[Snyk] Upgrade bootstrap from 4.5.3 to 4.6.0

[DeviaVir]

Snyk has created this PR to upgrade bootstrap from 4.5.3 to 4.6.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.
• The recommended version was released 2 days ago, on 2021-01-19.

Release notes

Package name: bootstrap

• 4.6.0 - 2021-01-19
  

  Highlights

  • Tooltips and popovers can have custom clases via customClass option.
  • Added new .navbar-nav-scroll class for scrolling expanded navbar contents on mobile devices.
  • For improved accessibiliy, spinners now slow down when prefers-reduced-motion is enabled.
  • v4.x docs are now built on Hugo for easier maintenance and backports from v5.x.
  • Darkened background-color of .dropdown-item for improved hover state contrast, and ligthened the disabled .dropdown-item color.
  • Improved alignment of form validation tooltips.
  • File inputs no longer extend beyond their containers.

  CSS

  • #31557: Fix form validation tooltip alignment
  • #31657: Handle the Ubuntu sans-serif case
  • #31700: Suppress flexbox side effects in breadcrumb
  • #31882: Slow down spinners when prefers-reduced-motion
  • #31886: Fixed: Undefined mixin "deprecate" when importing "bootstrap-grid-scss"
  • #32141: Use correct value order
  • #32145: Avoid invisible real file input "spilling" out of container
  • #32160: Add overflow suppression to custom file label
  • #32211: Move negative margin-bottom from .nav-item to .nav-link
  • #32212: Remove needless Stylelint disables
  • #32833: Add .navbar-nav-scroll for vertical scrolling of navbar content
  • Add two new variables for pagination border-radius values; backport of #32423
  • Remove old/unnecessary reboot bug fix; backport of #32631
  • Suppress focus outline for buttons when it shouldn't be visible in Chromium; backport of #32689
  • Consistently use outline:0 rather than outline:none; backport of #32751
  • Darken dropdown item hover style; backport of #32754
  • Lighten disabled dropdown text to $gray-500

  JS

  • #31820: Check for data-interval on the first slide of carousel
  • #31834/#32225: tooltip/popover: add a customClass option
  • #32001: Move js/src/index.js one folder up
  • #32045: tests: fix sanitizer test
  • #32220: Don't hide modal when config.keyboard is false
  • #32312: build-plugins: switch to "bundled" for babel helpers

  Docs

  • #31861: Split up dropdown sizing docs to improve rendering
  • #31892: Remove redundant visually hidden "(current)" from pagination controls
  • #31893: manifest.json: Switch to relative URLs so that we don't need to change the path with every major/minor release
  • #31898: switch to suggesting jsDelivr as a CDN
  • #31904:
    • docs(forms): use a legend for fieldset instead of aria-label
    • docs(forms): fix incorrect legend nesting in fieldset
  • #31936: forms: change inline custom radio name
  • #31951: Update anchor-js to v4.3.0
  • #31960: Explicitly mention emoji fonts, tweak sentence in typography
  • #31981: list-group.md: fix snippet
  • #32005: Remove bugreport.apple.com since it doesn't work
  • #32015: Fix redirects
  • #32050: Make docs anchorjs links darker on keyboard focus
  • #32054: Add callouts about using light colors ideally on a dark background
  • #32077: Switch to Hugo
  • #32083: mention "Liberation Sans"
  • #32087: download.md: link to JS files comparison too
  • #32094: Changes to navbar documentation/explanation
  • #32106: Clarify JS bundle docs once more for v4
  • #32137: input-group.md: fix wrong class .visually-hidden
  • #32138: navbar.md: remove loading=lazy from snippets
  • #32147: Fix caniuse.com redirects
  • #32151: Mention user-select-all support in docs
  • #32196: homepage: split snippets and show copy buttons
  • #32203: Switch to jsDelivr for the remaining docs assets
  • #32223: introduction: split comments
  • #32247: Fix typos in tooltip/popover docs
  • #32253: Add Russian translation
  • #32363: Remove useless .text-left in Layout / Overview
  • #32399: Remove duplicated "follow Bootstrap on Twitter" link in Community section
  • #32457: Add mention of the bs-custom-file-input plugin needed for the custom file input
  • #32461: style clipboard button on :focus, not just :hover
  • #32462: Replace Lorem Ipsum placeholder text with more representative (or at least english language) text
  • #32634: Remove incorrect mention of dropdowns for dynamic tab behavior
  • #32639: v4: Add an actual data-touch="false" example in the carousel docs
  • #32728: add v5.0 in versions
  • #32761: Mention stretched-link constraints with table elements
  • #32789: Remove role="button" from CTA links in carousel example
  • #32791: Docs v4: Sass implementation and rounding precision
  • #32809:
    • Clarify Sass import and customize docs for how to modify variable defaults
    • Add an npm starter project callout to a few pages
  • #32827: Add a live toast example to the docs
  • #32759: Mention CSP and embedded SVGs in v4 docs
  • docs(dropdowns): clarify where is .show applied
  • Require .has-validation for input groups with validation
  • Fix mobile menu jump & double border
  • Remove double spaces from homepage SVGs
  • browserconfig.xml: switch to relative image path
  • Tweak the wording for collapse to indicate button is preferred/more semantic; backport of #32632
  • Clarify the $enable-shadows option in our docs; backport of #32685

  Examples

  • #31979: v4 Examples/Floating-labels: fix bad behavior with autofill
  • #32198: examples: add the version number in title

  Misc

  • #29753: Improve build/generate-sri.js regex
  • #32003: CI: switch to Node.js 14
  • #32008: Update Edge's Rendering Engine on CONTRIBUTING.md
  • #32486: BrowserStack: test on macOS Catalina instead of High Sierra
  • #32756: Stylelint: disallow some property values
  • Fix for npm 7.x package.json: move version_short variable under the config object; backport of #32737
  • Update build-examples script so that the resulting examples zip file includes only the needed files
  • Various CI tweaks
  • Updated devDependencies
• 4.5.3 - 2020-10-13
  

  CSS

  • #31653: Add a comment to our escape-svg function to note that data URIs must be quoted.
  • #31693: Use the custom-control shadow variable instead of the generic input-focus-box-shadow.
  • #31793: Backport some v5 changes (improved th styling in Reboot, custom form field styling when printing, and improvements to .text-break).
    • #29714: Keep custom check, radio, and switch theme when printing.
    • #30781: Reboot's th updates: Inherit font-weight: bold that comes from user agent stylesheets.
    • #30932: .text-break changes to drop overflow-wrap and use word-wrap once again
    • #31754: Improve versions page rendering (also reversed the order while I was here)
  • #31846: Backports the z-index change to .close buttons in dismissible .alerts.

  JS

  • #31000: Avoid multiple change event trigger in buttons plugin. Not applicable to v5 since our button JS plugin has been mostly replaced with pure CSS.
  • #31673: Fix dropdown variable always evaluating to true.
  • #31696: Ensure hidePrevented.bs.modal can be prevented.
  • #31718: Backports new $dropdown-padding-x variable from v5.

  Docs

  • #30811: Mention GPU acceleration fix in docs callout for popovers. Doesn't apply to v5 since we're updating to Popper v2.
  • #30838: Explain the dispose method more appropriately.
  • #31706: Backports updated margins for code snippets for improved readability.
  • #31769: Backports JS bundle guidance from v5.
  • #31851: Backports mention of missing to and nextwhenvisible methods.

  Misc

  • #31297: Switch to xo ESLint config
  • Updated devDependencies versions

from bootstrap GitHub release notes

Commit messages

Package name: bootstrap

• 6ffb0b4 Release v4.6.0. (#32726)
• 9d87bd7 Backport #32037 (#32833)
• 9c4abcc Backport #32759 (#32832)
• d2477ab Backport #32760 (#32827)
• ee282af Docs: Sass implementation and rounding precision (#32791)
• 87e42ce Lighten disabled dropdown text to $gray-500
• 5a17956 Backport #32469 and #32799
• 05a108b Document some basic code conventions for us (#32778)
• ec1d745 CI: change Node.js to `14` (#32796)
• d674c33 Backport #32795 (#32809)
• 80aefd8 Remove role="button" from CTA links in carousel example (#32789)
• 2ed7504 Update devDependencies
• aeccf0e Stylelint: disallow some property values (#32756)
• 17521ed Mention stretched-link constraints with table elements (#32761)
• da45817 GitHub Actions cleanup (#32755)
• 67c2f2c Darken dropdown item hover style
• e7cbb59 Consistently use outline:0 rather than outline:none
• dfe4810 Suppress focus outline for buttons when it shouldn't be visible in Chromium
• 4e6c981 Remove old/unnecessary reboot bug fix
• 2e8f70f Backport #32737
• 0f1069a Update karma config
• f8da510 karma: run tests in parallel
• 37186db docs: add v5.0 in versions (#32728)
• 6b788ac Update devDependencies

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs