Run npm audit fix to resolve '3 vulnerabilities (2 moderate, 1 high)'.

[juj]

These types of vulnerabilities are almost certainly 100% irrelevant and not real security issues, since none of the code in the npm packages used by Emscripten are ever shipped to live web sites, but the JS code is only ever executed in a trusted user's domain.

.. but we have automated security auditor scripts that scan these automated vulnerability databases, and they get a fit of any vulnerability report without analysing its details.

[juj]

I often see test harness instabilities on this test:

======================================================================
ERROR [61.932s]: test_offset_converter (test_browser.browser64_4gb)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/root/project/test/common.py", line 2164, in run_browser
    self.assertContained(expected, output)
  File "/root/project/test/common.py", line 1495, in assertContained
    self.fail("Expected to find '%s' in '%s', diff:\n\n%s\n%s" % (
  File "/usr/lib/python3.8/unittest/case.py", line 753, in fail
    raise self.failureException(msg)
AssertionError: Expected to find '/report_result?exit:1
' in '[no http server activity]
', diff:

--- expected
+++ actual
@@ -1 +1 @@
-/report_result?exit:1
+[no http server activity]



During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/root/project/test/test_browser.py", line 4885, in test_offset_converter
    self.btest_exit('test_offset_converter.c', assert_returncode=1, args=['-sUSE_OFFSET_CONVERTER', '-gsource-map', '-sPROXY_TO_PTHREAD', '-pthread'])
  File "/root/project/test/common.py", line 2336, in btest_exit
    return self.btest(filename, *args, **kwargs)
  File "/root/project/test/common.py", line 2384, in btest
    self.run_browser(outfile + url_suffix, expected=['/report_result?' + e for e in expected], timeout=timeout, extra_tries=extra_tries)
  File "/root/project/test/common.py", line 2169, in run_browser
    return self.run_browser(html_file, expected, message, timeout, extra_tries - 1)
  File "/root/project/test/common.py", line 2133, in run_browser
    self.assert_out_queue_empty('previous test')
  File "/root/project/test/common.py", line 2119, in assert_out_queue_empty
    raise Exception('excessive responses from %s' % who)
Exception: excessive responses from previous test

----------------------------------------------------------------------
Ran 827 tests in 2425.283s

[sbc100]

I often see test harness instabilities on this test:

======================================================================
ERROR [61.932s]: test_offset_converter (test_browser.browser64_4gb)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/root/project/test/common.py", line 2164, in run_browser
    self.assertContained(expected, output)
  File "/root/project/test/common.py", line 1495, in assertContained
    self.fail("Expected to find '%s' in '%s', diff:\n\n%s\n%s" % (
  File "/usr/lib/python3.8/unittest/case.py", line 753, in fail
    raise self.failureException(msg)
AssertionError: Expected to find '/report_result?exit:1
' in '[no http server activity]
', diff:

--- expected
+++ actual
@@ -1 +1 @@
-/report_result?exit:1
+[no http server activity]



During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/root/project/test/test_browser.py", line 4885, in test_offset_converter
    self.btest_exit('test_offset_converter.c', assert_returncode=1, args=['-sUSE_OFFSET_CONVERTER', '-gsource-map', '-sPROXY_TO_PTHREAD', '-pthread'])
  File "/root/project/test/common.py", line 2336, in btest_exit
    return self.btest(filename, *args, **kwargs)
  File "/root/project/test/common.py", line 2384, in btest
    self.run_browser(outfile + url_suffix, expected=['/report_result?' + e for e in expected], timeout=timeout, extra_tries=extra_tries)
  File "/root/project/test/common.py", line 2169, in run_browser
    return self.run_browser(html_file, expected, message, timeout, extra_tries - 1)
  File "/root/project/test/common.py", line 2133, in run_browser
    self.assert_out_queue_empty('previous test')
  File "/root/project/test/common.py", line 2119, in assert_out_queue_empty
    raise Exception('excessive responses from %s' % who)
Exception: excessive responses from previous test

----------------------------------------------------------------------
Ran 827 tests in 2425.283s

Me too.. so far I don't know what it might be about this test that is flaky.

[sbc100]

Was this change generated by running npm audit? If not, I'm curious what you ran in order to generate it?

[sbc100]

Can you rebase/merge?

[juj]

I ran npm audit fix on command line, then hand-reverted the first line changes in package-lock.json back to the way they were, to avoid npm changing the project name from 'emscripten' to 'main', e.g. it took the directory name as the project name:

so I hand-reverted back to the left side for the commit.