biglotteryfund / blf-alpha

The National Lottery Community Fund gives grants to organisations in the UK to help improve their communities. The money awarded comes from the UK National Lottery.
https://www.tnlcommunityfund.org.uk/
5 stars 4 forks source link

Bump axe-core from 4.0.1 to 4.2.3 #3995

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps axe-core from 4.0.1 to 4.2.3.

Release notes

Sourced from axe-core's releases.

Release 4.2.3

Bug Fixes

  • accText: ignore text in embedded content elements (#3022) (8fb4635), closes #3017
  • color-contrast: add special case for new sr-only technique (#2985) (79cbf01)
  • color-contrast: check for pseudo elements on element itself, not just parents (#2980) (3122550)
  • frame-tested: run without respondable (#2942) (a1d725d)
  • publish-metadata: use fail message for rules with reviewOnFail:true (#2987) (00fefa9)
  • sri-history: add backported releases (#3004) (0332e80)

Release 4.2.2

Bug Fixes

  • aria-allowed-attr: allow aria-posinset and aria-setsize on row elements for treegrids (#2952) (3023e69)
  • heading-order: Prevent crash on page with iframes but no headings (#2965) (4b7db37)
  • meta-viewport: test that a user-scalable number does not prevent zoom (048c5c1)
  • JS error in @​axe-core/react caused by stale reference to heading (3afda4e)

Release 4.2.1

Bug Fixes

  • aria-allowed-attr: pass aria-label on some HTML elements (#2935) (695aa77)
  • treat input with no role as textbox (#2929) (de18030)
  • autocomplete-appropriate: pass for autocomplete=username and type=email (#2896) (8b478c8)
  • getStandards: Read standards from utils (#2903) (52ad4c6)
  • required-parent: Allow *item > group > *item nesting (#2898) (3acd229)
  • types: make evaluate check optional (#2902) (75fabfe)

Release 4.2.0

Features

  • add axe.frameMessenger with configurable allowedOrigins (#2880) (b27bab3)
  • aria-allowed-attr: add ARIA 1.2 prohibited attrs check (#2764) (4a77e88)
  • empty-table-header: new rule to flag empty table headers (#2811) (813ee7e)
  • frame-focusable-content: new rule to test iframes with tabindex=-1 do not have focusable content (#2785) (aeb044c)
  • locale: missing translations for DE (#2704) (f312994)
  • locale: Polish translation (#2677) (c46979f)
  • nested-interactive: new rule to flag nested interactive elements (#2691) (13a7cf1)
  • role-text: add role-text rule (#2702) (7c05162)
  • setup/teardown: add functions to setup and teardown axe-core internal data, deprecate axe._tree (#2738) (9d19f24)
  • standards: add graphics roles (#2761) (22032cc)
  • standards/aria-roles: add presentational children property (#2689) (78c239c)

... (truncated)

Changelog

Sourced from axe-core's changelog.

4.2.3 (2021-06-22)

Bug Fixes

  • accText: ignore text in embedded content elements (#3022) (8fb4635), closes #3017
  • color-contrast: add special case for new sr-only technique (#2985) (79cbf01)
  • color-contrast: check for pseudo elements on element itself, not just parents (#2980) (3122550)
  • frame-tested: run without respondable (#2942) (a1d725d)
  • publish-metadata: use fail message for rules with reviewOnFail:true (#2987) (00fefa9)
  • sri-history: add backported releases (#3004) (0332e80)

4.2.2 (2021-06-03)

Bug Fixes

  • aria-allowed-attr: allow aria-posinset and aria-setsize on row elements for treegrids (#2952) (3023e69)
  • heading-order: Prevent crash on page with iframes but no headings (#2965) (4b7db37)
  • meta-viewport: test that a user-scalable number does not prevent zoom (048c5c1)
  • JS error in @​axe-core/react caused by stale reference to heading (3afda4e)

4.2.1 (2021-05-18)

Bug Fixes

  • aria-allowed-attr: pass aria-label on some HTML elements (#2935) (695aa77)
  • treat input with no role as textbox (#2929) (de18030)
  • autocomplete-appropriate: pass for autocomplete=username and type=email (#2896) (8b478c8)
  • getStandards: Read standards from utils (#2903) (52ad4c6)
  • required-parent: Allow *item > group > *item nesting (#2898) (3acd229)
  • types: make evaluate check optional (#2902) (75fabfe)

4.2.0 (2021-04-23)

Features

  • add axe.frameMessenger with configurable allowedOrigins (#2880) (b27bab3)
  • aria-allowed-attr: add ARIA 1.2 prohibited attrs check (#2764) (4a77e88)
  • empty-table-header: new rule to flag empty table headers (#2811) (813ee7e)
  • frame-focusable-content: new rule to test iframes with tabindex=-1 do not have focusable content (#2785) (aeb044c)
  • locale: missing translations for DE (#2704) (f312994)
  • locale: Polish translation (#2677) (c46979f)
  • nested-interactive: new rule to flag nested interactive elements (#2691) (13a7cf1)
  • role-text: add role-text rule (#2702) (7c05162)
  • setup/teardown: add functions to setup and teardown axe-core internal data, deprecate axe._tree (#2738) (9d19f24)
  • standards: add graphics roles (#2761) (22032cc)
  • standards/aria-roles: add presentational children property (#2689) (78c239c)
  • utils.getRule: add function to get rule by id (#2724) (9d0af53)
  • utils/matches: support selectors level 4 :not and :is (#2742) (21d9b0e)
  • virtual-node: add attrNames property which returns list of attribute names (#2741) (1d864b4)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

Superseded by #3996.