chore(release): version 4.2.0 #2886
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chore: merge master into develop
* tests: switch to karma * add ie launcher * increase timeout for ie11 * change basePath for ie11 * reset and use grunt file code * packages * finalize * update package-lock * lint * put husky back * forgot to install * changes
* fix(heading-order): allow partial context to pass * fix for nested headings * fix * fix findindex * ie11 * tests... * validate level
* chore: run prettier * fix test
* chore: move to single eslintrc file * mocha
* fix(aria-required-children): allow group and rowgroup roles * fix
* tests: start server when integration test * fix? * try this * one more time * windows doesnt do start without run command * hurray windows... * one last attempt
* chore: replace phrasing elements in subtree-text * revert playground
* tests: fix? * asdf * works? * nope * headless? * remove options * remove is-ci
* chore: add PR review app yml file * Update PULL_REQUEST_TEMPLATE.md * Apply suggestions from code review Co-authored-by: Steven Lambert <[email protected]> Co-authored-by: Steven Lambert <[email protected]>
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7. **This update includes a security fix.** - [Release notes](https://github.com/isaacs/ini/releases) - [Commits](npm/ini@v1.3.5...v1.3.7) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* feat(lang): Polish translation Polish translation added * feat(lang): Polish translation missing bracket added * feat(lang): Polish translation fix the lang line * feat(locale): Polish translation minor language corrections * feat(locale): Polish translation minor corrections
* chore: split test:unit into different parts * circle
* docs: update contributing guide * fixes
#2691) * feat(nested-interactive): new rule to flag nested interactive elements * Update lib/rules/nested-interactive.json Co-authored-by: Wilco Fiers <[email protected]> * Update lib/rules/nested-interactive.json Co-authored-by: Wilco Fiers <[email protected]> * fixes * remove only * remove log Co-authored-by: Wilco Fiers <[email protected]>
… the parent container (#2682) * fix(color-contrast): account for text client rects that start otuside the parent container * fix? * Update lib/commons/dom/get-text-element-stack.js Co-authored-by: Wilco Fiers <[email protected]> Co-authored-by: Wilco Fiers <[email protected]>
…en (#2703) * fix(aria-required-children): only match for roles that require children * fix * fix tests
* docs: added information on building for locale with npm * Update README.md Co-authored-by: Steven Lambert <[email protected]> Co-authored-by: Steven Lambert <[email protected]>
…2707) * fix(aria-required-parent): only match for roles that require parents * fix
I'd totally be OK with an action to update the doc for us
chore:update to add product field for easier triage
chore: merge master
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes security fixes.** - [Release notes](https://github.com/isaacs/ini/releases) - [Commits](npm/ini@v1.3.5...v1.3.8) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3. **This update includes a security fix.** - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md) - [Commits](yargs/y18n@v4.0.0...y18n-v4.0.3) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
* feat(axe.frameMessenger): api to allow custom iframe communication * reset doc * fixes * fix * tests * chore(wip): refactor messageHandler * add allowed origins * rename directory * fix ie11 window.origin * fix build * fix origin * Update test/core/base/audit.js Co-authored-by: Wilco Fiers <[email protected]> * resolve comments * WIP: chanages * chore: fix up couple more minor points * docs(api): add frameMessenger & allowedOrigins * chore(types): add frameMessenger & allowedOrigins * fix(allowedOrigins): consistently use http * chore: resolve comments * docs(API): document use with file:// * chore: minor improvements * docs(API): recommendation not to test on file:// Co-authored-by: Steven Lambert <[email protected]> Co-authored-by: Steven Lambert <[email protected]>
|
CI failure: Looks like the tests get mad when we bump the version number? 🤔 |
WilcoFiers
commented
Apr 26, 2021
There was a problem hiding this comment.
Release Audit
- fix(region): allow role=alertdialog as region #2660
- tests: run ChromeHeadless for integration test #2670 Security check was missing
- feat(standards/aria-roles): add presentational children property #2689
- fix(to-grid/get-headers): work with rowspan=0 #2722
- feat(standards): add graphics roles #2761
- feat(frame-focusable-content): new rule to test iframes with tabindex=-1 do not have focusable content #2785
- fix(utils): fix warning thrown by Webpack #2843
- feat: add axe.frameMessenger with configurable allowedOrigins #2880
- chore(deps): [security] bump ini from 1.3.5 to 1.3.8 #2869
|
#2843 is not reviewed for security @WilcoFiers how did we miss so many security reviews? |
|
FWIW I believe there's a bug (also a GitHub "feature") in the security review app which prevents it from working unless contributors allow edits from maintainers on their PRs. The app doesn't have write access to commits authored by non-Deque'ers, so it cannot change their statuses. When this happens, it'd be nice if the robot would let us know (by placing a comment on the PR or something) rather than forcing me to dig thru logs 🤷 Unfortunately I doubt I'll have any time to work on this in the near future, so it may be up to @dequelabs/axe-api-team. Adding a |
Can someone take this on? @WilcoFiers we need to make this a priority |
|
That's odd. The one and only commit was approved for security
|
straker
approved these changes
Apr 26, 2021
|
reviewed, status not good as noted above |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Features
Bug Fixes