mediawiki/extensions/PagePopups: main (log #2512358)

sourcepatches

This run took 33 seconds.

From df0dd432c16e38aa3810d8bbcf3788d4f3b93abc Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Fri, 19 Jun 2026 01:01:11 +0000
Subject: [PATCH] [DNM] there are no updates

Change-Id: I2b28aec4c7b177dd804278b228260e1393e365ba
---
 package-lock.json | 44 ++++++++++++++++++++++++++++++++------------
 1 file changed, 32 insertions(+), 12 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 2e83454..9fcd307 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -139,10 +139,20 @@
 			"dev": true
 		},
 		"node_modules/@eslint/eslintrc/node_modules/js-yaml": {
-			"version": "4.1.1",
-			"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-			"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+			"version": "4.2.0",
+			"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+			"integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
 			"dev": true,
+			"funding": [
+				{
+					"type": "github",
+					"url": "https://github.com/sponsors/puzrin"
+				},
+				{
+					"type": "github",
+					"url": "https://github.com/sponsors/nodeca"
+				}
+			],
 			"dependencies": {
 				"argparse": "^2.0.1"
 			},
@@ -1835,10 +1845,20 @@
 			"dev": true
 		},
 		"node_modules/eslint/node_modules/js-yaml": {
-			"version": "4.1.1",
-			"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-			"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+			"version": "4.2.0",
+			"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+			"integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
 			"dev": true,
+			"funding": [
+				{
+					"type": "github",
+					"url": "https://github.com/sponsors/puzrin"
+				},
+				{
+					"type": "github",
+					"url": "https://github.com/sponsors/nodeca"
+				}
+			],
 			"dependencies": {
 				"argparse": "^2.0.1"
 			},
@@ -4212,9 +4232,9 @@
 					"dev": true
 				},
 				"js-yaml": {
-					"version": "4.1.1",
-					"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-					"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+					"version": "4.2.0",
+					"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+					"integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
 					"dev": true,
 					"requires": {
 						"argparse": "^2.0.1"
@@ -5018,9 +5038,9 @@
 					"dev": true
 				},
 				"js-yaml": {
-					"version": "4.1.1",
-					"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-					"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+					"version": "4.2.0",
+					"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+					"integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
 					"dev": true,
 					"requires": {
 						"argparse": "^2.0.1"
-- 
2.47.3

$ date
--- stdout ---
Fri Jun 19 01:00:50 UTC 2026

--- end ---
$ git clone file:///srv/git/mediawiki-extensions-PagePopups.git /src/repo --depth=1 -b master
--- stderr ---
Cloning into '/src/repo'...
--- stdout ---

--- end ---
$ git config user.name libraryupgrader
--- stdout ---

--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---

--- end ---
$ git submodule update --init
--- stdout ---

--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.

--- end ---
$ git show-ref refs/heads/master
--- stdout ---
e7802f63af275392152555e62237732198d71f97 refs/heads/master

--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "grunt": {
      "name": "grunt",
      "severity": "moderate",
      "isDirect": true,
      "via": [
        "js-yaml"
      ],
      "effects": [
        "grunt-eslint"
      ],
      "range": ">=0.4.0-a",
      "nodes": [
        "node_modules/grunt"
      ],
      "fixAvailable": {
        "name": "grunt",
        "version": "0.3.17",
        "isSemVerMajor": true
      }
    },
    "grunt-eslint": {
      "name": "grunt-eslint",
      "severity": "moderate",
      "isDirect": true,
      "via": [
        "grunt"
      ],
      "effects": [],
      "range": "<=1.0.0 || >=18.1.0",
      "nodes": [
        "node_modules/grunt-eslint"
      ],
      "fixAvailable": {
        "name": "grunt-eslint",
        "version": "18.0.0",
        "isSemVerMajor": true
      }
    },
    "js-yaml": {
      "name": "js-yaml",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        {
          "source": 1120792,
          "name": "js-yaml",
          "dependency": "js-yaml",
          "title": "JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases",
          "url": "https://github.com/advisories/GHSA-h67p-54hq-rp68",
          "severity": "moderate",
          "cwe": [
            "CWE-407"
          ],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          },
          "range": "<=4.1.1"
        }
      ],
      "effects": [
        "grunt"
      ],
      "range": "<=4.1.1",
      "nodes": [
        "node_modules/@eslint/eslintrc/node_modules/js-yaml",
        "node_modules/eslint/node_modules/js-yaml",
        "node_modules/js-yaml"
      ],
      "fixAvailable": {
        "name": "grunt",
        "version": "0.3.17",
        "isSemVerMajor": true
      }
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 3,
      "high": 0,
      "critical": 0,
      "total": 3
    },
    "dependencies": {
      "prod": 1,
      "dev": 335,
      "optional": 0,
      "peer": 1,
      "peerOptional": 0,
      "total": 335
    }
  }
}

--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 21 installs, 0 updates, 0 removals
  - Locking composer/semver (3.4.4)
  - Locking composer/spdx-licenses (1.6.0)
  - Locking dealerdirect/phpcodesniffer-composer-installer (v1.2.1)
  - Locking mediawiki/mediawiki-codesniffer (v51.0.0)
  - Locking mediawiki/minus-x (2.0.1)
  - Locking php-parallel-lint/php-console-color (v1.0.1)
  - Locking php-parallel-lint/php-console-highlighter (v1.0.0)
  - Locking php-parallel-lint/php-parallel-lint (v1.4.0)
  - Locking phpcsstandards/phpcsextra (1.5.0)
  - Locking phpcsstandards/phpcsutils (1.2.2)
  - Locking psr/container (2.0.2)
  - Locking squizlabs/php_codesniffer (3.13.5)
  - Locking symfony/console (v8.1.0)
  - Locking symfony/deprecation-contracts (v3.7.0)
  - Locking symfony/polyfill-ctype (v1.37.0)
  - Locking symfony/polyfill-intl-grapheme (v1.38.1)
  - Locking symfony/polyfill-intl-normalizer (v1.38.0)
  - Locking symfony/polyfill-mbstring (v1.38.2)
  - Locking symfony/polyfill-php85 (v1.38.1)
  - Locking symfony/service-contracts (v3.7.0)
  - Locking symfony/string (v8.1.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 21 installs, 0 updates, 0 removals
    0 [>---------------------------]    0 [->--------------------------]
  - Installing squizlabs/php_codesniffer (3.13.5): Extracting archive
  - Installing dealerdirect/phpcodesniffer-composer-installer (v1.2.1): Extracting archive
  - Installing phpcsstandards/phpcsutils (1.2.2): Extracting archive
  - Installing phpcsstandards/phpcsextra (1.5.0): Extracting archive
  - Installing symfony/polyfill-mbstring (v1.38.2): Extracting archive
  - Installing composer/spdx-licenses (1.6.0): Extracting archive
  - Installing composer/semver (3.4.4): Extracting archive
  - Installing mediawiki/mediawiki-codesniffer (v51.0.0): Extracting archive
  - Installing symfony/polyfill-intl-normalizer (v1.38.0): Extracting archive
  - Installing symfony/polyfill-intl-grapheme (v1.38.1): Extracting archive
  - Installing symfony/polyfill-ctype (v1.37.0): Extracting archive
  - Installing symfony/string (v8.1.0): Extracting archive
  - Installing symfony/deprecation-contracts (v3.7.0): Extracting archive
  - Installing psr/container (2.0.2): Extracting archive
  - Installing symfony/service-contracts (v3.7.0): Extracting archive
  - Installing symfony/polyfill-php85 (v1.38.1): Extracting archive
  - Installing symfony/console (v8.1.0): Extracting archive
  - Installing mediawiki/minus-x (2.0.1): Extracting archive
  - Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
  - Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
  - Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive
  0/19 [>---------------------------]   0%
 19/19 [============================] 100%
Generating autoload files
15 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils

--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "grunt": {
      "name": "grunt",
      "severity": "moderate",
      "isDirect": true,
      "via": [
        "js-yaml"
      ],
      "effects": [
        "grunt-eslint"
      ],
      "range": ">=0.4.0-a",
      "nodes": [
        "node_modules/grunt"
      ],
      "fixAvailable": {
        "name": "grunt",
        "version": "0.3.17",
        "isSemVerMajor": true
      }
    },
    "grunt-eslint": {
      "name": "grunt-eslint",
      "severity": "moderate",
      "isDirect": true,
      "via": [
        "grunt"
      ],
      "effects": [],
      "range": "<=1.0.0 || >=18.1.0",
      "nodes": [
        "node_modules/grunt-eslint"
      ],
      "fixAvailable": {
        "name": "grunt-eslint",
        "version": "18.0.0",
        "isSemVerMajor": true
      }
    },
    "js-yaml": {
      "name": "js-yaml",
      "severity": "moderate",
      "isDirect": false,
      "via": [
        {
          "source": 1120792,
          "name": "js-yaml",
          "dependency": "js-yaml",
          "title": "JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases",
          "url": "https://github.com/advisories/GHSA-h67p-54hq-rp68",
          "severity": "moderate",
          "cwe": [
            "CWE-407"
          ],
          "cvss": {
            "score": 5.3,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
          },
          "range": "<=4.1.1"
        }
      ],
      "effects": [
        "grunt"
      ],
      "range": "<=4.1.1",
      "nodes": [
        "node_modules/@eslint/eslintrc/node_modules/js-yaml",
        "node_modules/eslint/node_modules/js-yaml",
        "node_modules/js-yaml"
      ],
      "fixAvailable": {
        "name": "grunt",
        "version": "0.3.17",
        "isSemVerMajor": true
      }
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 3,
      "high": 0,
      "critical": 0,
      "total": 3
    },
    "dependencies": {
      "prod": 1,
      "dev": 335,
      "optional": 0,
      "peer": 1,
      "peerOptional": 0,
      "total": 335
    }
  }
}

--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
  "added": 335,
  "removed": 0,
  "changed": 0,
  "audited": 336,
  "funding": 84,
  "audit": {
    "auditReportVersion": 2,
    "vulnerabilities": {
      "grunt": {
        "name": "grunt",
        "severity": "moderate",
        "isDirect": true,
        "via": [
          "js-yaml"
        ],
        "effects": [
          "grunt-eslint"
        ],
        "range": ">=0.4.0-a",
        "nodes": [
          "node_modules/grunt"
        ],
        "fixAvailable": {
          "name": "grunt",
          "version": "0.3.17",
          "isSemVerMajor": true
        }
      },
      "grunt-eslint": {
        "name": "grunt-eslint",
        "severity": "moderate",
        "isDirect": true,
        "via": [
          "grunt"
        ],
        "effects": [],
        "range": "<=1.0.0 || >=18.1.0",
        "nodes": [
          "node_modules/grunt-eslint"
        ],
        "fixAvailable": {
          "name": "grunt-eslint",
          "version": "18.0.0",
          "isSemVerMajor": true
        }
      },
      "js-yaml": {
        "name": "js-yaml",
        "severity": "moderate",
        "isDirect": false,
        "via": [
          {
            "source": 1120792,
            "name": "js-yaml",
            "dependency": "js-yaml",
            "title": "JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases",
            "url": "https://github.com/advisories/GHSA-h67p-54hq-rp68",
            "severity": "moderate",
            "cwe": [
              "CWE-407"
            ],
            "cvss": {
              "score": 5.3,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
            },
            "range": "<=4.1.1"
          }
        ],
        "effects": [
          "grunt"
        ],
        "range": "<=4.1.1",
        "nodes": [
          "",
          "",
          "node_modules/js-yaml"
        ],
        "fixAvailable": {
          "name": "grunt",
          "version": "0.3.17",
          "isSemVerMajor": true
        }
      }
    },
    "metadata": {
      "vulnerabilities": {
        "info": 0,
        "low": 0,
        "moderate": 3,
        "high": 0,
        "critical": 0,
        "total": 3
      },
      "dependencies": {
        "prod": 1,
        "dev": 335,
        "optional": 0,
        "peer": 1,
        "peerOptional": 0,
        "total": 335
      }
    }
  }
}

--- end ---
{"added": 335, "removed": 0, "changed": 0, "audited": 336, "funding": 84, "audit": {"auditReportVersion": 2, "vulnerabilities": {"grunt": {"name": "grunt", "severity": "moderate", "isDirect": true, "via": ["js-yaml"], "effects": ["grunt-eslint"], "range": ">=0.4.0-a", "nodes": ["node_modules/grunt"], "fixAvailable": {"name": "grunt", "version": "0.3.17", "isSemVerMajor": true}}, "grunt-eslint": {"name": "grunt-eslint", "severity": "moderate", "isDirect": true, "via": ["grunt"], "effects": [], "range": "<=1.0.0 || >=18.1.0", "nodes": ["node_modules/grunt-eslint"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "js-yaml": {"name": "js-yaml", "severity": "moderate", "isDirect": false, "via": [{"source": 1120792, "name": "js-yaml", "dependency": "js-yaml", "title": "JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases", "url": "https://github.com/advisories/GHSA-h67p-54hq-rp68", "severity": "moderate", "cwe": ["CWE-407"], "cvss": {"score": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "range": "<=4.1.1"}], "effects": ["grunt"], "range": "<=4.1.1", "nodes": ["", "", "node_modules/js-yaml"], "fixAvailable": {"name": "grunt", "version": "0.3.17", "isSemVerMajor": true}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 3, "high": 0, "critical": 0, "total": 3}, "dependencies": {"prod": 1, "dev": 335, "optional": 0, "peer": 1, "peerOptional": 0, "total": 335}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.1.7: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---

added 335 packages, and audited 336 packages in 4s

84 packages are looking for funding
  run `npm fund` for details

# npm audit report

js-yaml  <=4.1.1
Severity: moderate
JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases - https://github.com/advisories/GHSA-h67p-54hq-rp68
fix available via `npm audit fix --force`
Will install grunt@0.3.17, which is a breaking change
node_modules/js-yaml
  grunt  >=0.4.0-a
  Depends on vulnerable versions of js-yaml
  node_modules/grunt
    grunt-eslint  <=1.0.0 || >=18.1.0
    Depends on vulnerable versions of grunt
    node_modules/grunt-eslint

3 moderate severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.1.7: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---

added 335 packages, and audited 336 packages in 4s

84 packages are looking for funding
  run `npm fund` for details

3 moderate severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

--- end ---
$ /usr/bin/npm test
--- stderr ---
[baseline-browser-mapping] The data in this module is over two months old.  To ensure accurate Baseline data, please update: `npm i baseline-browser-mapping@latest -D`
--- stdout ---

> test
> grunt test

Running "eslint:all" (eslint) task

/src/repo/PagePopups.js
   4:11  warning  Identifier 'click_body' is not in camel case                                        camelcase
  16:3   warning  Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible  no-jquery/no-global-selector
  16:3   warning  Prefer DOM building to parsing HTML literals                                        no-jquery/no-parse-html-literal
  17:3   warning  jQuery collection names must match the variablePattern                              no-jquery/variable-pattern
  17:12  warning  Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible  no-jquery/no-global-selector
  27:3   warning  Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible  no-jquery/no-global-selector
  32:3   warning  Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible  no-jquery/no-global-selector
  43:3   warning  Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible  no-jquery/no-global-selector

✖ 8 problems (0 errors, 8 warnings)


Running "banana:all" (banana) task
>> 1 message directory checked.

Done.

--- end ---
$ package-lock-lint /src/repo/package-lock.json
--- stdout ---
Checking /src/repo/package-lock.json

--- end ---
[DNM] there are no updates
$ git add .
--- stdout ---

--- end ---
$ git commit -F /tmp/tmpsanjb2wg
--- stdout ---
[master df0dd43] [DNM] there are no updates
 1 file changed, 32 insertions(+), 12 deletions(-)

--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From df0dd432c16e38aa3810d8bbcf3788d4f3b93abc Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Fri, 19 Jun 2026 01:01:11 +0000
Subject: [PATCH] [DNM] there are no updates

Change-Id: I2b28aec4c7b177dd804278b228260e1393e365ba
---
 package-lock.json | 44 ++++++++++++++++++++++++++++++++------------
 1 file changed, 32 insertions(+), 12 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 2e83454..9fcd307 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -139,10 +139,20 @@
 			"dev": true
 		},
 		"node_modules/@eslint/eslintrc/node_modules/js-yaml": {
-			"version": "4.1.1",
-			"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-			"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+			"version": "4.2.0",
+			"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+			"integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
 			"dev": true,
+			"funding": [
+				{
+					"type": "github",
+					"url": "https://github.com/sponsors/puzrin"
+				},
+				{
+					"type": "github",
+					"url": "https://github.com/sponsors/nodeca"
+				}
+			],
 			"dependencies": {
 				"argparse": "^2.0.1"
 			},
@@ -1835,10 +1845,20 @@
 			"dev": true
 		},
 		"node_modules/eslint/node_modules/js-yaml": {
-			"version": "4.1.1",
-			"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-			"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+			"version": "4.2.0",
+			"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+			"integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
 			"dev": true,
+			"funding": [
+				{
+					"type": "github",
+					"url": "https://github.com/sponsors/puzrin"
+				},
+				{
+					"type": "github",
+					"url": "https://github.com/sponsors/nodeca"
+				}
+			],
 			"dependencies": {
 				"argparse": "^2.0.1"
 			},
@@ -4212,9 +4232,9 @@
 					"dev": true
 				},
 				"js-yaml": {
-					"version": "4.1.1",
-					"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-					"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+					"version": "4.2.0",
+					"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+					"integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
 					"dev": true,
 					"requires": {
 						"argparse": "^2.0.1"
@@ -5018,9 +5038,9 @@
 					"dev": true
 				},
 				"js-yaml": {
-					"version": "4.1.1",
-					"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.1.tgz",
-					"integrity": "sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==",
+					"version": "4.2.0",
+					"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.2.0.tgz",
+					"integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==",
 					"dev": true,
 					"requires": {
 						"argparse": "^2.0.1"
-- 
2.47.3


--- end ---
Source code is licensed under the AGPL.