1761612 - [wpt-sync] Sync PR 33374 - Bump taskcluster from 44.8.4 to 44.8.5 in /tools

Status: RESOLVED FIXED

(Testing :: web-platform-tests, task, P4)

Description

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Sync web-platform-tests PR 33374 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/33374
Details from upstream follow.

dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> wrote:

Bump taskcluster from 44.8.4 to 44.8.5 in /tools

Bumps taskcluster from 44.8.4 to 44.8.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/taskcluster/taskcluster/releases">taskcluster's releases</a>.</em></p>
<blockquote>
<h2>v44.8.5</h2>
<h3>GENERAL</h3>
<p>▶ [patch]
Upgrade Node.js version from v16.14.0 to v16.14.2 for OpenSSL security patch.</p>
<p>▶ [patch]
Upgrade to latest <code>minimist</code> version to address <a href="https://github.com/taskcluster/taskcluster/security/dependabot/73">https://github.com/taskcluster/taskcluster/security/dependabot/73</a>.</p>
<p>▶ [patch]
Upgrade to latest <code>mocha</code> version to address <a href="https://github.com/taskcluster/taskcluster/security/dependabot/70">https://github.com/taskcluster/taskcluster/security/dependabot/70</a>, <a href="https://github.com/taskcluster/taskcluster/security/dependabot/71">https://github.com/taskcluster/taskcluster/security/dependabot/71</a>, and <a href="https://github.com/taskcluster/taskcluster/security/dependabot/72">https://github.com/taskcluster/taskcluster/security/dependabot/72</a>.</p>
<h3>USERS</h3>
<p>▶ [patch] <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/5282">#5282</a>
Fix issue with unicode characters in user profile.</p>
<p>Using Github as oauth provider encodes user profile using base64 encoding,
which, if contains unicode characters, is not decoded properly by <code>atob()</code>.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/taskcluster/taskcluster/blob/main/CHANGELOG.md">taskcluster's changelog</a>.</em></p>
<blockquote>
<h2>v44.8.5</h2>
<h3>GENERAL</h3>
<p>▶ [patch]
Upgrade Node.js version from v16.14.0 to v16.14.2 for OpenSSL security patch.</p>
<p>▶ [patch]
Upgrade to latest <code>minimist</code> version to address <a href="https://github.com/taskcluster/taskcluster/security/dependabot/73">https://github.com/taskcluster/taskcluster/security/dependabot/73</a>.</p>
<p>▶ [patch]
Upgrade to latest <code>mocha</code> version to address <a href="https://github.com/taskcluster/taskcluster/security/dependabot/70">https://github.com/taskcluster/taskcluster/security/dependabot/70</a>, <a href="https://github.com/taskcluster/taskcluster/security/dependabot/71">https://github.com/taskcluster/taskcluster/security/dependabot/71</a>, and <a href="https://github.com/taskcluster/taskcluster/security/dependabot/72">https://github.com/taskcluster/taskcluster/security/dependabot/72</a>.</p>
<h3>USERS</h3>
<p>▶ [patch] <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/5282">#5282</a>
Fix issue with unicode characters in user profile.</p>
<p>Using Github as oauth provider encodes user profile using base64 encoding,
which, if contains unicode characters, is not decoded properly by <code>atob()</code>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/taskcluster/taskcluster/commit/fb587e060cfb6b7aa57edcd5c7924d4aa91cafd7"><code>fb587e0</code></a> v44.8.5</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/215402522737b48977cf5f1a141514398385d2f4"><code>2154025</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/5316">#5316</a> from taskcluster/matt-boris/minimistVuln</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/77ed5ec6b0417a7dda91a503ad7a720d276708db"><code>77ed5ec</code></a> Merge branch 'main' into matt-boris/minimistVuln</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/4cf24111526ad10f2ccb67f24ce1f435cffb669d"><code>4cf2411</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/5320">#5320</a> from taskcluster/fix-ci-tests-win2012r2</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/42925988e30cbfc0c794b3d9e61c71e6c84fa0b6"><code>4292598</code></a> Fix broken tests on win2012r2 CI</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/9b3b14926d6e32f0570a12eec5a5ade84dd2d6c3"><code>9b3b149</code></a> security(deps): upgrade <code>minimist</code> for high vuln</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/d626345931b9f2f6008fb2f7294a724d0e67c779"><code>d626345</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/5310">#5310</a> from taskcluster/pre-commit-ci-update-config</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/0beb4ffd32cb0bafb11e08dc34b8890df3be64be"><code>0beb4ff</code></a> [pre-commit.ci] pre-commit autoupdate</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/78497a736ce162b8cf94b30ca21fb4473be465cc"><code>78497a7</code></a> feat(auth): Proper handling of unicode in profile</li>
<li><a href="https://github.com/taskcluster/taskcluster/commit/9b4bb4cadf238acb9c64e95876bd84dea1c2226c"><code>9b4bb4c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/taskcluster/taskcluster/issues/5309">#5309</a> from taskcluster/matt-boris/nanoidVulnFix</li>
<li>Additional commits viewable in <a href="https://github.com/taskcluster/taskcluster/compare/v44.8.4...v44.8.5">compare view</a></li>
</ul>
</details>
<br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

Comment 1

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

The PR was not expected to affect any tests, but the try push wasn't a success. Check the try results for infrastructure issues

Comment 2

[Pulsebot]

Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/71e895a44fce
[wpt PR 33374] - Bump taskcluster from 44.8.4 to 44.8.5 in /tools, a=testonly

Comment 3

[Web Platform Test Sync Bot (Matrix: #interop:mozilla.org)]

Test result changes from PR not available.

Comment 4

[Narcis Beleuzu [:NarcisB]]

https://hg.mozilla.org/mozilla-central/rev/71e895a44fce