Commit Graph

7369 Commits

Author SHA1 Message Date
Michał Gołębiowski-Owczarek
3bb4232bfa
Build: Update a few dependencies, drop grunt-cli
`grunt` already contains the needed binary, no need for `grunt-cli` anymore.

Update `download.jqueryui.com` as well.

Closes gh-2311
2024-10-30 17:02:00 +01:00
Michał Gołębiowski-Owczarek
d591bdd494
Widget: Don't let widget name affect $.ui prototype & constructor
This is an edge case and it only affects code accepting untrusted input as
a widget name, but it's still technically correct to filter these out.

Closes gh-2310
2024-10-30 09:58:01 +01:00
Michał Gołębiowski-Owczarek
85bed8ddd8
Build: Fix an XSS in the test server HTML serving logic
The test server has a rule for `/tests/unit/*/*.html` paths that serves
a proper local file. However, the parameters after `/unit/` so far accepted
many characters that have special meaning, leading to possibly reading a file
from outside of the Git repository. Fix that by only accepting alphanumeric
characters, `-` or `_`.

This should resolve one CodeQL alert.

Closes gh-2309
2024-10-28 16:47:29 +01:00
Michał Gołębiowski-Owczarek
af8adca548
Tabs: Use CSS.escape for sanitizing selectors
The previous private `_sanitizeSelector` API was not correctly escaping
backslashes and is now removed. The native API should always be correct.

Closes gh-2307
2024-10-27 00:04:00 +02:00
Michał Gołębiowski-Owczarek
ebdcd0d866
Tests: Fix titles of jquery-patch.js tests
The pages were erroneously titled after "Form Reset Mixin".

Closes gh-2308
2024-10-25 23:46:00 +02:00
Michał Gołębiowski-Owczarek
e399092c3e
Build: Add a CodeQL non-mandatory check
This is backported from Core at:
1971625487/.github/workflows/codeql-analysis.yml

Closes gh-2306
2024-10-25 23:45:12 +02:00
Michał Gołębiowski-Owczarek
49bb397606
Build: Fix the ESLint config for demos
Some checks failed
Filestash / Update Filestash (push) Has been cancelled
Node / ${{ matrix.BROWSER }} | ${{ matrix.JQUERYS.name }} (chrome, map[name:jQuery git versions:--jquery git --jquery 3.x-git]) (push) Has been cancelled
Node / ${{ matrix.BROWSER }} | ${{ matrix.JQUERYS.name }} (chrome, map[name:jQuery stable versions:--jquery 3.7.1 --jquery 3.6.4 --jquery 2.2.4 --jquery 1.12.4]) (push) Has been cancelled
Node / ${{ matrix.BROWSER }} | ${{ matrix.JQUERYS.name }} (firefox, map[name:jQuery git versions:--jquery git --jquery 3.x-git]) (push) Has been cancelled
Node / ${{ matrix.BROWSER }} | ${{ matrix.JQUERYS.name }} (firefox, map[name:jQuery stable versions:--jquery 3.7.1 --jquery 3.6.4 --jquery 2.2.4 --jquery 1.12.4]) (push) Has been cancelled
Node / edge | ${{ matrix.JQUERYS.name }} (map[name:jQuery git versions:--jquery git --jquery 3.x-git]) (push) Has been cancelled
Node / edge | ${{ matrix.JQUERYS.name }} (map[name:jQuery stable versions:--jquery 3.7.1 --jquery 3.6.4 --jquery 2.2.4 --jquery 1.12.4]) (push) Has been cancelled
Node / safari | ${{ matrix.JQUERYS.name }} (map[name:jQuery git versions:--jquery git --jquery 3.x-git]) (push) Has been cancelled
Node / safari | ${{ matrix.JQUERYS.name }} (map[name:jQuery stable versions:--jquery 3.7.1 --jquery 3.6.4 --jquery 2.2.4 --jquery 1.12.4]) (push) Has been cancelled
The ESLint config for `demos` extends the one for the `ui` directory. However,
the `ui` one used to not be a root one, making the `demos` one effectively not
depend on the `jquery` preset. Fix that and fix lots of lint violations in
`demos/search.js`.

Closes gh-2303
2024-10-17 23:47:29 +02:00
dependabot[bot]
3934c68dee
Build: Bump express from 4.19.2 to 4.20.0
Bumps [express](https://github.com/expressjs/express) from 4.19.2 to 4.20.0.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.19.2...4.20.0)

Closes gh-2293

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-15 00:11:21 +02:00
dependabot[bot]
2eebdaf506
Build: Bump body-parser from 1.20.2 to 1.20.3
Bumps [body-parser](https://github.com/expressjs/body-parser) from 1.20.2 to 1.20.3.
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3)

Closes gh-2294

---
updated-dependencies:
- dependency-name: body-parser
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-15 00:10:49 +02:00
dependabot[bot]
eab06ed31d
Build: Bump the github-actions group with 2 updates
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [actions/setup-node](https://github.com/actions/setup-node).


Updates `actions/checkout` from 4.1.7 to 4.2.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](692973e3d9...d632683dd7)

Updates `actions/setup-node` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](1e60f620b9...0a44ba7841)

Closes gh-2299

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-07 00:16:34 +02:00
Timmy Willison
f068bf4509
Demos: remove 404 scripts from removeClass demo
Some checks failed
Filestash / Update Filestash (push) Has been cancelled
Node / ${{ matrix.BROWSER }} | ${{ matrix.JQUERYS.name }} (chrome, map[name:jQuery git versions:--jquery git --jquery 3.x-git]) (push) Has been cancelled
Node / ${{ matrix.BROWSER }} | ${{ matrix.JQUERYS.name }} (chrome, map[name:jQuery stable versions:--jquery 3.7.1 --jquery 3.6.4 --jquery 2.2.4 --jquery 1.12.4]) (push) Has been cancelled
Node / ${{ matrix.BROWSER }} | ${{ matrix.JQUERYS.name }} (firefox, map[name:jQuery git versions:--jquery git --jquery 3.x-git]) (push) Has been cancelled
Node / ${{ matrix.BROWSER }} | ${{ matrix.JQUERYS.name }} (firefox, map[name:jQuery stable versions:--jquery 3.7.1 --jquery 3.6.4 --jquery 2.2.4 --jquery 1.12.4]) (push) Has been cancelled
Node / edge | ${{ matrix.JQUERYS.name }} (map[name:jQuery git versions:--jquery git --jquery 3.x-git]) (push) Has been cancelled
Node / edge | ${{ matrix.JQUERYS.name }} (map[name:jQuery stable versions:--jquery 3.7.1 --jquery 3.6.4 --jquery 2.2.4 --jquery 1.12.4]) (push) Has been cancelled
Node / safari | ${{ matrix.JQUERYS.name }} (map[name:jQuery git versions:--jquery git --jquery 3.x-git]) (push) Has been cancelled
Node / safari | ${{ matrix.JQUERYS.name }} (map[name:jQuery stable versions:--jquery 3.7.1 --jquery 3.6.4 --jquery 2.2.4 --jquery 1.12.4]) (push) Has been cancelled
Closes gh-2297
2024-10-03 10:45:18 -07:00
Michał Gołębiowski-Owczarek
b8fff16dc4
Demos: Remove deprecated button APIs
Remove usage of deprecated button options:
* `icons`: https://jqueryui.com/upgrade-guide/1.12/#deprecated-icons-options-in-favor-of-icon-and-iconposition
* `text`: https://jqueryui.com/upgrade-guide/1.12/#deprecated-text-option-in-favor-of-showlabel

Fixes gh-2295
Closes gh-2296
2024-09-30 18:05:22 +02:00
Michał Gołębiowski-Owczarek
36ed9fc3b0
Effect: Remove demos & visual tests of the transfer effect
The transfer effect is deprecated and not present unless `$.uiBackCompat` is set
to `true`. In previous UI versions, the default was including the backwards
compat layer so these demos & tests worked; now they do not by default. Just
remove them.

Fixes gh-2278
Closes gh-2291
2024-09-16 17:16:40 +02:00
Daniel García
c934995efa
Resizable: Fix content shrink on resize
Make resizable elements not shrink on resize when they have scrollbars
and "box-sizing: content-box".

Fixes: gh-2277
Closes gh-2281
2024-09-09 23:51:57 +02:00
Ralf Koller
d564731f20
Dialog: Add option to put the dialog title in a header element
Implement a new option: `uiDialogTitleHeadingLevel`, allowing to change
the `span` wrapping the dialog title into a heading element (`h1`-`h6`).
Value `0` represents the `span`, values 1-6 - a heading at the specified
level.

Fixes gh-2271
Closes gh-2275
2024-09-09 17:55:58 +02:00
Michał Gołębiowski-Owczarek
fd1b8a03b2
Tests: Properly check $.uiBackCompat in common widget tests
The "common widget" tests, checking if a widget doesn't overwrite some
core widget APIs wasn't running as it was incorrectly checking for
`$.uiBackCompat === false` instead of `$.uiBackCompat !== true` after the
default changed in gh-2250.

Fixing the check uncovered that the draggable & sortable modules do
overwrite the `_trigger` method. Add an exception in the test for that;
at this stage of the project we don't plan to change the implementation.

Closes gh-2286
Ref gh-2250
2024-09-09 17:52:53 +02:00
Michał Gołębiowski-Owczarek
54f96eea31
Release: Update download.jqueryui.com from 2.3.7 to 2.3.10 2024-08-05 22:52:56 +02:00
Michał Gołębiowski-Owczarek
1e67c0d593
Build: Updating the main version to 1.14.1-pre. 2024-08-05 20:58:10 +02:00
Michał Gołębiowski-Owczarek
2fb378e860
Docs: Update AUTHORS.txt 2024-08-05 19:54:51 +02:00
Porter Clevidence
02a6e6bcb0
Datepicker: Hide the UI on destroy
When the datepicker UI is shown and then destroyed programmatically:
```js
$( "#datepicker" ).datepicker( "destroy" );
```
hide the datepicker UI without the need for an explicit user action.
Previously, in 1.12 the UI would not disappear immediately but only after the
first `mousedown`. In later 1.13 versions, the UI would not disappear at all.

Fixes gh-2178
Closes gh-2268
2024-08-05 19:30:53 +02:00
dependabot[bot]
a0c5b12e82
Build: Bump actions/setup-node from 4.0.2 to 4.0.3 in the github-actions group
Bumps the github-actions group with 1 update: [actions/setup-node](https://github.com/actions/setup-node).

Updates `actions/setup-node` from 4.0.2 to 4.0.3
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](60edb5dd54...1e60f620b9)

Closes gh-2276

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-05 18:32:29 +02:00
Michał Gołębiowski-Owczarek
cd41c45d91
Tests: Update jQuery Migrate from 3.4.1 to 3.5.2, simplify Migrate setup
Apart from updating jQuery Migrate, the setup is now changed so that exact
Migrate versions are only references when fetching npm packages; other than
that, they're represented as `jquery-migrate-1.x` & `jquery-migrate-3.x`. This
will allow smaller changes when updating jQuery Migrate in the future.

Closes gh-2273
2024-07-30 17:53:47 +02:00
Michał Gołębiowski-Owczarek
600057f59c
Demos: Make autocomplete demos work on jqueryui.com
The `jqueryui.com` demos build process deAMDifies HTML files, replacing required
JS files with direct script tags. On the other hand, when running demos locally
from the jQuery UI repository, RequireJS is used.

This used to work fine until we got a new `search.js` file introduced in
gh-2187. The deAMDifying process doesn't touch non-HTML files which made loading
autocomplete demos crash on "require is not a function"

To resolve the issues without a major rearchitecture of the build process,
the `search.js` file now detects AMD and uses `require`, falling back to relying
on the `jQuery` global in the other case.

Closes gh-2274
Ref gh-2187
Ref jquery/jqueryui.com#216
2024-07-30 08:31:10 +02:00
Michał Gołębiowski-Owczarek
5665215a85
Build: Group dependabot PRs updating GitHub Actions
We have monthly automatic dependabot PRs for GitHub Actions. Unfortunately,
as of now we get a separate PR for every dependency which is a bit spammy
compared to regular commits updating source.

Thankfully, there's now a way to tell dependabot to submit a single PR per
a defined group. This change defines a single group to have a single dependabot
PR for all action updates.

Closes gh-2267
Ref jquery/jquery#5503
2024-07-08 19:04:44 +02:00
Michał Gołębiowski-Owczarek
7f0e920a97
Release: Update download.jqueryui.com from 2.3.6 to 2.3.7 2024-07-05 18:53:40 +02:00
dependabot[bot]
872c28a94e
Build: Bump actions/checkout from 4.1.6 to 4.1.7
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](a5ac7e51b4...692973e3d9)

Closes gh-2266

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-05 18:26:55 +02:00
Michał Gołębiowski-Owczarek
2735f7d939
Release: Update download.jqueryui.com from 2.3.5 to 2.3.6 2024-06-15 00:31:33 +02:00
Michał Gołębiowski-Owczarek
fdb5ee3a0f
Release: Update download.jqueryui.com from 2.3.4 to 2.3.5 2024-06-15 00:16:36 +02:00
Michał Gołębiowski-Owczarek
b76883ad3f
Release: Fix the release script 2024-06-14 19:05:41 +02:00
Michał Gołębiowski-Owczarek
2f1f1eadf3
Release: Update download.jqueryui.com from 2.2.14 to 2.3.4 2024-06-14 18:56:20 +02:00
Michał Gołębiowski-Owczarek
04b0fd5cee
Build: Update AUTHORS.txt 2024-06-14 18:53:54 +02:00
Ralf Koller
376f142b9d
Dialog: Add aria-modal support
Reflect the `modal` dialog option into the `aria-modal` attribute -
when `modal` is `true`, set `aria-modal` to `"true"`.

This helps some accessibility tools like VoiceOver with their rotor
functionality as it reduces the number of elements presented.

Fixes gh-2246
Closes gh-2257

Co-authored-by: Michał Gołębiowski-Owczarek <m.goleb@gmail.com>
2024-06-14 13:04:00 +02:00
Timmy Willison
1f251ca399
Tests: remove testswarm grunt task
Closes gh-2263
2024-06-11 18:05:06 +02:00
Timmy Willison
d45638abfa
Tests: conslidate GH actions runs; separate git & stable jQuery versions
- also add hard retries to runs

Closes gh-2260
2024-06-05 09:41:25 -04:00
dependabot[bot]
0326f1ee86
Build: Bump actions/checkout from 4.1.4 to 4.1.6
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](0ad4b8fada...a5ac7e51b4)

Closes gh-2259

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 00:21:45 +02:00
Michał Gołębiowski-Owczarek
aa06be9813
Build: Test on more jQuery Core versions
The initial 1.14.0 announcement only promised support for the latest version
of jQuery Core within each major. The main goal was to avoid testing on too many
old versions. However, just testing on the latest one seems too drastic. For
now, add `3.6.4` to the mix; we'll work on a more detailed policy soon.

Closes gh-2258
2024-06-03 18:32:13 +02:00
Michał Gołębiowski-Owczarek
9180a8180b
Build: Report compressed sizes in compare_size
Just like it has always worked in Core. This will help with size comparisons
between 1.13 & 1.14.

After this PR:

```
$ grunt sizer
Running "requirejs:js" (requirejs) task

Running "uglify:main" (uglify) task
>> 1 file created 549 kB → 267 kB

Running "compare_size:all" (compare_size) task
   raw     gz Sizes
549319 128757 dist/jquery-ui.js
266710  69612 dist/jquery-ui.min.js

Done.
```

Before, only the less interesting `raw` sizes were reported.

Closes gh-2254
Ref gh-2248
2024-05-20 18:59:58 +02:00
Timmy Willison
f47c7fe44d
Tests: remove code supporting jenkins and testswarm
Close gh-2251
2024-05-15 15:19:23 -04:00
Michał Gołębiowski-Owczarek
ec3edb6876
Core: Update compatible jQuery versions
Instead of `>=1.8.0 <4.0.0`, specify `>=1.12.0 <5.0.0`.
2024-05-15 18:13:35 +02:00
Michał Gołębiowski-Owczarek
68fda5beb2
Effect: Update jQuery Color from 2.2.0 to 3.0.0
Breaking changes applicable to jQuery UI:
* Use a space when serializing, remove the transparent case ([#88](https://github.com/jquery/jquery-color/issues/88), [aaf03cc](aaf03ccec3))

See https://github.com/jquery/jquery-color/releases/tag/3.0.0 for more
information.

Fixes gh-2240
2024-05-15 18:13:35 +02:00
Michał Gołębiowski-Owczarek
f849c50db1
Build: Add /.github, /build & /external to .gitignore
Also, make some `.gitignore` paths absolute.

Fixes gh-2075
2024-05-15 14:18:07 +02:00
Michał Gołębiowski-Owczarek
5f615c275d
Tests: Fix form-reset-mixin test module name, add to the tests HTML
Ref gh-2249
2024-05-15 00:38:40 +02:00
Michał Gołębiowski-Owczarek
99250fe517
Build: Drop support for Node 10
Ref gh-2249
2024-05-15 00:38:40 +02:00
Michał Gołębiowski-Owczarek
fb19b03dc6
Docs: Fix the link to Mongoose
Ref gh-2249
2024-05-15 00:38:40 +02:00
Michał Gołębiowski-Owczarek
448df32bb1
Build: Remove unused build/themes
Ref gh-2249
2024-05-15 00:38:40 +02:00
Michał Gołębiowski-Owczarek
03cde342cd
All: Remove the deprecated ui/core.js file
Also, fix checkboxradio visual tests.

Ref gh-2249
2024-05-15 00:38:40 +02:00
Michał Gołębiowski-Owczarek
9887579b61
All: Stop relying on jquery-patch.js internally, add tests
Avoid relying on jQuery patches. Instead:
* use `CSS.escape` instead of `jQuery.escapeSelector`
* use `.filter()` with a proper handler instead of `.even()`

Keep `jquery-patch.js` for backwards compatibility, though.

Also, add tests for jquery-patch.

Ref gh-2249
2024-05-15 00:38:40 +02:00
Michał Gołębiowski-Owczarek
f90eab84b5
Sortable: Rename storedStylesheet to _storedStylesheet
This follows the naming strategy for other internal properties.

Ref gh-2249
2024-05-15 00:38:40 +02:00
Michał Gołębiowski-Owczarek
bb49bd794b
All: Drop support for IE & some other browsers (but mostly IE)
Closes gh-2249
2024-05-15 00:38:40 +02:00
Michał Gołębiowski-Owczarek
daa6fb55b3
All: Drop support for jQueries different than the latest for each major
Also, remove the ability to run the test suite in jQuery <1.12.4 & <2.2.4.

Closes gh-2249
2024-05-15 00:38:30 +02:00