@
}
},
"node_modules/jest-util": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.5.tgz",
- "integrity": "sha512-pvyPWssDZR0FlfMxCBoc0tvM8iUEskaRFALUtGQYzVEAqisAztmy+R8LnU14KT4XA0H/a5HMVTXat1jLne010g==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.3.0.tgz",
+ "integrity": "sha512-/jZDa00a3Sz7rdyu55NLrQCIrbyIkbBxareejQI315f/i8HjYN+ZWsDLLpoQSiUIEIyZF/R8fDg3BmB8AtHttg==",
"dev": true,
"dependencies": {
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/node": "*",
"chalk": "^4.1.2",
"ci-info": "^4.2.0",
"graceful-fs": "^4.2.11",
- "picomatch": "^4.0.2"
+ "picomatch": "^4.0.3"
},
"engines": {
"node": "^18.14.0 || ^20.0.0 || ^22.0.0 || >=24.0.0"
@@ -8776,13 +8839,6 @@
"integrity": "sha512-uHaJFihxmJcEX3kT4I23ABqKKalJ/zDrDg0lsFtc1h+3uw49SIJ5beyhx5ExVRti3AvKoOJngIj7xz3oylPdWQ==",
"dev": true
},
- "node_modules/lodash.isequal": {
- "version": "4.5.0",
- "resolved": "https://registry.npmjs.org/lodash.isequal/-/lodash.isequal-4.5.0.tgz",
- "integrity": "sha512-pDo3lu8Jhfjqls6GkMgpahsF9kCyayhgykjyLMNFTKWrpVdAQtYyB4muAMWozBB4ig/dtWAmsMxLEI8wuz+DYQ==",
- "deprecated": "This package is deprecated. Use require('node:util').isDeepStrictEqual instead.",
- "dev": true
- },
"node_modules/lodash.memoize": {
"version": "4.1.2",
"resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz",
@@ -8864,12 +8920,12 @@
}
},
"node_modules/magic-string": {
- "version": "0.30.17",
- "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.17.tgz",
- "integrity": "sha512-sNPKHvyjVf7gyjwS4xGTaW/mCnF8wnjtifKBEhxfZ7E/S8tQ0rssrwGNn6q8JH/ohItJfSQp9mBtQYuTlH5QnA==",
+ "version": "0.30.21",
+ "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.21.tgz",
+ "integrity": "sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==",
"dev": true,
"dependencies": {
- "@jridgewell/sourcemap-codec": "^1.5.0"
+ "@jridgewell/sourcemap-codec": "^1.5.5"
}
},
"node_modules/make-dir": {
@@ -9904,9 +9960,9 @@
}
},
"node_modules/pretty-format": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.5.tgz",
- "integrity": "sha512-D1tKtYvByrBkFLe2wHJl2bwMJIiT8rW+XA+TiataH79/FszLQMrpGEvzUVkzPau7OCO0Qnrhpe87PqtOAIB8Yw==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.3.0.tgz",
+ "integrity": "sha512-oG4T3wCbfeuvljnyAzhBvpN45E8iOTXCU/TD3zXW80HA3dQ4ahdqMkWGiPWZvjpQwlbyHrPTWUAqUzGzv4l1JQ==",
"dev": true,
"dependencies": {
"@jest/schemas": "30.0.5",
@@ -10700,9 +10756,9 @@
}
},
"node_modules/semver": {
- "version": "7.7.2",
- "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz",
- "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==",
+ "version": "7.7.4",
+ "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz",
+ "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==",
"dev": true,
"bin": {
"semver": "bin/semver.js"
@@ -11666,9 +11722,9 @@
}
},
"node_modules/undici": {
- "version": "6.23.0",
- "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
- "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
+ "version": "6.24.1",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz",
+ "integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==",
"dev": true,
"engines": {
"node": ">=18.17"
@@ -13054,24 +13110,24 @@
}
},
"@jest/diff-sequences": {
- "version": "30.0.1",
- "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.0.1.tgz",
- "integrity": "sha512-n5H8QLDJ47QqbCNn5SuFjCRDrOLEZ0h8vAHCK5RL9Ls7Xa8AQLa/YxAc9UjFqoEDM48muwtBGjtMY5cr0PLDCw==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/diff-sequences/-/diff-sequences-30.3.0.tgz",
+ "integrity": "sha512-cG51MVnLq1ecVUaQ3fr6YuuAOitHK1S4WUJHnsPFE/quQr33ADUx1FfrTCpMCRxvy0Yr9BThKpDjSlcTi91tMA==",
"dev": true
},
"@jest/expect-utils": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.0.5.tgz",
- "integrity": "sha512-F3lmTT7CXWYywoVUGTCmom0vXq3HTTkaZyTAzIy+bXSBizB7o5qzlC9VCtq0arOa8GqmNsbg/cE9C6HLn7Szew==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/expect-utils/-/expect-utils-30.3.0.tgz",
+ "integrity": "sha512-j0+W5iQQ8hBh7tHZkTQv3q2Fh/M7Je72cIsYqC4OaktgtO7v1So9UTjp6uPBHIaB6beoF/RRsCgMJKvti0wADA==",
"dev": true,
"requires": {
- "@jest/get-type": "30.0.1"
+ "@jest/get-type": "30.1.0"
}
},
"@jest/get-type": {
- "version": "30.0.1",
- "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.0.1.tgz",
- "integrity": "sha512-AyYdemXCptSRFirI5EPazNxyPwAL0jXt3zceFjaj8NFiKP9pOi0bfXonf6qkf82z2t3QWPeLCWWw4stPBzctLw==",
+ "version": "30.1.0",
+ "resolved": "https://registry.npmjs.org/@jest/get-type/-/get-type-30.1.0.tgz",
+ "integrity": "sha512-eMbZE2hUnx1WV0pmURZY9XoXPkUYjpc55mb0CrhtdWLtzMQPFvu/rZkTLZFTsdaVQa+Tr4eWAteqcUzoawq/uA==",
"dev": true
},
"@jest/pattern": {
@@ -13094,9 +13150,9 @@
}
},
"@jest/types": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.0.5.tgz",
- "integrity": "sha512-aREYa3aku9SSnea4aX6bhKn4bgv3AXkgijoQgbYV3yvbiGt6z+MQ85+6mIhx9DsKW2BuB/cLR/A+tcMThx+KLQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/@jest/types/-/types-30.3.0.tgz",
+ "integrity": "sha512-JHm87k7bA33hpBngtU8h6UBub/fqqA9uXfw+21j5Hmk7ooPHlboRNxHq0JcMtC+n8VJGP1mcfnD3Mk+XKe1oSw==",
"dev": true,
"requires": {
"@jest/pattern": "30.0.1",
@@ -13109,9 +13165,9 @@
}
},
"@jridgewell/sourcemap-codec": {
- "version": "1.5.0",
- "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.0.tgz",
- "integrity": "sha512-gv3ZRaISU3fjPAgNsriBRqGWQL6quFx04YMPW/zD8XMLsU32mhCCbfbO6KZFLjvYpCZ8zyDEgqsgf+PwPaM7GQ==",
+ "version": "1.5.5",
+ "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+ "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
"dev": true
},
"@mdn/browser-compat-data": {
@@ -13163,17 +13219,17 @@
}
},
"@puppeteer/browsers": {
- "version": "2.10.5",
- "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.10.5.tgz",
- "integrity": "sha512-eifa0o+i8dERnngJwKrfp3dEq7ia5XFyoqB17S4gK8GhsQE4/P8nxOfQSE0zQHxzzLo/cmF+7+ywEQ7wK7Fb+w==",
+ "version": "2.13.0",
+ "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-2.13.0.tgz",
+ "integrity": "sha512-46BZJYJjc/WwmKjsvDFykHtXrtomsCIrwYQPOP7VfMJoZY2bsDF9oROBABR3paDjDcmkUye1Pb1BqdcdiipaWA==",
"dev": true,
"requires": {
- "debug": "^4.4.1",
+ "debug": "^4.4.3",
"extract-zip": "^2.0.1",
"progress": "^2.0.3",
"proxy-agent": "^6.5.0",
- "semver": "^7.7.2",
- "tar-fs": "^3.0.8",
+ "semver": "^7.7.4",
+ "tar-fs": "^3.1.1",
"yargs": "^17.7.2"
},
"dependencies": {
@@ -13218,9 +13274,9 @@
"dev": true
},
"@sinclair/typebox": {
- "version": "0.34.38",
- "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.38.tgz",
- "integrity": "sha512-HpkxMmc2XmZKhvaKIZZThlHmx1L0I/V1hWK1NubtlFnr6ZqdiOpV72TKudZUNQjZNsyDBay72qFEhEvb+bcwcA==",
+ "version": "0.34.48",
+ "resolved": "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.34.48.tgz",
+ "integrity": "sha512-kKJTNuK3AQOrgjjotVxMrCn1sUJwM76wMszfq1kdU4uYVJjvEWuFQ6HgvLt4Xz3fSmZlTOxJ/Ie13KnIcWQXFA==",
"dev": true
},
"@sindresorhus/merge-streams": {
@@ -13498,9 +13554,9 @@
}
},
"@types/yargs": {
- "version": "17.0.33",
- "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.33.tgz",
- "integrity": "sha512-WpxBCKWPLr4xSsHgz511rFJAM+wS28w2zEO1QDNY5zM/S8ok70NNfztH0xwhqKyaK0OHCbN98LDAZuy1ctxDkA==",
+ "version": "17.0.35",
+ "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-17.0.35.tgz",
+ "integrity": "sha512-qUHkeCyQFxMXg79wQfTtfndEC+N9ZZg76HJftDJp+qH2tV7Gj4OJi7l+PiWwJ+pWtW8GwSmqsDj/oymhrTWXjg==",
"dev": true,
"requires": {
"@types/yargs-parser": "*"
@@ -13736,6 +13792,34 @@
"pathe": "^1.1.2"
}
},
+ "@vitest/utils": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.1.0.tgz",
+ "integrity": "sha512-XfPXT6a8TZY3dcGY8EdwsBulFCIw+BeeX0RZn2x/BtiY/75YGh8FeWGG8QISN/WhaqSrE2OrlDgtF8q5uhOTmw==",
+ "dev": true,
+ "requires": {
+ "@vitest/pretty-format": "4.1.0",
+ "convert-source-map": "^2.0.0",
+ "tinyrainbow": "^3.0.3"
+ },
+ "dependencies": {
+ "@vitest/pretty-format": {
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.0.tgz",
+ "integrity": "sha512-3RZLZlh88Ib0J7NQTRATfc/3ZPOnSUn2uDBUoGNn5T36+bALixmzphN26OUD3LRXWkJu4H0s5vvUeqBiw+kS0A==",
+ "dev": true,
+ "requires": {
+ "tinyrainbow": "^3.0.3"
+ }
+ },
+ "tinyrainbow": {
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+ "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
+ "dev": true
+ }
+ }
+ },
"@wdio/cli": {
"version": "9.18.4",
"resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-9.18.4.tgz",
@@ -15301,9 +15385,9 @@
}
},
"undici": {
- "version": "7.18.2",
- "resolved": "https://registry.npmjs.org/undici/-/undici-7.18.2.tgz",
- "integrity": "sha512-y+8YjDFzWdQlSE9N5nzKMT3g4a5UBX1HKowfdXh0uvAnTaqqwqB92Jt4UXBAeKekDs5IaDKyJFR4X1gYVCgXcw==",
+ "version": "7.24.3",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-7.24.3.tgz",
+ "integrity": "sha512-eJdUmK/Wrx2d+mnWWmwwLRyA7OQCkLap60sk3dOK4ViZR7DKwwptwuIvFBg2HaiP9ESaEdhtpSymQPvytpmkCA==",
"dev": true
}
}
@@ -15480,6 +15564,12 @@
"integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==",
"dev": true
},
+ "convert-source-map": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz",
+ "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==",
+ "dev": true
+ },
"core-js-compat": {
"version": "3.37.1",
"resolved": "https://registry.npmjs.org/core-js-compat/-/core-js-compat-3.37.1.tgz",
@@ -15896,9 +15986,9 @@
"dev": true
},
"debug": {
- "version": "4.4.1",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.1.tgz",
- "integrity": "sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==",
+ "version": "4.4.3",
+ "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+ "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"dev": true,
"requires": {
"ms": "^2.1.3"
@@ -15910,6 +16000,12 @@
"integrity": "sha512-9iE1PgSik9HeIIw2JO94IidnE3eBoQrFJ3w7sFuzSX4DpmZ3v5sZpUiV5Swcf6mQEF+Y0ru8Neo+p+nyh2J+hQ==",
"dev": true
},
+ "deep-eql": {
+ "version": "5.0.2",
+ "resolved": "https://registry.npmjs.org/deep-eql/-/deep-eql-5.0.2.tgz",
+ "integrity": "sha512-h5k/5U50IJJFpzfL6nO9jaaumfjO/f2NjK/oYB2Djzm4p9L+3T9qWpZqZ2hAbLPuuYq9wrU08WQyBTL5GbPk5Q==",
+ "dev": true
+ },
"deep-is": {
"version": "0.1.4",
"resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz",
@@ -16960,48 +17056,49 @@
}
},
"expect": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/expect/-/expect-30.0.5.tgz",
- "integrity": "sha512-P0te2pt+hHI5qLJkIR+iMvS+lYUZml8rKKsohVHAGY+uClp9XVbdyYNJOIjSRpHVp8s8YqxJCiHUkSYZGr8rtQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/expect/-/expect-30.3.0.tgz",
+ "integrity": "sha512-1zQrciTiQfRdo7qJM1uG4navm8DayFa2TgCSRlzUyNkhcJ6XUZF3hjnpkyr3VhAqPH7i/9GkG7Tv5abz6fqz0Q==",
"dev": true,
"requires": {
- "@jest/expect-utils": "30.0.5",
- "@jest/get-type": "30.0.1",
- "jest-matcher-utils": "30.0.5",
- "jest-message-util": "30.0.5",
- "jest-mock": "30.0.5",
- "jest-util": "30.0.5"
+ "@jest/expect-utils": "30.3.0",
+ "@jest/get-type": "30.1.0",
+ "jest-matcher-utils": "30.3.0",
+ "jest-message-util": "30.3.0",
+ "jest-mock": "30.3.0",
+ "jest-util": "30.3.0"
}
},
"expect-webdriverio": {
- "version": "5.4.1",
- "resolved": "https://registry.npmjs.org/expect-webdriverio/-/expect-webdriverio-5.4.1.tgz",
- "integrity": "sha512-jH4qhahRNGPWbCCVcCpLDl/kvFJ1eOzVnrd1K/sG1RhKr6bZsgZQUiOE3bafVqSOfKP+ay8bM/VagP4+XsO9Xw==",
+ "version": "5.6.5",
+ "resolved": "https://registry.npmjs.org/expect-webdriverio/-/expect-webdriverio-5.6.5.tgz",
+ "integrity": "sha512-5ot+Apo0bEvMD/nqzWymQpgyWnOdu0kVpmahLx5T7NzUc6RyifucZ24Gsfr6F6C8yRGBhmoFh7ZeY+W9kteEBQ==",
"dev": true,
"requires": {
- "@vitest/snapshot": "^3.2.4",
- "expect": "^30.0.0",
- "jest-matcher-utils": "^30.0.0",
- "lodash.isequal": "^4.5.0"
+ "@vitest/snapshot": "^4.0.16",
+ "deep-eql": "^5.0.2",
+ "expect": "^30.2.0",
+ "jest-matcher-utils": "^30.2.0"
},
"dependencies": {
"@vitest/pretty-format": {
- "version": "3.2.4",
- "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-3.2.4.tgz",
- "integrity": "sha512-IVNZik8IVRJRTr9fxlitMKeJeXFFFN0JaB9PHPGQ8NKQbGpfjlTx9zO4RefN8gp7eqjNy8nyK3NZmBzOPeIxtA==",
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.0.tgz",
+ "integrity": "sha512-3RZLZlh88Ib0J7NQTRATfc/3ZPOnSUn2uDBUoGNn5T36+bALixmzphN26OUD3LRXWkJu4H0s5vvUeqBiw+kS0A==",
"dev": true,
"requires": {
- "tinyrainbow": "^2.0.0"
+ "tinyrainbow": "^3.0.3"
}
},
"@vitest/snapshot": {
- "version": "3.2.4",
- "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-3.2.4.tgz",
- "integrity": "sha512-dEYtS7qQP2CjU27QBC5oUOxLE/v5eLkGqPE0ZKEIDGMs4vKWe7IjgLOeauHsR0D5YuuycGRO5oSRXnwnmA78fQ==",
+ "version": "4.1.0",
+ "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.1.0.tgz",
+ "integrity": "sha512-0Vy9euT1kgsnj1CHttwi9i9o+4rRLEaPRSOJ5gyv579GJkNpgJK+B4HSv/rAWixx2wdAFci1X4CEPjiu2bXIMg==",
"dev": true,
"requires": {
- "@vitest/pretty-format": "3.2.4",
- "magic-string": "^0.30.17",
+ "@vitest/pretty-format": "4.1.0",
+ "@vitest/utils": "4.1.0",
+ "magic-string": "^0.30.21",
"pathe": "^2.0.3"
}
},
@@ -17012,9 +17109,9 @@
"dev": true
},
"tinyrainbow": {
- "version": "2.0.0",
- "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-2.0.0.tgz",
- "integrity": "sha512-op4nsTR47R6p0vMUUoYl/a+ljLFVtlfaXkLQmqfLR1qHma1h/ysYk4hEXZ880bf2CYgTskvTa/e196Vd5dDQXw==",
+ "version": "3.1.0",
+ "resolved": "https://registry.npmjs.org/tinyrainbow/-/tinyrainbow-3.1.0.tgz",
+ "integrity": "sha512-Bf+ILmBgretUrdJxzXM0SgXLZ3XfiaUuOj/IKQHuTXip+05Xn+uyEYdVg0kYDipTBcLrCVyUzAPz7QmArb0mmw==",
"dev": true
}
}
@@ -17275,9 +17372,9 @@
}
},
"flatted": {
- "version": "3.3.1",
- "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
- "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw==",
+ "version": "3.4.1",
+ "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.1.tgz",
+ "integrity": "sha512-IxfVbRFVlV8V/yRaGzk0UVIcsKKHMSfYw66T/u4nTwlWteQePsxe//LjudR1AMX4tZW3WFCh3Zqa/sjlqpbURQ==",
"dev": true
},
"for-in": {
@@ -18165,55 +18262,63 @@
}
},
"jest-diff": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.0.5.tgz",
- "integrity": "sha512-1UIqE9PoEKaHcIKvq2vbibrCog4Y8G0zmOxgQUVEiTqwR5hJVMCoDsN1vFvI5JvwD37hjueZ1C4l2FyGnfpE0A==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-diff/-/jest-diff-30.3.0.tgz",
+ "integrity": "sha512-n3q4PDQjS4LrKxfWB3Z5KNk1XjXtZTBwQp71OP0Jo03Z6V60x++K5L8k6ZrW8MY8pOFylZvHM0zsjS1RqlHJZQ==",
"dev": true,
"requires": {
- "@jest/diff-sequences": "30.0.1",
- "@jest/get-type": "30.0.1",
+ "@jest/diff-sequences": "30.3.0",
+ "@jest/get-type": "30.1.0",
"chalk": "^4.1.2",
- "pretty-format": "30.0.5"
+ "pretty-format": "30.3.0"
}
},
"jest-matcher-utils": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.0.5.tgz",
- "integrity": "sha512-uQgGWt7GOrRLP1P7IwNWwK1WAQbq+m//ZY0yXygyfWp0rJlksMSLQAA4wYQC3b6wl3zfnchyTx+k3HZ5aPtCbQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-matcher-utils/-/jest-matcher-utils-30.3.0.tgz",
+ "integrity": "sha512-HEtc9uFQgaUHkC7nLSlQL3Tph4Pjxt/yiPvkIrrDCt9jhoLIgxaubo1G+CFOnmHYMxHwwdaSN7mkIFs6ZK8OhA==",
"dev": true,
"requires": {
- "@jest/get-type": "30.0.1",
+ "@jest/get-type": "30.1.0",
"chalk": "^4.1.2",
- "jest-diff": "30.0.5",
- "pretty-format": "30.0.5"
+ "jest-diff": "30.3.0",
+ "pretty-format": "30.3.0"
}
},
"jest-message-util": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.0.5.tgz",
- "integrity": "sha512-NAiDOhsK3V7RU0Aa/HnrQo+E4JlbarbmI3q6Pi4KcxicdtjV82gcIUrejOtczChtVQR4kddu1E1EJlW6EN9IyA==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-message-util/-/jest-message-util-30.3.0.tgz",
+ "integrity": "sha512-Z/j4Bo+4ySJ+JPJN3b2Qbl9hDq3VrXmnjjGEWD/x0BCXeOXPTV1iZYYzl2X8c1MaCOL+ewMyNBcm88sboE6YWw==",
"dev": true,
"requires": {
"@babel/code-frame": "^7.27.1",
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/stack-utils": "^2.0.3",
"chalk": "^4.1.2",
"graceful-fs": "^4.2.11",
- "micromatch": "^4.0.8",
- "pretty-format": "30.0.5",
+ "picomatch": "^4.0.3",
+ "pretty-format": "30.3.0",
"slash": "^3.0.0",
"stack-utils": "^2.0.6"
+ },
+ "dependencies": {
+ "picomatch": {
+ "version": "4.0.3",
+ "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+ "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+ "dev": true
+ }
}
},
"jest-mock": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.0.5.tgz",
- "integrity": "sha512-Od7TyasAAQX/6S+QCbN6vZoWOMwlTtzzGuxJku1GhGanAjz9y+QsQkpScDmETvdc9aSXyJ/Op4rhpMYBWW91wQ==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-mock/-/jest-mock-30.3.0.tgz",
+ "integrity": "sha512-OTzICK8CpE+t4ndhKrwlIdbM6Pn8j00lvmSmq5ejiO+KxukbLjgOflKWMn3KE34EZdQm5RqTuKj+5RIEniYhog==",
"dev": true,
"requires": {
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/node": "*",
- "jest-util": "30.0.5"
+ "jest-util": "30.3.0"
}
},
"jest-regex-util": {
@@ -18223,17 +18328,17 @@
"dev": true
},
"jest-util": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.0.5.tgz",
- "integrity": "sha512-pvyPWssDZR0FlfMxCBoc0tvM8iUEskaRFALUtGQYzVEAqisAztmy+R8LnU14KT4XA0H/a5HMVTXat1jLne010g==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/jest-util/-/jest-util-30.3.0.tgz",
+ "integrity": "sha512-/jZDa00a3Sz7rdyu55NLrQCIrbyIkbBxareejQI315f/i8HjYN+ZWsDLLpoQSiUIEIyZF/R8fDg3BmB8AtHttg==",
"dev": true,
"requires": {
- "@jest/types": "30.0.5",
+ "@jest/types": "30.3.0",
"@types/node": "*",
"chalk": "^4.1.2",
"ci-info": "^4.2.0",
"graceful-fs": "^4.2.11",
- "picomatch": "^4.0.2"
+ "picomatch": "^4.0.3"
},
"dependencies": {
"picomatch": {
@@ -18543,12 +18648,6 @@
"integrity": "sha512-uHaJFihxmJcEX3kT4I23ABqKKalJ/zDrDg0lsFtc1h+3uw49SIJ5beyhx5ExVRti3AvKoOJngIj7xz3oylPdWQ==",
"dev": true
},
- "lodash.isequal": {
- "version": "4.5.0",
- "resolved": "https://registry.npmjs.org/lodash.isequal/-/lodash.isequal-4.5.0.tgz",
- "integrity": "sha512-pDo3lu8Jhfjqls6GkMgpahsF9kCyayhgykjyLMNFTKWrpVdAQtYyB4muAMWozBB4ig/dtWAmsMxLEI8wuz+DYQ==",
- "dev": true
- },
"lodash.memoize": {
"version": "4.1.2",
"resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz",
@@ -18614,12 +18713,12 @@
"dev": true
},
"magic-string": {
- "version": "0.30.17",
- "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.17.tgz",
- "integrity": "sha512-sNPKHvyjVf7gyjwS4xGTaW/mCnF8wnjtifKBEhxfZ7E/S8tQ0rssrwGNn6q8JH/ohItJfSQp9mBtQYuTlH5QnA==",
+ "version": "0.30.21",
+ "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.21.tgz",
+ "integrity": "sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==",
"dev": true,
"requires": {
- "@jridgewell/sourcemap-codec": "^1.5.0"
+ "@jridgewell/sourcemap-codec": "^1.5.5"
}
},
"make-dir": {
@@ -19364,9 +19463,9 @@
"dev": true
},
"pretty-format": {
- "version": "30.0.5",
- "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.0.5.tgz",
- "integrity": "sha512-D1tKtYvByrBkFLe2wHJl2bwMJIiT8rW+XA+TiataH79/FszLQMrpGEvzUVkzPau7OCO0Qnrhpe87PqtOAIB8Yw==",
+ "version": "30.3.0",
+ "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-30.3.0.tgz",
+ "integrity": "sha512-oG4T3wCbfeuvljnyAzhBvpN45E8iOTXCU/TD3zXW80HA3dQ4ahdqMkWGiPWZvjpQwlbyHrPTWUAqUzGzv4l1JQ==",
"dev": true,
"requires": {
"@jest/schemas": "30.0.5",
@@ -19959,9 +20058,9 @@
}
},
"semver": {
- "version": "7.7.2",
- "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.2.tgz",
- "integrity": "sha512-RF0Fw+rO5AMf9MAyaRXI4AV0Ulj5lMHqVxxdSgiVbixSCXoEmmX/jk0CuJw4+3SqroYO9VoUh+HcuJivvtJemA==",
+ "version": "7.7.4",
+ "resolved": "https://registry.npmjs.org/semver/-/semver-7.7.4.tgz",
+ "integrity": "sha512-vFKC2IEtQnVhpT78h1Yp8wzwrf8CM+MzKMHGJZfBtzhZNycRFnXsHk6E5TxIkkMsgNS7mdX3AGB7x2QM2di4lA==",
"dev": true
},
"serialize-error": {
@@ -20628,9 +20727,9 @@
}
},
"undici": {
- "version": "6.23.0",
- "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
- "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
+ "version": "6.24.1",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz",
+ "integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==",
"dev": true
},
"undici-types": {
--
2.47.3
--- end ---