This fixes custom builds using the `--include` switch that don't include
the `attributes` module.
Fixes gh-5379
Closes gh-5384
Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
There are two main reasons for why some of those dependencies are no longer
needed:
1. `jQuery.contains` which is now a part of `core`.
2. `jQuery.find.attr` no longer exists, native `getAttribute` is used instead.
Closes gh-5383
Ref gh-5379
Bring some changes from `3.x-stable`:
* rename `rtrim` to `rtrimCSS` to distinguish from the previous `rtrim`
regex used for `jQuery.trim`
* backport one `id` selector test that avoids the selector engine path
Other changes:
* remove the inner function wrapper from `selector.js` by renaming
the imported `document.js` value
* use `jQuery.error` in `selectorError`
* make Selector tests pass in all-modules runs by fixing a sinon mistake
in Core tests - Core tests had a spy set up for `jQuery.error` that wasn't
cleaned up, influencing Selector tests when all were run together
Closes gh-5295
Summary of the changes:
* Core: Simplify code post browser support reduction
* Tests: Remove legacy jQuery.cache & oldIE leftovers
* Tests: Reformat JavaScript in delegatetest.html
* Docs: "jQuery Foundation Projects" -> "jQuery Projects"
* Tests: Drop an unused localfile.html file (modern browsers don't support
the `file:` protocol this way, there's no point in keeping the file around)
* Effects: Remove a redundant `!fn` check (`fn || !fn && easing` is equivalent
to `fn || easing`; simplify the code)
* CSS: Explain the fallback to direct object access in curCSS better
* Tests: Deduplicate `jQuery.parseHTML` test titles
* Dimensions: Add a test for fractional values
* Tests: Fix a buggy WebKit regex
Closes gh-5296
Since versions 1.11.0/2.1.0, jQuery has used a module wrapper with one strange
addition - in CommonJS environments, if a global `window` with a `document` was
not present, jQuery exported a factory accepting a `window` implementation and
returning jQuery.
This approach created a number of problems:
1. Properly typing jQuery would be a nightmare as the exported value depends on
the environment. In practice, typing definitions ignored the factory case.
2. Since we now use named exports for the jQuery module version, it felt weird
to have `jQuery` and `$` pointing to the factory instead of real jQuery.
Instead, for jQuery 4.0 we leverage the just added `exports` field in
`package.json` to expose completely separate factory entry points: one for the
full build, one for the slim one.
Exports definitions for `./factory` & `./factory-slim` are simpler than for `.`
and `./slim` - this is because it's a new entry point, we only expose a named
export and so there's no issue with just pointing Node.js to the CommonJS
version (we cannot use the module version for `import` from Node.js to avoid
double package hazard). The factory entry points are also not meant for the Web
browser which always has a proper `window` - and they'd be unfit for an
inclusion in a regular script tag anyway. Because of that, we also don't
generate minified versions of these entry points.
The factory files are not pushed to the CDN since they are mostly aimed
at Node.js.
Closes gh-5293
Updated tasks include:
- lint
- npmcopy
- build, minify, and process for distribution.
- new custom build command using yargs
- compare size of minified/gzip built files
- pretest scripts, including qunit-fixture, babel transpilation, and npmcopy
- node smoke tests
- promises aplus tests
- new watch task using `rollup.watch` directly
Also:
- upgraded husky and added the new lint command
- updated lint config to use new "flat" config format. See https://eslint.org/docs/latest/use/configure/configuration-files-new
- Temporarily disabled one lint rule until flat config is supported by eslint-plugin-import. See https://github.com/import-js/eslint-plugin-import/issues/2556
- committed package-lock.json
- updated all test scripts to use the new build
- added an express test server that uses middleware-mockserver (this can be used to run tests without karma)
- build-all-variants is now build:all
Close gh-5318
The `default` export is treated differently across tooling when transpiled
to CommonJS - tools differ on whether `module.exports` represents the full
module object or just its default export. Switch `src/` modules to named
exports for tooling consistency.
Fixes gh-5262
Closes gh-5292
Summary of the changes:
* define the `exports` field in `package.json`; `jQuery` & `$` are also
exported as named exports in ESM builds now
* declare `"type": "module"` globally except for the `build` folder
* add the `--esm` option to `grunt custom`, generating jQuery as an ECMAScript
module into the `dist-module` folder
* expand `node_smoke_tests` to test the slim & ESM builds and their various
combinations; also, test both jQuery loaded via a path to the file as well
as from module specifiers that should be parsed via the `exports` feature
* add details about ESM usage to the release package README
* run `compare_size` on all built minified files; don't run it anymore on
unminified files where they don't provide lots of value
* remove the remove_map_comment task; SWC doesn't insert the
`//# sourceMappingURL=` pragma by default so there's nothing to strip
Fixes gh-4592
Closes gh-5255
Bootstrap 5 includes the following CSS on the page:
```css
*,
*::before,
*::after {
box-sizing: border-box;
}
```
That threw our `reliableTrDimensions` support test off. This change fixes the
support test and adds a unit test ensuring support test values on a page
including Bootstrap 5 CSS are the same as on a page without it.
Fixes gh-5270
Closes gh-5278
Ref gh-5279
`Sizzle.tokenize` is an internal Sizzle API, but exposed. As a result,
it has historically been available in jQuery via `jQuery.find.tokenize`.
That got dropped during Sizzle removal; this change restores the API.
Some other APIs so far only exposed on the `3.x` line are also added
back:
* `jQuery.find.select`
* `jQuery.find.compile`
* `jQuery.find.setDocument`
In addition to that, Sizzle tests have been backported for the following
APIs:
* `jQuery.find.matchesSelector`
* `jQuery.find.matches`
* `jQuery.find.compile`
* `jQuery.find.select`
A new test was also added for `jQuery.find.tokenize` - even Sizzle was
missing one.
Fixes gh-5259
Closes gh-5263
Ref gh-5260
Ref jquery/sizzle#242
Ref gh-5113
Ref gh-4395
Ref gh-4406
Chrome 112 & Safari 16.4 introduce two changes:
* `:has()` is non-forgiving
* `CSS.supports( "selector(...)" )` parses everything in a non-forgiving way
We no longer care about the latter but the former means the `cssHas` support
test now passes.
Closes gh-5225
This regressed in gh-3656 as the added logic to include scroll gutters
in `.innerWidth()` / `.innerHeight()` didn't take negative margins into
account. This broke handling of negative margins in
`.offsetHeight( true )` and `.offsetWidth( true )`. To fix it, calculate
margin delta separately and only add it after the scroll gutter
adjustment logic.
Fixes gh-3982
Closes gh-5234
Ref gh-3656
Previously, when `leverageNative` handled async events, there was
a case where an empty placeholder object was set as a result.
Covering both such an object and `false` required a `length` check.
However, this is not necessary since gh-5223 and the check was
already simplified in other places; this one was missed.
Closes gh-5236
Ref gh-5223
In `leverageNative`, instead of calling `event.stopImmediatePropagation()`
which would abort both native & jQuery handlers, set the wrapper's
`isImmediatePropagationStopped` property to a function returning `true`.
Since for each element + type pair jQuery attaches only one native handler,
there is also only one wrapper jQuery event so this achieves the goal:
on the target element jQuery handlers don't fire but native ones do.
Unfortunately, this workaround doesn't work for handlers on ancestors
- since the native event is re-wrapped by a jQuery one on each level of
the propagation, the only way to stop it for jQuery was to stop it for
everyone via native `stopPropagation()`. This is not a problem for
`focus`/`blur` which don't bubble, but it does also stop `click` on
checkboxes and radios. We accept this limitation.
Fixes gh-5015
Closes gh-5228
In IE (all versions), `focus` & `blur` handlers are fired asynchronously
but `focusin` & `focusout` are run synchronously. In other browsers, all
those handlers are fired synchronously. Asynchronous behavior of these
handlers in IE caused issues for IE (gh-4856, gh-4859).
We now simulate `focus` via `focusin` & `blur` via `focusout` in IE to avoid
these issues. This also let us simplify some tests.
This commit also simplifies `leverageNative` - with IE now using `focusin`
to simulate `focus` and `focusout` to simulate `blur`, we don't have to deal
with async events in `leverageNative`. This also fixes broken `focus` triggers
after first triggering it on a hidden element - previously, `leverageNative`
assumed that the native `focus` handler not firing after calling the native
`focus` method meant it would be handled later, asynchronously, which
was not the case (gh-4950).
Fixes gh-4856
Fixes gh-4859
Fixes gh-4950
Closes gh-5223
Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
PR gh-5197 started treating all non-string non-plain-object
`data` values as binary. However, `jQuery.ajax` also supports
arrays as values of `data`. This change makes regular arrays
no longer be considered binary data.
Surprisingly, we had no tests for array `data` values; otherwise,
we'd detect the issue earlier. This change also adds
a few such missing tests.
Closes gh-5203
Ref gh-5197
The way gh-5197 implemented binary data handling, `processData`
was being explicitly set to `false`. This is expected but it made
it impossible to override it to `true`. The new logic will only
set `processData` to `false` if it wasn't explicitly passed
in original options.
Closes gh-5205
Ref gh-5197
Rename `jQuery.Deferred.getStackHook` to `jQuery.Deferred.getErrorHook`
to indicate passing an error instance is usually a better choice - it
works with source maps while a raw stack generally does not.
In jQuery `3.7.0`, we'll keep both names, marking the old one as
deprecated. In jQuery `4.0.0` we'll just keep the new one. This
change implements the `4.0.0` version; PR gh-5212 implements
the `3.7.0` one.
Fixes gh-5201
Closes gh-5211
Ref gh-5212
`CSS.supports( "selector(...)" )` has different semantics than selectors passed
to `querySelectorAll`. Apart from the fact that the former returns `false` for
unrecognized selectors and the latter throws, `qSA` is more forgiving and
accepts some invalid selectors, auto-correcting them where needed - for
example, mismatched brackers are auto-closed. This behavior difference is
breaking for many users.
To add to that, a recent CSSWG resolution made `:is()` & `:where()` the only
pseudos with forgiving parsing; browsers are in the process of making `:has()`
parsing unforgiving.
Taking all that into account, we go back to our previous try-catch approach
without relying on `CSS.supports( "selector(...)" )`. The only difference
is we detect forgiving parsing in `:has()` and mark the selector as buggy.
The PR also updates `playwright-webkit` so that we test against a version
of WebKit that already has non-forgiving `:has()`.
Fixes gh-5194
Closes gh-5206
Ref gh-5098
Ref gh-5107
Ref w3c/csswg-drafts#7676
Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
This makes:
```js
$div.find("div > *")
```
no longer matching children of `$div`.
Also, leading combinators now work, e.g.:
```js
$div.find( "> *" );
```
returns children of `$div`.
As a result of that, a number of tests are no longer skipped in the
`selector-native` mode.
Also, rename `rcombinators` to `rleadingCombinator`.
Fixes gh-5185
Closes gh-5186
Ref gh-5085
Two changes have been applied:
* prefilters are now applied before data is converted to a string;
this allows prefilters to disable such a conversion
* a prefilter for binary data is added; it disables data conversion
for non-string non-plain-object `data`; for `FormData` bodies, it
removes manually-set `Content-Type` header - this is required
as browsers need to append their own boundary to the header
Ref gh-4150
Closes gh-5197
So far, `jQuery.Deferred.exceptionHook` used to log error message and stack
separately. However, that breaks browser applying source maps against the stack
trace - most browsers require logging an error instance. This change makes us
do exactly that.
One drawback of the change is that in IE 11 previously stack was printed
directly and now just the error summary; to get to the actual stack
trace, three clicks are required. This seems to be a low price to pay
for having source maps work in all the other browsers, though.
Safari with the new change requires one click to get to the stack trace
which sounds manageable.
Fixes gh-3179
Closes gh-5192
Ref https://crbug.com/622227
The AJAX script transport has two versions: XHR + `jQuery.globalEval` or
appending a script tag (note that `jQuery.globalEval` also appends a
script tag now, but inline). The former cannot support the `headers`
option which has so far not been taken into account.
For jQuery 3.x, the main consequence was the option not being respected
for cross-domain requests. Since in 4.x we use the latter way more
often, the option was being ignored in more cases.
The transport now checks whether the `headers` option is specified and
uses the XHR way unless `scriptAttrs` are specified as well.
Fixes gh-5142
Closes gh-5193
jQuery 3.6.2 started using `CSS.supports( "selector(SELECTOR)" )` before using
`querySelectorAll` on the selector. This was to solve gh-5098 - some selectors,
like `:has()`, now had their parameters parsed in a forgiving way, meaning
that `:has(:fakepseudo)` no longer throws but just returns 0 results, breaking
that jQuery mechanism.
A recent spec change made `CSS.supports( "selector(SELECTOR)" )` always use
non-forgiving parsing, allowing us to use this API for what we've used
`try-catch` before.
To solve the issue on the spec side for older jQuery versions, `:has()`
parameters are no longer using forgiving parsing in the latest spec update
but our new mechanism is more future-proof anyway.
However, the jQuery implementation has a bug - in
`CSS.supports( "selector(SELECTOR)" )`, `SELECTOR` needs to be
a `<complex-selector>` and not a `<complex-selector-list>`. Which means that
selector lists now skip `qSA` and go to the jQuery custom traversal:
```js
CSS.supports("selector(div:valid, span)"); // false
CSS.supports("selector(div:valid)"); // true
CSS.supports("selector(span)"); // true
```
To solve this, this commit wraps the selector list passed to
`CSS.supports( "selector(:is(SELECTOR))" )` with `:is`, making it a single
selector again.
See:
* https://w3c.github.io/csswg-drafts/css-conditional-4/#at-supports-ext
* https://w3c.github.io/csswg-drafts/selectors-4/#typedef-complex-selector
* https://w3c.github.io/csswg-drafts/selectors-4/#typedef-complex-selector-list
Fixes gh-5177
Closes gh-5178
Ref w3c/csswg-drafts#7280
The `jQuery.contains` method is quite simple in jQuery 4+. On the other side,
it's a dependency of the core `isAttached` util which is not ideal; moving
it from the `selector` the `core` module resolves the issue.
Closes gh-5167
Some APIs, like `.prevAll()`, return elements in the reversed order, causing
confusing behavior when used with wrapping methods (see gh-5149 for more info)
To provide an easy workaround, this commit implements a chainable `uniqueSort`
method on jQuery objects, an equivalent of `jQuery.uniqueSort`.
Fixes gh-5166
Closes gh-5168
Firefox 106 adjusted to the spec mandating that `CSS.supports("selector(...)")`
uses non-forgiving parsing which makes it pass the relevant support test.
Closes gh-5141
Re-introduce the `selector-native` similar to the one on the `3.x-stable`
branch. One difference is since the `main` branch inlined Sizzle, some
selector utils can be shared between the main `selector` module and
`selector-native`.
The main `selector` module can be disabled in favor of `selector-native`
via:
grunt custom:-selector
Other changes:
* Tests: Fix Safari detection - Chrome Headless has a different user
agent than Safari and a browser check in selector tests didn't take
that into account.
* Tests: Run selector-native tests in `npm test`
* Selector: Fix querying on document fragments
Ref gh-4395
Closes gh-5085
The `<template/>` element `contents` property is a document fragment that may
have a `null` `documentElement`. In Safari 16 this happens in more cases due
to recent spec changes - in particular, even if that document fragment is
explicitly adopted into an outer document. We're testing both of those cases
now.
The crash used to happen in `jQuery.contains`. As it turns out, we don't need
to query the supposed container `documentElement` if it has the
`Node.DOCUMENT_NODE` (9) `nodeType`; we can call `.contains()` directly on
the `document`. That avoids the crash.
Fixes gh-5147
Closes gh-5158
According to the docs, one can use `null` as a success function in `jQuery.get`
of `jQuery.post` so the following:
```js
await jQuery.get( "https://httpbin.org/json", null, "text" )
```
should get the text result. However, this shortcut hasn't been working so far.
Fixes gh-4989
Closes gh-5139
This backports custom pseudos tests from Sizzle; they were missed in original
test backports. Also, the support for legacy custom pseudos has been dropped.
The `jQuery.expr` test cleanup has been wrapped in `try-finally` for cleaner
test isolation in case anything goes wrong.
Closes gh-5137
We've already had `buildFragment` extracted to a separate file long ago.
`domManip` is quite a complex & crucial API and so far it has existed within
the `manipulation.js` module. Extracting it makes the module shorter and easier
to understand.
A few comments / messages in tests have also been updated to not suggest there's
a public `jQuery.domManip` API - it's been private since 3.0.0.
Closes gh-5138
The spec requires that CSS variable values are trimmed. In browsers that do
this - mainly, Safari, but also Firefox if the value only has leading
whitespace - we currently return undefined; in other browsers, we return
an empty string as the logic to fall back to undefined happens before
trimming.
This commit adds another explicit callback to `undefined` to have it consistent
across browsers.
Also, more explicit comments about behaviors we need to work around in various
browsers have been added.
Closes gh-5120
Ref gh-5106
jQuery has followed the following logic for selector handling for ages:
1. Modify the selector to adhere to scoping rules jQuery mandates.
2. Try `qSA` on the modified selector. If it succeeds, use the results.
3. If `qSA` threw an error, run the jQuery custom traversal instead.
It worked fine so far but now CSS has a concept of forgiving selector lists that
some selectors like `:is()` & `:has()` use. That means providing unrecognized
selectors as parameters to `:is()` & `:has()` no longer throws an error, it will
just return no results. That made browsers with native `:has()` support break
selectors using jQuery extensions inside, e.g. `:has(:contains("Item"))`.
Detecting support for selectors can also be done via:
```js
CSS.supports( "selector(SELECTOR_TO_BE_TESTED)" )
```
which returns a boolean. There was a recent spec change requiring this API to
always use non-forgiving parsing:
https://github.com/w3c/csswg-drafts/issues/7280#issuecomment-1143852187
However, no browsers have implemented this change so far.
To solve this, two changes are being made:
1. In browsers supports the new spec change to `CSS.supports( "selector()" )`,
use it before trying `qSA`.
2. Otherwise, add `:has` to the buggy selectors list.
Fixes gh-5098
Closes gh-5107
Ref w3c/csswg-drafts#7676
The third parameter of `jQuery.fn.init` - `root` - was just needed to support
`jQuery.sub`. Since this API has been removed in jQuery 1.9.0 and Migrate 3.x
is not filling it in, this parameter is no longer needed.
This parameter has never been documented but it's safer to remove it in a major
update.
Closes gh-5096
`jQuery.fx.interval` has been deprecated since jQuery 3.0.0 but it has been
still used in jQuery code until this change. This commit removes the definition
and explicitly uses the `13` number in its place.
Closes gh-5017
This change makes jQuery skip falsy values in `addClass( array )`
& `removeClass( array )` instead of stopping iteration when the first falsy
value is detected. This makes code like:
```js
elem.addClass( [ "a", "", "b" ] );
```
add both the `a` & `b` classes.
The code was also optimized for size a bit so it doesn't increase the
minified gzipped size.
Fixes gh-4998
Closes gh-5003
Neither of the removed links is crucial; one of them refers to a site that has
since started being malicious; while the Web Archive links remain safe, some
scanners warn about such links. Removing them is the safest thing to do.
Fixes gh-4981
Closes gh-4991
The GitHub UI treats `#NUMBER` as referring to its own issues which is confusing
when in jQuery source it's usually referring to the old deprecated Trac instance
at https://bugs.jquery.com. This change replaces all such Trac references with
`trac-NUMBER`.
A few of the references came with the Sizzle integration and referred to the
Sizzle GitHub bug tracker. Those have been replaced with full links instead.
A new entry describing issue reference conventions has been added to README.
Closes gh-4993
CSS does not acknowledge carriage return or form feed characters
as whitespace but it does replace them with whitespace, making it
acceptable to use `rtrim`.
Closes gh-4956
Stringifying attributes in the setter was needed for IE <=9 but it breaks
trusted types enforcement when setting a script `src` attribute.
Note that this doesn't mean script execution works. Since jQuery disables all
scripts by changing their type and then executes them by creating fresh script
tags with proper `src` & possibly other attributes, this unwraps any trusted
`src` wrappers, making the script not execute under strict CSP settings.
We might try to fix it in the future in a separate change.
Fixes gh-4948
Closes gh-4949