[Snyk] Upgrade jsdom from 11.11.0 to 15.2.1 #1
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade jsdom from 11.11.0 to 15.2.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.Warning: This is a major version upgrade, and may be a breaking change.
Release notes
Package name: jsdom
JSDOM.fromURL()
handling of URLs with hashes in them, to no longer send the hash to the server and append an extra copy of it when constructing theDocument
. (rchl)focus
events. (eps1lon)mediaElement.addTextTrack()
. (mtsmfm)nwsapi
minimum version to 2.2.0, which fixes issues with::-webkit-
prefixed pseudo-elements and namespaced attribute selectors.getComputedStyle()
for the'visibility'
property. This sets the foundation for further work on inheritance, cascading, and specificity. (eps1lon)shadowRoot.activeElement
.readystatechange
events during document loading.form.requestSubmit()
, to match our existing stub forform.submit()
.el.tabIndex
's default value, when notabindex=""
attribute was set, to reflect the updated specification.el.attachShadow()
on something that's already a shadow host, to reflect the updated specification.<input type="range">
.selectEl.value
when no<option>
is selected to return the empty string, instead of the value of the first option. (tgohn)new FormData(formElement)
. (brendo)"undefined"
. (papandreou)el.getAttributeNS()
orel.setAttributeNS()
.canvas
as an optionalpeerDependency
, which apparently helps with Yarn PnP support.nonce
property fromHTMLScriptElement
andHTMLStyleElement
toHTMLElement
. Note that it is still just a simple reflection of the attribute, and has not been updated for the rest of the changes in whatwg/html#2373.style
andon<event>
properties to properly track their related attributes for SVG elements. (kbruneel)XMLHttpRequest
merging preflight and response headers. (thiagohirata)XMLHttpRequest
reserializingcontent-type
request headers unnecessarily. See whatwg/mimesniff#84 for more details. (thiagohirata)element.tagName
to be the ASCII uppercase of the element's qualified name, instead of the Unicode uppercase.Headers
class from the Fetch standard.element.translate
getter and setter.XMLHttpRequest
on the newly-released Node.js v12.form.elements
to exclude<input type="image">
elements.pattern=""
form control validation to apply the given regular expression to the whole string. (kontomondo)Several potentially-breaking changes, each of them fairly unlikely to actually break anything:
JSDOM.fromFile()
now treats.xht
files asapplication/xhtml+xml
, the same as it does for.xhtml
and.xml
. Previously, it would treat them astext/html
.JSDOM
constructor'scontentType
option has acharset
parameter, and the first argument to the constructor is a binary data type (e.g.Buffer
orArrayBuffer
), then thecharset
will override any sniffed encoding in the same way as aContent-Type
header would in browser scenarios. Previously, thecharset
parameter was ignored.Blob
orFile
constructor with theendings: "native"
option, jsdom will now convert line endings to\n
on all operating systems, for consistency. Previously, on Windows, it would convert line endings to\r\n
.<a>
and<area>
elements whosehref=""
points to ajavascript:
URL or fragment.<datalist>
element'soptions
property.<input>
element'slist
property.PageTransitionEvent
, and the firing ofpageshow
events during loading.External
class as a property ofwindow
.innerHTML
andouterHTML
) to be spec-compliant. (pmdartus)innerHTML
) breaking after setting certain properties to non-string values.<style>
s to no longer apply to documents without a browsing context. This includes fixing a crash that would occur with such styles if they had an@import
rule.<option>
'slabel
andvalue
properties to return correct values in various edge cases.load
event during document loading to target theDocument
, not theWindow
.pretendToBeVisual
option to propagate to child subframes, as well as the mainWindow
. (pyrho)nwsapi
version from v2.1.1 to v2.1.3, bringing along a few fixes in our selector engine.Breaking changes:
JSDOM.fragment()
now creates fragments whose document has no browsing context, i.e. no associatedWindow
. This means thedefaultView
property will be null, resources will not load, etc.JSDOM.fragment()
, called with no arguments, now creates aDocumentFragment
with no children, instead of with a single child text node whose data was"undefined"
.Other changes:
element.blur()
on a focused element.<link>
elements into documents with no browsing context to no longer crash if the originatingJSDOM
was configured to fetch the resource. Now, per spec,<link>
elements only attempt to fetch if they are browsing-context connected.<template>
elements to have the correct semantics, of using a separate browsing-context-less document to store its contents. In particular this means resources will not be fetched for elements inside the<template>
, as per spec.MutationObserver
s! (pmdartus)<progress>
element'svalue
,max
, andposition
properties.navigator.plugins
andnavigator.mimeTypes
. (But, they are always empty.)<summary>
elements respond toclick
events by toggling their parent<details>
.<summary>
elements to be focusable.isTrusted
set totrue
.DOMParser
-created documents to have theirreadyState
set to"complete"
.<fieldset>
s get disabled.getComputedStyle()
to throw a sensible exception when passed the wrong argument, instead of one that exposes jsdom internals.saxes
dependency, so that it now correctly errors on XML fragments like<foo bar:="1"/>
.el.insertAdjacentElement()
andel.insertAdjacentText()
.reset
event toform.reset()
. (epfremmer)type
,value
, anddefaultValue
properties to<output>
elements, including their form reset behavior. (epfremmer)outputEl.htmlFor
property.<style>
or<script>
elements. This regressed in v11.6.0. To learn more, see V8 issue #6730.style
property on<a>
and<area>
elements. This regressed in v13.0.0.node.isConnected
to not always return false for nodes inside a shadow tree. (pmdartus)<button type="reset">
and<input type="reset">
elements to actually perform a form reset when clicked, instead of doing nothing. (epfremmer)el.setCustomValidity()
for<output>
and<fieldset>
.click
events, so that for example callingel.click()
on the child of a submit button element will submit the form.focus
/blur
events to be composed.mediaElement.duration
to default toNaN
.olEl.start
to default to1
.XMLHttpRequest
against non-existantfile:
URLs to treat that as a network error, instead of crashing. (pascalbayer) Note that in the future we may completely disableXMLHttpRequest
usage againstfile:
URLs to follow the browser security model.document.title
in SVG documents.titleElement.text
to return the child text content, instead of being the same astitleElement.innerHTML
.<textarea>
s to properly account for child CDATA section nodes changing.Element.prototype[Symbol.unscopables]
.Breaking change:
canvas
package, in favor of v2.x. This also removes support forcanvas-prebuilt
, sincecanvas
v2.x has a built-in prebuilt version.Other changes:
w3c-xmlserializer
package. Previously we were just using the HTML serialization, even in XML documents.storageEvent.initStorageEvent()
method.passive
option toaddEventListener()
.relList
property to<a>
,<area>
, and<link>
elements.Commit messages
Package name: jsdom
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs