$ date
--- stdout ---
Mon Jun 15 05:29:12 UTC 2026
--- end ---
$ git clone file:///srv/git/mediawiki-extensions-Kartographer.git /src/repo --depth=1 -b master
--- stderr ---
Cloning into '/src/repo'...
--- stdout ---
--- end ---
$ git config user.name libraryupgrader
--- stdout ---
--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---
--- end ---
$ git submodule update --init
--- stdout ---
--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.
--- end ---
$ git show-ref refs/heads/master
--- stdout ---
76e39f3e893910d99707d00590dd1327d2897eed refs/heads/master
--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
"auditReportVersion": 2,
"vulnerabilities": {
"browserify-sign": {
"name": "browserify-sign",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": ">=2.4.0",
"nodes": [
"node_modules/browserify-sign"
],
"fixAvailable": true
},
"create-ecdh": {
"name": "create-ecdh",
"severity": "low",
"isDirect": false,
"via": [
"elliptic"
],
"effects": [
"crypto-browserify"
],
"range": "*",
"nodes": [
"node_modules/create-ecdh"
],
"fixAvailable": true
},
"crypto-browserify": {
"name": "crypto-browserify",
"severity": "low",
"isDirect": false,
"via": [
"browserify-sign",
"create-ecdh"
],
"effects": [],
"range": ">=3.4.0",
"nodes": [
"node_modules/crypto-browserify"
],
"fixAvailable": true
},
"elliptic": {
"name": "elliptic",
"severity": "low",
"isDirect": false,
"via": [
{
"source": 1112030,
"name": "elliptic",
"dependency": "elliptic",
"title": "Elliptic Uses a Cryptographic Primitive with a Risky Implementation",
"url": "https://github.com/advisories/GHSA-848j-6mx2-7j84",
"severity": "low",
"cwe": [
"CWE-1240"
],
"cvss": {
"score": 5.6,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
},
"range": "<=6.6.1"
}
],
"effects": [
"browserify-sign",
"create-ecdh"
],
"range": "*",
"nodes": [
"node_modules/elliptic"
],
"fixAvailable": true
},
"fast-uri": {
"name": "fast-uri",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1117870,
"name": "fast-uri",
"dependency": "fast-uri",
"title": "fast-uri vulnerable to path traversal via percent-encoded dot segments",
"url": "https://github.com/advisories/GHSA-q3j6-qgpj-74h6",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
},
"range": "<=3.1.0"
},
{
"source": 1117884,
"name": "fast-uri",
"dependency": "fast-uri",
"title": "fast-uri vulnerable to host confusion via percent-encoded authority delimiters",
"url": "https://github.com/advisories/GHSA-v39h-62p7-jpjc",
"severity": "high",
"cwe": [
"CWE-436"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
},
"range": "<=3.1.1"
}
],
"effects": [],
"range": "<=3.1.1",
"nodes": [
"node_modules/fast-uri"
],
"fixAvailable": true
},
"gaze": {
"name": "gaze",
"severity": "high",
"isDirect": false,
"via": [
"globule"
],
"effects": [
"grunt-contrib-watch"
],
"range": ">=0.4.0",
"nodes": [
"node_modules/gaze"
],
"fixAvailable": {
"name": "grunt-contrib-watch",
"version": "0.4.4",
"isSemVerMajor": true
}
},
"globule": {
"name": "globule",
"severity": "high",
"isDirect": false,
"via": [
"minimatch"
],
"effects": [
"gaze"
],
"range": "*",
"nodes": [
"node_modules/globule"
],
"fixAvailable": {
"name": "grunt-contrib-watch",
"version": "0.4.4",
"isSemVerMajor": true
}
},
"grunt-contrib-watch": {
"name": "grunt-contrib-watch",
"severity": "high",
"isDirect": true,
"via": [
"gaze"
],
"effects": [],
"range": ">=0.5.0",
"nodes": [
"node_modules/grunt-contrib-watch"
],
"fixAvailable": {
"name": "grunt-contrib-watch",
"version": "0.4.4",
"isSemVerMajor": true
}
},
"minimatch": {
"name": "minimatch",
"severity": "high",
"isDirect": false,
"via": [
{
"source": 1113459,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
"url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<3.1.3"
},
{
"source": 1113538,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
"url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
"severity": "high",
"cwe": [
"CWE-407"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.3"
},
{
"source": 1113546,
"name": "minimatch",
"dependency": "minimatch",
"title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
"url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
"severity": "high",
"cwe": [
"CWE-1333"
],
"cvss": {
"score": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
"range": "<3.1.4"
}
],
"effects": [
"globule"
],
"range": "<=3.1.3",
"nodes": [
"node_modules/globule/node_modules/minimatch"
],
"fixAvailable": {
"name": "grunt-contrib-watch",
"version": "0.4.4",
"isSemVerMajor": true
}
},
"qs": {
"name": "qs",
"severity": "moderate",
"isDirect": false,
"via": [
{
"source": 1119502,
"name": "qs",
"dependency": "qs",
"title": "qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set",
"url": "https://github.com/advisories/GHSA-q8mj-m7cp-5q26",
"severity": "moderate",
"cwe": [
"CWE-476"
],
"cvss": {
"score": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
},
"range": ">=6.11.1 <=6.15.1"
}
],
"effects": [],
"range": "6.11.1 - 6.15.1",
"nodes": [
"node_modules/qs"
],
"fixAvailable": true
},
"rollup": {
"name": "rollup",
"severity": "high",
"isDirect": true,
"via": [
{
"source": 1099757,
"name": "rollup",
"dependency": "rollup",
"title": "DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS",
"url": "https://github.com/advisories/GHSA-gcx4-mw62-g8wm",
"severity": "high",
"cwe": [
"CWE-79"
],
"cvss": {
"score": 6.4,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"
},
"range": "<2.79.2"
},
{
"source": 1113517,
"name": "rollup",
"dependency": "rollup",
"title": "Rollup 4 has Arbitrary File Write via Path Traversal",
"url": "https://github.com/advisories/GHSA-mw96-cpmx-2vgc",
"severity": "high",
"cwe": [
"CWE-22"
],
"cvss": {
"score": 0,
"vectorString": null
},
"range": "<2.80.0"
}
],
"effects": [],
"range": "<=2.79.2",
"nodes": [
"node_modules/rollup"
],
"fixAvailable": {
"name": "rollup",
"version": "4.62.0",
"isSemVerMajor": true
}
},
"shell-quote": {
"name": "shell-quote",
"severity": "critical",
"isDirect": false,
"via": [
{
"source": 1120422,
"name": "shell-quote",
"dependency": "shell-quote",
"title": "shell-quote quote() does not escape newlines in object .op values",
"url": "https://github.com/advisories/GHSA-w7jw-789q-3m8p",
"severity": "critical",
"cwe": [
"CWE-77",
"CWE-78"
],
"cvss": {
"score": 8.1,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
"range": ">=1.1.0 <=1.8.3"
}
],
"effects": [],
"range": "1.1.0 - 1.8.3",
"nodes": [
"node_modules/shell-quote"
],
"fixAvailable": true
}
},
"metadata": {
"vulnerabilities": {
"info": 0,
"low": 4,
"moderate": 1,
"high": 6,
"critical": 1,
"total": 12
},
"dependencies": {
"prod": 8,
"dev": 687,
"optional": 0,
"peer": 1,
"peerOptional": 0,
"total": 694
}
}
}
--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 38 installs, 0 updates, 0 removals
- Locking composer/pcre (3.4.0)
- Locking composer/semver (3.4.4)
- Locking composer/spdx-licenses (1.6.0)
- Locking composer/xdebug-handler (3.0.5)
- Locking danog/advanced-json-rpc (v3.2.3)
- Locking dealerdirect/phpcodesniffer-composer-installer (v1.2.1)
- Locking doctrine/deprecations (1.1.6)
- Locking mediawiki/mediawiki-codesniffer (v51.0.0)
- Locking mediawiki/mediawiki-phan-config (0.20.0)
- Locking mediawiki/minus-x (2.0.1)
- Locking mediawiki/phan-taint-check-plugin (9.1.0)
- Locking netresearch/jsonmapper (v5.0.1)
- Locking phan/phan (6.0.2)
- Locking phan/tolerant-php-parser (v0.2.0)
- Locking phan/var_representation_polyfill (0.1.4)
- Locking php-parallel-lint/php-console-color (v1.0.1)
- Locking php-parallel-lint/php-console-highlighter (v1.0.0)
- Locking php-parallel-lint/php-parallel-lint (v1.4.0)
- Locking phpcsstandards/phpcsextra (1.5.0)
- Locking phpcsstandards/phpcsutils (1.2.2)
- Locking phpdocumentor/reflection-common (2.2.0)
- Locking phpdocumentor/reflection-docblock (6.0.3)
- Locking phpdocumentor/type-resolver (2.0.0)
- Locking phpstan/phpdoc-parser (2.3.2)
- Locking psr/container (2.0.2)
- Locking psr/log (3.0.2)
- Locking sabre/event (6.1.0)
- Locking squizlabs/php_codesniffer (3.13.5)
- Locking symfony/console (v8.1.0)
- Locking symfony/deprecation-contracts (v3.7.0)
- Locking symfony/polyfill-ctype (v1.37.0)
- Locking symfony/polyfill-intl-grapheme (v1.38.1)
- Locking symfony/polyfill-intl-normalizer (v1.38.0)
- Locking symfony/polyfill-mbstring (v1.38.2)
- Locking symfony/polyfill-php85 (v1.38.1)
- Locking symfony/service-contracts (v3.7.0)
- Locking symfony/string (v8.1.0)
- Locking webmozart/assert (2.4.0)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 38 installs, 0 updates, 0 removals
0 [>---------------------------] 0 [->--------------------------]
- Installing squizlabs/php_codesniffer (3.13.5): Extracting archive
- Installing dealerdirect/phpcodesniffer-composer-installer (v1.2.1): Extracting archive
- Installing composer/pcre (3.4.0): Extracting archive
- Installing phpcsstandards/phpcsutils (1.2.2): Extracting archive
- Installing phpcsstandards/phpcsextra (1.5.0): Extracting archive
- Installing symfony/polyfill-mbstring (v1.38.2): Extracting archive
- Installing composer/spdx-licenses (1.6.0): Extracting archive
- Installing composer/semver (3.4.4): Extracting archive
- Installing mediawiki/mediawiki-codesniffer (v51.0.0): Extracting archive
- Installing symfony/polyfill-intl-normalizer (v1.38.0): Extracting archive
- Installing symfony/polyfill-intl-grapheme (v1.38.1): Extracting archive
- Installing symfony/polyfill-ctype (v1.37.0): Extracting archive
- Installing symfony/string (v8.1.0): Extracting archive
- Installing symfony/deprecation-contracts (v3.7.0): Extracting archive
- Installing psr/container (2.0.2): Extracting archive
- Installing symfony/service-contracts (v3.7.0): Extracting archive
- Installing symfony/polyfill-php85 (v1.38.1): Extracting archive
- Installing symfony/console (v8.1.0): Extracting archive
- Installing sabre/event (6.1.0): Extracting archive
- Installing phan/var_representation_polyfill (0.1.4): Extracting archive
- Installing phan/tolerant-php-parser (v0.2.0): Extracting archive
- Installing netresearch/jsonmapper (v5.0.1): Extracting archive
- Installing webmozart/assert (2.4.0): Extracting archive
- Installing phpstan/phpdoc-parser (2.3.2): Extracting archive
- Installing phpdocumentor/reflection-common (2.2.0): Extracting archive
- Installing doctrine/deprecations (1.1.6): Extracting archive
- Installing phpdocumentor/type-resolver (2.0.0): Extracting archive
- Installing phpdocumentor/reflection-docblock (6.0.3): Extracting archive
- Installing danog/advanced-json-rpc (v3.2.3): Extracting archive
- Installing psr/log (3.0.2): Extracting archive
- Installing composer/xdebug-handler (3.0.5): Extracting archive
- Installing phan/phan (6.0.2): Extracting archive
- Installing mediawiki/phan-taint-check-plugin (9.1.0): Extracting archive
- Installing mediawiki/mediawiki-phan-config (0.20.0): Extracting archive
- Installing mediawiki/minus-x (2.0.1): Extracting archive
- Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
- Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
- Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive
0/36 [>---------------------------] 0%
29/36 [======================>-----] 80%
35/36 [===========================>] 97%
36/36 [============================] 100%
1 package suggestions were added by new dependencies, use `composer suggest` to see details.
Generating autoload files
17 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils
--- end ---
Upgrading n:grunt-stylelint from 0.20.1 -> 0.21.0
Upgrading n:stylelint-config-wikimedia from 0.18.0 -> 0.19.2
Upgrading n:jsdoc-wmf-theme from 1.2.0 -> 1.3.0
$ /usr/bin/npm install
--- stderr ---
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'grunt-stylelint@0.21.0',
npm WARN EBADENGINE required: { node: '>=20.19.5' },
npm WARN EBADENGINE current: { node: 'v20.19.2', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '@wikimedia/codex-design-tokens@2.5.1',
npm WARN EBADENGINE required: { npm: '>=10.8.1', node: '>=20.20.2' },
npm WARN EBADENGINE current: { node: 'v20.19.2', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.1.7: Glob versions prior to v9 are no longer supported
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated rollup-plugin-commonjs@5.0.5: This package has been deprecated and is no longer maintained. Please use @rollup/plugin-commonjs.
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---
added 728 packages, and audited 729 packages in 9s
167 packages are looking for funding
run `npm fund` for details
12 vulnerabilities (4 low, 1 moderate, 6 high, 1 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
--- end ---
$ package-lock-lint /src/repo/package-lock.json
--- stdout ---
Checking /src/repo/package-lock.json
--- end ---
$ ./node_modules/.bin/grunt stylelint
--- stdout ---
Running "stylelint:all" (stylelint) task
modules/dialog/dialog.less
40:14 ✖ Deprecated keyword "break-word" for property "word-break" declaration-property-value-keyword-no-deprecated
133:2 ✖ Expected selector ".leaflet-right.leaflet-top" (".mw-kartographer-mapDialog-map .leaflet-right.leaflet-top") to come before selector ".leaflet-right.leaflet-top" ("-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-top"), at line 85 no-descending-specificity
134:2 ✖ Expected selector ".leaflet-right.leaflet-bottom" (".mw-kartographer-mapDialog-map .leaflet-right.leaflet-bottom") to come before selector ".leaflet-right.leaflet-bottom" ("-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-bottom"), at line 85 no-descending-specificity
138:2 ✖ Expected selector ".leaflet-right.leaflet-top .leaflet-bar.leaflet-control" (".mw-kartographer-mapDialog-map .leaflet-right.leaflet-top .leaflet-bar.leaflet-control") to come before selector ".leaflet-right.leaflet-top .leaflet-bar.leaflet-control" ("-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-top .leaflet-bar.leaflet-control"), at line 80 no-descending-specificity
✖ 4 problems (4 errors, 0 warnings)
1 error potentially fixable with the "--fix" option.
⚠ 4 warnings
Warning: Task "stylelint:all" failed.� Use --force to continue.
Aborted due to warnings.
--- end ---
$ ./node_modules/.bin/stylelint styles/skins.minerva.kartographer.less styles/link.less modules/wikivoyage/styles/wv-leaflet.less styles/control-scale.less modules/wikivoyage/styles/control-layers.less modules/dialog/dialog.less modules/staticframe/staticframe.less styles/leaflet-overrides.less modules/ve-maps/ve.ui.MWMaps.less styles/control-attribution.less styles/specialMap.less styles/kartographer.less --fix
--- stderr ---
modules/dialog/dialog.less
40:14 ✖ Deprecated keyword "break-word" for property "word-break" declaration-property-value-keyword-no-deprecated
133:2 ✖ Expected selector ".leaflet-right.leaflet-top" (".mw-kartographer-mapDialog-map .leaflet-right.leaflet-top") to come before selector ".leaflet-right.leaflet-top" ("-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-top"), at line 85 no-descending-specificity
134:2 ✖ Expected selector ".leaflet-right.leaflet-bottom" (".mw-kartographer-mapDialog-map .leaflet-right.leaflet-bottom") to come before selector ".leaflet-right.leaflet-bottom" ("-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-bottom"), at line 85 no-descending-specificity
138:2 ✖ Expected selector ".leaflet-right.leaflet-top .leaflet-bar.leaflet-control" (".mw-kartographer-mapDialog-map .leaflet-right.leaflet-top .leaflet-bar.leaflet-control") to come before selector ".leaflet-right.leaflet-top .leaflet-bar.leaflet-control" ("-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-top .leaflet-bar.leaflet-control"), at line 80 no-descending-specificity
✖ 4 problems (4 errors, 0 warnings)
1 error potentially fixable with the "--fix" option.
--- stdout ---
--- end ---
$ ./node_modules/.bin/stylelint styles/skins.minerva.kartographer.less styles/link.less modules/wikivoyage/styles/wv-leaflet.less styles/control-scale.less modules/wikivoyage/styles/control-layers.less modules/dialog/dialog.less modules/staticframe/staticframe.less styles/leaflet-overrides.less modules/ve-maps/ve.ui.MWMaps.less styles/control-attribution.less styles/specialMap.less styles/kartographer.less -f json
--- stdout ---
[{"source":"/src/repo/styles/skins.minerva.kartographer.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/styles/link.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/styles/control-scale.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/styles/leaflet-overrides.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/styles/control-attribution.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/styles/specialMap.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/styles/kartographer.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/modules/wikivoyage/styles/wv-leaflet.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/modules/wikivoyage/styles/control-layers.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/modules/dialog/dialog.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":true,"warnings":[{"line":40,"column":14,"endLine":40,"endColumn":24,"rule":"declaration-property-value-keyword-no-deprecated","severity":"error","text":"Deprecated keyword \"break-word\" for property \"word-break\" (declaration-property-value-keyword-no-deprecated)"},{"line":133,"column":2,"endLine":133,"endColumn":28,"rule":"no-descending-specificity","severity":"error","text":"Expected selector \".leaflet-right.leaflet-top\" (\".mw-kartographer-mapDialog-map .leaflet-right.leaflet-top\") to come before selector \".leaflet-right.leaflet-top\" (\"-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-top\"), at line 85 (no-descending-specificity)"},{"line":134,"column":2,"endLine":134,"endColumn":31,"rule":"no-descending-specificity","severity":"error","text":"Expected selector \".leaflet-right.leaflet-bottom\" (\".mw-kartographer-mapDialog-map .leaflet-right.leaflet-bottom\") to come before selector \".leaflet-right.leaflet-bottom\" (\"-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-bottom\"), at line 85 (no-descending-specificity)"},{"line":138,"column":2,"endLine":138,"endColumn":57,"rule":"no-descending-specificity","severity":"error","text":"Expected selector \".leaflet-right.leaflet-top .leaflet-bar.leaflet-control\" (\".mw-kartographer-mapDialog-map .leaflet-right.leaflet-top .leaflet-bar.leaflet-control\") to come before selector \".leaflet-right.leaflet-top .leaflet-bar.leaflet-control\" (\"-opened.mw-kartographer-mapDialog-sidebar .leaflet-right.leaflet-top .leaflet-bar.leaflet-control\"), at line 80 (no-descending-specificity)"}]},{"source":"/src/repo/modules/staticframe/staticframe.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]},{"source":"/src/repo/modules/ve-maps/ve.ui.MWMaps.less","deprecations":[],"invalidOptionWarnings":[],"parseErrors":[],"errored":false,"warnings":[]}]
--- end ---
$ /usr/bin/npm ci
--- stderr ---
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '@wikimedia/codex-design-tokens@2.5.1',
npm WARN EBADENGINE required: { node: '>=20.20.2', npm: '>=10.8.1' },
npm WARN EBADENGINE current: { node: 'v20.19.2', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: 'grunt-stylelint@0.21.0',
npm WARN EBADENGINE required: { node: '>=20.19.5' },
npm WARN EBADENGINE current: { node: 'v20.19.2', npm: '9.2.0' }
npm WARN EBADENGINE }
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.1.7: Glob versions prior to v9 are no longer supported
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated rollup-plugin-commonjs@5.0.5: This package has been deprecated and is no longer maintained. Please use @rollup/plugin-commonjs.
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---
added 728 packages, and audited 729 packages in 10s
167 packages are looking for funding
run `npm fund` for details
12 vulnerabilities (4 low, 1 moderate, 6 high, 1 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
--- end ---
$ /usr/bin/npm test
--- stdout ---
> test
> grunt test
Running "eslint:all" (eslint) task
/src/repo/modules/dialog-sidebar/sidebar.js
278:29 warning OOUI button has no label. Even icon-only buttons should set a label with invisibleLabel set to true mediawiki/no-unlabeled-buttonwidget
/src/repo/modules/dialog/nearby.js
10:1 warning The type 'ThumbnailProperties' is undefined jsdoc/no-undefined-types
/src/repo/modules/ve-maps/ve.ui.MWMapsDialog.js
52:19 warning OOUI button has no label. Even icon-only buttons should set a label with invisibleLabel set to true mediawiki/no-unlabeled-buttonwidget
✖ 3 problems (0 errors, 3 warnings)
Running "stylelint:all" (stylelint) task
styles/leaflet-overrides.less
3:1 ✖ Needless disable for "no-descending-specificity" --report-needless-disables
styles/link.less
1:1 ✖ Needless disable for "no-descending-specificity" --report-needless-disables
✖ 2 problems (2 errors, 0 warnings)
⚠ 2 warnings
Warning: Task "stylelint:all" failed.� Use --force to continue.
Aborted due to warnings.
--- end ---
Traceback (most recent call last):
File "/venv/lib/python3.13/site-packages/runner/__init__.py", line 1268, in main
libup.run()
~~~~~~~~~^^
File "/venv/lib/python3.13/site-packages/runner/__init__.py", line 1202, in run
self.npm_upgrade(plan)
~~~~~~~~~~~~~~~~^^^^^^
File "/venv/lib/python3.13/site-packages/runner/__init__.py", line 1064, in npm_upgrade
self.npm_test()
~~~~~~~~~~~~~^^
File "/venv/lib/python3.13/site-packages/runner/__init__.py", line 289, in npm_test
self.check_call(["npm", "test"])
~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^
File "/venv/lib/python3.13/site-packages/runner/shell2.py", line 66, in check_call
res.check_returncode()
~~~~~~~~~~~~~~~~~~~~^^
File "/usr/lib/python3.13/subprocess.py", line 508, in check_returncode
raise CalledProcessError(self.returncode, self.args, self.stdout,
self.stderr)
subprocess.CalledProcessError: Command '['/usr/bin/npm', 'test']' returned non-zero exit status 3.