]> source.dussan.org Git - jquery.git/log
jquery.git
31 hours agoDocs: Align CONTRIBUTING.md with `3.x-stable` main
Michał Gołębiowski-Owczarek [Mon, 14 Oct 2024 17:04:41 +0000 (19:04 +0200)]
Docs: Align CONTRIBUTING.md with `3.x-stable`

Closes gh-5567
Ref gh-5564

31 hours agoDocs: Update CONTRIBUTING.md
Michał Gołębiowski-Owczarek [Mon, 14 Oct 2024 16:40:11 +0000 (18:40 +0200)]
Docs: Update CONTRIBUTING.md

Changes:
1. Update the link to "help wanted" or "patch welcome" issues to only include
   open ones.
2. Replace info about the jQuery Forum & IRC with Matrix & Stack Overflow.
3. Update the test reduction WebKit blog post link.
4. Update the Git clone instructions to not rely on the legacy `git://`
   protocol.
5. Fix a few typos.

Closes gh-5564

2 days agoDocs: add version support section to README
Timmy Willison [Sun, 13 Oct 2024 19:30:15 +0000 (15:30 -0400)]
Docs: add version support section to README

- also switch header format to be more consistent with our
  other markdown files

Closes gh-5565

6 days agoBuild: Enforce ECMAScript 5 in tests via ESLint
neogy-akash [Wed, 9 Oct 2024 16:27:23 +0000 (21:57 +0530)]
Build: Enforce ECMAScript 5 in tests via ESLint

Fixes gh-5542
Closes gh-5563

2 weeks agoBuild: Bump the github-actions group with 3 updates
dependabot[bot] [Tue, 1 Oct 2024 00:23:58 +0000 (20:23 -0400)]
Build: Bump the github-actions group with 3 updates

Bumps the github-actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-node](https://github.com/actions/setup-node) and [github/codeql-action](https://github.com/github/codeql-action).

Updates `actions/checkout` from 4.1.7 to 4.2.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...d632683dd7b4114ad314bca15554477dd762a938)

Updates `actions/setup-node` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/1e60f620b9541d16bece96c5465dc8ee9832be0b...0a44ba7841725637a19e28fa30b79a866c81b0a6)

Updates `github/codeql-action` from 3.26.6 to 3.26.10
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/4dd16135b69a43b6c8efb853346f8437d92d3c93...e2b3eafc8d227b0241d48be5f425d47c2d750a13)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes gh-5562

2 weeks agoTests: Switch to an updated fork of promises-aplus-tests
Michał Gołębiowski-Owczarek [Mon, 30 Sep 2024 16:48:46 +0000 (18:48 +0200)]
Tests: Switch to an updated fork of promises-aplus-tests

The upstream package has been unmaintained for years, with dependencies
with long-reported security issues. Switching to a fork allows to resolve
all the security reports against the jQuery development environment.

The fork is maintained by @mgol and has the following changes:
1. The `underscore` dependency has been removed.
2. `sinon` has been updated from v1 to v19.
3. `mocha` has been updated from v2 to v10.

Changes to the source are minimal; it will be easy to rebase the fixes
if the upstream package is ever updated.

In addition to the above, the `q` dependency has been removed.
It's been added in gh-1996 but never really used.

Closes gh-5559

3 weeks agoBuild: Bump rollup from 4.19.0 to 4.22.4
dependabot[bot] [Tue, 24 Sep 2024 23:03:42 +0000 (01:03 +0200)]
Build: Bump rollup from 4.19.0 to 4.22.4

Bumps [rollup](https://github.com/rollup/rollup) from 4.19.0 to 4.22.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.19.0...v4.22.4)

Closes gh-5558

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
5 weeks agoManipulation: Make jQuery.cleanData not skip elements during cleanup
ac-mmi [Tue, 10 Sep 2024 22:18:53 +0000 (03:48 +0530)]
Manipulation: Make jQuery.cleanData not skip elements during cleanup

When passing a result of `getElementByTagsName` to `jQuery.cleanData`, convert
it to an array first. Otherwise, a live NodeList is passed and if any of the
event cleanups remove the element itself, a collection is modified during the
iteration, making `jQuery.cleanData` skip cleanup for some elements.

Fixes gh-5214
Closes gh-5523

Co-authored-by: Michał Gołębiowski-Owczarek <m.goleb@gmail.com>
Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
5 weeks agoTests: Run tests in Edge in IE mode in GitHub Actions
Michał Gołębiowski-Owczarek [Mon, 9 Sep 2024 16:24:28 +0000 (18:24 +0200)]
Tests: Run tests in Edge in IE mode in GitHub Actions

While Edge in IE mode is not guaranteed to match IE 11 in every aspect,
in practice it generally does. Testing in this mode in GitHub Actions
will allow us to catch most IE-breaking issues at the PR level.

This change also adds missing npm scripts: `test:chrome`, `test:edge`
& `test:ie`.

Closes gh-5540

5 weeks agoTests: Run tests on both real Firefox ESRs
Michał Gołębiowski-Owczarek [Fri, 6 Sep 2024 12:35:55 +0000 (14:35 +0200)]
Tests: Run tests on both real Firefox ESRs

1. At the same time, there may be two supported versions of Firefox ESR. Run
   tests on both, installed locally.
2. Don't run tests on Firefox 115 on BrowserStack - it was added as there's
   an ESR version of Firefox 115, but ESR versions may be different, e.g. for
   some time ServiceWorker was disabled on ESR versions:
   https://bugzilla.mozilla.org/show_bug.cgi?id=1547023

Closes gh-5547

6 weeks agoBuild: Bump webpack from 5.93.0 to 5.94.0
dependabot[bot] [Mon, 2 Sep 2024 21:25:45 +0000 (23:25 +0200)]
Build: Bump webpack from 5.93.0 to 5.94.0

Bumps [webpack](https://github.com/webpack/webpack) from 5.93.0 to 5.94.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.93.0...v5.94.0)

Closes gh-5544

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 weeks agoBuild: Bump github/codeql-action from 3.25.15 to 3.26.6 in the github-actions group
dependabot[bot] [Mon, 2 Sep 2024 21:24:03 +0000 (23:24 +0200)]
Build: Bump github/codeql-action from 3.25.15 to 3.26.6 in the github-actions group

Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).

Updates `github/codeql-action` from 3.25.15 to 3.26.6
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/afb54ba388a7dca6ecae48f608c4ff05ff4cc77a...4dd16135b69a43b6c8efb853346f8437d92d3c93)

Closes gh-5545

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
7 weeks agoTests: align mock.php spacing with 3.x-stable branch
Timmy Willison [Sun, 25 Aug 2024 13:19:37 +0000 (09:19 -0400)]
Tests: align mock.php spacing with 3.x-stable branch

Closes gh-5538

2 months agoTests: replace dead links in qunit fixture
Timmy Willison [Mon, 12 Aug 2024 18:01:19 +0000 (14:01 -0400)]
Tests: replace dead links in qunit fixture

Close gh-5532

2 months agoTests: replace express with basic Node server
Timmy Willison [Fri, 9 Aug 2024 02:10:29 +0000 (22:10 -0400)]
Tests: replace express with basic Node server

Close gh-5527

2 months agoBuild: align eslint config with 3.x branch as much as possible
Timmy Willison [Fri, 9 Aug 2024 01:39:11 +0000 (21:39 -0400)]
Build: align eslint config with 3.x branch as much as possible

Close gh-5524

2 months agoBuild: Bump the github-actions group with 2 updates
dependabot[bot] [Thu, 1 Aug 2024 09:04:29 +0000 (11:04 +0200)]
Build: Bump the github-actions group with 2 updates

Bumps the github-actions group with 2 updates: [actions/setup-node](https://github.com/actions/setup-node) and [github/codeql-action](https://github.com/github/codeql-action).

Closes gh-5528

Updates `actions/setup-node` from 4.0.2 to 4.0.3
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4.0.2...1e60f620b9541d16bece96c5465dc8ee9832be0b)

Updates `github/codeql-action` from 3.25.11 to 3.25.15
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/b611370bb5703a7efb587f9d136a52ea24c5c38c...afb54ba388a7dca6ecae48f608c4ff05ff4cc77a)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2 months agoBuild: upgrade dependencies, including requirejs to 2.3.7
Timmy Willison [Tue, 23 Jul 2024 15:52:22 +0000 (11:52 -0400)]
Build: upgrade dependencies, including requirejs to 2.3.7

2 months agoBuild: use --input-type=module in npm scripts
Timmy Willison [Tue, 23 Jul 2024 14:59:06 +0000 (10:59 -0400)]
Build: use --input-type=module in npm scripts

Ref gh-5521

2 months agoRelease: correct build date in verification; other improvements
Timmy Willison [Wed, 17 Jul 2024 14:13:53 +0000 (10:13 -0400)]
Release: correct build date in verification; other improvements

- the date is actually the date of the commit *prior*
  to the tag commit, as the files are built and then committed.
- also, the CDN should still be checked for non-stable releases,
  and should use different filenames (including in the map files).
- certain files should be skipped when checking the CDN.
- removed file diffing because it ended up being far too noisy,
  making it difficult to find the info I needed.
- because the build script required an addition, release
  verification will not work until the next release.
- print all files in failure case and whether each matched
- avoid npm script log in GH release notes changelog
- exclude changelog.md from release:clean command
- separate the post-release script from release-it for now, so we
  can keep manual verification before each push. The exact command is
  printed at the ened for convenience.

Closes gh-5521

2 months agoRelease: remove dist files from main branch
Timmy Willison [Wed, 17 Jul 2024 13:55:25 +0000 (09:55 -0400)]
Release: remove dist files from main branch

2 months agoRelease: 4.0.0-beta.2 4.0.0-beta.2
Timmy Willison [Wed, 17 Jul 2024 13:43:43 +0000 (09:43 -0400)]
Release: 4.0.0-beta.2

2 months agoRelease: ensure builds have the proper version
Timmy Willison [Wed, 17 Jul 2024 13:32:02 +0000 (09:32 -0400)]
Release: ensure builds have the proper version

- order hooks in execution order
- update workflow actions

Closes gh-5519

3 months agoRelease: set preReleaseBase in config file
Timmy Willison [Fri, 12 Jul 2024 19:43:41 +0000 (15:43 -0400)]
Release: set preReleaseBase in config file

https://github.com/release-it/release-it/issues/1128#issuecomment-2224692805

Closes gh-5518

3 months agoRelease: fix running pre/post release scripts in windows
Timmy Willison [Thu, 11 Jul 2024 16:23:10 +0000 (12:23 -0400)]
Release: fix running pre/post release scripts in windows

- also fix tagging the release in the dist repo

Closes gh-5517

3 months agoRelease: update AUTHORS.txt
Timmy Willison [Wed, 10 Jul 2024 15:44:21 +0000 (11:44 -0400)]
Release: update AUTHORS.txt

3 months agoRelease: migrate release process to release-it
Timmy Willison [Thu, 27 Jul 2023 15:24:49 +0000 (11:24 -0400)]
Release: migrate release process to release-it

*Authors*
- Checking and updating authors has been migrated
  to a custom script in the repo

*Changelog*
- changelogplease is no longer maintained
- generate changelog in markdown for GitHub releases
- generate changelog in HTML for blog posts
- generate contributors list in HTML for blog posts

*dist*
- clone dist repo, copy files, and commit/push
- commit tag with dist files on main branch;
  remove dist files from main branch after release

*cdn*
- clone cdn repo, copy files, and commit/push
- create versioned and unversioned copies in cdn/
- generate md5 sums and archives for Google and MSFT

*build*
- implement reproducible builds and verify release builds
  * uses the last modified date for the latest commit
  * See https://reproducible-builds.org/
- the verify workflow also ensures all files were
  properly published to the CDN and npm

*docs*
- the new release workflow is documented at build/release/README.md

*misc*
- now that we don't need the jquery-release script and
  now that we no longer need to build on Node 10, we can
  use ESM in all files in the build folder
- move dist wrappers to "wrappers" folders for easy removal
  of all built files
- limit certain workflows to the main repo (not forks)
- version in package.json has been set to beta.1 so that
  the next release will be beta.2
- release-it added the `preReleaseBase` option and we
  now always set it to `1` in the npm script. This is
  a noop for stable releases.

Fixes jquery/jquery-release#114
Closes gh-5512

3 months agoBuild: Bump the github-actions group with 2 updates
dependabot[bot] [Fri, 5 Jul 2024 16:45:08 +0000 (18:45 +0200)]
Build: Bump the github-actions group with 2 updates

Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [github/codeql-action](https://github.com/github/codeql-action).

Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332)

Updates `github/codeql-action` from 3.25.8 to 3.25.11
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/2e230e8fe0ad3a14a340ad0815ddb96d599d2aff...b611370bb5703a7efb587f9d136a52ea24c5c38c)

Closes gh-5515

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
4 months agoBuild: upgrade dependencies; fix bundler tests on windows
Timmy Willison [Sat, 15 Jun 2024 13:11:34 +0000 (09:11 -0400)]
Build: upgrade dependencies; fix bundler tests on windows

- account for newly unused parameters in the slim builds

Closes gh-5509

4 months agoTests: remove unnecessary scroll feature test
Timmy Willison [Mon, 10 Jun 2024 18:51:02 +0000 (14:51 -0400)]
Tests: remove unnecessary scroll feature test

- it wasn't working properly anyway

Closes gh-5507

4 months agoBuild: improve specificity of eslint config; add ecma versions
Timmy Willison [Thu, 6 Jun 2024 13:56:44 +0000 (09:56 -0400)]
Build: improve specificity of eslint config; add ecma versions

Closes gh-5501

4 months agoBuild: Bump the github-actions group with 2 updates
dependabot[bot] [Wed, 5 Jun 2024 22:05:28 +0000 (00:05 +0200)]
Build: Bump the github-actions group with 2 updates

Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [github/codeql-action](https://github.com/github/codeql-action).

Updates `actions/checkout` from 4.1.2 to 4.1.6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/9bb56186c3b09b4f86b1c65136769dd318469633...a5ac7e51b41094c92402da3b24376905380afc29)

Updates `github/codeql-action` from 3.24.9 to 3.25.8
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/1b1aada464948af03b950897e5eb522f92603cc2...2e230e8fe0ad3a14a340ad0815ddb96d599d2aff)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes gh-5505

4 months agoBuild: Group dependabot PRs updating GitHub Actions
Michał Gołębiowski-Owczarek [Wed, 5 Jun 2024 22:00:32 +0000 (00:00 +0200)]
Build: Group dependabot PRs updating GitHub Actions

We have monthly automatic dependabot PRs for GitHub Actions. Unfortunately,
as of now we get a separate PR for every dependency which is a bit spammy
compared to regular commits updating source.

Thankfully, there's now a way to tell dependabot to submit a single PR per
a defined group. This change defines a single group to have a single dependabot
PR for all action updates.

Closes gh-5503

4 months agoCSS:Tests: Fix tests & support tests under CSS Zoom
Michał Gołębiowski-Owczarek [Mon, 3 Jun 2024 16:15:23 +0000 (18:15 +0200)]
CSS:Tests: Fix tests & support tests under CSS Zoom

Firefox 126+ implements CSS zoom in a way it affects width computed style
very slightly (`100.008px` instead of `100px`); accept that difference.

Add a test for support tests resolving the same under CSS zoom & without one.
That test uncovered Chrome failing the `reliableTrDimensions` support test
under zoom; the test has been fixed.

Fixes gh-5489
Closes gh-5495
Ref gh-5496

4 months agoTests: Align `:has` selector tests with `3.x-stable`
Michał Gołębiowski-Owczarek [Wed, 29 May 2024 16:32:59 +0000 (18:32 +0200)]
Tests: Align `:has` selector tests with `3.x-stable`

Consistently use `assert.selectInFixture` instead of prepending the selector
with `#qunit-fixture ` manually.

Closes gh-5498
Ref gh-5497

4 months agoTests: revert concurrency group change
Timmy Willison [Wed, 29 May 2024 15:06:23 +0000 (11:06 -0400)]
Tests: revert concurrency group change

- It's common for us to merge to main and cherry pick to 3.x-stable,
  so it's best if concurrency is shared between branches, which
  is effectively what we had already as it matches on workflow name
  and browser. Ideally, it could also match on the corresponding commit,
  but it seems the commit message is not available in the github context.

Close gh-5492

4 months agoEvent: Increase robustness of an inner native event in leverageNative
Michał Gołębiowski-Owczarek [Mon, 20 May 2024 16:05:19 +0000 (18:05 +0200)]
Event: Increase robustness of an inner native event in leverageNative

In Firefox, alert displayed just before blurring an element dispatches
the native blur event twice which tripped the jQuery logic if a jQuery blur
handler was not attached before the trigger call.

This was because the `leverageNative` logic part for triggering first checked if
setup was done before (which, for example, is done if a jQuery handler was
registered before for this element+event pair) and - if it was not - added
a dummy handler that just returned `true`. The `leverageNative` logic made that
`true` then saved into private data, replacing the previous `saved` array. Since
`true` passed the truthy check, the second native inner handler treated `true`
as an array, crashing on the `slice` call.

The same issue could happen if a handler returning `true` is attached before
triggering. A bare `length` check would not be enough as the user handler may
return an array-like as well. To remove this potential data shape clash, capture
the inner result in an object with a `value` property instead of saving it
directly.

Since it's impossible to call `alert()` in unit tests, simulate the issue by
replacing the `addEventListener` method on a test button with a version that
calls attached blur handlers twice.

Fixes gh-5459
Closes gh-5466
Ref gh-5236

5 months agoTests: include github ref in concurrency group
Timmy Willison [Thu, 25 Apr 2024 17:07:55 +0000 (13:07 -0400)]
Tests: include github ref in concurrency group

- fixes cancelled workflows when multiple PRs are merged
  in quick succession to both the main and 3.x-stable branches

Close gh-5481

5 months agoTests: Make the beforeunload event tests work regardless of extensions
Michał Gołębiowski-Owczarek [Wed, 24 Apr 2024 22:24:55 +0000 (00:24 +0200)]
Tests: Make the beforeunload event tests work regardless of extensions

Some browser extensions, like React DevTools, send messages to the content area.
Since our beforeunload event test listens for all messages, it used to catch
those as well, failing the test.

Add a `source` field to the payload JSON and check for it before treating the
message as coming from our own test to make sure the test passes even with such
browser extensions installed.

Closes gh-5478

5 months agoDocs: Update remaining HTTP URLs to HTTPS
Michał Gołębiowski-Owczarek [Wed, 24 Apr 2024 22:22:36 +0000 (00:22 +0200)]
Docs: Update remaining HTTP URLs to HTTPS

Update a few remaining HTTP URLs to HTTPS. The only ones left are XMLNS-like
URLs or ones to localhost - those need to stay as-is.

Closes gh-5479

5 months agoOffset: Increase search depth when finding the 'real' offset parent
Liam James [Fri, 19 Apr 2024 13:47:52 +0000 (23:47 +1000)]
Offset: Increase search depth when finding the 'real' offset parent

Changes:
* Increase search depth when finding for the real offset parent
* Ignore offset for statically positioned offset parent
* Add tests for the position of an element in a table

Closes gh-4861

6 months agoBuild: Bump actions/cache, actions/checkout & github/codeql-action
dependabot[bot] [Tue, 2 Apr 2024 21:35:25 +0000 (23:35 +0200)]
Build: Bump actions/cache, actions/checkout & github/codeql-action

1. Bump actions/cache from 4.0.1 to 4.0.2

Bumps [actions/cache](https://github.com/actions/cache) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/ab5e6d0c87105b4c9c2047343972218f562e4319...0c45773b623bea8c8e75f6c82b208c3cf94ea4f9)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

2. Bump github/codeql-action from 3.24.6 to 3.24.9

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.6 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/8a470fddafa5cbb6266ee11b37ef4d8aae19c571...1b1aada464948af03b950897e5eb522f92603cc2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Bump actions/checkout from 4.1.1 to 4.1.2

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/b4ffde65f46336ab88eb53be808477a3936bae11...9bb56186c3b09b4f86b1c65136769dd318469633)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Closes gh-5462

Signed-off-by: dependabot[bot] <support@github.com>
6 months agoTests: share queue/browser handling for all worker types
Timmy Willison [Mon, 1 Apr 2024 14:23:36 +0000 (10:23 -0400)]
Tests: share queue/browser handling for all worker types

- one queue to rule them all: browserstack, selenium, and jsdom
- retries and hard retries are now supported in selenium
- selenium tests now re-use browsers in the same way as browserstack

Close gh-5460

6 months agoBuild: Bump express from 4.18.3 to 4.19.2
dependabot[bot] [Fri, 29 Mar 2024 20:23:24 +0000 (21:23 +0100)]
Build: Bump express from 4.18.3 to 4.19.2

Bumps [express](https://github.com/expressjs/express) from 4.18.3 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.3...4.19.2)

Closes gh-5461

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6 months agoTests: improve diffing for values of different types
Timmy Willison [Wed, 27 Mar 2024 14:36:35 +0000 (10:36 -0400)]
Tests: improve diffing for values of different types

Close gh-5454

Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
6 months agoAttributes: Make `.attr( name, false )` remove for all non-ARIA attrs
Michał Gołębiowski-Owczarek [Tue, 19 Mar 2024 23:46:30 +0000 (00:46 +0100)]
Attributes: Make `.attr( name, false )` remove for all non-ARIA attrs

The HTML spec defines boolean attributes:
https://html.spec.whatwg.org/#boolean-attributes
that often correlate with boolean properties. If the attribute is missing, it
correlates with the `false` property value, if it's present - the `true`
property value. The only valid values are an empty string or the attribute name.

jQuery tried to be helpful here and treated boolean attributes in a special way
in the `.attr()` API:
1. For the getter, as long as the attribute was present, it was returning the
   attribute name lowercased, ignoring the value.
2. For the setter, it was removing the attribute when `false` was passed;
   otherwise, it was ignoring the passed value and set the attribute -
   interestingly, in jQuery `>=3` not lowercased anymore.

The problem is the spec occasionally converts boolean attributes into ones with
additional attribute values with special behavior - one such example is the new
`"until-found"` value for the `hidden` attribute. Our setter normalization
means passing those values is impossible with jQuery. Also, new boolean
attributes are introduced occasionally and jQuery cannot easily add them to the
list without incurring breaking changes.

This patch removes any special handling of boolean attributes - the getter
returns the value as-is and the setter sets the provided value.

To provide better backwards compatibility with the very frequent `false` value
provided to remove the attribute, this patch makes `false` trigger attribute
removal for ALL non-ARIA attributes. ARIA attributes are exempt from the rule
since many of them recognize `"false"` as a valid value with semantics different
than the attribute missing. To remove an ARIA attribute, use `.removeAttr()` or
pass `null` as the value to `.attr()` which doesn't have this exception.

Fixes gh-5388
Closes gh-5452

Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
7 months agoTests: show any and all actual/expected values
Timmy Willison [Fri, 15 Mar 2024 21:44:05 +0000 (17:44 -0400)]
Tests: show any and all actual/expected values

Close gh-5448

7 months agoTests: add diffing to test reporter
Timmy Willison [Thu, 14 Mar 2024 18:28:20 +0000 (14:28 -0400)]
Tests: add diffing to test reporter

Close gh-5445

7 months agoTests: add actual and expected messages to test reporter
Timmy Willison [Thu, 14 Mar 2024 13:05:42 +0000 (09:05 -0400)]
Tests: add actual and expected messages to test reporter

Close gh-5443

7 months agoCore: Fix the exports setup to make bundlers work with ESM & CommonJS
Michał Gołębiowski-Owczarek [Mon, 11 Mar 2024 23:39:34 +0000 (00:39 +0100)]
Core: Fix the exports setup to make bundlers work with ESM & CommonJS

We cannot pass a single file via the `module` condition as then
`require( "jquery" )` will not return jQuery but instead the module object
with `default`, `$` & `jQuery` as keys. Instead:

1. For Node.js, detected via the `node` condition:
    1. Expose a regular CommonJS version to `require`
    2. Expose a tiny wrapper over CommonJS to `import`
2. For bundlers, detected via the `module` condition:
    1. Expose a regular ESM version to `import`
    2. Expose a tiny wrapper over ESM to `require`
3. If neither Node.js nor bundlers are detected (no `node` or `module`
   conditions`):
    1. Expose a regular CommonJS version to `require`
    2. Expose a regular ESM version to `import`

The reasons for such definitions are as follows:
1. In Node.js, one can synchronously import from a CommonJS file inside of
   an ESM one but not vice-versa. To use an ESM file in a CommonJS one,
   a dynamic import is required and that forces asynchronicity.
2. In some bundlers CommonJS is not necessarily enabled - e.g. in Rollup without
   the CommonJS plugin. Therefore, the ESM version needs to be pure ESM.
   However, bundlers allow synchronously calling `require` on an ESM file. This
   is possible since bundlers merge the files before they are passed to
   the browser to execute and the final bundles no longer contain async import
   code.
3. Bare ESM & CommonJS versions are provided to non-Node non-bundler
   environments where we cannot assume interoperability between ESM & CommonJS
   is supported.
4. Bare versions cannot be supplied to Node or bundlers as projects using both
   ESM & CommonJS to fetch jQuery would result in duplicate jQuery instances,
   leading to increased JS size and disjoint data storage.

In addition to the above changes, the `script` condition has been dropped. Only
Webpack documents this condition and it's not clear when exactly it's triggered.
Adding support for a new condition can be added later without a breaking change;
removing is not so easy.

The `production` & `development` conditions have been removed as well. They were
not really applied correctly; we'd need to provide both of them to each current
leaf which would double the size of the definition for the `.` & `./slim` entry
points. In jQuery, the only difference between development & production builds
is minification; there are no logic changes so we can pass unminified versions
to all the tooling, expecting minification down the line.

As for the factory entry points:
1. Node.js always gets the CommonJS version
2. Bundlers always get the ESM version
3. Other tools take the ESM version when using `import` and the CommonJS when
   using `require`.

The complexity is lower than for the `.` & `./slim` entry points because there's
no default export to handle so Node/bundler wrapper files are not necessary.

Other changes:
* Tests: Change "node:assert" to "node:assert/strict"; the former is deprecated
* Docs: Mention that the CommonJS module doesn't expose named exports
* Tests: Run Node & bundler tests for all the above cases

Fixes gh-5416
Closes gh-5429

7 months agoTests: fix worker restarts for failed browser acknowledgements
Timmy Willison [Mon, 11 Mar 2024 14:51:06 +0000 (10:51 -0400)]
Tests: fix worker restarts for failed browser acknowledgements

Close gh-5440

7 months agoBuild: make compare size cache readable for manual edits
Timmy Willison [Sun, 10 Mar 2024 16:27:22 +0000 (12:27 -0400)]
Build: make compare size cache readable for manual edits

Ref gh-5440

7 months agoBuild: fix size comparison for slim files when the branch is dirty
Timmy Willison [Sun, 10 Mar 2024 16:19:58 +0000 (12:19 -0400)]
Build: fix size comparison for slim files when the branch is dirty

Ref gh-5440

7 months agoBuild: migrate more uses of fs.promises; use node: protocol
Timmy Willison [Sun, 10 Mar 2024 16:19:15 +0000 (12:19 -0400)]
Build: migrate more uses of fs.promises; use node: protocol

Ref gh-5440

7 months agoTests: add --hard-retries option to test runner
Timmy Willison [Mon, 11 Mar 2024 14:39:38 +0000 (10:39 -0400)]
Tests: add --hard-retries option to test runner

- Add the ability to retry by restarting the worker and
  getting a different browser instance, after all
  normal retries have been exhausted. This can sometimes
  be successful when a refresh is not.

Close gh-5438

7 months agoBuild: Bump github/codeql-action from 3.24.0 to 3.24.6
dependabot[bot] [Sun, 10 Mar 2024 14:37:30 +0000 (10:37 -0400)]
Build: Bump github/codeql-action from 3.24.0 to 3.24.6

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.0 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/e8893c57a1f3a2b659b6b55564fdfdbbd2982911...8a470fddafa5cbb6266ee11b37ef4d8aae19c571)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Close gh-5425

7 months agoBuild: Bump actions/cache from 4.0.0 to 4.0.1
dependabot[bot] [Sun, 10 Mar 2024 14:36:56 +0000 (10:36 -0400)]
Build: Bump actions/cache from 4.0.0 to 4.0.1

Bumps [actions/cache](https://github.com/actions/cache) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/13aacd865c20de90d75de3b17ebe84f7a17d57d2...ab5e6d0c87105b4c9c2047343972218f562e4319)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Close gh-5424

7 months agoTests: fix cleanup in cases where server doesn't stop
Timmy Willison [Fri, 8 Mar 2024 23:40:55 +0000 (18:40 -0500)]
Tests: fix cleanup in cases where server doesn't stop

7 months agoBuild: drop support for Node 10
Timmy Willison [Fri, 8 Mar 2024 23:18:24 +0000 (18:18 -0500)]
Build: drop support for Node 10

Close gh-5436

7 months agoBuild: add GitHub Actions workflow to update Filestash
Timmy Willison [Fri, 8 Mar 2024 20:07:52 +0000 (15:07 -0500)]
Build: add GitHub Actions workflow to update Filestash

Close gh-5434

7 months agoTests: fix flakey message logs; ignore delete worker failures
Timmy Willison [Tue, 5 Mar 2024 20:50:51 +0000 (15:50 -0500)]
Tests: fix flakey message logs; ignore delete worker failures

Close gh-5432

7 months agoTests: reuse browser workers in BrowserStack tests (#5428)
Timmy Willison [Tue, 5 Mar 2024 19:44:01 +0000 (14:44 -0500)]
Tests: reuse browser workers in BrowserStack tests (#5428)

- reuse BrowserStack workers.
- add support for "latest" and "latest-1" in browser version filters
- add support for specifying non-final browser versions, such as beta versions
- more accurate eslint for files in test/runner
- switched `--no-isolate` command flag to `--isolate`. Now that browser instances are shared, it made more sense to me to default to no isolation unless specified. This turned out to be cleaner because the only place we isolate is in browserstack.yml.
- fixed an issue with retries where it wasn't always waiting for the retried test run
- enable strict mode in test yargs command

7 months agoTests: Use allowlist instead of whitelist
J.Son [Thu, 29 Feb 2024 23:40:41 +0000 (07:40 +0800)]
Tests: Use allowlist instead of whitelist

Closes gh-5420

7 months agoBuild: update jenkins script to only build
Timmy Willison [Mon, 26 Feb 2024 18:46:43 +0000 (13:46 -0500)]
Build: update jenkins script to only build

- this will soon be replaced by a new GH actions workflow

Close gh-5422

7 months agoTests: migrate testing infrastructure to minimal dependencies
Timmy Willison [Mon, 26 Feb 2024 14:42:10 +0000 (09:42 -0500)]
Tests: migrate testing infrastructure to minimal dependencies

This is a complete rework of our testing infrastructure. The main goal is to modernize and drop deprecated or undermaintained dependencies (specifically, grunt, karma, and testswarm). We've achieved that by limiting our dependency list to ones that are unlikely to drop support any time soon. The new dependency list includes:

- `qunit` (our trusty unit testing library)
- `selenium-webdriver` (for spinning up local browsers)
- `express` (for starting a test server and adding middleware)
  - express middleware includes uses of `body-parser` and `raw-body`
- `yargs` (for constructing a CLI with pretty help text)
- BrowserStack (for running each of our QUnit modules separately in all of our supported browsers)
  - `browserstack-local` (for opening a local tunnel. This is the same package still currently used in the new Browserstack SDK)
  - We are not using any other BrowserStack library. The newest BrowserStack SDK does not fit our needs (and isn't open source). Existing libraries, such as `node-browserstack` or `browserstack-runner`, either do not quite fit our needs, are under-maintained and out-of-date, or are not robust enough to meet all of our requirements. We instead call the [BrowserStack REST API](https://github.com/browserstack/api) directly.

## BrowserStack Runner
- automatically retries individual modules in case of test failure(s)
- automatically attempts to re-establish broken tunnels
- automatically refreshes the page in case a test run has stalled
- runs all browsers concurrently and uses as many sessions as are available under the BrowserStack plan. It will wait for available sessions if there are none.
- supports filtering the available list of browsers by browser name, browser version, device, OS, and OS version (see `npm run test:unit -- --list-browsers` for more info). It will retrieve the latest matching browser available if any of those parameters are not specified.
- cleans up after itself (closes the local tunnel, stops the test server, etc.)
- Requires `BROWSERSTACK_USERNAME` and `BROWSERSTACK_ACCESS_KEY` environment variables.

## Selenium Runner
- supports running any local browser as long as the driver is installed, including support for headless mode in Chrome, FF, and Edge
- supports running `basic` tests on the latest [jsdom](https://github.com/jsdom/jsdom#readme), which can be seen in action in this PR (see `test:browserless`)
- Node tests will run as before in PRs and all non-dependabot branches, but now includes tests on real Safari in a GH actions macos image instead of playwright-webkit.
- can run multiple browsers and multiple modules concurrently

Other notes:
- Stale dependencies have been removed and all remaining dependencies have been upgraded with a few exceptions:
  - `sinon`: stopped supporting IE in version 10. But, `sinon` has been updated to 9.x.
  - `husky`: latest does not support Node 10 and runs on `npm install`. Needed for now until git builds are migrated to GitHub Actions.
  - `rollup`: latest does not support Node 10. Needed for now until git builds are migrated to GitHub Actions.
- BrowserStack tests are set to run on each `main` branch commit
- `debug` mode leaves Selenium browsers open whether they pass or fail and leaves browsers with test failures open on BrowserStack. The latter is to avoid leaving open too many sessions.
- This PR includes a workflow to dispatch BrowserStack runs on-demand
- The Node version used for most workflow tests has been upgraded to 20.x
- updated supportjQuery to 3.7.1

Run `npm run test:unit -- --help` for CLI documentation

Close gh-5418

8 months agoBuild: Bump actions/cache & github/codeql-action (#5402)
dependabot[bot] [Sun, 11 Feb 2024 00:45:15 +0000 (01:45 +0100)]
Build: Bump actions/cache & github/codeql-action (#5402)

* Build: Bump actions/cache from 3.3.2 to 4.0.0

Bumps [actions/cache](https://github.com/actions/cache) from 3.3.2 to 4.0.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/704facf57e6136b1bc63b828d79edcd491f0ee84...13aacd865c20de90d75de3b17ebe84f7a17d57d2)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

* Build: Bump github/codeql-action from 3.22.12 to 3.24.0

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.22.12 to 3.24.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/012739e5082ff0c22ca6d6ab32e07c36df03c4a4...e8893c57a1f3a2b659b6b55564fdfdbbd2982911)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---------

Closes gh-5402
Closes gh-5415

Signed-off-by: dependabot[bot] <support@github.com>
8 months agoRelease: add factory files to release distribution
Timmy Willison [Fri, 9 Feb 2024 00:42:51 +0000 (19:42 -0500)]
Release: add factory files to release distribution

Fixes gh-5411
Close gh-5412

8 months agoTests: Fix Karma tests on Node.js 20
Michał Gołębiowski-Owczarek [Thu, 8 Feb 2024 22:52:19 +0000 (23:52 +0100)]
Tests: Fix Karma tests on Node.js 20

Node.js 20 started throwing errors when `writeHead` is called twice on
a response. This might have already been invalid before but it wasn't throwing
on Node.js 18.

Compute the headers object and call `writeHead` once to avoid the issue.

Closes gh-5397

8 months agoRelease: use buildDefaultFiles directly and pass version
Timmy Willison [Tue, 6 Feb 2024 14:53:30 +0000 (09:53 -0500)]
Release: use buildDefaultFiles directly and pass version

- also add the ability to pass VERSION in env to test final builds
- adjust sha regex to account for lack of shas
- set the version on the dist package.json

Close gh-5408

8 months agoRelease: copy dist-module folder as well
Timmy Willison [Mon, 5 Feb 2024 17:56:33 +0000 (12:56 -0500)]
Release: copy dist-module folder as well

Close gh-5407

8 months agoRelease: only published versioned files to cdn
Timmy Willison [Mon, 5 Feb 2024 16:51:11 +0000 (11:51 -0500)]
Release: only published versioned files to cdn

Close gh-5406

8 months agoRelease: remove scripts and dev deps from dist package.json
Timmy Willison [Mon, 5 Feb 2024 15:36:47 +0000 (10:36 -0500)]
Release: remove scripts and dev deps from dist package.json

- this became necessary due to the addition of the prepare script
- scripts aren't needed and don't work in the dist repo

Close gh-5404

8 months agoRelease: update build command in Release.generateArtifacts
Timmy Willison [Wed, 31 Jan 2024 14:18:41 +0000 (09:18 -0500)]
Release: update build command in Release.generateArtifacts

Close gh-5399

8 months agoAttributes: Shave off a couple of bytes
Michał Gołębiowski-Owczarek [Wed, 31 Jan 2024 00:47:11 +0000 (01:47 +0100)]
Attributes: Shave off a couple of bytes

The `attrHooks` entries for boolean attributes are only defined for jQuery 4+;
jQuery 3.x used a separate mechanism - assigning them to
`jQuery.expr.attrHandle`. That object used to be maintained by Sizzle, since
jQuery 3.7.0 it's kept in the selector module. Because of that, the `isXMLDoc`
check used to be require in this hook.

Now that standard `attrHooks` are used, the `isXMLDoc` check already happens
inside of `jQuery.attr` and there's no need to repeat it in the test. Note that
this repetition is even incorrect - while Sizzle's `jQuery.find.attr` used to
treat an `undefined` output of the hooks from `jQuery.expr.attrHandle` as a way
to opt out of the hook, jQuery's `attrHooks` use `null` to opt out of a getter
hook.

Apart from the size, this patch also avoids unnecessary extra checks.

Closes gh-5398

8 months agoData: Refactor to reduce size
Richard Gibson [Tue, 23 Jan 2024 03:13:23 +0000 (22:13 -0500)]
Data: Refactor to reduce size

* Return the new value from `set(owner, key, value)`.
* Use `set(owner, key, value)` rather than `access(owner, key, value)`.

Close gh-5392

8 months agoBuild: migrate grunt authors to a custom script
Timmy Willison [Tue, 23 Jan 2024 02:08:16 +0000 (21:08 -0500)]
Build: migrate grunt authors to a custom script

- the new script pulls all authors from the Sizzle repo
- added temporary grunt task for releases

Close gh-5395

9 months agoManipulation: Generalize a test to support IE
Richard Gibson [Fri, 12 Jan 2024 23:19:33 +0000 (18:19 -0500)]
Manipulation: Generalize a test to support IE

Ref gh-5378
Closes gh-5391

9 months agoSelector: Make `selector.js` module depend on `attributes/attr.js`
Michał Gołębiowski-Owczarek [Fri, 12 Jan 2024 00:18:03 +0000 (01:18 +0100)]
Selector: Make `selector.js` module depend on `attributes/attr.js`

This fixes custom builds using the `--include` switch that don't include
the `attributes` module.

Fixes gh-5379
Closes gh-5384

Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
9 months agoBuild: Bump follow-redirects from 1.15.1 to 1.15.4
dependabot[bot] [Fri, 12 Jan 2024 00:12:52 +0000 (01:12 +0100)]
Build: Bump follow-redirects from 1.15.1 to 1.15.4

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.1 to 1.15.4.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.1...v1.15.4)

Closes gh-5389

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
9 months agoManipulation: Support $el.html(selfRemovingScript) (#5378)
Richard Gibson [Mon, 8 Jan 2024 17:30:39 +0000 (12:30 -0500)]
Manipulation: Support $el.html(selfRemovingScript) (#5378)

Don't try to remove a script element that has already removed itself.

Also, compress `DOMEval.js`.

Fixes gh-5377
Closes gh-5378

9 months agoSelector: Eliminate `selector.js` depenencies from various modules
Michał Gołębiowski-Owczarek [Thu, 4 Jan 2024 00:06:40 +0000 (01:06 +0100)]
Selector: Eliminate `selector.js` depenencies from various modules

There are two main reasons for why some of those dependencies are no longer
needed:
1. `jQuery.contains` which is now a part of `core`.
2. `jQuery.find.attr` no longer exists, native `getAttribute` is used instead.

Closes gh-5383
Ref gh-5379

9 months agoBuild: Bump actions/setup-node and github/codeql-action
dependabot[bot] [Mon, 1 Jan 2024 00:53:22 +0000 (00:53 +0000)]
Build: Bump actions/setup-node and github/codeql-action

1: Bump actions/setup-node from 4.0.0 to 4.0.1

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/8f152de45cc393bb48ce5d89d36b731f54556e65...b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

2: Bump github/codeql-action from 2.22.5 to 3.22.12

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.5 to 3.22.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/74483a38d39275f33fcff5f35b679b5ca4a26a99...012739e5082ff0c22ca6d6ab32e07c36df03c4a4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Closes gh-5381
Closes gh-5382

Signed-off-by: dependabot[bot] <support@github.com>
10 months agoBuild: Reformat GitHub workflow Yaml files
Michał Gołębiowski-Owczarek [Mon, 20 Nov 2023 17:20:16 +0000 (18:20 +0100)]
Build: Reformat GitHub workflow Yaml files

Use Prettier 3.1.0 to reformat the Yaml files. This makes their format identical
to the one used on `3.x-stable`, making for much easier cherry-picks.

The main difference is the list under `steps:` was not indented while all other
lists were.

Closes gh-5364

11 months agoBuild: Bump @babel/traverse & multiple actions
Michał Gołębiowski-Owczarek [Mon, 13 Nov 2023 17:44:30 +0000 (18:44 +0100)]
Build: Bump @babel/traverse & multiple actions

1: Bump actions/cache from 3.3.1 to 3.3.2

Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 3.3.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8...704facf57e6136b1bc63b828d79edcd491f0ee84)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

2: Bump actions/checkout from 3.6.0 to 4.1.1

Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...b4ffde65f46336ab88eb53be808477a3936bae11)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

3: Bump github/codeql-action from 2.21.5 to 2.22.5

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.5 to 2.22.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/00e563ead9f72a8461b24876bee2d0c2e8bd2ee8...74483a38d39275f33fcff5f35b679b5ca4a26a99)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

4: Bump actions/setup-node from 3.8.1 to 4.0.0

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.8.1 to 4.0.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d...8f152de45cc393bb48ce5d89d36b731f54556e65)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

5: Bump @babel/traverse from 7.22.5 to 7.23.2

Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.22.5 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Closes gh-5341
Closes gh-5349
Closes gh-5354
Closes gh-5355
Closes gh-5356
Closes gh-5363

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
11 months agoBuild: Don't run CI push workflows for dependabot branches
Michał Gołębiowski-Owczarek [Mon, 13 Nov 2023 17:18:20 +0000 (18:18 +0100)]
Build: Don't run CI push workflows for dependabot branches

Without this change, dependabot PRs run double checks - one set for the `push`
part and one for the `pull_request` part.

Closes gh-5353

11 months agoCSS: Fix reliableTrDimensions support test for initially hidden iframes
Michał Gołębiowski-Owczarek [Mon, 6 Nov 2023 23:35:52 +0000 (00:35 +0100)]
CSS: Fix reliableTrDimensions support test for initially hidden iframes

Closes gh-5358
Ref gh-5317
Ref gh-5359

11 months agoBuild: Update ESLint-related packages, fix linting errors
Michał Gołębiowski-Owczarek [Wed, 1 Nov 2023 23:48:50 +0000 (00:48 +0100)]
Build: Update ESLint-related packages, fix linting errors

The main change is the new rule in `eslint-config-jquery`:
`template-curly-spacing`.

Closes gh-5347
Ref jquery/eslint-config-jquery#21
Ref gh-5348

12 months agoBuild: Run pretest before test:* npm scripts
Michał Gołębiowski-Owczarek [Mon, 16 Oct 2023 16:54:54 +0000 (18:54 +0200)]
Build: Run pretest before test:* npm scripts

Build was already happening in scripts like `test:browser` but those scripts
were missing `pretest`, meaning that running `npm install && npm test:browser`
may have failed if `pretest` wasn't run before or if its results were out of
date.

Even worse, with such stale data some tests may erroneously succeed.

This also removes a separate `pretest` step from GitHub Actions as it's no
longer needed.

Closes gh-5338

12 months agoDocs: Fix module links in the package README
Michał Gołębiowski-Owczarek [Thu, 21 Sep 2023 23:39:05 +0000 (01:39 +0200)]
Docs: Fix module links in the package README

The package README used to show examples importing from a regular jQuery file;
this won't work natively. Instead, use module versions of jQuery in these
examples.

Closes gh-5336

12 months agoBuild: sort branches in compare_size; last run last
Timmy Willison [Thu, 21 Sep 2023 21:45:33 +0000 (17:45 -0400)]
Build: sort branches in compare_size; last run last

Close gh-5333

12 months agoBuild: run pretest in jenkins script
Timmy Willison [Wed, 20 Sep 2023 22:07:35 +0000 (18:07 -0400)]
Build: run pretest in jenkins script

12 months agoBuild: fix inconsistent builds in Node 20
Timmy Willison [Wed, 20 Sep 2023 21:19:21 +0000 (17:19 -0400)]
Build: fix inconsistent builds in Node 20

- one fileOverrides per build
- only run the lint build when running lint

Close gh-5332

12 months agoDocs: update watch task in CONTRIBUTING.md
Timmy Willison [Wed, 20 Sep 2023 22:10:57 +0000 (18:10 -0400)]
Docs: update watch task in CONTRIBUTING.md

Close gh-5331

12 months agoBuild: add commit SHAs and last runs to comparisons
Timmy Willison [Wed, 20 Sep 2023 01:15:45 +0000 (21:15 -0400)]
Build: add commit SHAs and last runs to comparisons

- only remove the short SHA and .dirty from version strings
- automatically reset the cache on version mismatch

Close gh-5329

12 months agoBuild: add new factory files to dist eslint
Timmy Willison [Wed, 20 Sep 2023 02:20:10 +0000 (22:20 -0400)]
Build: add new factory files to dist eslint

12 months agoCSS:Selector: Align with 3.x, remove the outer `selector.js` wrapper
Michał Gołębiowski-Owczarek [Wed, 20 Sep 2023 00:31:35 +0000 (02:31 +0200)]
CSS:Selector: Align with 3.x, remove the outer `selector.js` wrapper

Bring some changes from `3.x-stable`:
* rename `rtrim` to `rtrimCSS` to distinguish from the previous `rtrim`
  regex used for `jQuery.trim`
* backport one `id` selector test that avoids the selector engine path

Other changes:
* remove the inner function wrapper from `selector.js` by renaming
  the imported `document.js` value
* use `jQuery.error` in `selectorError`
* make Selector tests pass in all-modules runs by fixing a sinon mistake
  in Core tests - Core tests had a spy set up for `jQuery.error` that wasn't
  cleaned up, influencing Selector tests when all were run together

Closes gh-5295

12 months agoCore: Add more info about named exports
Michał Gołębiowski-Owczarek [Tue, 19 Sep 2023 23:29:05 +0000 (01:29 +0200)]
Core: Add more info about named exports

Also, fix an example importing from `jquery/src/css.js` as that is supposed
to use named exports now.

Closes gh-5328

12 months agoCore: Simplify code post browser support reduction
Michał Gołębiowski-Owczarek [Tue, 19 Sep 2023 22:54:40 +0000 (00:54 +0200)]
Core: Simplify code post browser support reduction

Summary of the changes:
* Core: Simplify code post browser support reduction
* Tests: Remove legacy jQuery.cache & oldIE leftovers
* Tests: Reformat JavaScript in delegatetest.html
* Docs: "jQuery Foundation Projects" -> "jQuery Projects"
* Tests: Drop an unused localfile.html file (modern browsers don't support
  the `file:` protocol this way, there's no point in keeping the file around)
* Effects: Remove a redundant `!fn` check (`fn || !fn && easing` is equivalent
  to `fn || easing`; simplify the code)
* CSS: Explain the fallback to direct object access in curCSS better
* Tests: Deduplicate `jQuery.parseHTML` test titles
* Dimensions: Add a test for fractional values
* Tests: Fix a buggy WebKit regex

Closes gh-5296

12 months agoCore: Move the factory to separate exports
Michał Gołębiowski-Owczarek [Tue, 19 Sep 2023 16:58:24 +0000 (18:58 +0200)]
Core: Move the factory to separate exports

Since versions 1.11.0/2.1.0, jQuery has used a module wrapper with one strange
addition - in CommonJS environments, if a global `window` with a `document` was
not present, jQuery exported a factory accepting a `window` implementation and
returning jQuery.

This approach created a number of problems:
1. Properly typing jQuery would be a nightmare as the exported value depends on
   the environment. In practice, typing definitions ignored the factory case.
2. Since we now use named exports for the jQuery module version, it felt weird
   to have `jQuery` and `$` pointing to the factory instead of real jQuery.

Instead, for jQuery 4.0 we leverage the just added `exports` field in
`package.json` to expose completely separate factory entry points: one for the
full build, one for the slim one.

Exports definitions for `./factory` & `./factory-slim` are simpler than for `.`
and `./slim` - this is because it's a new entry point, we only expose a named
export and so there's no issue with just pointing Node.js to the CommonJS
version (we cannot use the module version for `import` from Node.js to avoid
double package hazard). The factory entry points are also not meant for the Web
browser which always has a proper `window` - and they'd be unfit for an
inclusion in a regular script tag anyway. Because of that, we also don't
generate minified versions of these entry points.

The factory files are not pushed to the CDN since they are mostly aimed
at Node.js.

Closes gh-5293

12 months agoBuild: Bump qs, socket.io-parser, socket.io & json5
dependabot[bot] [Mon, 18 Sep 2023 16:39:28 +0000 (16:39 +0000)]
Build: Bump qs, socket.io-parser, socket.io & json5

1: Bump json5 from 2.2.0 to 2.2.3

Bumps [json5](https://github.com/json5/json5) from 2.2.0 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v2.2.0...v2.2.3)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

2: Bump socket.io-parser and socket.io

Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser)
and [socket.io](https://github.com/socketio/socket.io). These dependencies
needed to be updated together.

Updates `socket.io-parser` from 4.0.5 to 4.2.4
- [Release notes](https://github.com/socketio/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io-parser/compare/4.0.5...4.2.4)

Updates `socket.io` from 4.5.1 to 4.7.2
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/4.5.1...4.7.2)

---
updated-dependencies:
- dependency-name: socket.io-parser
  dependency-type: indirect
- dependency-name: socket.io
  dependency-type: indirect
...

3: Bump qs from 6.5.2 to 6.5.3

Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3.
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3)

---
updated-dependencies:
- dependency-name: qs
  dependency-type: indirect
...

Closes gh-5324
Closes gh-5325
Closes gh-5326

Signed-off-by: dependabot[bot] <support@github.com>