| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
Sizzle & the `3.x-stable` branch have tests adding a custom attribute getter
to `attrHandle` and checking if selection takes it into account. `attrHandle`
was removed from the `4.x` line so the tests were not ported to the `main`
branch, but the `4.x` line takes standard jQuery attribute getters into account
instead and we should test for that.
Backport the `3.x-stable` selector tests for custom attribute getters, changing
`jQuery.expr.attrHandle` to `jQuery.attrHooks`.
Closes gh-5568
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using a document created via:
```js
document.implementation.createHTMLDocument( "" )
```
was needed in IE 9 which doesn't support `DOMParser#parseFromString` for
`text/html`. We can switch to:
```js
( new window.DOMParser() ) .parseFromString( "", "text/html" )
```
now, saving some bytes.
Closes gh-5572
|
|
|
| |
Closes gh-5553
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
group
Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).
Updates `github/codeql-action` from 3.27.0 to 3.27.5
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/662472033e021d55d94146f66f6058822b0b39fd...f09c1c0a94de965c15400f5634aa42fac8fb8f88)
Closes gh-5587
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The `finalPropName` util caches properties detected to require a vendor
prefix. This used to cache unprefixed properties as well, but it was
reported that this logic broke accidentally during a refactor. Since
fewer & fewer properties require a vendor prefix and caching a few
basic checks likely has negligible perf benefits, opt to saving a few
bytes and remove the cache.
Closes gh-5583
Ref gh-5582
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
So far, we were mostly optimizing gzipped sizes. However, using Brotli is more
and more popular as all modern browsers support it and compression is much
better. It makes sense to also pay attention to these numbers.
The `comparseSize` version stays at `2` as this only introduces a new field
without affecting existing ones. The only drawback is comparisons with branches
that didnt have Brotli computed before will return `NaN`. This can be easily
fixed locally by checking out the branch and running the build, but at least
we don't lose gzipped sizes in the meantime.
Closes gh-5586
|
|
|
| |
Closes gh-5584
|
|
|
|
|
|
|
|
|
|
|
| |
`fs.readFileSync` crashes when a non-existing file is passed to it. Some APIs
of `middleware-mockserver` read a file the path of which depends on query
parameters, making it possible to crash it by providing such a parameter. The
old PHP server doesn't have these issues.
To fix this, wrap all `fs.readFileSync` occurrences with a function that falls
back to the string `"ERROR"`.
Closes gh-5579
|
|
|
|
|
|
|
|
|
|
|
| |
Those APIs have formally been deprecated since `3.0.0`, but they never made its
way into the deprecated module.
`jQuery.expr[ ":" ]` has been removed when Sizzle got inlined into Core in
gh-4395; this change restores it.
Closes gh-5580
Ref gh-5570
Ref gh-4395
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-node](https://github.com/actions/setup-node), [actions/cache](https://github.com/actions/cache) and [github/codeql-action](https://github.com/github/codeql-action).
Updates `actions/checkout` from 4.2.0 to 4.2.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...11bd71901bbe5b1630ceea73d27597364c9af683)
Updates `actions/setup-node` from 4.0.4 to 4.1.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/0a44ba7841725637a19e28fa30b79a866c81b0a6...39370e3970a6d050c480ffad4ff0ed4d3fdee5af)
Updates `actions/cache` from 4.0.2 to 4.1.2
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/0c45773b623bea8c8e75f6c82b208c3cf94ea4f9...6849a6489940f00c2f30c0fb92c6274307ccb58a)
Updates `github/codeql-action` from 3.26.10 to 3.27.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/e2b3eafc8d227b0241d48be5f425d47c2d750a13...662472033e021d55d94146f66f6058822b0b39fd)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes gh-5577
|
|
|
| |
Closes gh-5560
|
|
|
|
| |
Closes gh-5567
Ref gh-5564
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
1. Update the link to "help wanted" or "patch welcome" issues to only include
open ones.
2. Replace info about the jQuery Forum & IRC with Matrix & Stack Overflow.
3. Update the test reduction WebKit blog post link.
4. Update the Git clone instructions to not rely on the legacy `git://`
protocol.
5. Fix a few typos.
Closes gh-5564
|
|
|
|
|
|
| |
- also switch header format to be more consistent with our
other markdown files
Closes gh-5565
|
|
|
|
| |
Fixes gh-5542
Closes gh-5563
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps the github-actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-node](https://github.com/actions/setup-node) and [github/codeql-action](https://github.com/github/codeql-action).
Updates `actions/checkout` from 4.1.7 to 4.2.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...d632683dd7b4114ad314bca15554477dd762a938)
Updates `actions/setup-node` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/1e60f620b9541d16bece96c5465dc8ee9832be0b...0a44ba7841725637a19e28fa30b79a866c81b0a6)
Updates `github/codeql-action` from 3.26.6 to 3.26.10
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/4dd16135b69a43b6c8efb853346f8437d92d3c93...e2b3eafc8d227b0241d48be5f425d47c2d750a13)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes gh-5562
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upstream package has been unmaintained for years, with dependencies
with long-reported security issues. Switching to a fork allows to resolve
all the security reports against the jQuery development environment.
The fork is maintained by @mgol and has the following changes:
1. The `underscore` dependency has been removed.
2. `sinon` has been updated from v1 to v19.
3. `mocha` has been updated from v2 to v10.
Changes to the source are minimal; it will be easy to rebase the fixes
if the upstream package is ever updated.
In addition to the above, the `q` dependency has been removed.
It's been added in gh-1996 but never really used.
Closes gh-5559
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [rollup](https://github.com/rollup/rollup) from 4.19.0 to 4.22.4.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.19.0...v4.22.4)
Closes gh-5558
---
updated-dependencies:
- dependency-name: rollup
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
When passing a result of `getElementByTagsName` to `jQuery.cleanData`, convert
it to an array first. Otherwise, a live NodeList is passed and if any of the
event cleanups remove the element itself, a collection is modified during the
iteration, making `jQuery.cleanData` skip cleanup for some elements.
Fixes gh-5214
Closes gh-5523
Co-authored-by: Michał Gołębiowski-Owczarek <m.goleb@gmail.com>
Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
While Edge in IE mode is not guaranteed to match IE 11 in every aspect,
in practice it generally does. Testing in this mode in GitHub Actions
will allow us to catch most IE-breaking issues at the PR level.
This change also adds missing npm scripts: `test:chrome`, `test:edge`
& `test:ie`.
Closes gh-5540
|
|
|
|
|
|
|
|
|
|
| |
1. At the same time, there may be two supported versions of Firefox ESR. Run
tests on both, installed locally.
2. Don't run tests on Firefox 115 on BrowserStack - it was added as there's
an ESR version of Firefox 115, but ESR versions may be different, e.g. for
some time ServiceWorker was disabled on ESR versions:
https://bugzilla.mozilla.org/show_bug.cgi?id=1547023
Closes gh-5547
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [webpack](https://github.com/webpack/webpack) from 5.93.0 to 5.94.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.93.0...v5.94.0)
Closes gh-5544
---
updated-dependencies:
- dependency-name: webpack
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
github-actions group
Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).
Updates `github/codeql-action` from 3.25.15 to 3.26.6
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/afb54ba388a7dca6ecae48f608c4ff05ff4cc77a...4dd16135b69a43b6c8efb853346f8437d92d3c93)
Closes gh-5545
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
| |
Closes gh-5538
|
|
|
| |
Close gh-5532
|
|
|
| |
Close gh-5527
|
|
|
| |
Close gh-5524
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps the github-actions group with 2 updates: [actions/setup-node](https://github.com/actions/setup-node) and [github/codeql-action](https://github.com/github/codeql-action).
Closes gh-5528
Updates `actions/setup-node` from 4.0.2 to 4.0.3
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4.0.2...1e60f620b9541d16bece96c5465dc8ee9832be0b)
Updates `github/codeql-action` from 3.25.11 to 3.25.15
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/b611370bb5703a7efb587f9d136a52ea24c5c38c...afb54ba388a7dca6ecae48f608c4ff05ff4cc77a)
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
| |
|
|
|
|
| |
Ref gh-5521
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- the date is actually the date of the commit *prior*
to the tag commit, as the files are built and then committed.
- also, the CDN should still be checked for non-stable releases,
and should use different filenames (including in the map files).
- certain files should be skipped when checking the CDN.
- removed file diffing because it ended up being far too noisy,
making it difficult to find the info I needed.
- because the build script required an addition, release
verification will not work until the next release.
- print all files in failure case and whether each matched
- avoid npm script log in GH release notes changelog
- exclude changelog.md from release:clean command
- separate the post-release script from release-it for now, so we
can keep manual verification before each push. The exact command is
printed at the ened for convenience.
Closes gh-5521
|
| |
|
| |
|
|
|
|
|
|
| |
- order hooks in execution order
- update workflow actions
Closes gh-5519
|
|
|
|
|
| |
https://github.com/release-it/release-it/issues/1128#issuecomment-2224692805
Closes gh-5518
|
|
|
|
|
| |
- also fix tagging the release in the dist repo
Closes gh-5517
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*Authors*
- Checking and updating authors has been migrated
to a custom script in the repo
*Changelog*
- changelogplease is no longer maintained
- generate changelog in markdown for GitHub releases
- generate changelog in HTML for blog posts
- generate contributors list in HTML for blog posts
*dist*
- clone dist repo, copy files, and commit/push
- commit tag with dist files on main branch;
remove dist files from main branch after release
*cdn*
- clone cdn repo, copy files, and commit/push
- create versioned and unversioned copies in cdn/
- generate md5 sums and archives for Google and MSFT
*build*
- implement reproducible builds and verify release builds
* uses the last modified date for the latest commit
* See https://reproducible-builds.org/
- the verify workflow also ensures all files were
properly published to the CDN and npm
*docs*
- the new release workflow is documented at build/release/README.md
*misc*
- now that we don't need the jquery-release script and
now that we no longer need to build on Node 10, we can
use ESM in all files in the build folder
- move dist wrappers to "wrappers" folders for easy removal
of all built files
- limit certain workflows to the main repo (not forks)
- version in package.json has been set to beta.1 so that
the next release will be beta.2
- release-it added the `preReleaseBase` option and we
now always set it to `1` in the npm script. This is
a noop for stable releases.
Fixes jquery/jquery-release#114
Closes gh-5512
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [github/codeql-action](https://github.com/github/codeql-action).
Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332)
Updates `github/codeql-action` from 3.25.8 to 3.25.11
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/2e230e8fe0ad3a14a340ad0815ddb96d599d2aff...b611370bb5703a7efb587f9d136a52ea24c5c38c)
Closes gh-5515
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
|
| |
- account for newly unused parameters in the slim builds
Closes gh-5509
|
|
|
|
|
| |
- it wasn't working properly anyway
Closes gh-5507
|
|
|
| |
Closes gh-5501
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [github/codeql-action](https://github.com/github/codeql-action).
Updates `actions/checkout` from 4.1.2 to 4.1.6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/9bb56186c3b09b4f86b1c65136769dd318469633...a5ac7e51b41094c92402da3b24376905380afc29)
Updates `github/codeql-action` from 3.24.9 to 3.25.8
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/1b1aada464948af03b950897e5eb522f92603cc2...2e230e8fe0ad3a14a340ad0815ddb96d599d2aff)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes gh-5505
|
|
|
|
|
|
|
|
|
|
|
| |
We have monthly automatic dependabot PRs for GitHub Actions. Unfortunately,
as of now we get a separate PR for every dependency which is a bit spammy
compared to regular commits updating source.
Thankfully, there's now a way to tell dependabot to submit a single PR per
a defined group. This change defines a single group to have a single dependabot
PR for all action updates.
Closes gh-5503
|
|
|
|
|
|
|
|
|
|
|
|
| |
Firefox 126+ implements CSS zoom in a way it affects width computed style
very slightly (`100.008px` instead of `100px`); accept that difference.
Add a test for support tests resolving the same under CSS zoom & without one.
That test uncovered Chrome failing the `reliableTrDimensions` support test
under zoom; the test has been fixed.
Fixes gh-5489
Closes gh-5495
Ref gh-5496
|
|
|
|
|
|
|
| |
Consistently use `assert.selectInFixture` instead of prepending the selector
with `#qunit-fixture ` manually.
Closes gh-5498
Ref gh-5497
|
|
|
|
|
|
|
|
|
| |
- It's common for us to merge to main and cherry pick to 3.x-stable,
so it's best if concurrency is shared between branches, which
is effectively what we had already as it matches on workflow name
and browser. Ideally, it could also match on the corresponding commit,
but it seems the commit message is not available in the github context.
Close gh-5492
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Firefox, alert displayed just before blurring an element dispatches
the native blur event twice which tripped the jQuery logic if a jQuery blur
handler was not attached before the trigger call.
This was because the `leverageNative` logic part for triggering first checked if
setup was done before (which, for example, is done if a jQuery handler was
registered before for this element+event pair) and - if it was not - added
a dummy handler that just returned `true`. The `leverageNative` logic made that
`true` then saved into private data, replacing the previous `saved` array. Since
`true` passed the truthy check, the second native inner handler treated `true`
as an array, crashing on the `slice` call.
The same issue could happen if a handler returning `true` is attached before
triggering. A bare `length` check would not be enough as the user handler may
return an array-like as well. To remove this potential data shape clash, capture
the inner result in an object with a `value` property instead of saving it
directly.
Since it's impossible to call `alert()` in unit tests, simulate the issue by
replacing the `addEventListener` method on a test button with a version that
calls attached blur handlers twice.
Fixes gh-5459
Closes gh-5466
Ref gh-5236
|
|
|
|
|
|
| |
- fixes cancelled workflows when multiple PRs are merged
in quick succession to both the main and 3.x-stable branches
Close gh-5481
|
|
|
|
|
|
|
|
|
|
|
| |
Some browser extensions, like React DevTools, send messages to the content area.
Since our beforeunload event test listens for all messages, it used to catch
those as well, failing the test.
Add a `source` field to the payload JSON and check for it before treating the
message as coming from our own test to make sure the test passes even with such
browser extensions installed.
Closes gh-5478
|