Skip to content

Bump axe-core from 4.11.2 to 4.11.3 in the testing group#5561

Merged
tdonohue merged 1 commit into
dspace-7_xfrom
dependabot/npm_and_yarn/dspace-7_x/testing-abe5f08a60
May 1, 2026
Merged

Bump axe-core from 4.11.2 to 4.11.3 in the testing group#5561
tdonohue merged 1 commit into
dspace-7_xfrom
dependabot/npm_and_yarn/dspace-7_x/testing-abe5f08a60

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026

Bumps the testing group with 1 update: axe-core.

Updates axe-core from 4.11.2 to 4.11.3

Release notes

Sourced from axe-core's releases.

Release 4.11.3

This release addresses a few false positives, which may reduce the number of issues on terget-size and aria-allowed-attr.

Bug Fixes

  • aria-allowed-attr: restrict br and wbr elements to aria-hidden only (#4974) (1d80163)
  • target-size: ignore position: fixed elements that are offscreen when page is scrolled (#5066) (5906273), closes #5065
Changelog

Sourced from axe-core's changelog.

4.11.3 (2026-04-13)

Bug Fixes

  • aria-allowed-attr: restrict br and wbr elements to aria-hidden only (#4974) (1d80163)
  • target-size: ignore position: fixed elements that are offscreen when page is scrolled (#5066) (5906273), closes #5065
Commits
  • c71e3dd chore(release): v4.11.3 (#5070)
  • 3ab66ba chore(release): 4.11.3
  • 5906273 fix(target-size): ignore position: fixed elements that are offscreen when pag...
  • d5a5705 refactor(frame-messenger): Guard against inherited properties as topics and c...
  • 1d80163 fix(aria-allowed-attr): restrict br and wbr elements to aria-hidden only (#4974)
  • baa580b chore: bump the npm-low-risk group with 8 updates (#5053)
  • 0463a3f chore: bump actions/upload-artifact from 6.0.0 to 7.0.0 (#5054)
  • 7e06043 chore: bump actions/download-artifact from 7.0.0 to 8.0.1 (#5056)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump axe-core from 4.11.2 to 4.11.3 in the testing group
9ec6592 
Bumps the testing group with 1 update: [axe-core](https://github.com/dequelabs/axe-core).


Updates `axe-core` from 4.11.2 to 4.11.3
- [Release notes](https://github.com/dequelabs/axe-core/releases)
- [Changelog](https://github.com/dequelabs/axe-core/blob/develop/CHANGELOG.md)
- [Commits](dequelabs/axe-core@v4.11.2...v4.11.3)

---
updated-dependencies:
- dependency-name: axe-core
  dependency-version: 4.11.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: testing
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 1, 2026
@tdonohue tdonohue added this to the 7.6.7 milestone May 1, 2026
tdonohue
tdonohue approved these changes May 1, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@tdonohue tdonohue left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Only used for tests & those all pass

@github-project-automation github-project-automation Bot moved this to 👍 Reviewer Approved in DSpace Maintenance (9.x, 8.x, 7.6.x) May 1, 2026
@tdonohue tdonohue merged commit 3fcd144 into dspace-7_x May 1, 2026
21 of 22 checks passed
@tdonohue tdonohue deleted the dependabot/npm_and_yarn/dspace-7_x/testing-abe5f08a60 branch May 1, 2026 20:37
@github-project-automation github-project-automation Bot moved this from 👍 Reviewer Approved to ✅ Done in DSpace Maintenance (9.x, 8.x, 7.6.x) May 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tdonohue tdonohue tdonohue approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

DSpace Maintenance (9.x, 8.x, 7.6.x)
Status: ✅ Done

Milestone

7.6.7

Development

Successfully merging this pull request may close these issues.

1 participant

@tdonohue