This run took 40 seconds.
From 3e63ba689ea17ed715448a76089e4cdf6370669f Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Wed, 20 May 2026 00:10:48 +0000
Subject: [PATCH] [DNM] there are no updates
Change-Id: I98a56237b6f2ee9e5139f80e4c47aca6b7e391d9
---
package-lock.json | 159 +++++++++-------------------------------------
1 file changed, 30 insertions(+), 129 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 0445a2b..4f15233 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -613,12 +613,6 @@
"url": "https://github.com/sponsors/jonschlinkert"
}
},
- "node_modules/@types/cookie": {
- "version": "0.4.1",
- "resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.4.1.tgz",
- "integrity": "sha512-XW/Aa8APYr6jSVVA1y/DEIZX0/GMKLEVekNG727R8cs56ahETkRAy/3DR7+fJyh7oUgGwNQaRfXCun0+KbWY7Q==",
- "dev": true
- },
"node_modules/@types/cors": {
"version": "2.8.17",
"resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.17.tgz",
@@ -671,6 +665,15 @@
"integrity": "sha512-37i+OaWTh9qeK4LSHPsyRC7NahnGotNuZvjLSgcPzblpHB3rrCJxAOgI5gCdKm7coonsaX1Of0ILiTcnZjbfxA==",
"dev": true
},
+ "node_modules/@types/ws": {
+ "version": "8.18.1",
+ "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.18.1.tgz",
+ "integrity": "sha512-ThVF6DCVhA8kUGy+aazFQ4kXQ7E1Ty7A3ypFOe0IcJV8O/M511G99AW24irKrW56Wt44yG9+ij8FaqoBGkuBXg==",
+ "dev": true,
+ "dependencies": {
+ "@types/node": "*"
+ }
+ },
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "8.54.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.54.0.tgz",
@@ -732,23 +735,6 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
- "node_modules/@typescript-eslint/parser/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/@typescript-eslint/project-service": {
"version": "8.54.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.54.0.tgz",
@@ -770,23 +756,6 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
- "node_modules/@typescript-eslint/project-service/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/@typescript-eslint/scope-manager": {
"version": "8.54.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.54.0.tgz",
@@ -844,23 +813,6 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
- "node_modules/@typescript-eslint/type-utils/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/@typescript-eslint/types": {
"version": "8.54.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.54.0.tgz",
@@ -910,23 +862,6 @@
"balanced-match": "^1.0.0"
}
},
- "node_modules/@typescript-eslint/typescript-estree/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
"version": "9.0.9",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
@@ -1634,9 +1569,9 @@
}
},
"node_modules/debug": {
- "version": "4.3.7",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz",
- "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==",
+ "version": "4.4.3",
+ "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+ "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"dev": true,
"dependencies": {
"ms": "^2.1.3"
@@ -1764,21 +1699,21 @@
}
},
"node_modules/engine.io": {
- "version": "6.6.2",
- "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.6.2.tgz",
- "integrity": "sha512-gmNvsYi9C8iErnZdVcJnvCpSKbWTt1E8+JZo8b+daLninywUWi5NQ5STSHZ9rFjFO7imNcvb8Pc5pe/wMR5xEw==",
+ "version": "6.6.7",
+ "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.6.7.tgz",
+ "integrity": "sha512-DgOngfDKM2EviOH3Mr9m7ks1q8roetLy/IMmYthAYzbpInMbYc/GS+fWFA3rl1gvwKVsQrVV61fo5emD1y3OJQ==",
"dev": true,
"dependencies": {
- "@types/cookie": "^0.4.1",
"@types/cors": "^2.8.12",
"@types/node": ">=10.0.0",
+ "@types/ws": "^8.5.12",
"accepts": "~1.3.4",
"base64id": "2.0.0",
"cookie": "~0.7.2",
"cors": "~2.8.5",
- "debug": "~4.3.1",
+ "debug": "~4.4.1",
"engine.io-parser": "~5.2.1",
- "ws": "~8.17.1"
+ "ws": "~8.18.3"
},
"engines": {
"node": ">=10.2.0"
@@ -2112,23 +2047,6 @@
"eslint": "^7.0.0 || ^8.0.0 || ^9.0.0 || ^10.0.0"
}
},
- "node_modules/eslint-plugin-jsdoc/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/eslint-plugin-jsdoc/node_modules/eslint-visitor-keys": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-5.0.1.tgz",
@@ -4693,15 +4611,15 @@
}
},
"node_modules/socket.io": {
- "version": "4.8.1",
- "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.8.1.tgz",
- "integrity": "sha512-oZ7iUCxph8WYRHHcjBEc9unw3adt5CmSNlppj/5Q4k2RIrhl8Z5yY2Xr4j9zj0+wzVZ0bxmYoGSzKJnRl6A4yg==",
+ "version": "4.8.3",
+ "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.8.3.tgz",
+ "integrity": "sha512-2Dd78bqzzjE6KPkD5fHZmDAKRNe3J15q+YHDrIsy9WEkqttc7GY+kT9OBLSMaPbQaEd0x1BjcmtMtXkfpc+T5A==",
"dev": true,
"dependencies": {
"accepts": "~1.3.4",
"base64id": "~2.0.0",
"cors": "~2.8.5",
- "debug": "~4.3.2",
+ "debug": "~4.4.1",
"engine.io": "~6.6.0",
"socket.io-adapter": "~2.5.2",
"socket.io-parser": "~4.2.4"
@@ -4711,13 +4629,13 @@
}
},
"node_modules/socket.io-adapter": {
- "version": "2.5.5",
- "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.5.tgz",
- "integrity": "sha512-eLDQas5dzPgOWCk9GuuJC2lBqItuhKI4uxGgo9aIV7MYbk2h9Q6uULEh8WBzThoI7l+qU9Ast9fVUmkqPP9wYg==",
+ "version": "2.5.6",
+ "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.6.tgz",
+ "integrity": "sha512-DkkO/dz7MGln0dHn5bmN3pPy+JmywNICWrJqVWiVOyvXjWQFIv9c2h24JrQLLFJ2aQVQf/Cvl1vblnd4r2apLQ==",
"dev": true,
"dependencies": {
- "debug": "~4.3.4",
- "ws": "~8.17.1"
+ "debug": "~4.4.1",
+ "ws": "~8.18.3"
}
},
"node_modules/socket.io-parser": {
@@ -4733,23 +4651,6 @@
"node": ">=10.0.0"
}
},
- "node_modules/socket.io-parser/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/source-map": {
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
@@ -5366,9 +5267,9 @@
"dev": true
},
"node_modules/ws": {
- "version": "8.17.1",
- "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz",
- "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==",
+ "version": "8.18.3",
+ "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz",
+ "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==",
"dev": true,
"engines": {
"node": ">=10.0.0"
--
2.47.3
$ date
--- stdout ---
Wed May 20 00:10:22 UTC 2026
--- end ---
$ git clone file:///srv/git/jquery-client.git /src/repo --depth=1 -b master
--- stderr ---
Cloning into '/src/repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
1a32d7a6b735130b4fa3baa0d9c843b8c19dd65b refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"engine.io": {
"name": "engine.io",
"severity": "moderate",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"socket.io"
],
"range": "0.7.8 - 0.7.9 || >=6.0.0",
"nodes": [
"node_modules/engine.io"
],
"fixAvailable": {
"name": "karma",
"version": "6.3.17",
"isSemVerMajor": true
}
},
"karma": {
"name": "karma",
"severity": "moderate",
"isDirect": true,
"via": [
"socket.io"
],
"effects": [],
"range": ">=6.3.18",
"nodes": [
"node_modules/karma"
],
"fixAvailable": {
"name": "karma",
"version": "6.3.17",
"isSemVerMajor": true
}
},
"socket.io": {
"name": "socket.io",
"severity": "moderate",
"isDirect": false,
"via": [
"engine.io",
"socket.io-adapter"
],
"effects": [
"karma"
],
"range": ">=4.3.0",
"nodes": [
"node_modules/socket.io"
],
"fixAvailable": {
"name": "karma",
"version": "6.3.17",
"isSemVerMajor": true
}
},
"socket.io-adapter": {
"name": "socket.io-adapter",
"severity": "moderate",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"socket.io"
],
"range": ">=2.5.2",
"nodes": [
"node_modules/socket.io-adapter"
],
"fixAvailable": {
"name": "karma",
"version": "6.3.17",
"isSemVerMajor": true
}
},
"ws": {
"name": "ws",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1119108,
"name": "ws",
"dependency": "ws",
"title": "ws: Uninitialized memory disclosure",
"url": "https://github.com/advisories/GHSA-58qx-3vcg-4xpx",
"severity": "moderate",
"cwe": [
"CWE-908"
],
"cvss": {
"score": 4.4,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"
},
"range": ">=8.0.0 <8.20.1"
}
],
"effects": [
"engine.io",
"socket.io-adapter"
],
"range": "8.0.0 - 8.20.0",
"nodes": [
"node_modules/ws"
],
"fixAvailable": {
"name": "karma",
"version": "6.3.17",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 5,
"high": 0,
"critical": 0,
"total": 5
},
"dependencies": {
"prod": 1,
"dev": 451,
"optional": 1,
"peer": 52,
"peerOptional": 0,
"total": 451
}
}
}
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"engine.io": {
"name": "engine.io",
"severity": "moderate",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"socket.io"
],
"range": "0.7.8 - 0.7.9 || >=6.0.0",
"nodes": [
"node_modules/engine.io"
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
},
"karma": {
"name": "karma",
"severity": "moderate",
"isDirect": true,
"via": [
"socket.io"
],
"effects": [],
"range": ">=6.4.3",
"nodes": [
"node_modules/karma"
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
},
"socket.io": {
"name": "socket.io",
"severity": "moderate",
"isDirect": false,
"via": [
"engine.io",
"socket.io-adapter"
],
"effects": [
"karma"
],
"range": ">=4.3.0",
"nodes": [
"node_modules/socket.io"
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
},
"socket.io-adapter": {
"name": "socket.io-adapter",
"severity": "moderate",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"socket.io"
],
"range": ">=2.5.2",
"nodes": [
"node_modules/socket.io-adapter"
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
},
"ws": {
"name": "ws",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1119108,
"name": "ws",
"dependency": "ws",
"title": "ws: Uninitialized memory disclosure",
"url": "https://github.com/advisories/GHSA-58qx-3vcg-4xpx",
"severity": "moderate",
"cwe": [
"CWE-908"
],
"cvss": {
"score": 4.4,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"
},
"range": ">=8.0.0 <8.20.1"
}
],
"effects": [
"engine.io",
"socket.io-adapter"
],
"range": "8.0.0 - 8.20.0",
"nodes": [
"node_modules/ws"
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 5,
"high": 0,
"critical": 0,
"total": 5
},
"dependencies": {
"prod": 1,
"dev": 451,
"optional": 1,
"peer": 52,
"peerOptional": 0,
"total": 451
}
}
}
--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
"added": 445,
"removed": 0,
"changed": 0,
"audited": 446,
"funding": 99,
"audit": {
"auditReportVersion": 2,
"vulnerabilities": {
"engine.io": {
"name": "engine.io",
"severity": "moderate",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"socket.io"
],
"range": "0.7.8 - 0.7.9 || >=6.0.0",
"nodes": [
""
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
},
"karma": {
"name": "karma",
"severity": "moderate",
"isDirect": true,
"via": [
"socket.io"
],
"effects": [],
"range": ">=6.4.3",
"nodes": [
"node_modules/karma"
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
},
"socket.io": {
"name": "socket.io",
"severity": "moderate",
"isDirect": false,
"via": [
"engine.io",
"socket.io-adapter"
],
"effects": [
"karma"
],
"range": ">=4.3.0",
"nodes": [
""
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
},
"socket.io-adapter": {
"name": "socket.io-adapter",
"severity": "moderate",
"isDirect": false,
"via": [
"ws"
],
"effects": [
"socket.io"
],
"range": ">=2.5.2",
"nodes": [
""
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
},
"ws": {
"name": "ws",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1119108,
"name": "ws",
"dependency": "ws",
"title": "ws: Uninitialized memory disclosure",
"url": "https://github.com/advisories/GHSA-58qx-3vcg-4xpx",
"severity": "moderate",
"cwe": [
"CWE-908"
],
"cvss": {
"score": 4.4,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"
},
"range": ">=8.0.0 <8.20.1"
}
],
"effects": [
"engine.io",
"socket.io-adapter"
],
"range": "8.0.0 - 8.20.0",
"nodes": [
"",
"node_modules/ws"
],
"fixAvailable": {
"name": "karma",
"version": "6.4.2",
"isSemVerMajor": true
}
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 0,
"moderate": 5,
"high": 0,
"critical": 0,
"total": 5
},
"dependencies": {
"prod": 1,
"dev": 445,
"optional": 1,
"peer": 52,
"peerOptional": 0,
"total": 445
}
}
}
}
--- end ---
{"added": 445, "removed": 0, "changed": 0, "audited": 446, "funding": 99, "audit": {"auditReportVersion": 2, "vulnerabilities": {"engine.io": {"name": "engine.io", "severity": "moderate", "isDirect": false, "via": ["ws"], "effects": ["socket.io"], "range": "0.7.8 - 0.7.9 || >=6.0.0", "nodes": [""], "fixAvailable": {"name": "karma", "version": "6.4.2", "isSemVerMajor": true}}, "karma": {"name": "karma", "severity": "moderate", "isDirect": true, "via": ["socket.io"], "effects": [], "range": ">=6.4.3", "nodes": ["node_modules/karma"], "fixAvailable": {"name": "karma", "version": "6.4.2", "isSemVerMajor": true}}, "socket.io": {"name": "socket.io", "severity": "moderate", "isDirect": false, "via": ["engine.io", "socket.io-adapter"], "effects": ["karma"], "range": ">=4.3.0", "nodes": [""], "fixAvailable": {"name": "karma", "version": "6.4.2", "isSemVerMajor": true}}, "socket.io-adapter": {"name": "socket.io-adapter", "severity": "moderate", "isDirect": false, "via": ["ws"], "effects": ["socket.io"], "range": ">=2.5.2", "nodes": [""], "fixAvailable": {"name": "karma", "version": "6.4.2", "isSemVerMajor": true}}, "ws": {"name": "ws", "severity": "moderate", "isDirect": false, "via": [{"source": 1119108, "name": "ws", "dependency": "ws", "title": "ws: Uninitialized memory disclosure", "url": "https://github.com/advisories/GHSA-58qx-3vcg-4xpx", "severity": "moderate", "cwe": ["CWE-908"], "cvss": {"score": 4.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N"}, "range": ">=8.0.0 <8.20.1"}], "effects": ["engine.io", "socket.io-adapter"], "range": "8.0.0 - 8.20.0", "nodes": ["", "node_modules/ws"], "fixAvailable": {"name": "karma", "version": "6.4.2", "isSemVerMajor": true}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 5, "high": 0, "critical": 0, "total": 5}, "dependencies": {"prod": 1, "dev": 445, "optional": 1, "peer": 52, "peerOptional": 0, "total": 445}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---
added 444 packages, and audited 445 packages in 5s
99 packages are looking for funding
run `npm fund` for details
# npm audit report
ws 8.0.0 - 8.20.0
Severity: moderate
ws: Uninitialized memory disclosure - https://github.com/advisories/GHSA-58qx-3vcg-4xpx
fix available via `npm audit fix --force`
Will install karma@6.3.17, which is a breaking change
node_modules/ws
engine.io 0.7.8 - 0.7.9 || >=6.0.0
Depends on vulnerable versions of ws
node_modules/engine.io
socket.io >=4.3.0
Depends on vulnerable versions of engine.io
Depends on vulnerable versions of socket.io-adapter
node_modules/socket.io
karma >=6.3.18
Depends on vulnerable versions of socket.io
node_modules/karma
socket.io-adapter >=2.5.2
Depends on vulnerable versions of ws
node_modules/socket.io-adapter
5 moderate severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---
added 444 packages, and audited 445 packages in 5s
99 packages are looking for funding
run `npm fund` for details
5 moderate severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stderr ---
[baseline-browser-mapping] The data in this module is over two months old. To ensure accurate Baseline data, please update: `npm i baseline-browser-mapping@latest -D`
[baseline-browser-mapping] The data in this module is over two months old. To ensure accurate Baseline data, please update: `npm i baseline-browser-mapping@latest -D`
--- stdout ---
> jquery-client@3.0.0 test
> npm run lint . && karma start && npm run doc
> jquery-client@3.0.0 lint
> eslint --cache --max-warnings 0 .
20 05 2026 00:10:43.909:INFO [karma-server]: Karma v6.4.3 server started at http://localhost:9876/
20 05 2026 00:10:43.910:INFO [launcher]: Launching browsers FirefoxHeadless with concurrency unlimited
20 05 2026 00:10:43.915:INFO [launcher]: Starting browser FirefoxHeadless
20 05 2026 00:10:46.492:INFO [Firefox 140.0 (Linux x86_64)]: Connected on socket C8b3aiXOXfG6Ac-ZAAAB with id 94700840
................................................
Firefox 140.0 (Linux x86_64): Executed 48 of 48 SUCCESS (0.03 secs / 0.018 secs)
=============================== Coverage summary ===============================
Statements : 95.91% ( 94/98 )
Branches : 88.31% ( 68/77 )
Functions : 100% ( 4/4 )
Lines : 95.83% ( 92/96 )
================================================================================
> jquery-client@3.0.0 doc
> jsdoc -c jsdoc.json
--- end ---
$ package-lock-lint /src/repo/package-lock.json
--- stdout ---
Checking /src/repo/package-lock.json
--- end ---
[DNM] there are no updates
$ git add .
--- stdout ---
--- end ---
$ git commit -F /tmp/tmp047h2u4k
--- stdout ---
[master 3e63ba6] [DNM] there are no updates
1 file changed, 30 insertions(+), 129 deletions(-)
--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From 3e63ba689ea17ed715448a76089e4cdf6370669f Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Wed, 20 May 2026 00:10:48 +0000
Subject: [PATCH] [DNM] there are no updates
Change-Id: I98a56237b6f2ee9e5139f80e4c47aca6b7e391d9
---
package-lock.json | 159 +++++++++-------------------------------------
1 file changed, 30 insertions(+), 129 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 0445a2b..4f15233 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -613,12 +613,6 @@
"url": "https://github.com/sponsors/jonschlinkert"
}
},
- "node_modules/@types/cookie": {
- "version": "0.4.1",
- "resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.4.1.tgz",
- "integrity": "sha512-XW/Aa8APYr6jSVVA1y/DEIZX0/GMKLEVekNG727R8cs56ahETkRAy/3DR7+fJyh7oUgGwNQaRfXCun0+KbWY7Q==",
- "dev": true
- },
"node_modules/@types/cors": {
"version": "2.8.17",
"resolved": "https://registry.npmjs.org/@types/cors/-/cors-2.8.17.tgz",
@@ -671,6 +665,15 @@
"integrity": "sha512-37i+OaWTh9qeK4LSHPsyRC7NahnGotNuZvjLSgcPzblpHB3rrCJxAOgI5gCdKm7coonsaX1Of0ILiTcnZjbfxA==",
"dev": true
},
+ "node_modules/@types/ws": {
+ "version": "8.18.1",
+ "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.18.1.tgz",
+ "integrity": "sha512-ThVF6DCVhA8kUGy+aazFQ4kXQ7E1Ty7A3ypFOe0IcJV8O/M511G99AW24irKrW56Wt44yG9+ij8FaqoBGkuBXg==",
+ "dev": true,
+ "dependencies": {
+ "@types/node": "*"
+ }
+ },
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "8.54.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.54.0.tgz",
@@ -732,23 +735,6 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
- "node_modules/@typescript-eslint/parser/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/@typescript-eslint/project-service": {
"version": "8.54.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/project-service/-/project-service-8.54.0.tgz",
@@ -770,23 +756,6 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
- "node_modules/@typescript-eslint/project-service/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/@typescript-eslint/scope-manager": {
"version": "8.54.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.54.0.tgz",
@@ -844,23 +813,6 @@
"typescript": ">=4.8.4 <6.0.0"
}
},
- "node_modules/@typescript-eslint/type-utils/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/@typescript-eslint/types": {
"version": "8.54.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.54.0.tgz",
@@ -910,23 +862,6 @@
"balanced-match": "^1.0.0"
}
},
- "node_modules/@typescript-eslint/typescript-estree/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
"version": "9.0.9",
"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
@@ -1634,9 +1569,9 @@
}
},
"node_modules/debug": {
- "version": "4.3.7",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz",
- "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==",
+ "version": "4.4.3",
+ "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
+ "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
"dev": true,
"dependencies": {
"ms": "^2.1.3"
@@ -1764,21 +1699,21 @@
}
},
"node_modules/engine.io": {
- "version": "6.6.2",
- "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.6.2.tgz",
- "integrity": "sha512-gmNvsYi9C8iErnZdVcJnvCpSKbWTt1E8+JZo8b+daLninywUWi5NQ5STSHZ9rFjFO7imNcvb8Pc5pe/wMR5xEw==",
+ "version": "6.6.7",
+ "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.6.7.tgz",
+ "integrity": "sha512-DgOngfDKM2EviOH3Mr9m7ks1q8roetLy/IMmYthAYzbpInMbYc/GS+fWFA3rl1gvwKVsQrVV61fo5emD1y3OJQ==",
"dev": true,
"dependencies": {
- "@types/cookie": "^0.4.1",
"@types/cors": "^2.8.12",
"@types/node": ">=10.0.0",
+ "@types/ws": "^8.5.12",
"accepts": "~1.3.4",
"base64id": "2.0.0",
"cookie": "~0.7.2",
"cors": "~2.8.5",
- "debug": "~4.3.1",
+ "debug": "~4.4.1",
"engine.io-parser": "~5.2.1",
- "ws": "~8.17.1"
+ "ws": "~8.18.3"
},
"engines": {
"node": ">=10.2.0"
@@ -2112,23 +2047,6 @@
"eslint": "^7.0.0 || ^8.0.0 || ^9.0.0 || ^10.0.0"
}
},
- "node_modules/eslint-plugin-jsdoc/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/eslint-plugin-jsdoc/node_modules/eslint-visitor-keys": {
"version": "5.0.1",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-5.0.1.tgz",
@@ -4693,15 +4611,15 @@
}
},
"node_modules/socket.io": {
- "version": "4.8.1",
- "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.8.1.tgz",
- "integrity": "sha512-oZ7iUCxph8WYRHHcjBEc9unw3adt5CmSNlppj/5Q4k2RIrhl8Z5yY2Xr4j9zj0+wzVZ0bxmYoGSzKJnRl6A4yg==",
+ "version": "4.8.3",
+ "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-4.8.3.tgz",
+ "integrity": "sha512-2Dd78bqzzjE6KPkD5fHZmDAKRNe3J15q+YHDrIsy9WEkqttc7GY+kT9OBLSMaPbQaEd0x1BjcmtMtXkfpc+T5A==",
"dev": true,
"dependencies": {
"accepts": "~1.3.4",
"base64id": "~2.0.0",
"cors": "~2.8.5",
- "debug": "~4.3.2",
+ "debug": "~4.4.1",
"engine.io": "~6.6.0",
"socket.io-adapter": "~2.5.2",
"socket.io-parser": "~4.2.4"
@@ -4711,13 +4629,13 @@
}
},
"node_modules/socket.io-adapter": {
- "version": "2.5.5",
- "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.5.tgz",
- "integrity": "sha512-eLDQas5dzPgOWCk9GuuJC2lBqItuhKI4uxGgo9aIV7MYbk2h9Q6uULEh8WBzThoI7l+qU9Ast9fVUmkqPP9wYg==",
+ "version": "2.5.6",
+ "resolved": "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.6.tgz",
+ "integrity": "sha512-DkkO/dz7MGln0dHn5bmN3pPy+JmywNICWrJqVWiVOyvXjWQFIv9c2h24JrQLLFJ2aQVQf/Cvl1vblnd4r2apLQ==",
"dev": true,
"dependencies": {
- "debug": "~4.3.4",
- "ws": "~8.17.1"
+ "debug": "~4.4.1",
+ "ws": "~8.18.3"
}
},
"node_modules/socket.io-parser": {
@@ -4733,23 +4651,6 @@
"node": ">=10.0.0"
}
},
- "node_modules/socket.io-parser/node_modules/debug": {
- "version": "4.4.3",
- "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
- "integrity": "sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==",
- "dev": true,
- "dependencies": {
- "ms": "^2.1.3"
- },
- "engines": {
- "node": ">=6.0"
- },
- "peerDependenciesMeta": {
- "supports-color": {
- "optional": true
- }
- }
- },
"node_modules/source-map": {
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
@@ -5366,9 +5267,9 @@
"dev": true
},
"node_modules/ws": {
- "version": "8.17.1",
- "resolved": "https://registry.npmjs.org/ws/-/ws-8.17.1.tgz",
- "integrity": "sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==",
+ "version": "8.18.3",
+ "resolved": "https://registry.npmjs.org/ws/-/ws-8.18.3.tgz",
+ "integrity": "sha512-PEIGCY5tSlUt50cqyMXfCzX+oOPqN0vuGqWzbcJ2xvnkzkq46oOpz7dQaTDBdfICb4N14+GARUDw2XV2N4tvzg==",
"dev": true,
"engines": {
"node": ">=10.0.0"
--
2.47.3
--- end ---