library-mirrors/jquery
1
0
Fork 0
mirror of https://github.com/jquery/jquery.git synced 2024-11-23 02:54:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6,598 Commits 5 Branches 161 Tags 48 MiB
7e7bd06207
Commit Graph

14 Commits

Author SHA1 Message Date
dependabot[bot]
7e7bd06207
Build: Bump actions/setup-node from 3.5.1 to 3.6.0 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.5.1...v3.6.0)

Closes gh-5200

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-02 01:43:00 +01:00
Michał Gołębiowski-Owczarek
b02a257f98
Build: Run GitHub Action browser tests on Playwright WebKit 
So far, we've been running browser tests on GitHub Actions in Chrome
and Firefox. Regular Safari is not available in GitHub Actions but
Playwright WebKit comes close to a dev version of Safari.

With this change, our GitHub CI & local test runs will invoke tests on
all actively developed browser engines on all PRs.

Also, our GitHub Actions browser tests are now running on Node.js 18.

Detection of the Playwright WebKit browser in support unit tests is done
by checking if the `test_browser` query parameter is set to `"Playwright"`;
this is a `karma-webkit-launcher` feature. Detecting that browser via
user agent as we normally do is hard as the UA on Linux is very similar
to a real Safari one but it actually uses a newer version of the engine.

In addition, we now allow to pass custom browsers when one needs it;
e.g., to run the tests in all three engines on Linux/macOS, run:
```
grunt && BROWSERS=ChromeHeadless,FirefoxHeadless,WebkitHeadless grunt karma:main
```

Closes gh-5190
 2023-01-23 23:49:44 +01:00
Alex
c909d6b1ff
Build: Limit permissions for GitHub workflows 
Add explicit permissions section[^1] to workflows. This is a security
best practice because by default workflows run with extended set
of permissions[^2] (except from `on: pull_request` from external forks[^3].
By specifying any permission explicitly all others are set to none. By using
the principle of least privilege the damage a compromised workflow can do
(because of an injection[^4] or compromised third party tool or action) is
restricted. It is recommended to have most strict permissions on the top
level[^5] and grant write permissions on job level[^6] on a case by case
basis.

[^1]: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
[^2]: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
[^3]: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
[^4]: https://securitylab.github.com/research/github-actions-untrusted-input/
[^5]: https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
[^6]: https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Closes gh-5119
 2022-12-01 14:23:17 +01:00
Michał Gołębiowski-Owczarek
4c1171f2ed
Selector: Re-introduce selector-native.js 
Re-introduce the `selector-native` similar to the one on the `3.x-stable`
branch. One difference is since the `main` branch inlined Sizzle, some
selector utils can be shared between the main `selector` module and
`selector-native`.

The main `selector` module can be disabled in favor of `selector-native`
via:

    grunt custom:-selector

Other changes:
* Tests: Fix Safari detection - Chrome Headless has a different user
  agent than Safari and a browser check in selector tests didn't take
  that into account.
* Tests: Run selector-native tests in `npm test`
* Selector: Fix querying on document fragments

Ref gh-4395
Closes gh-5085
 2022-11-21 23:23:39 +01:00
Michał Gołębiowski-Owczarek
f62d8e2159
Build: Test on Node.js 18 & 19, stop testing on Node 12 
Closes gh-5160
 2022-11-17 13:22:21 +01:00
dependabot[bot]
0208224b5b
Build: Bump actions/setup-node from 3.5.0 to 3.5.1 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.5.0...v3.5.1)

Closes gh-5153

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-01 20:58:52 +01:00
dependabot[bot]
25400750fb
Build: Bump actions/setup-node from 3.4.1 to 3.5.0 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.4.1...v3.5.0)

Closes gh-5133

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-03 16:58:47 +02:00
dependabot[bot]
78321f078c
Upgrade: Bump actions/setup-node from 3.3.0 to 3.4.1 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3.3.0...v3.4.1)

Closes gh-5078

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-12 15:45:20 +02:00
Baoshuo Ren
016872ffe0
Docs: Remove git.io from a GitHub Actions comment 
All links on git.io are deprecated and may stop redirecting at a certain point.

See https://github.blog/changelog/2022-04-25-git-io-deprecation/

Closes gh-5036
 2022-07-12 17:27:04 +02:00
Michał Gołębiowski-Owczarek
52f452b2e8
Build: Update GitHub Actions 
* Build(deps): Bump github/codeql-action from 1 to 2

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

* Build(deps): Bump actions/cache from 2 to 3

Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

* Build(deps): Bump actions/setup-node from 2.1.2 to 3.3.0

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2.1.2 to 3.3.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v2.1.2...v3.3.0)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

* Build(deps): Bump actions/checkout from 2 to 3

Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Closes gh-5067
 2022-06-27 18:53:31 +02:00
Michał Gołębiowski-Owczarek
2525cffc42
Build: Test on Node 17, update Grunt & karma-* packages 
This adds testing on Node.js 17 in addition to the currently tested 10, 12, 14
and 16 versions.

Also, update Grunt & `karma-*` packages.

Testing in Karma on jsdom is broken in Node 17 at the moment; until we find
a fix, this change disables such testing on Node 17 or newer.

Node smoke tests & promises aplus tests are disabled on Node.js 10 as they
depend on jsdom and the latest jsdom version doesn't run properly on Node 10.

Closes gh-5023
 2022-03-14 17:58:41 +01:00
Michał Gołębiowski-Owczarek
eef972508c
Build: Separate the install step from running tests in GitHub Actions 
Also, update the "Run test" label to "Run tests".

Closes gh-4992
 2022-01-04 16:27:42 +01:00
ygj6
e23190e63c
Build: Migrate CI to GitHub Actions 
Closes gh-4800
 2021-11-30 23:56:39 +01:00
Timmy Willison
39c5778c64
build: set up periodic code scanning analysis 2020-06-25 17:32:02 -04:00