$ date
--- stdout ---
Sat Jul 12 01:01:36 UTC 2025
--- end ---
$ git clone file:///srv/git/mediawiki-extensions-ContactManager.git repo --depth=1 -b master
--- stderr ---
Cloning into 'repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
5d3d43d77f8d852acaed79b07da8d708558ef164 refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"brace-expansion": {
"name": "brace-expansion",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1105443,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion Regular Expression Denial of Service vulnerability",
"url": "https://github.com/advisories/GHSA-v6h2-p8h4-qcjw",
"severity": "low",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 3.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=1.0.0 <=1.1.11"
},
{
"source": 1105444,
"name": "brace-expansion",
"dependency": "brace-expansion",
"title": "brace-expansion Regular Expression Denial of Service vulnerability",
"url": "https://github.com/advisories/GHSA-v6h2-p8h4-qcjw",
"severity": "low",
"cwe": [
"CWE-400"
],
"cvss": {
"score": 3.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=2.0.0 <=2.0.1"
}
],
"effects": [],
"range": "1.0.0 - 1.1.11 || 2.0.0 - 2.0.1",
"nodes": [
"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion",
"node_modules/brace-expansion",
"node_modules/eslint-plugin-n/node_modules/brace-expansion"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 1,
"moderate": 0,
"high": 0,
"critical": 0,
"total": 1
},
"dependencies": {
"prod": 1,
"dev": 310,
"optional": 0,
"peer": 1,
"peerOptional": 0,
"total": 310
}
}
}
--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 58 installs, 0 updates, 0 removals
- Locking async-aws/core (1.26.0)
- Locking async-aws/ses (1.12.0)
- Locking composer/semver (3.4.3)
- Locking composer/spdx-licenses (1.5.9)
- Locking dealerdirect/phpcodesniffer-composer-installer (v1.1.1)
- Locking doctrine/lexer (3.0.1)
- Locking dragonmantank/cron-expression (v3.4.0)
- Locking egulias/email-validator (4.0.4)
- Locking html2text/html2text (4.3.2)
- Locking laminas/laminas-servicemanager (3.23.0)
- Locking laminas/laminas-stdlib (3.20.0)
- Locking laminas/laminas-validator (2.64.4)
- Locking mediawiki/mediawiki-codesniffer (v47.0.0)
- Locking mediawiki/minus-x (1.1.3)
- Locking mmucklo/email-parse (2.2.1)
- Locking patrickschur/language-detection (v5.3.1)
- Locking php-imap/php-imap (5.0.1)
- Locking php-parallel-lint/php-console-color (v1.0.1)
- Locking php-parallel-lint/php-console-highlighter (v1.0.0)
- Locking php-parallel-lint/php-parallel-lint (v1.4.0)
- Locking phpcsstandards/phpcsextra (1.2.1)
- Locking phpcsstandards/phpcsutils (1.0.12)
- Locking psr/cache (3.0.0)
- Locking psr/container (1.1.2)
- Locking psr/event-dispatcher (1.0.0)
- Locking psr/http-message (2.0)
- Locking psr/log (1.1.4)
- Locking squizlabs/php_codesniffer (3.12.2)
- Locking symfony/amazon-mailer (v5.4.45)
- Locking symfony/console (v7.3.1)
- Locking symfony/deprecation-contracts (v3.6.0)
- Locking symfony/event-dispatcher (v6.4.13)
- Locking symfony/event-dispatcher-contracts (v3.6.0)
- Locking symfony/google-mailer (v5.4.45)
- Locking symfony/http-client (v7.3.1)
- Locking symfony/http-client-contracts (v3.6.0)
- Locking symfony/mailchimp-mailer (v5.4.45)
- Locking symfony/mailer (v5.4.45)
- Locking symfony/mailgun-mailer (v5.4.45)
- Locking symfony/mailjet-mailer (v5.4.45)
- Locking symfony/mime (v6.4.21)
- Locking symfony/oh-my-smtp-mailer (v5.4.45)
- Locking symfony/polyfill-ctype (v1.32.0)
- Locking symfony/polyfill-intl-grapheme (v1.32.0)
- Locking symfony/polyfill-intl-idn (v1.32.0)
- Locking symfony/polyfill-intl-normalizer (v1.32.0)
- Locking symfony/polyfill-mbstring (v1.32.0)
- Locking symfony/polyfill-php80 (v1.32.0)
- Locking symfony/polyfill-php81 (v1.32.0)
- Locking symfony/postmark-mailer (v5.4.45)
- Locking symfony/sendgrid-mailer (v5.4.45)
- Locking symfony/sendinblue-mailer (v5.4.45)
- Locking symfony/service-contracts (v3.6.0)
- Locking symfony/string (v7.3.0)
- Locking theiconic/name-parser (v1.2.11)
- Locking twig/twig (v3.11.3)
- Locking webmozart/assert (1.11.0)
- Locking willdurand/email-reply-parser (2.10.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 58 installs, 0 updates, 0 removals
- Downloading laminas/laminas-stdlib (3.20.0)
- Downloading laminas/laminas-servicemanager (3.23.0)
- Downloading laminas/laminas-validator (2.64.4)
- Downloading mmucklo/email-parse (2.2.1)
- Downloading patrickschur/language-detection (v5.3.1)
- Downloading php-imap/php-imap (5.0.1)
- Downloading theiconic/name-parser (v1.2.11)
- Downloading twig/twig (v3.11.3)
- Downloading willdurand/email-reply-parser (2.10.0)
0/9 [>---------------------------] 0%
5/9 [===============>------------] 55%
9/9 [============================] 100%
- Installing squizlabs/php_codesniffer (3.12.2): Extracting archive
- Installing dealerdirect/phpcodesniffer-composer-installer (v1.1.1): Extracting archive
- Installing symfony/deprecation-contracts (v3.6.0): Extracting archive
- Installing psr/container (1.1.2): Extracting archive
- Installing symfony/service-contracts (v3.6.0): Extracting archive
- Installing symfony/http-client-contracts (v3.6.0): Extracting archive
- Installing psr/log (1.1.4): Extracting archive
- Installing symfony/http-client (v7.3.1): Extracting archive
- Installing psr/cache (3.0.0): Extracting archive
- Installing async-aws/core (1.26.0): Extracting archive
- Installing symfony/polyfill-ctype (v1.32.0): Extracting archive
- Installing webmozart/assert (1.11.0): Extracting archive
- Installing dragonmantank/cron-expression (v3.4.0): Extracting archive
- Installing symfony/polyfill-intl-normalizer (v1.32.0): Extracting archive
- Installing symfony/polyfill-intl-idn (v1.32.0): Extracting archive
- Installing doctrine/lexer (3.0.1): Extracting archive
- Installing egulias/email-validator (4.0.4): Extracting archive
- Installing html2text/html2text (4.3.2): Extracting archive
- Installing laminas/laminas-stdlib (3.20.0): Extracting archive
- Installing laminas/laminas-servicemanager (3.23.0): Extracting archive
- Installing symfony/polyfill-php80 (v1.32.0): Extracting archive
- Installing phpcsstandards/phpcsutils (1.0.12): Extracting archive
- Installing phpcsstandards/phpcsextra (1.2.1): Extracting archive
- Installing symfony/polyfill-mbstring (v1.32.0): Extracting archive
- Installing composer/spdx-licenses (1.5.9): Extracting archive
- Installing composer/semver (3.4.3): Extracting archive
- Installing mediawiki/mediawiki-codesniffer (v47.0.0): Extracting archive
- Installing symfony/polyfill-intl-grapheme (v1.32.0): Extracting archive
- Installing symfony/string (v7.3.0): Extracting archive
- Installing symfony/console (v7.3.1): Extracting archive
- Installing mediawiki/minus-x (1.1.3): Extracting archive
- Installing psr/http-message (2.0): Extracting archive
- Installing laminas/laminas-validator (2.64.4): Extracting archive
- Installing mmucklo/email-parse (2.2.1): Extracting archive
- Installing patrickschur/language-detection (v5.3.1): Extracting archive
- Installing php-imap/php-imap (5.0.1): Extracting archive
- Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
- Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
- Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive
- Installing symfony/mime (v6.4.21): Extracting archive
- Installing psr/event-dispatcher (1.0.0): Extracting archive
- Installing symfony/event-dispatcher-contracts (v3.6.0): Extracting archive
- Installing symfony/event-dispatcher (v6.4.13): Extracting archive
- Installing symfony/mailer (v5.4.45): Extracting archive
- Installing async-aws/ses (1.12.0): Extracting archive
- Installing symfony/amazon-mailer (v5.4.45): Extracting archive
- Installing symfony/google-mailer (v5.4.45): Extracting archive
- Installing symfony/mailchimp-mailer (v5.4.45): Extracting archive
- Installing symfony/mailgun-mailer (v5.4.45): Extracting archive
- Installing symfony/mailjet-mailer (v5.4.45): Extracting archive
- Installing symfony/oh-my-smtp-mailer (v5.4.45): Extracting archive
- Installing symfony/postmark-mailer (v5.4.45): Extracting archive
- Installing symfony/sendgrid-mailer (v5.4.45): Extracting archive
- Installing symfony/sendinblue-mailer (v5.4.45): Extracting archive
- Installing theiconic/name-parser (v1.2.11): Extracting archive
- Installing symfony/polyfill-php81 (v1.32.0): Extracting archive
- Installing twig/twig (v3.11.3): Extracting archive
- Installing willdurand/email-reply-parser (2.10.0): Extracting archive
0/56 [>---------------------------] 0%
19/56 [=========>------------------] 33%
30/56 [===============>------------] 53%
40/56 [====================>-------] 71%
50/56 [=========================>--] 89%
56/56 [============================] 100%
7 package suggestions were added by new dependencies, use `composer suggest` to see details.
Package symfony/oh-my-smtp-mailer is abandoned, you should avoid using it. Use symfony/mail-pace-mailer instead.
Generating autoload files
41 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils
--- end ---
Upgrading n:eslint-config-wikimedia from 0.29.1 -> 0.30.0
$ /usr/bin/npm install
--- stdout ---
added 310 packages, and audited 311 packages in 4s
61 packages are looking for funding
run `npm fund` for details
1 low severity vulnerability
To address all issues, run:
npm audit fix
Run `npm audit` for details.
--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
$ /usr/bin/npm install grunt-eslint@24.3.0 --save-exact
--- stdout ---
up to date, audited 311 packages in 1s
61 packages are looking for funding
run `npm fund` for details
1 low severity vulnerability
To address all issues, run:
npm audit fix
Run `npm audit` for details.
--- end ---
$ package-lock-lint package-lock.json
--- stdout ---
Checking package-lock.json
--- end ---
$ ./node_modules/.bin/eslint i18n/en.json resources/ContactManager.js package.json i18n/qqq.json Gruntfile.js extension.json composer.json package-lock.json --fix
--- stderr ---
Oops! Something went wrong! :(
ESLint: 8.57.0
ESLint couldn't find the config "wikimedia/client-es6" to extend from. Please check that the name of the config is correct.
The config "wikimedia/client-es6" was referenced from the config file in "/src/repo/.eslintrc.json".
If you still have problems, please stop by https://eslint.org/chat/help to chat with the team.
--- stdout ---
--- end ---
$ ./node_modules/.bin/eslint i18n/en.json resources/ContactManager.js package.json i18n/qqq.json Gruntfile.js extension.json composer.json package-lock.json -f json
--- stderr ---
Oops! Something went wrong! :(
ESLint: 8.57.0
ESLint couldn't find the config "wikimedia/client-es6" to extend from. Please check that the name of the config is correct.
The config "wikimedia/client-es6" was referenced from the config file in "/src/repo/.eslintrc.json".
If you still have problems, please stop by https://eslint.org/chat/help to chat with the team.
--- stdout ---
--- end ---
Traceback (most recent call last):
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 2026, in main
libup.run(args.repo, args.output, args.branch)
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1962, in run
self.npm_upgrade(plan)
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1253, in npm_upgrade
hook(update)
File "/venv/lib/python3.11/site-packages/runner-0.1.0-py3.11.egg/runner/__init__.py", line 1642, in _handle_eslint
errors = json.loads(
^^^^^^^^^^^
File "/usr/lib/python3.11/json/__init__.py", line 346, in loads
return _default_decoder.decode(s)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/json/decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/json/decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)