dependabot[bot]
3ebe89f6be
Build: Bump the github-actions group with 3 updates
...
Browserstack / ${{ matrix.BROWSER }} (Chrome_latest) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (Chrome_latest-1) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (Edge_latest) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (Edge_latest-1) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (Firefox_latest) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (Firefox_latest-1) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (IE_11) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (Opera_latest) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (Safari_latest) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (Safari_latest-1) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (__iOS_15) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (__iOS_16) (push) Has been cancelled
Browserstack / ${{ matrix.BROWSER }} (__iOS_17) (push) Has been cancelled
Code scanning - action / CodeQL-Build (push) Has been cancelled
Filestash / Update Filestash (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Chrome, 20.x, test:esm) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Chrome, 20.x, test:no-deprecated) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Chrome, 20.x, test:selector-native) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Chrome, 20.x, test:slim) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Chrome/Firefox, 20.x, test:browser) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Firefox ESR (new), 20.x, test:firefox) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Firefox ESR (old), 20.x, test:firefox) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Node, 18.x, test:browserless) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Node, 20.x, lint) (push) Has been cancelled
Node / ${{ matrix.NPM_SCRIPT }} - ${{ matrix.NAME }} (${{ matrix.NODE_VERSION }}) (Node, 20.x, test:browserless) (push) Has been cancelled
Node / test:ie - IE (push) Has been cancelled
Node / test:safari - Safari (push) Has been cancelled
Bumps the github-actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout ), [actions/setup-node](https://github.com/actions/setup-node ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/checkout` from 4.1.7 to 4.2.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
)
Updates `actions/setup-node` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](1e60f620b9...0a44ba7841
)
Updates `github/codeql-action` from 3.26.6 to 3.26.10
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4dd16135b6...e2b3eafc8d
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes gh-5562
2024-09-30 20:23:58 -04:00
Michał Gołębiowski-Owczarek
6d78c0768d
Tests: Run tests in Edge in IE mode in GitHub Actions
...
While Edge in IE mode is not guaranteed to match IE 11 in every aspect,
in practice it generally does. Testing in this mode in GitHub Actions
will allow us to catch most IE-breaking issues at the PR level.
This change also adds missing npm scripts: `test:chrome`, `test:edge`
& `test:ie`.
Closes gh-5540
2024-09-09 18:24:28 +02:00
Michał Gołębiowski-Owczarek
4b7ecbad24
Tests: Run tests on both real Firefox ESRs
...
1. At the same time, there may be two supported versions of Firefox ESR. Run
tests on both, installed locally.
2. Don't run tests on Firefox 115 on BrowserStack - it was added as there's
an ESR version of Firefox 115, but ESR versions may be different, e.g. for
some time ServiceWorker was disabled on ESR versions:
https://bugzilla.mozilla.org/show_bug.cgi?id=1547023
Closes gh-5547
2024-09-06 14:35:55 +02:00
dependabot[bot]
55bc35bcd4
Build: Bump the github-actions group with 2 updates
...
Bumps the github-actions group with 2 updates: [actions/setup-node](https://github.com/actions/setup-node ) and [github/codeql-action](https://github.com/github/codeql-action ).
Closes gh-5528
Updates `actions/setup-node` from 4.0.2 to 4.0.3
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v4.0.2...1e60f620b9541d16bece96c5465dc8ee9832be0b )
Updates `github/codeql-action` from 3.25.11 to 3.25.15
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b611370bb5...afb54ba388
)
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-01 11:04:29 +02:00
dependabot[bot]
3a98ef91df
Build: Bump the github-actions group with 2 updates
...
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
)
Updates `github/codeql-action` from 3.25.8 to 3.25.11
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2e230e8fe0...b611370bb5
)
Closes gh-5515
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-05 18:45:08 +02:00
dependabot[bot]
46b9e4803e
Build: Bump the github-actions group with 2 updates
...
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/checkout` from 4.1.2 to 4.1.6
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](9bb56186c3...a5ac7e51b4
)
Updates `github/codeql-action` from 3.24.9 to 3.25.8
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b1aada464...2e230e8fe0
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes gh-5505
2024-06-06 00:05:28 +02:00
dependabot[bot]
df1df9503a
Build: Bump actions/cache, actions/checkout & github/codeql-action
...
1. Bump actions/cache from 4.0.1 to 4.0.2
Bumps [actions/cache](https://github.com/actions/cache ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](ab5e6d0c87...0c45773b62
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
2. Bump github/codeql-action from 3.24.6 to 3.24.9
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.6 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8a470fddaf...1b1aada464
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Bump actions/checkout from 4.1.1 to 4.1.2
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Closes gh-5462
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-02 23:35:25 +02:00
dependabot[bot]
68f772e003
Build: Bump actions/cache from 4.0.0 to 4.0.1
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](13aacd865c...ab5e6d0c87
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Close gh-5424
2024-03-10 10:36:56 -04:00
Timmy Willison
5aa7ed888d
Build: drop support for Node 10
...
Close gh-5436
2024-03-09 10:36:47 -05:00
Timmy Willison
dfc693ea25
Tests: migrate testing infrastructure to minimal dependencies
...
This is a complete rework of our testing infrastructure. The main goal is to modernize and drop deprecated or undermaintained dependencies (specifically, grunt, karma, and testswarm). We've achieved that by limiting our dependency list to ones that are unlikely to drop support any time soon. The new dependency list includes:
- `qunit` (our trusty unit testing library)
- `selenium-webdriver` (for spinning up local browsers)
- `express` (for starting a test server and adding middleware)
- express middleware includes uses of `body-parser` and `raw-body`
- `yargs` (for constructing a CLI with pretty help text)
- BrowserStack (for running each of our QUnit modules separately in all of our supported browsers)
- `browserstack-local` (for opening a local tunnel. This is the same package still currently used in the new Browserstack SDK)
- We are not using any other BrowserStack library. The newest BrowserStack SDK does not fit our needs (and isn't open source). Existing libraries, such as `node-browserstack` or `browserstack-runner`, either do not quite fit our needs, are under-maintained and out-of-date, or are not robust enough to meet all of our requirements. We instead call the [BrowserStack REST API](https://github.com/browserstack/api ) directly.
## BrowserStack Runner
- automatically retries individual modules in case of test failure(s)
- automatically attempts to re-establish broken tunnels
- automatically refreshes the page in case a test run has stalled
- runs all browsers concurrently and uses as many sessions as are available under the BrowserStack plan. It will wait for available sessions if there are none.
- supports filtering the available list of browsers by browser name, browser version, device, OS, and OS version (see `npm run test:unit -- --list-browsers` for more info). It will retrieve the latest matching browser available if any of those parameters are not specified.
- cleans up after itself (closes the local tunnel, stops the test server, etc.)
- Requires `BROWSERSTACK_USERNAME` and `BROWSERSTACK_ACCESS_KEY` environment variables.
## Selenium Runner
- supports running any local browser as long as the driver is installed, including support for headless mode in Chrome, FF, and Edge
- supports running `basic` tests on the latest [jsdom](https://github.com/jsdom/jsdom#readme ), which can be seen in action in this PR (see `test:browserless`)
- Node tests will run as before in PRs and all non-dependabot branches, but now includes tests on real Safari in a GH actions macos image instead of playwright-webkit.
- can run multiple browsers and multiple modules concurrently
Other notes:
- Stale dependencies have been removed and all remaining dependencies have been upgraded with a few exceptions:
- `sinon`: stopped supporting IE in version 10. But, `sinon` has been updated to 9.x.
- `husky`: latest does not support Node 10 and runs on `npm install`. Needed for now until git builds are migrated to GitHub Actions.
- `rollup`: latest does not support Node 10. Needed for now until git builds are migrated to GitHub Actions.
- BrowserStack tests are set to run on each `main` branch commit
- `debug` mode leaves Selenium browsers open whether they pass or fail and leaves browsers with test failures open on BrowserStack. The latter is to avoid leaving open too many sessions.
- This PR includes a workflow to dispatch BrowserStack runs on-demand
- The Node version used for most workflow tests has been upgraded to 20.x
- updated supportjQuery to 3.7.1
Run `npm run test:unit -- --help` for CLI documentation
Close gh-5418
2024-02-26 09:42:10 -05:00
dependabot[bot]
bf11739f6c
Build: Bump actions/cache & github/codeql-action ( #5402 )
...
* Build: Bump actions/cache from 3.3.2 to 4.0.0
Bumps [actions/cache](https://github.com/actions/cache ) from 3.3.2 to 4.0.0.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](704facf57e...13aacd865c
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
* Build: Bump github/codeql-action from 3.22.12 to 3.24.0
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.22.12 to 3.24.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](012739e508...e8893c57a1
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
---------
Closes gh-5402
Closes gh-5415
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-11 01:45:15 +01:00
dependabot[bot]
99151d7ab0
Build: Bump actions/setup-node and github/codeql-action
...
1: Bump actions/setup-node from 4.0.0 to 4.0.1
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](8f152de45c...b39b52d121
)
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
...
2: Bump github/codeql-action from 2.22.5 to 3.22.12
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.5 to 3.22.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](74483a38d3...012739e508
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Closes gh-5381
Closes gh-5382
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-03 16:30:28 +01:00
Michał Gołębiowski-Owczarek
c98597eaf5
Build: Reformat GitHub workflow Yaml files
...
Use Prettier 3.1.0 to reformat the Yaml files. This makes their format identical
to the one used on `3.x-stable`, making for much easier cherry-picks.
The main difference is the list under `steps:` was not indented while all other
lists were.
Closes gh-5364
2023-11-20 18:20:16 +01:00
Michał Gołębiowski-Owczarek
fb0cc27291
Build: Bump @babel/traverse & multiple actions
...
1: Bump actions/cache from 3.3.1 to 3.3.2
Bumps [actions/cache](https://github.com/actions/cache ) from 3.3.1 to 3.3.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](88522ab9f3...704facf57e
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
2: Bump actions/checkout from 3.6.0 to 4.1.1
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](f43a0e5ff2...b4ffde65f4
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
3: Bump github/codeql-action from 2.21.5 to 2.22.5
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.5 to 2.22.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](00e563ead9...74483a38d3
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
4: Bump actions/setup-node from 3.8.1 to 4.0.0
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.8.1 to 4.0.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](5e21ff4d9b...8f152de45c
)
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-major
...
5: Bump @babel/traverse from 7.22.5 to 7.23.2
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse ) from 7.22.5 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse )
---
updated-dependencies:
- dependency-name: "@babel/traverse"
dependency-type: indirect
...
Closes gh-5341
Closes gh-5349
Closes gh-5354
Closes gh-5355
Closes gh-5356
Closes gh-5363
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-13 18:44:30 +01:00
Michał Gołębiowski-Owczarek
635cb152e7
Build: Don't run CI push workflows for dependabot branches
...
Without this change, dependabot PRs run double checks - one set for the `push`
part and one for the `pull_request` part.
Closes gh-5353
2023-11-13 18:18:20 +01:00
Michał Gołębiowski-Owczarek
1ad66aeb6d
Build: Run pretest before test:* npm scripts
...
Build was already happening in scripts like `test:browser` but those scripts
were missing `pretest`, meaning that running `npm install && npm test:browser`
may have failed if `pretest` wasn't run before or if its results were out of
date.
Even worse, with such stale data some tests may erroneously succeed.
This also removes a separate `pretest` step from GitHub Actions as it's no
longer needed.
Closes gh-5338
2023-10-16 18:54:54 +02:00
Timmy Willison
7ef9099d32
Build: fix inconsistent builds in Node 20
...
- one fileOverrides per build
- only run the lint build when running lint
Close gh-5332
2023-09-20 18:20:59 -04:00
Timmy Willison
2bdecf8b7b
Build: migrate most grunt tasks off of grunt
...
Updated tasks include:
- lint
- npmcopy
- build, minify, and process for distribution.
- new custom build command using yargs
- compare size of minified/gzip built files
- pretest scripts, including qunit-fixture, babel transpilation, and npmcopy
- node smoke tests
- promises aplus tests
- new watch task using `rollup.watch` directly
Also:
- upgraded husky and added the new lint command
- updated lint config to use new "flat" config format. See https://eslint.org/docs/latest/use/configure/configuration-files-new
- Temporarily disabled one lint rule until flat config is supported by eslint-plugin-import. See https://github.com/import-js/eslint-plugin-import/issues/2556
- committed package-lock.json
- updated all test scripts to use the new build
- added an express test server that uses middleware-mockserver (this can be used to run tests without karma)
- build-all-variants is now build:all
Close gh-5318
2023-09-18 12:39:00 -04:00
dependabot[bot]
42e50f8c21
Build: Bump actions/checkout, actions/setup-node & github/codeql-action
...
1: Bump actions/checkout from 3.5.3 to 3.6.0
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...f43a0e5ff2
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
2: Bump actions/setup-node from 3.6.0 to 3.8.1
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.6.0 to 3.8.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](64ed1c7eab...5e21ff4d9b
)
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
...
3: Bump github/codeql-action from 2.20.1 to 2.21.5
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.1 to 2.21.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f6e388ebf0...00e563ead9
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Closes gh-5311
Closes gh-5312
Closes gh-5313
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-06 16:39:00 +02:00
dependabot[bot]
4a13266efd
Build: Bump github/codeql-action & actions/checkout
...
1: Bump github/codeql-action from 2.3.6 to 2.20.1
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.6 to 2.20.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](83f0fe6c49...f6e388ebf0
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
2: Build: Bump actions/checkout from 3.5.2 to 3.5.3
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Closes gh-5283
Closes gh-5284
2023-07-02 20:10:07 +02:00
Michał Gołębiowski-Owczarek
5701957b72
Build: Drop individual AMD modules
...
With this change, jQuery build no longer generates the `amd` directory with
AMD modules transpiled from source `src` ECMAScript Modules. To use individual
jQuery modules from source, ESM is now required.
Note that this DOES NOT affect the main `"jquery"` AMD module defined by built
jQuery files; those remain supported.
Closes gh-5276
2023-06-27 18:23:58 +02:00
Gabriela Gutierrez
784b9ba6e4
Build: Reference GitHub Actions by commit SHAs
...
The SHAs are verified to come from the original repositories and not forks.
For reference:
https://github.com/github/codeql-action/releases/tag/v2.3.6
83f0fe6c49
https://github.com/actions/checkout/releases/tag/v3.5.2
8e5e7e5ab8
https://github.com/actions/cache/releases/tag/v3.3.1
88522ab9f3
https://github.com/actions/setup-node/releases/tag/v3.6.0
64ed1c7eab
Fixes gh-5266
Closes gh-5269
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
2023-06-13 23:22:07 +02:00
Michał Gołębiowski-Owczarek
6616acff0a
Build: Test on Node.js 20, stop testing on Node.js 14 & 19
...
Closes gh-5250
2023-05-22 16:21:35 +02:00
Michał Gołębiowski-Owczarek
e77bd9d64f
Build: Only install Playwright dependencies when needed
...
PR gh-5190 added support for running tests on Playwright WebKit
in CI. For efficiency reasons, Playwright dependencies are only
installed for the `test:browser` npm script. However, that same
script is also used for Firefox ESR testing.
This change makes Playwright dependencies installed only for cases
where `WebKitHeadless` exists on the list of tested browsers.
Closes gh-5204
Ref gh-5190
2023-03-20 17:13:31 +01:00
dependabot[bot]
7e7bd06207
Build: Bump actions/setup-node from 3.5.1 to 3.6.0
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.5.1...v3.6.0 )
Closes gh-5200
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-02 01:43:00 +01:00
Michał Gołębiowski-Owczarek
b02a257f98
Build: Run GitHub Action browser tests on Playwright WebKit
...
So far, we've been running browser tests on GitHub Actions in Chrome
and Firefox. Regular Safari is not available in GitHub Actions but
Playwright WebKit comes close to a dev version of Safari.
With this change, our GitHub CI & local test runs will invoke tests on
all actively developed browser engines on all PRs.
Also, our GitHub Actions browser tests are now running on Node.js 18.
Detection of the Playwright WebKit browser in support unit tests is done
by checking if the `test_browser` query parameter is set to `"Playwright"`;
this is a `karma-webkit-launcher` feature. Detecting that browser via
user agent as we normally do is hard as the UA on Linux is very similar
to a real Safari one but it actually uses a newer version of the engine.
In addition, we now allow to pass custom browsers when one needs it;
e.g., to run the tests in all three engines on Linux/macOS, run:
```
grunt && BROWSERS=ChromeHeadless,FirefoxHeadless,WebkitHeadless grunt karma:main
```
Closes gh-5190
2023-01-23 23:49:44 +01:00
Alex
c909d6b1ff
Build: Limit permissions for GitHub workflows
...
Add explicit permissions section[^1] to workflows. This is a security
best practice because by default workflows run with extended set
of permissions[^2] (except from `on: pull_request` from external forks[^3].
By specifying any permission explicitly all others are set to none. By using
the principle of least privilege the damage a compromised workflow can do
(because of an injection[^4] or compromised third party tool or action) is
restricted. It is recommended to have most strict permissions on the top
level[^5] and grant write permissions on job level[^6] on a case by case
basis.
[^1]: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
[^2]: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
[^3]: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
[^4]: https://securitylab.github.com/research/github-actions-untrusted-input/
[^5]: https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
[^6]: https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Closes gh-5119
2022-12-01 14:23:17 +01:00
Michał Gołębiowski-Owczarek
4c1171f2ed
Selector: Re-introduce selector-native.js
...
Re-introduce the `selector-native` similar to the one on the `3.x-stable`
branch. One difference is since the `main` branch inlined Sizzle, some
selector utils can be shared between the main `selector` module and
`selector-native`.
The main `selector` module can be disabled in favor of `selector-native`
via:
grunt custom:-selector
Other changes:
* Tests: Fix Safari detection - Chrome Headless has a different user
agent than Safari and a browser check in selector tests didn't take
that into account.
* Tests: Run selector-native tests in `npm test`
* Selector: Fix querying on document fragments
Ref gh-4395
Closes gh-5085
2022-11-21 23:23:39 +01:00
Michał Gołębiowski-Owczarek
f62d8e2159
Build: Test on Node.js 18 & 19, stop testing on Node 12
...
Closes gh-5160
2022-11-17 13:22:21 +01:00
dependabot[bot]
0208224b5b
Build: Bump actions/setup-node from 3.5.0 to 3.5.1
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.5.0...v3.5.1 )
Closes gh-5153
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-01 20:58:52 +01:00
dependabot[bot]
25400750fb
Build: Bump actions/setup-node from 3.4.1 to 3.5.0
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.4.1 to 3.5.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.4.1...v3.5.0 )
Closes gh-5133
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-03 16:58:47 +02:00
dependabot[bot]
78321f078c
Upgrade: Bump actions/setup-node from 3.3.0 to 3.4.1
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.3.0...v3.4.1 )
Closes gh-5078
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-12 15:45:20 +02:00
Michał Gołębiowski-Owczarek
52f452b2e8
Build: Update GitHub Actions
...
* Build(deps): Bump github/codeql-action from 1 to 2
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
* Build(deps): Bump actions/cache from 2 to 3
Bumps [actions/cache](https://github.com/actions/cache ) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
* Build(deps): Bump actions/setup-node from 2.1.2 to 3.3.0
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 2.1.2 to 3.3.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v2.1.2...v3.3.0 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-major
...
* Build(deps): Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes gh-5067
2022-06-27 18:53:31 +02:00
Michał Gołębiowski-Owczarek
2525cffc42
Build: Test on Node 17, update Grunt & karma-*
packages
...
This adds testing on Node.js 17 in addition to the currently tested 10, 12, 14
and 16 versions.
Also, update Grunt & `karma-*` packages.
Testing in Karma on jsdom is broken in Node 17 at the moment; until we find
a fix, this change disables such testing on Node 17 or newer.
Node smoke tests & promises aplus tests are disabled on Node.js 10 as they
depend on jsdom and the latest jsdom version doesn't run properly on Node 10.
Closes gh-5023
2022-03-14 17:58:41 +01:00
Michał Gołębiowski-Owczarek
eef972508c
Build: Separate the install step from running tests in GitHub Actions
...
Also, update the "Run test" label to "Run tests".
Closes gh-4992
2022-01-04 16:27:42 +01:00
ygj6
e23190e63c
Build: Migrate CI to GitHub Actions
...
Closes gh-4800
2021-11-30 23:56:39 +01:00