mediawiki/extensions/Spark (REL1_44)

sourcepatches 
From 22706eb9c07058c8c534a2252ced0dfa249c4811 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Mon, 2 Mar 2026 02:09:00 +0000
Subject: [PATCH] [DNM] there are no updates

Change-Id: I791767b7e4ac4a43ca6692354de7da385df8ce9c
---
 package-lock.json | 86 +++++++++++++++++++----------------------------
 1 file changed, 34 insertions(+), 52 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index ef24051..fc01b91 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -215,9 +215,9 @@
 			}
 		},
 		"node_modules/@eslint/eslintrc/node_modules/minimatch": {
-			"version": "3.1.3",
-			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-			"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+			"version": "3.1.5",
+			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+			"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 			"dev": true,
 			"dependencies": {
 				"brace-expansion": "^1.1.7"
@@ -478,34 +478,22 @@
 				"url": "https://opencollective.com/typescript-eslint"
 			}
 		},
-		"node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
-			"version": "4.0.4",
-			"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
-			"integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
-			"dev": true,
-			"engines": {
-				"node": "18 || 20 || >=22"
-			}
-		},
 		"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
-			"version": "5.0.3",
-			"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
-			"integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
+			"version": "2.0.2",
+			"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+			"integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
 			"dev": true,
 			"dependencies": {
-				"balanced-match": "^4.0.2"
-			},
-			"engines": {
-				"node": "18 || 20 || >=22"
+				"balanced-match": "^1.0.0"
 			}
 		},
 		"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
-			"version": "9.0.6",
-			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.6.tgz",
-			"integrity": "sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==",
+			"version": "9.0.9",
+			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+			"integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
 			"dev": true,
 			"dependencies": {
-				"brace-expansion": "^5.0.2"
+				"brace-expansion": "^2.0.2"
 			},
 			"engines": {
 				"node": ">=16 || 14 >=14.17"
@@ -1484,9 +1472,9 @@
 			}
 		},
 		"node_modules/eslint-plugin-unicorn/node_modules/minimatch": {
-			"version": "3.1.3",
-			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-			"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+			"version": "3.1.5",
+			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+			"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 			"dev": true,
 			"dependencies": {
 				"brace-expansion": "^1.1.7"
@@ -1622,9 +1610,9 @@
 			}
 		},
 		"node_modules/eslint/node_modules/minimatch": {
-			"version": "3.1.3",
-			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-			"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+			"version": "3.1.5",
+			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+			"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 			"dev": true,
 			"dependencies": {
 				"brace-expansion": "^1.1.7"
@@ -3986,9 +3974,9 @@
 					}
 				},
 				"minimatch": {
-					"version": "3.1.3",
-					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-					"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+					"version": "3.1.5",
+					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+					"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 					"dev": true,
 					"requires": {
 						"brace-expansion": "^1.1.7"
@@ -4164,28 +4152,22 @@
 					"integrity": "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ==",
 					"dev": true
 				},
-				"balanced-match": {
-					"version": "4.0.4",
-					"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
-					"integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
-					"dev": true
-				},
 				"brace-expansion": {
-					"version": "5.0.3",
-					"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
-					"integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
+					"version": "2.0.2",
+					"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+					"integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
 					"dev": true,
 					"requires": {
-						"balanced-match": "^4.0.2"
+						"balanced-match": "^1.0.0"
 					}
 				},
 				"minimatch": {
-					"version": "9.0.6",
-					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.6.tgz",
-					"integrity": "sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==",
+					"version": "9.0.9",
+					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+					"integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
 					"dev": true,
 					"requires": {
-						"brace-expansion": "^5.0.2"
+						"brace-expansion": "^2.0.2"
 					}
 				}
 			}
@@ -4631,9 +4613,9 @@
 					}
 				},
 				"minimatch": {
-					"version": "3.1.3",
-					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-					"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+					"version": "3.1.5",
+					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+					"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 					"dev": true,
 					"requires": {
 						"brace-expansion": "^1.1.7"
@@ -4888,9 +4870,9 @@
 					}
 				},
 				"minimatch": {
-					"version": "3.1.3",
-					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-					"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+					"version": "3.1.5",
+					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+					"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 					"dev": true,
 					"requires": {
 						"brace-expansion": "^1.1.7"
-- 
2.47.3


$ date
--- stdout ---
Mon Mar  2 02:08:41 UTC 2026

--- end ---
$ git clone file:///srv/git/mediawiki-extensions-Spark.git /src/repo --depth=1 -b REL1_44
--- stderr ---
Cloning into '/src/repo'...
--- stdout ---

--- end ---
$ git config user.name libraryupgrader
--- stdout ---

--- end ---
$ git config user.email tools.libraryupgrader@tools.wmflabs.org
--- stdout ---

--- end ---
$ git submodule update --init
--- stdout ---

--- end ---
$ grr init
--- stdout ---
Installed commit-msg hook.

--- end ---
$ git show-ref refs/heads/REL1_44
--- stdout ---
529e563d66689ce1f67ef30e8374c85dba7f3a84 refs/heads/REL1_44

--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "grunt": {
      "name": "grunt",
      "severity": "high",
      "isDirect": true,
      "via": [
        "minimatch"
      ],
      "effects": [
        "grunt-eslint"
      ],
      "range": ">=0.4.0-a",
      "nodes": [
        "node_modules/grunt"
      ],
      "fixAvailable": {
        "name": "grunt",
        "version": "0.3.17",
        "isSemVerMajor": true
      }
    },
    "grunt-eslint": {
      "name": "grunt-eslint",
      "severity": "high",
      "isDirect": true,
      "via": [
        "grunt"
      ],
      "effects": [],
      "range": "<=1.0.0 || >=18.1.0",
      "nodes": [
        "node_modules/grunt-eslint"
      ],
      "fixAvailable": {
        "name": "grunt-eslint",
        "version": "18.0.0",
        "isSemVerMajor": true
      }
    },
    "minimatch": {
      "name": "minimatch",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1113459,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
          "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 0,
            "vectorString": null
          },
          "range": "<3.1.3"
        },
        {
          "source": 1113538,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
          "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
          "severity": "high",
          "cwe": [
            "CWE-407"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.1.3"
        },
        {
          "source": 1113544,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
          "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
          "severity": "high",
          "cwe": [
            "CWE-407"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": ">=9.0.0 <9.0.7"
        },
        {
          "source": 1113546,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
          "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.1.4"
        },
        {
          "source": 1113552,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
          "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": ">=9.0.0 <9.0.7"
        }
      ],
      "effects": [
        "grunt"
      ],
      "range": "<=3.1.3 || 9.0.0 - 9.0.6",
      "nodes": [
        "node_modules/@eslint/eslintrc/node_modules/minimatch",
        "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch",
        "node_modules/eslint-plugin-unicorn/node_modules/minimatch",
        "node_modules/eslint/node_modules/minimatch",
        "node_modules/minimatch"
      ],
      "fixAvailable": {
        "name": "grunt",
        "version": "0.3.17",
        "isSemVerMajor": true
      }
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 0,
      "high": 3,
      "critical": 0,
      "total": 3
    },
    "dependencies": {
      "prod": 1,
      "dev": 322,
      "optional": 0,
      "peer": 1,
      "peerOptional": 0,
      "total": 322
    }
  }
}

--- end ---
$ /usr/bin/composer install
--- stderr ---
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Lock file operations: 21 installs, 0 updates, 0 removals
  - Locking composer/semver (3.4.3)
  - Locking composer/spdx-licenses (1.5.9)
  - Locking dealerdirect/phpcodesniffer-composer-installer (v1.2.0)
  - Locking mediawiki/mediawiki-codesniffer (v46.0.0)
  - Locking mediawiki/minus-x (1.1.3)
  - Locking php-parallel-lint/php-console-color (v1.0.1)
  - Locking php-parallel-lint/php-console-highlighter (v1.0.0)
  - Locking php-parallel-lint/php-parallel-lint (v1.4.0)
  - Locking phpcsstandards/phpcsextra (1.2.1)
  - Locking phpcsstandards/phpcsutils (1.0.12)
  - Locking psr/container (2.0.2)
  - Locking squizlabs/php_codesniffer (3.11.3)
  - Locking symfony/console (v7.4.6)
  - Locking symfony/deprecation-contracts (v3.6.0)
  - Locking symfony/polyfill-ctype (v1.33.0)
  - Locking symfony/polyfill-intl-grapheme (v1.33.0)
  - Locking symfony/polyfill-intl-normalizer (v1.33.0)
  - Locking symfony/polyfill-mbstring (v1.33.0)
  - Locking symfony/polyfill-php80 (v1.33.0)
  - Locking symfony/service-contracts (v3.6.1)
  - Locking symfony/string (v8.0.6)
Writing lock file
Installing dependencies from lock file (including require-dev)
Package operations: 21 installs, 0 updates, 0 removals
    0 [>---------------------------]    0 [->--------------------------]
  - Installing squizlabs/php_codesniffer (3.11.3): Extracting archive
  - Installing dealerdirect/phpcodesniffer-composer-installer (v1.2.0): Extracting archive
  - Installing symfony/polyfill-php80 (v1.33.0): Extracting archive
  - Installing phpcsstandards/phpcsutils (1.0.12): Extracting archive
  - Installing phpcsstandards/phpcsextra (1.2.1): Extracting archive
  - Installing symfony/polyfill-mbstring (v1.33.0): Extracting archive
  - Installing composer/spdx-licenses (1.5.9): Extracting archive
  - Installing composer/semver (3.4.3): Extracting archive
  - Installing mediawiki/mediawiki-codesniffer (v46.0.0): Extracting archive
  - Installing symfony/polyfill-intl-normalizer (v1.33.0): Extracting archive
  - Installing symfony/polyfill-intl-grapheme (v1.33.0): Extracting archive
  - Installing symfony/polyfill-ctype (v1.33.0): Extracting archive
  - Installing symfony/string (v8.0.6): Extracting archive
  - Installing symfony/deprecation-contracts (v3.6.0): Extracting archive
  - Installing psr/container (2.0.2): Extracting archive
  - Installing symfony/service-contracts (v3.6.1): Extracting archive
  - Installing symfony/console (v7.4.6): Extracting archive
  - Installing mediawiki/minus-x (1.1.3): Extracting archive
  - Installing php-parallel-lint/php-console-color (v1.0.1): Extracting archive
  - Installing php-parallel-lint/php-console-highlighter (v1.0.0): Extracting archive
  - Installing php-parallel-lint/php-parallel-lint (v1.4.0): Extracting archive
  0/19 [>---------------------------]   0%
 19/19 [============================] 100%
Generating autoload files
15 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
--- stdout ---
PHP CodeSniffer Config installed_paths set to ../../mediawiki/mediawiki-codesniffer,../../phpcsstandards/phpcsextra,../../phpcsstandards/phpcsutils

--- end ---
$ /usr/bin/npm audit --json
--- stdout ---
{
  "auditReportVersion": 2,
  "vulnerabilities": {
    "grunt": {
      "name": "grunt",
      "severity": "high",
      "isDirect": true,
      "via": [
        "minimatch"
      ],
      "effects": [
        "grunt-eslint"
      ],
      "range": ">=0.4.0-a",
      "nodes": [
        "node_modules/grunt"
      ],
      "fixAvailable": {
        "name": "grunt",
        "version": "0.3.17",
        "isSemVerMajor": true
      }
    },
    "grunt-eslint": {
      "name": "grunt-eslint",
      "severity": "high",
      "isDirect": true,
      "via": [
        "grunt"
      ],
      "effects": [],
      "range": "<=1.0.0 || >=18.1.0",
      "nodes": [
        "node_modules/grunt-eslint"
      ],
      "fixAvailable": {
        "name": "grunt-eslint",
        "version": "18.0.0",
        "isSemVerMajor": true
      }
    },
    "minimatch": {
      "name": "minimatch",
      "severity": "high",
      "isDirect": false,
      "via": [
        {
          "source": 1113459,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
          "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 0,
            "vectorString": null
          },
          "range": "<3.1.3"
        },
        {
          "source": 1113538,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
          "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
          "severity": "high",
          "cwe": [
            "CWE-407"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.1.3"
        },
        {
          "source": 1113544,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
          "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
          "severity": "high",
          "cwe": [
            "CWE-407"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": ">=9.0.0 <9.0.7"
        },
        {
          "source": 1113546,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
          "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": "<3.1.4"
        },
        {
          "source": 1113552,
          "name": "minimatch",
          "dependency": "minimatch",
          "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
          "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
          "severity": "high",
          "cwe": [
            "CWE-1333"
          ],
          "cvss": {
            "score": 7.5,
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
          },
          "range": ">=9.0.0 <9.0.7"
        }
      ],
      "effects": [
        "grunt"
      ],
      "range": "<=3.1.3 || 9.0.0 - 9.0.6",
      "nodes": [
        "node_modules/@eslint/eslintrc/node_modules/minimatch",
        "node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch",
        "node_modules/eslint-plugin-unicorn/node_modules/minimatch",
        "node_modules/eslint/node_modules/minimatch",
        "node_modules/minimatch"
      ],
      "fixAvailable": {
        "name": "grunt",
        "version": "0.3.17",
        "isSemVerMajor": true
      }
    }
  },
  "metadata": {
    "vulnerabilities": {
      "info": 0,
      "low": 0,
      "moderate": 0,
      "high": 3,
      "critical": 0,
      "total": 3
    },
    "dependencies": {
      "prod": 1,
      "dev": 322,
      "optional": 0,
      "peer": 1,
      "peerOptional": 0,
      "total": 322
    }
  }
}

--- end ---
Attempting to npm audit fix
$ /usr/bin/npm audit fix --dry-run --only=dev --json
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
--- stdout ---
{
  "added": 321,
  "removed": 0,
  "changed": 0,
  "audited": 322,
  "funding": 67,
  "audit": {
    "auditReportVersion": 2,
    "vulnerabilities": {
      "grunt": {
        "name": "grunt",
        "severity": "high",
        "isDirect": true,
        "via": [
          "minimatch"
        ],
        "effects": [
          "grunt-eslint"
        ],
        "range": ">=0.4.0-a",
        "nodes": [
          "node_modules/grunt"
        ],
        "fixAvailable": {
          "name": "grunt",
          "version": "0.3.17",
          "isSemVerMajor": true
        }
      },
      "grunt-eslint": {
        "name": "grunt-eslint",
        "severity": "high",
        "isDirect": true,
        "via": [
          "grunt"
        ],
        "effects": [],
        "range": "<=1.0.0 || >=18.1.0",
        "nodes": [
          "node_modules/grunt-eslint"
        ],
        "fixAvailable": {
          "name": "grunt-eslint",
          "version": "18.0.0",
          "isSemVerMajor": true
        }
      },
      "minimatch": {
        "name": "minimatch",
        "severity": "high",
        "isDirect": false,
        "via": [
          {
            "source": 1113459,
            "name": "minimatch",
            "dependency": "minimatch",
            "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern",
            "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26",
            "severity": "high",
            "cwe": [
              "CWE-1333"
            ],
            "cvss": {
              "score": 0,
              "vectorString": null
            },
            "range": "<3.1.3"
          },
          {
            "source": 1113538,
            "name": "minimatch",
            "dependency": "minimatch",
            "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
            "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
            "severity": "high",
            "cwe": [
              "CWE-407"
            ],
            "cvss": {
              "score": 7.5,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
            },
            "range": "<3.1.3"
          },
          {
            "source": 1113544,
            "name": "minimatch",
            "dependency": "minimatch",
            "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments",
            "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj",
            "severity": "high",
            "cwe": [
              "CWE-407"
            ],
            "cvss": {
              "score": 7.5,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
            },
            "range": ">=9.0.0 <9.0.7"
          },
          {
            "source": 1113546,
            "name": "minimatch",
            "dependency": "minimatch",
            "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
            "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
            "severity": "high",
            "cwe": [
              "CWE-1333"
            ],
            "cvss": {
              "score": 7.5,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
            },
            "range": "<3.1.4"
          },
          {
            "source": 1113552,
            "name": "minimatch",
            "dependency": "minimatch",
            "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions",
            "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74",
            "severity": "high",
            "cwe": [
              "CWE-1333"
            ],
            "cvss": {
              "score": 7.5,
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
            },
            "range": ">=9.0.0 <9.0.7"
          }
        ],
        "effects": [
          "grunt"
        ],
        "range": "<=3.1.3 || 9.0.0 - 9.0.6",
        "nodes": [
          "",
          "",
          "",
          "",
          "node_modules/minimatch"
        ],
        "fixAvailable": {
          "name": "grunt",
          "version": "0.3.17",
          "isSemVerMajor": true
        }
      }
    },
    "metadata": {
      "vulnerabilities": {
        "info": 0,
        "low": 0,
        "moderate": 0,
        "high": 3,
        "critical": 0,
        "total": 3
      },
      "dependencies": {
        "prod": 1,
        "dev": 321,
        "optional": 0,
        "peer": 1,
        "peerOptional": 0,
        "total": 321
      }
    }
  }
}

--- end ---
{"added": 321, "removed": 0, "changed": 0, "audited": 322, "funding": 67, "audit": {"auditReportVersion": 2, "vulnerabilities": {"grunt": {"name": "grunt", "severity": "high", "isDirect": true, "via": ["minimatch"], "effects": ["grunt-eslint"], "range": ">=0.4.0-a", "nodes": ["node_modules/grunt"], "fixAvailable": {"name": "grunt", "version": "0.3.17", "isSemVerMajor": true}}, "grunt-eslint": {"name": "grunt-eslint", "severity": "high", "isDirect": true, "via": ["grunt"], "effects": [], "range": "<=1.0.0 || >=18.1.0", "nodes": ["node_modules/grunt-eslint"], "fixAvailable": {"name": "grunt-eslint", "version": "18.0.0", "isSemVerMajor": true}}, "minimatch": {"name": "minimatch", "severity": "high", "isDirect": false, "via": [{"source": 1113459, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern", "url": "https://github.com/advisories/GHSA-3ppc-4f35-3m26", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 0, "vectorString": null}, "range": "<3.1.3"}, {"source": 1113538, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.3"}, {"source": 1113544, "name": "minimatch", "dependency": "minimatch", "title": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments", "url": "https://github.com/advisories/GHSA-7r86-cg39-jmmj", "severity": "high", "cwe": ["CWE-407"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=9.0.0 <9.0.7"}, {"source": 1113546, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": "<3.1.4"}, {"source": 1113552, "name": "minimatch", "dependency": "minimatch", "title": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions", "url": "https://github.com/advisories/GHSA-23c5-xmqv-rm74", "severity": "high", "cwe": ["CWE-1333"], "cvss": {"score": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "range": ">=9.0.0 <9.0.7"}], "effects": ["grunt"], "range": "<=3.1.3 || 9.0.0 - 9.0.6", "nodes": ["", "", "", "", "node_modules/minimatch"], "fixAvailable": {"name": "grunt", "version": "0.3.17", "isSemVerMajor": true}}}, "metadata": {"vulnerabilities": {"info": 0, "low": 0, "moderate": 0, "high": 3, "critical": 0, "total": 3}, "dependencies": {"prod": 1, "dev": 321, "optional": 0, "peer": 1, "peerOptional": 0, "total": 321}}}}
$ /usr/bin/npm audit fix --only=dev
--- stderr ---
npm WARN invalid config only="dev" set in command line options
npm WARN invalid config Must be one of: null, prod, production
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.1.7: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---

added 321 packages, and audited 322 packages in 4s

67 packages are looking for funding
  run `npm fund` for details

# npm audit report

minimatch  <=3.1.3
Severity: high
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern - https://github.com/advisories/GHSA-3ppc-4f35-3m26
minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments - https://github.com/advisories/GHSA-7r86-cg39-jmmj
minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions - https://github.com/advisories/GHSA-23c5-xmqv-rm74
fix available via `npm audit fix --force`
Will install grunt@0.3.17, which is a breaking change
node_modules/minimatch
  grunt  >=0.4.0-a
  Depends on vulnerable versions of minimatch
  node_modules/grunt
    grunt-eslint  <=1.0.0 || >=18.1.0
    Depends on vulnerable versions of grunt
    node_modules/grunt-eslint

3 high severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

--- end ---
Verifying that tests still pass
$ /usr/bin/npm ci
--- stderr ---
npm WARN deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
npm WARN deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead
npm WARN deprecated glob@7.1.7: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
npm WARN deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options.
--- stdout ---

added 321 packages, and audited 322 packages in 3s

67 packages are looking for funding
  run `npm fund` for details

3 high severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

--- end ---
$ /usr/bin/npm test
--- stdout ---

> test
> grunt test

Running "eslint:all" (eslint) task

/src/repo/rdf-spark/jquery.spark.js
   71:4   warning  Prefer Array#forEach to $.each                                                      no-jquery/no-each-util
   77:5   warning  Prefer Array#forEach to $.each                                                      no-jquery/no-each-util
   86:5   warning  'format' was used before it was defined                                             no-use-before-define
   86:30  warning  'reducer' was used before it was defined                                            no-use-before-define
   97:2   warning  Unexpected var, use let or const instead                                            no-var
   98:3   warning  Unexpected var, use let or const instead                                            no-var
   98:31  warning  'data' is defined but never used                                                    no-unused-vars
   98:37  warning  'textStatus' is defined but never used                                              no-unused-vars
   99:5   warning  'format' was used before it was defined                                             no-use-before-define
   99:14  warning  'format' was used before it was defined                                             no-use-before-define
   99:41  warning  'format' was used before it was defined                                             no-use-before-define
  100:21  warning  'format' was used before it was defined                                             no-use-before-define
  102:4   warning  'format' is already declared in the upper scope on line 97 column 6                 no-shadow
  103:14  warning  Unnecessary escape character: \.                                                    no-useless-escape
  103:16  warning  Unnecessary escape character: \/                                                    no-useless-escape
  137:3   warning  Prefer Array#forEach to $.each                                                      no-jquery/no-each-util
  162:62  warning  'params' is defined but never used                                                  no-unused-vars
  164:3   warning  Prefer Array#forEach to $.each                                                      no-jquery/no-each-util
  164:22  warning  'item' is defined but never used                                                    no-unused-vars
  164:28  warning  'values' is defined but never used                                                  no-unused-vars
  174:2   warning  Unexpected var, use let or const instead                                            no-var
  184:3   warning  Prefer Array#forEach to $.each                                                      no-jquery/no-each-util
  189:4   warning  Prefer Array#forEach to $.each                                                      no-jquery/no-each-util
  190:19  warning  Expected '===' and instead saw '=='                                                 eqeqeq
  196:10  warning  Prefer Array#indexOf to $.inArray                                                   no-jquery/no-in-array
  196:63  warning  Expected '===' and instead saw '=='                                                 eqeqeq
  209:2   warning  Global variable leak, declare the variable if it is intended to be local            no-implicit-globals
  209:2   warning  Identifier 'spark_markup' is not in camel case                                      camelcase
  209:2   warning  'spark_markup' is not defined                                                       no-undef
  217:4   warning  Prefer Array#forEach to $.each                                                      no-jquery/no-each-util
  240:1   warning  This line has a length of 103. Maximum allowed is 100                               max-len
  240:76  warning  Expected '===' and instead saw '=='                                                 eqeqeq
  251:3   warning  'spark_markup' is not defined                                                       no-undef
  251:17  warning  Avoid queries which search the entire DOM. Keep DOM nodes in memory where possible  no-jquery/no-global-selector

✖ 34 problems (0 errors, 34 warnings)


Running "banana:all" (banana) task
>> 1 message directory checked.

Done.

--- end ---
$ package-lock-lint /src/repo/package-lock.json
--- stdout ---
Checking /src/repo/package-lock.json

--- end ---
[DNM] there are no updates
$ git add .
--- stdout ---

--- end ---
$ git commit -F /tmp/tmpp6p2wiw_
--- stdout ---
[REL1_44 22706eb] [DNM] there are no updates
 1 file changed, 34 insertions(+), 52 deletions(-)

--- end ---
$ git format-patch HEAD~1 --stdout
--- stdout ---
From 22706eb9c07058c8c534a2252ced0dfa249c4811 Mon Sep 17 00:00:00 2001
From: libraryupgrader <tools.libraryupgrader@tools.wmflabs.org>
Date: Mon, 2 Mar 2026 02:09:00 +0000
Subject: [PATCH] [DNM] there are no updates

Change-Id: I791767b7e4ac4a43ca6692354de7da385df8ce9c
---
 package-lock.json | 86 +++++++++++++++++++----------------------------
 1 file changed, 34 insertions(+), 52 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index ef24051..fc01b91 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -215,9 +215,9 @@
 			}
 		},
 		"node_modules/@eslint/eslintrc/node_modules/minimatch": {
-			"version": "3.1.3",
-			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-			"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+			"version": "3.1.5",
+			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+			"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 			"dev": true,
 			"dependencies": {
 				"brace-expansion": "^1.1.7"
@@ -478,34 +478,22 @@
 				"url": "https://opencollective.com/typescript-eslint"
 			}
 		},
-		"node_modules/@typescript-eslint/typescript-estree/node_modules/balanced-match": {
-			"version": "4.0.4",
-			"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
-			"integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
-			"dev": true,
-			"engines": {
-				"node": "18 || 20 || >=22"
-			}
-		},
 		"node_modules/@typescript-eslint/typescript-estree/node_modules/brace-expansion": {
-			"version": "5.0.3",
-			"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
-			"integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
+			"version": "2.0.2",
+			"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+			"integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
 			"dev": true,
 			"dependencies": {
-				"balanced-match": "^4.0.2"
-			},
-			"engines": {
-				"node": "18 || 20 || >=22"
+				"balanced-match": "^1.0.0"
 			}
 		},
 		"node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch": {
-			"version": "9.0.6",
-			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.6.tgz",
-			"integrity": "sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==",
+			"version": "9.0.9",
+			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+			"integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
 			"dev": true,
 			"dependencies": {
-				"brace-expansion": "^5.0.2"
+				"brace-expansion": "^2.0.2"
 			},
 			"engines": {
 				"node": ">=16 || 14 >=14.17"
@@ -1484,9 +1472,9 @@
 			}
 		},
 		"node_modules/eslint-plugin-unicorn/node_modules/minimatch": {
-			"version": "3.1.3",
-			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-			"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+			"version": "3.1.5",
+			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+			"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 			"dev": true,
 			"dependencies": {
 				"brace-expansion": "^1.1.7"
@@ -1622,9 +1610,9 @@
 			}
 		},
 		"node_modules/eslint/node_modules/minimatch": {
-			"version": "3.1.3",
-			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-			"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+			"version": "3.1.5",
+			"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+			"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 			"dev": true,
 			"dependencies": {
 				"brace-expansion": "^1.1.7"
@@ -3986,9 +3974,9 @@
 					}
 				},
 				"minimatch": {
-					"version": "3.1.3",
-					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-					"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+					"version": "3.1.5",
+					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+					"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 					"dev": true,
 					"requires": {
 						"brace-expansion": "^1.1.7"
@@ -4164,28 +4152,22 @@
 					"integrity": "sha512-DBsLPs3GsWhX5HylbP9HNG15U0bnwut55Lx12bHB9MpXxQ+R5GC8MwQe+N1UFXxAeQDvEsEDY6ZYwX03K7Z6HQ==",
 					"dev": true
 				},
-				"balanced-match": {
-					"version": "4.0.4",
-					"resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz",
-					"integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==",
-					"dev": true
-				},
 				"brace-expansion": {
-					"version": "5.0.3",
-					"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.3.tgz",
-					"integrity": "sha512-fy6KJm2RawA5RcHkLa1z/ScpBeA762UF9KmZQxwIbDtRJrgLzM10depAiEQ+CXYcoiqW1/m96OAAoke2nE9EeA==",
+					"version": "2.0.2",
+					"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+					"integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
 					"dev": true,
 					"requires": {
-						"balanced-match": "^4.0.2"
+						"balanced-match": "^1.0.0"
 					}
 				},
 				"minimatch": {
-					"version": "9.0.6",
-					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.6.tgz",
-					"integrity": "sha512-kQAVowdR33euIqeA0+VZTDqU+qo1IeVY+hrKYtZMio3Pg0P0vuh/kwRylLUddJhB6pf3q/botcOvRtx4IN1wqQ==",
+					"version": "9.0.9",
+					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.9.tgz",
+					"integrity": "sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==",
 					"dev": true,
 					"requires": {
-						"brace-expansion": "^5.0.2"
+						"brace-expansion": "^2.0.2"
 					}
 				}
 			}
@@ -4631,9 +4613,9 @@
 					}
 				},
 				"minimatch": {
-					"version": "3.1.3",
-					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-					"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+					"version": "3.1.5",
+					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+					"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 					"dev": true,
 					"requires": {
 						"brace-expansion": "^1.1.7"
@@ -4888,9 +4870,9 @@
 					}
 				},
 				"minimatch": {
-					"version": "3.1.3",
-					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.3.tgz",
-					"integrity": "sha512-M2GCs7Vk83NxkUyQV1bkABc4yxgz9kILhHImZiBPAZ9ybuvCb0/H7lEl5XvIg3g+9d4eNotkZA5IWwYl0tibaA==",
+					"version": "3.1.5",
+					"resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz",
+					"integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==",
 					"dev": true,
 					"requires": {
 						"brace-expansion": "^1.1.7"
-- 
2.47.3


--- end ---

composer dependencies

Development dependencies

npm dependencies

Development dependencies

Logs

Source code is licensed under the AGPL.