Align actions versions with what the `main` branch uses. Look at `git blame` for
the `main` branch to see more details about specific versions.
Closes gh-5588
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
So far, we were mostly optimizing gzipped sizes. However, using Brotli is more
and more popular as all modern browsers support it and compression is much
better. It makes sense to also pay attention to these numbers.
The `comparseSize` version stays at `2` as this only introduces a new field
without affecting existing ones. The only drawback is comparisons with branches
that didnt have Brotli computed before will return `NaN`. This can be easily
fixed locally by checking out the branch and running the build, but at least
we don't lose gzipped sizes in the meantime.
Closes gh-5586
(cherry picked from commit e4b5e62277)
`fs.readFileSync` crashes when a non-existing file is passed to it. Some APIs
of `middleware-mockserver` read a file the path of which depends on query
parameters, making it possible to crash it by providing such a parameter. The
old PHP server doesn't have these issues.
To fix this, wrap all `fs.readFileSync` occurrences with a function that falls
back to the string `"ERROR"`.
Closes gh-5579
(cherry picked from commit d5ebb464de)
Changes:
1. Update the link to "help wanted" or "patch welcome" issues to only include
open ones.
2. Replace info about the jQuery Forum & IRC with Matrix & Stack Overflow.
3. Update the test reduction WebKit blog post link.
4. Update the Git clone instructions to not rely on the legacy `git://`
protocol.
5. Fix a few typos.
Closes gh-5564
(cherry picked from commit 4ef25b0de4)
The upstream package has been unmaintained for years, with dependencies
with long-reported security issues. Switching to a fork allows to resolve
all the security reports against the jQuery development environment.
The fork is maintained by @mgol and has the following changes:
1. The `underscore` dependency has been removed.
2. `sinon` has been updated from v1 to v19.
3. `mocha` has been updated from v2 to v10.
Changes to the source are minimal; it will be easy to rebase the fixes
if the upstream package is ever updated.
In addition to the above, the `q` dependency has been removed.
It's been added in gh-1996 but never really used.
Closes gh-5559
(cherry picked from commit 559bc5ac58)
When passing a result of `getElementByTagsName` to `jQuery.cleanData`, convert
it to an array first. Otherwise, a live NodeList is passed and if any of the
event cleanups remove the element itself, a collection is modified during the
iteration, making `jQuery.cleanData` skip cleanup for some elements.
Fixes gh-5214
Closes gh-5523
Co-authored-by: Michał Gołębiowski-Owczarek <m.goleb@gmail.com>
Co-authored-by: Richard Gibson <richard.gibson@gmail.com>
(cherry picked from commit 3cad5c435a)
While Edge in IE mode is not guaranteed to match IE 11 in every aspect,
in practice it generally does. Testing in this mode in GitHub Actions
will allow us to catch most IE-breaking issues at the PR level.
This change also adds missing npm scripts: `test:chrome`, `test:edge`
& `test:ie`.
Closes gh-5540
(cherry picked from commit 6d78c0768d)
1. At the same time, there may be two supported versions of Firefox ESR. Run
tests on both, installed locally.
2. Contrary to what we did in gh-5547, still run tests on Firefox 115 on
BrowserStack - on `main`, we deleted it since we support only the versions
supported upstream. In jQuery 3.x, we're testing on all versions matching ESR
lines starting with Firefox 48, so for consistency let's keep Firefox 115
there as well.
Closes gh-5548
Ref gh-5547
*Authors*
- Checking and updating authors has been migrated
to a custom script in the repo
*Changelog*
- changelogplease is no longer maintained
- generate changelog in markdown for GitHub releases
- generate changelog in HTML for blog posts
- generate contributors list in HTML for blog posts
*dist*
- clone dist repo, copy files, and commit/push
- commit tag with dist files on main branch;
remove dist files from main branch after release
*cdn*
- clone cdn repo, copy files, and commit/push
- create versioned and unversioned copies in cdn/
- generate md5 sums and archives for Google and MSFT
*build*
- implement reproducible builds and verify release builds
* uses the last modified date for the latest commit
* See https://reproducible-builds.org/
- the verify workflow also ensures all files were
properly published to the CDN and npm
*docs*
- the new release workflow is documented at build/release/README.md
*verify*
- use the last modified date of the commit before the tag
- use versioned filenames when checking map files on the CDN
- skip factory and package.json files when verifying CDN
*misc*
- now that we don't need the jquery-release script and
now that we no longer need to build on Node 10, we can
use ESM in all files in the build folder
- limit certain workflows to the main repo (not forks)
- version has been set to the previously released version 3.7.1,
as release-it expects
- release-it added the `preReleaseBase` option and we
now always set it to `1` in the npm script. This is
a noop for stable releases.
- include post-release script to be run manually after a release,
with further steps that should be verified manually
Ref jquery/jquery-release#114
Closes gh-5522
- Sinon is already at the latest version that supports IE9.
- Upgraded uglify to 3.7.7, which is the latest that worked with IE9.
I tried 3.9.4, which we are using in jquery-migrate, and 3.8.1,
but there were failures in traversing ("Permission denied" errors).
- Upgraded eslint to version 9, which required some changes.
Mainly, unused arguments in catch expressions error by default in 9+.
The config now makes use of `caughtErrorsIgnorePattern`,
which is set to `"^_"`, the same as unused function params.
- Ignored main branch dist files when switching branches.
Closes gh-5508
- iOS 12 and below do not support scrollTop/Left on the
window or document. Before 82169df, window.supportsScroll
was always undefined. There were 2 issues: (1) iOS <=12 do
support scroll props on the body, so the support test
wasn't helpful. (2) one test checked the wrong window and
the value was always undefined, which meant those tests
never ran in any browser.
Closes gh-5506
We have monthly automatic dependabot PRs for GitHub Actions. Unfortunately,
as of now we get a separate PR for every dependency which is a bit spammy
compared to regular commits updating source.
Thankfully, there's now a way to tell dependabot to submit a single PR per
a defined group. This change defines a single group to have a single dependabot
PR for all action updates.
Closes gh-5503
(cherry picked from commit 3cac1465b4)
Firefox 126+ implements CSS zoom in a way it affects width computed style
very slightly (`100.008px` instead of `100px`); accept that difference.
Also, skip the width setter under zoom test in Firefox 126 completely - that
version has CSS zoom affecting `offsetWidth` values. This has been fixed in
Firefox 127 so it's not worth working around it.
Add a test for support tests resolving the same under CSS zoom & without one.
That test uncovered Chrome failing the `reliableTrDimensions` support test
under zoom; the test has been fixed.
Fixes gh-5489
Closes gh-5496
Ref gh-5495
Use `assert.selectInFixture` consistently in `:has` tests. Previously, any test
failure that happened before this test run made it fail due to an additional
paragraph with id `qunit-testresult` injected by QUnit.
Closes gh-5497
- It's common for us to merge to main and cherry pick to 3.x-stable,
so it's best if concurrency is shared between branches, which
is effectively what we had already as it matches on workflow name
and browser. Ideally, it could also match on the corresponding commit,
but it seems the commit message is not available in the github context.
Close gh-5493
In Firefox, alert displayed just before blurring an element dispatches
the native blur event twice which tripped the jQuery logic if a jQuery blur
handler was not attached before the trigger call.
This was because the `leverageNative` logic part for triggering first checked if
setup was done before (which, for example, is done if a jQuery handler was
registered before for this element+event pair) and - if it was not - added
a dummy handler that just returned `true`. The `leverageNative` logic made that
`true` then saved into private data, replacing the previous `saved` array. Since
`true` passed the truthy check, the second native inner handler treated `true`
as an array, crashing on the `slice` call.
The same issue could happen if a handler returning `true` is attached before
triggering. A bare `length` check would not be enough as the user handler may
return an array-like as well. To remove this potential data shape clash, capture
the inner result in an object with a `value` property instead of saving it
directly.
Since it's impossible to call `alert()` in unit tests, simulate the issue by
replacing the `addEventListener` method on a test button with a version that
calls attached blur handlers twice.
Fixes gh-5459
Closes gh-5466
Ref gh-5236
(cherry picked from commit 527fb3dcf0)
Some browser extensions, like React DevTools, send messages to the content area.
Since our beforeunload event test listens for all messages, it used to catch
those as well, failing the test.
Add a `source` field to the payload JSON and check for it before treating the
message as coming from our own test to make sure the test passes even with such
browser extensions installed.
Closes gh-5478
(cherry picked from commit 399a78ee9f)
Update a few remaining HTTP URLs to HTTPS. The only ones left are XMLNS-like
URLs or ones to localhost - those need to stay as-is.
Closes gh-5479
(cherry picked from commit 7cdd837423)
- one queue to rule them all: browserstack, selenium, and jsdom
- retries and hard retries are now supported in selenium
- selenium tests now re-use browsers in the same way as browserstack
Close gh-5465
- Add the ability to retry by restarting the worker and
getting a different browser instance, after all
normal retries have been exhausted. This can sometimes
be successful when a refresh is not.
Close gh-5439