This run took 60 seconds.
$ date
--- stdout ---
Mon Apr 27 17:54:59 UTC 2026
--- end ---
$ git clone file:///srv/git/oojs-core.git /src/repo --depth=1 -b master
--- stderr ---
Cloning into '/src/repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
5833d388b02376c827640f1b9d255c3f40232224 refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"basic-ftp": {
"name": "basic-ftp",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1117083,
"name": "basic-ftp",
"dependency": "basic-ftp",
"title": "basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()",
"url": "https://github.com/advisories/GHSA-rp42-5vxx-qpwr",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-770"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<=5.2.2"
}
],
"effects": [],
"range": "<=5.2.2",
"nodes": [
"node_modules/basic-ftp"
],
"fixAvailable": true
},
"fast-xml-parser": {
"name": "fast-xml-parser",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1116957,
"name": "fast-xml-parser",
"dependency": "fast-xml-parser",
"title": "fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters",
"url": "https://github.com/advisories/GHSA-gh4j-gqv2-49f6",
"severity": "moderate",
"cwe": [
"CWE-91"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<5.7.0"
}
],
"effects": [],
"range": "<5.7.0",
"nodes": [
"node_modules/fast-xml-parser"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 1,
"high": 1,
"critical": 0,
"total": 2
},
"dependencies": {
"prod": 1,
"dev": 752,
"optional": 29,
"peer": 1,
"peerOptional": 0,
"total": 752
}
}
}
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"basic-ftp": {
"name": "basic-ftp",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1117083,
"name": "basic-ftp",
"dependency": "basic-ftp",
"title": "basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()",
"url": "https://github.com/advisories/GHSA-rp42-5vxx-qpwr",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-770"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<=5.2.2"
}
],
"effects": [],
"range": "<=5.2.2",
"nodes": [
"node_modules/basic-ftp"
],
"fixAvailable": true
},
"fast-xml-parser": {
"name": "fast-xml-parser",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1116957,
"name": "fast-xml-parser",
"dependency": "fast-xml-parser",
"title": "fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters",
"url": "https://github.com/advisories/GHSA-gh4j-gqv2-49f6",
"severity": "moderate",
"cwe": [
"CWE-91"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<5.7.0"
}
],
"effects": [],
"range": "<5.7.0",
"nodes": [
"node_modules/fast-xml-parser"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 1,
"high": 1,
"critical": 0,
"total": 2
},
"dependencies": {
"prod": 1,
"dev": 752,
"optional": 29,
"peer": 1,
"peerOptional": 0,
"total": 752
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
"added": 753,
"removed": 0,
"changed": 0,
"audited": 754,
"funding": 159,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"basic-ftp": {
"name": "basic-ftp",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1117083,
"name": "basic-ftp",
"dependency": "basic-ftp",
"title": "basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()",
"url": "https://github.com/advisories/GHSA-rp42-5vxx-qpwr",
"severity": "high",
"cwe": [
"CWE-400",
"CWE-770"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<=5.2.2"
}
],
"effects": [],
"range": "<=5.2.2",
"nodes": [
""
],
"fixAvailable": true
},
"fast-xml-parser": {
"name": "fast-xml-parser",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1116957,
"name": "fast-xml-parser",
"dependency": "fast-xml-parser",
"title": "fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters",
"url": "https://github.com/advisories/GHSA-gh4j-gqv2-49f6",
"severity": "moderate",
"cwe": [
"CWE-91"
],
"cvss": {
"score": 6.1,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
},
"range": "<5.7.0"
}
],
"effects": [],
"range": "<5.7.0",
"nodes": [
""
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 1,
"high": 1,
"critical": 0,
"total": 2
},
"dependencies": {
"prod": 1,
"dev": 753,
"optional": 29,
"peer": 1,
"peerOptional": 0,
"total": 753
}
}
}
}
--- end ---
{"added": 753, "removed": 0, "changed": 0, "audited": 754, "funding": 159, "audit": {"auditReportVersion": 2, "vulnerabilities": {"basic-ftp": {"name": "basic-ftp", "severity": "high", "isDirect": false, "via": [{"source": 1117083, "name": "basic-ftp", "dependency": "basic-ftp", "title": "basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()", "url": "https://github.com/advisories/GHSA-rp42-5vxx-qpwr", "severity": "high", "cwe": ["CWE-400", "CWE-770"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<=5.2.2"}], "effects": [], "range": "<=5.2.2", "nodes": [""], "fixAvailable": true}, "fast-xml-parser": {"name": "fast-xml-parser", "severity": "moderate", "isDirect": false, "via": [{"source": 1116957, "name": "fast-xml-parser", "dependency": "fast-xml-parser", "title": "fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters", "url": "https://github.com/advisories/GHSA-gh4j-gqv2-49f6", "severity": "moderate", "cwe": ["CWE-91"], "cvss": {"score": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "range": "<5.7.0"}], "effects": [], "range": "<5.7.0", "nodes": [""], "fixAvailable": true}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 1, "high": 1, "critical": 0, "total": 2}, "dependencies": {"prod": 1, "dev": 753, "optional": 29, "peer": 1, "peerOptional": 0, "total": 753}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated whatwg-encoding@3.1.1: Use @exodus/bytes instead for a more spec-conformant and faster implementation
npm WARN deprecated glob@10.5.0: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm WARN deprecated glob@10.5.0: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
--- stdout ---
added 729 packages, and audited 730 packages in 10s
159 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated whatwg-encoding@3.1.1: Use @exodus/bytes instead for a more spec-conformant and faster implementation
npm WARN deprecated glob@10.5.0: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm WARN deprecated glob@10.5.0: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
--- stdout ---
added 729 packages, and audited 730 packages in 16s
159 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
--- end ---
$ /usr/bin/npm test
--- stdout ---
> oojs@7.0.1 test
> npm run build-dev && wtr && qunit --require ./tests/setup-node tests/unit/ && npm run lint && npm run doc
> oojs@7.0.1 build-dev
> node build.mjs dev
Built dist/oojs.js (dev, with source map).
Running browser tests via Playwright (local dev config): Chromium, Firefox.
Chromium: |██████████████████████████████| 0/1 test files | 0 passed, 0 failed
Firefox: |██████████████████████████████| 0/1 test files | 0 passed, 0 failed
Running tests...
Running 1 test files...
=============================== Coverage summary ===============================
Statements : Unknown% ( 0/0 )
Branches : Unknown% ( 0/0 )
Functions : Unknown% ( 0/0 )
Lines : Unknown% ( 0/0 )
================================================================================
[2K[1A[2K[Gtests/browser-entry.js:
❌ browserType.launch: Executable doesn't exist at /cache/ms-playwright/chromium_headless_shell-1217/chrome-headless-shell-linux64/chrome-headless-shell
╔════════════════════════════════════════════════════════════╗
║ Looks like Playwright was just installed or updated. ║
║ Please run the following command to download new browsers: ║
║ ║
║ npx playwright install ║
║ ║
║ <3 Playwright Team ║
╚════════════════════════════════════════════════════════════╝ (failed on Chromium)
browserType.launch: Executable doesn't exist at /cache/ms-playwright/chromium_headless_shell-1217/chrome-headless-shell-linux64/chrome-headless-shell
╔════════════════════════════════════════════════════════════╗
║ Looks like Playwright was just installed or updated. ║
║ Please run the following command to download new browsers: ║
║ ║
║ npx playwright install ║
║ ║
║ <3 Playwright Team ║
╚════════════════════════════════════════════════════════════╝
at /src/repo/node_modules/@web/test-runner-playwright/dist/PlaywrightLauncher.js:94:74
at PlaywrightLauncher.getOrStartBrowser (/src/repo/node_modules/@web/test-runner-playwright/dist/PlaywrightLauncher.js:96:15)
at PlaywrightLauncher.startSession (/src/repo/node_modules/@web/test-runner-playwright/dist/PlaywrightLauncher.js:41:36)
at TestScheduler.startSession (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestScheduler.js:103:70)
at TestScheduler.runNextScheduled (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestScheduler.js:83:30)
at TestScheduler.schedule (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestScheduler.js:47:14)
at TestRunner.runTests (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestRunner.js:92:28)
at TestRunner.start (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestRunner.js:65:22)
at async startTestRunner (/src/repo/node_modules/@web/test-runner/dist/startTestRunner.js:46:9)
❌ browserType.launch: Executable doesn't exist at /cache/ms-playwright/firefox-1511/firefox/firefox
╔════════════════════════════════════════════════════════════╗
║ Looks like Playwright was just installed or updated. ║
║ Please run the following command to download new browsers: ║
║ ║
║ npx playwright install ║
║ ║
║ <3 Playwright Team ║
╚════════════════════════════════════════════════════════════╝ (failed on Firefox)
browserType.launch: Executable doesn't exist at /cache/ms-playwright/firefox-1511/firefox/firefox
╔════════════════════════════════════════════════════════════╗
║ Looks like Playwright was just installed or updated. ║
║ Please run the following command to download new browsers: ║
║ ║
║ npx playwright install ║
║ ║
║ <3 Playwright Team ║
╚════════════════════════════════════════════════════════════╝
at /src/repo/node_modules/@web/test-runner-playwright/dist/PlaywrightLauncher.js:94:74
at PlaywrightLauncher.getOrStartBrowser (/src/repo/node_modules/@web/test-runner-playwright/dist/PlaywrightLauncher.js:96:15)
at PlaywrightLauncher.startSession (/src/repo/node_modules/@web/test-runner-playwright/dist/PlaywrightLauncher.js:41:36)
at TestScheduler.startSession (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestScheduler.js:103:70)
at TestScheduler.runNextScheduled (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestScheduler.js:83:30)
at TestScheduler.schedule (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestScheduler.js:47:14)
at TestRunner.runTests (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestRunner.js:92:28)
at TestRunner.start (/src/repo/node_modules/@web/test-runner-core/dist/runner/TestRunner.js:65:22)
at async startTestRunner (/src/repo/node_modules/@web/test-runner/dist/startTestRunner.js:46:9)
Chromium: |██████████████████████████████| 1/1 test files | 0 passed, 0 failed
Firefox: |██████████████████████████████| 1/1 test files | 0 passed, 0 failed
Error while running tests.
--- end ---
Traceback (most recent call last):
File "/venv/lib/python3.13/site-packages/runner/__init__.py", line 1268, in main
libup.run()
~~~~~~~~~^^
File "/venv/lib/python3.13/site-packages/runner/__init__.py", line 1208, in run
self.npm_audit_fix(new_npm_audit)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^
File "/venv/lib/python3.13/site-packages/runner/__init__.py", line 239, in npm_audit_fix
self.npm_test()
~~~~~~~~~~~~~^^
File "/venv/lib/python3.13/site-packages/runner/__init__.py", line 289, in npm_test
self.check_call(["npm", "test"])
~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^
File "/venv/lib/python3.13/site-packages/runner/shell2.py", line 66, in check_call
res.check_returncode()
~~~~~~~~~~~~~~~~~~~~^^
File "/usr/lib/python3.13/subprocess.py", line 508, in check_returncode
raise CalledProcessError(self.returncode, self.args, self.stdout,
self.stderr)
subprocess.CalledProcessError: Command '['/usr/bin/npm', 'test']' returned non-zero exit status 1.