Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency select2 to v4 - autoclosed #1220

Closed
wants to merge 1 commit into from
Closed

Update dependency select2 to v4 - autoclosed #1220

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Jun 10, 2021
edited
Loading

This PR contains the following updates:

Package Type Update Change
select2 (source) dependencies major 3.5.1 -> 4.0.8

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
Medium 6.1 CVE-2016-10744 #1219

Release Notes

select2/select2

v4.0.8

Compare Source

New features / improvements
  • Test against and fix compatibility with jQuery 3.4.1 (#​5531)
  • Results respect disabled state of <option> (#​5560)
  • Add computedstyle option for calculating the width (#​5559)
Bug fixes
  • Fix tag creation being broken in 4.0.7 (#​5558)
  • Fix infinite scroll when the scrollbar is not visible (#​5575)
  • Revert change to focusing behaviour in 4.0.6 (#​5576)
Translations
  • Fix wording in French translations (#​5521)
Miscellaneous
  • Update grunt-contrib-qunit to latest version (#​5530)
  • Removed unused .select2-selection__placeholder CSS definitions for multiple selects (#​5508)
  • Remove deprecated jQuery shorthand (#​5564)

v4.0.7

Compare Source

New features/improvements
  • Do not close on select if Ctrl or Meta (Cmd) keys being held (#​5222)
Bug fixes
  • Fixed issue where single select boxes would automatically reopen when they were closed (#​5490, #​5492)
Miscellaneous
  • Move almost and jquery-mousewheel to devDependencies (#​5489)

v4.0.6

Compare Source

New features/improvements
Bug fixes
  • Fix up arrow error when there are no options in dropdown (#​5127)
  • Add ; before beginning of factory wrapper (#​5089)
  • Fix IE11 issue with select losing focus after selecting an item (#​4860)
  • Clear tooltip from select2-selection__rendered when selection is cleared (#​4640, #​4746)
  • Fix keyboard not closing when closing dropdown on iOS 10 (#​4680)
  • User-defined types not normalized properly when passed in as data (#​4632)
  • Perform deep merge for Defaults.set() (#​4364)
  • Fix "the results could not be loaded" displaying during AJAX request (#​4356)
  • Cache objects in Utils.__cache instead of using $.data (#​4346, #​5486)
  • Removing the double event binding registration of selection:update (#​4306)
Accessibility
  • Improve .select2-hidden-accessible (#​4908)
  • Add role and aria-readonly attributes to single selection dropdown value (#​4881)
Translations
  • Add Turkmen translations (tk) (#​5125)
  • Fix error in French translations (#​5122)
  • Add Albanian translation (sq) (#​5199)
  • Add Georgian translation (ka) (#​5179)
  • Add Nepali translation (ne) (#​5295)
  • Add Bangla translation (bn) (#​5248)
  • Add removeAllItems translation for clear "x" title (#​5291)
  • Fix wording in Vietnamese translations (#​5387)
  • Fix error in Russian translation (#​5401)
Miscellaneous
  • Remove duplicate CSS selector in classic theme (#​5115)

v4.0.5

Compare Source

Bug fixes
  • Replace autocapitalize=off with autocapitalize=none (#​4994)
Translations
  • Vietnamese: remove an unnecessary quote mark (#​5059)
  • Czech: Add missing commas and periods (#​5052)
  • Spanish: Update the 'errorLoading' message (#​5032)
  • Fix typo in Romanian (#​5005)
  • Improve French translation (#​4988)
  • Add Pashto translation (ps) (#​4960)
  • Add translations for lower and upper Sorbian (dsb and hsb) (#​4949)
  • Updates to Slovak (#​4915)
  • Fixed Norwegian inputTooShort message (#​4817, 4896)
  • Add Afrikaans translation (af) (#​4850)
  • Add Bosnian translation (bs) (#​4504)

v4.0.4

Compare Source

New features / Improvements
Bug fixes
Documentation
Translations

v4.0.3

Compare Source

This is the third bugfix release of Select2 4.0.0. It builds upon the second bugfix release and fixes many common issues.

New features / Improvements
Bug fixes
Documentation
Translations

v4.0.2

Compare Source

This is the second bugfix release of Select2 4.0.0. It builds upon the first release candidate of Select2 4.0.2 with some minor improvements.

New features / Improvements
Bug fixes
Documentation
Translations

v4.0.1

Compare Source

New features / improvements
  • Trigger input event before change events (#​4649)
  • Feed back the keypress code that was responsible for the 'close' event (#​5513)
  • Only trigger selection:update once on DOM change events (#​5734)
Bug fixes
  • Prevent opening of disabled elements (#​5751)
Documentation
  • Fix "edit this page" links in docs (#​5689)
Miscellaneous

v4.0.0

Compare Source

This builds upon the second release candidate, so review all previous release notes before upgrading from previous versions of Select2.

Supported environments
  • jQuery 1.7.2+
  • Modern browsers (Chrome, Firefox, Safari)
  • Internet Explorer 8+
New features
Breaking changes
  • Select2 now uses the MIT license
  • The full build of Select2 no longer includes jQuery - You must include jQuery separately on your page.
  • Select2 will prevent the inner scrolling of modals (and other scrollable containers) when it is open to prevent the UI from breaking. Read more at the commit.
  • jQuery is no longer listed as a dependency in the bower.json/component.json files.
  • <select> has replaced <input type="hidden" /> for all options (including remote data)
  • The matcher has been revamped to include full context, a compatibility module (select2/compat/matcher) has been created
  • The display always reflects the order data is sent to the server
  • The click mask is no longer the default (again). You can get back the old functionality by wrapping your selectionAdapter with the ClickMask (select2/selection/clickMask) decorator.
  • Select2 no longer stops the propagation of events happening within the dropdown and selection. You can use the StopPropagation modules available in the full builds to prevent this. [select2/select2@8f8140e3b00c5d5bb232455137c4c633d7da4275]
  • The enter key no longer toggles the state of multiple select items in the results, but instead will only select them. Use CTRL + Space instead to toggle the state. [select2/select2@017c20109471fa5b835603faf5dc37f7c2c2ea45]
  • Warnings will now be triggered in the developer console if Select2 detects an unsupported configuration.
Options
  • The default value of the width option has been changed from style to resolve.
  • The copy value for the width option has been renamed to style.
Renamed
  • formatSelection -> templateSelection
  • formatResult -> templateResult
  • sortResults -> sorter
  • createSearchChoice -> createTag
  • selectOnBlur -> selectOnClose
  • ajax.jsonpCallback -> ajax.jsonp
  • ajax.results -> ajax.processResults
  • tags: [array,of,data] -> data: [array,of,data], tags: true
  • placeholderOption has been replaced by placeholder.id (placeholder -> placeholder.text)
Internationalization
  • formatNoMatches -> language.noMatches
  • formatSearching -> language.searching
  • formatInputTooShort -> language.inputTooShort
  • formatInputTooLong -> language.inputTooLong
  • formatAjaxError -> language.errorLoading
  • formatLoading -> language.loadingMore
  • formatSelectionTooBig -> language.maximumSelected
Deprecated/Removed
  • initSelection - This is no longer needed with <select> tags. Limited backwards compatibility in the full build.
  • id - Data objects should now always have id and text attributes that are strings, use $.map when migrating
  • query - Use a custom data adapter instead. Limited backwards compatibility in the full build.
  • ajax.params - All parameters passed to ajax will be passed to the AJAX data transport function
Methods
Renamed
  • .select2("val", [value]) -> .val([value])
  • .select2("enable", !disabled) -> .prop("disabled", disabled)
Removed
  • .select2("onSortStart") and .select2("onSortEnd") - A custom selection adapter should be created instead
  • .select2("data", data) - Create the <option> tags for the objects that you would like to set, and set the .val to select them
  • .select2("readonly") - There is no way to make a <select> element read-only, disable it instead
Events
New
  • select2:closing is triggered before the dropdown is closed
  • select2:select is triggered when an option is selected
Renamed
  • select2-close is now select2:close
  • select2-open is now select2:open
  • select2-opening is now select2:opening
  • select2-selecting is now select2:selecting
  • select2-removed is now select2:unselect
  • select2-removing is now select2:unselecting
Removed
  • select2-clearing has been removed in favor of select2:unselecting
  • select2-highlight
  • select2-loaded
  • select2-focus - Use the native focus event instead
  • select2-blur - Use the native blur event instead
  • All extra properties from the change event were removed
    • val can be retrieved with $element.val() instead
    • added can be retrieved by listening to select2:select
    • removed can be retrieved by listening to select2:unselect
  • If you want to rebase/retry this PR, check this box.

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Jun 10, 2021
@mend-for-github-com mend-for-github-com bot changed the title Update dependency select2 to v4 Update dependency select2 to v4 - autoclosed Jul 18, 2021
@mend-for-github-com mend-for-github-com bot deleted the whitesource-remediate/select2-4.x branch July 18, 2021 10:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants