Fixed a duplicate-file bug in File Input. If a file with the same name was uploaded in two separate file input fields, the preview spinner would spin indefinitely. We now assign each upload an individual ID, and the image preview loads properly. (uswds/uswds#4313) Thanks @mahoneycm!
Added ability to add a custom error message for wrong file type error in File Upload. Add the data attribute data-errorMessage to usa-file-input to include a custom error message. (uswds/uswds#3890) Thanks @hilvitzs!
Fixed external link icon color. We resolved an issue with visited links where the icon color may not match the color of the link. (uswds/uswds#4297) Thanks @aduth!
Removed extraneous href from Collection calendar. The usa-collection__calendar-date should not include an href, so we removed it. (uswds/uswds#4308) Thanks @mahoneycm!
Security and dependencies
Added automatic sanitizing. The design system now automatically sanitizes content in elements we compose with JavaScript. This means that components like Combobox, Tooltip, File Input, and Date Picker will sanitize any content passed to them. This helps protect any design system implementation against malicious XSS attacks through these components. (uswds/uswds#4329)
Dependencies
Package
Old
New
@babel/preset-env
7.15.0
7.15.8
@types/node
16.6.1
16.11.6
autoprefixer
10.3.1
10.3.7
axe-core
4.3.2
4.3.4
chrome-launcher
0.14.0
0.14.1
eslint-plugin-import
2.24.0
2.25.2
eslint-plugin-no-unsanitized
3.1.5
3.2.0
gulp-postcss
9.0.0
9.0.1
mocha
9.0.3
9.1.3
postcss
8.3.6
8.3.11
prettier
2.3.2
2.4.1
sass
1.38.0
1.43.4
snyk
1.683.0
1.746.0
stylelint-scss
3.20.1
3.21.0
typescript
4.3.5
4.4.4
yargs
17.1.1
17.2.1
0 vulnerabilities in regular dependencies (dependencies for USWDS projects installed with npm install uswds)
Release ZIP SHA-256 hash:2c4a794c11dca65db04d6552312241ae6c397b7fd4ea5c8094698461d8d3f687
USWDS 2.12.1
What's new in USWDS 2.12.1
Improvements and bug fixes
Improved whitespace sensitivity of radio and checkbox tiles. Now radio and checkbox tiles will display consistently whether or not there's extra whitespace in the markup. Thanks @aduth! (uswds/uswds#4286)
Header dropdown menus close with escape or focus out. Now esc or focusing out will close dropdown menus in the header. (uswds/uswds#4275)
Improved class order sensitivity for breadcrumb and checkbox/radio. Now breadcrumb and checkbox/radio components display properly regardless of the order of the class and modifier names. Thanks @sembrat! (uswds/uswds#4262)
Allow Breadcrumb to work with a broader range of focus widths. Now the Breadcumb component isn't affected by custom focus widths. Thanks @mahoneycm! (uswds/uswds#4248)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
2 years ago
Bumps uswds from 2.12.0 to 2.12.2.
Release notes
Sourced from uswds's releases.
... (truncated)
Commits
b913720Merge pull request #4377 from uswds/release-2.12.23dcf9f9Create uswds-2.12.2-zip-hash.txt8d6b61f2.12.2b20a82enpm audit fix1d5789bMerge pull request #4376 from uswds/dw-update-references45c905cUpdate references to 2.12.2679369dMerge pull request #4375 from uswds/dw-update-notifications4e34998Add notification about tooltip content2d24b92Merge pull request #4373 from uswds/jm-update-deps3464df5Update peer dependencies.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)