Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(release): version 4.2.0 #2886

Merged
merged 110 commits into from
Apr 26, 2021
Merged

chore(release): version 4.2.0 #2886

merged 110 commits into from
Apr 26, 2021

Conversation

WilcoFiers
Copy link
Contributor

Features

  • add axe.frameMessenger with configurable allowedOrigins (#2880) (b27bab3)
  • aria-allowed-attr: add ARIA 1.2 prohibited attrs check (#2764) (4a77e88)
  • empty-table-header: new rule to flag empty table headers (#2811) (813ee7e)
  • frame-focusable-content: new rule to test iframes with tabindex=-1 do not have focusable content (#2785) (aeb044c)
  • locale: missing translations for DE (#2704) (f312994)
  • locale: Polish translation (#2677) (c46979f)
  • nested-interactive: new rule to flag nested interactive elements (#2691) (13a7cf1)
  • role-text: add role-text rule (#2702) (7c05162)
  • setup/teardown: add functions to setup and teardown axe-core internal data, deprecate axe._tree (#2738) (9d19f24)
  • standards: add graphics roles (#2761) (22032cc)
  • standards/aria-roles: add presentational children property (#2689) (78c239c)
  • utils.getRule: add function to get rule by id (#2724) (9d0af53)
  • utils/matches: support selectors level 4 :not and :is (#2742) (21d9b0e)
  • virtual-node: add attrNames property which returns list of attribute names (#2741) (1d864b4)

Bug Fixes

  • aria-allowed-attr: error when generic elements use aria-label and aria-labelledy (#2766) (64379e1)
  • aria-required-children: allow group and rowgroup roles (#2661) (5a264e4)
  • aria-required-children: only match for roles that require children (#2703) (95de169)
  • aria-valid-attr-value: pass for aria-errormessage when aria-invalid is not set or false (#2721) (93a765c)
  • aria-valid-attr-value: report when aria-labelledby ref is not in DOM (#2723) (116eb06)
  • aria-valid-attr-value: return false when int type attribute uses invalid values (#2710) (ce9917e)
  • bypass: mark as needs review rather than failure (#2818) (bb41b3e)
  • focus-order-semantics: allow role=tooltip to pass (#2871) (dc526d8)
  • heading-order: handle iframe as first result (#2876) (33428d8)
  • respondable: Avoid message duplication with messageId (#2816) (4bd0acf)
  • respondable: work on iframes in shadow DOM (#2857) (38cad94)
  • avoid 'undefined' showing in check messages (#2779) (3beb0b1)
  • properly translate checks when building axe.js using --lang (#2848) (76545b0)
  • aria-required-parent: only match for roles that require parents (#2707) (ce8281e)
  • color-contrast: account for text client rects that start outside the parent container (#2682) (a4e4a34)
  • color-contrast-matches: do not pass empty string to getElementById (#2739) (0b0fec2)
  • frame-title: update rule description to be more descriptive (#2735) (159e25b)
  • heading-order: allow partial context to pass (#2622) (f8baee6)
  • landmark-complementary-is-top-level: allow aside inside main (#2740) (9388c96)
  • metadata: consistenct use of 'must' and 'should' (#2770) (603b612)
  • region: allow role=alertdialog as region (#2660) (b928df7)
  • select-name: fix typo in accessible name help (#2676) (6b916b9)
  • to-grid/get-headers: work with rowspan=0 (#2722) (508190b)
  • types: Add noHtml option (#2810) (c03c826)
  • utils: fix warning thrown by Webpack (#2843) (0826177), closes #2840
  • utils: remove attributes from source string (#2803) (8e8c4fa)
  • add noHtml to axe.configure (#2789) (5c8dec8)
  • do not allow postMessage with axe version of x.y.z (#2790) (5acda82)

WilcoFiers and others added 30 commits November 23, 2020 11:42
@WilcoFiers
Merge pull request #2656 from dequelabs/master
473f3b0 
chore: merge master into develop
@straker
tests: switch to karma (#2648)
e8ad3c7 
* tests: switch to karma

* add ie launcher

* increase timeout for ie11

* change basePath for ie11

* reset and use grunt file code

* packages

* finalize

* update package-lock

* lint

* put husky back

* forgot to install

* changes
@straker
fix(heading-order): allow partial context to pass (#2622)
f8baee6 
* fix(heading-order): allow partial context to pass

* fix for nested headings

* fix

* fix findindex

* ie11

* tests...

* validate level
@straker
chore: run prettier (#2659)
f2f1537 
* chore: run prettier

* fix test
@straker
fix(region): allow role=alertdialog as region (#2660)
b928df7
@straker
chore: move to single eslintrc file (#2662)
80a10ce 
* chore: move to single eslintrc file

* mocha
@straker
tests: fix flakey integreation test (#2663)
9c23d63
@straker
fix(aria-required-children): allow group and rowgroup roles (#2661)
5a264e4 
* fix(aria-required-children): allow group and rowgroup roles

* fix
@straker
tests: start server on integration test (#2664)
231eaeb 
* tests: start server when integration test

* fix?

* try this

* one more time

* windows doesnt do start without run command

* hurray windows...

* one last attempt
@straker
chore: replace phrasing elements in subtree-text (#2665)
6aab97f 
* chore: replace phrasing elements in subtree-text

* revert playground
@WilcoFiers
chore: bump packagelock for security (#2673)
7531a4f
@straker
tests: run ChromeHeadless for integration test (#2670)
a2161b2 
* tests: fix?

* asdf

* works?

* nope

* headless?

* remove options

* remove is-ci
@scurker
fix(select-name): fix typo in accessible name help (#2676)
6b916b9
@WilcoFiers @straker
chore: add PR review app yml file (#2672)
d3871e9 
* chore: add PR review app yml file

* Update PULL_REQUEST_TEMPLATE.md

* Apply suggestions from code review

Co-authored-by: Steven Lambert <2433219+straker@users.noreply.github.com>

Co-authored-by: Steven Lambert <2433219+straker@users.noreply.github.com>
@dependabot-preview
chore(deps): [security] bump ini from 1.3.5 to 1.3.7 (#2685)
4dd1354 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7. **This update includes a security fix.**
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](npm/ini@v1.3.5...v1.3.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
@WilcoFiers
docs(projects): update to current Deque project names (#2683)
e6cab06
@straker
feat(standards/aria-roles): add presentational children property (#2689)
78c239c
@zwiastunsw
feat(locale): Polish translation (#2677)
c46979f 
* feat(lang): Polish translation

Polish translation added

* feat(lang): Polish translation

missing bracket added

* feat(lang): Polish translation

fix the lang line

* feat(locale): Polish translation

minor language corrections

* feat(locale): Polish translation

minor corrections
@straker
chore: fix grunt develop (#2692)
4dfddbd
@straker
chore: split test:unit into different parts (#2693)
a089353 
* chore: split test:unit into different parts

* circle
@straker
chore: watch tests and rerun in develop (#2696)
3fd8c66
@straker
docs: update contributing guide (#2697)
e6dc79e 
* docs: update contributing guide

* fixes
@straker
chore: update eslint to include func-names and prefer-const (#2700)
f2a2ff6
@straker @WilcoFiers
feat(nested-interactive): new rule to flag nested interactive elements (
13a7cf1 
#2691)

* feat(nested-interactive): new rule to flag nested interactive elements

* Update lib/rules/nested-interactive.json

Co-authored-by: Wilco Fiers <WilcoFiers@users.noreply.github.com>

* Update lib/rules/nested-interactive.json

Co-authored-by: Wilco Fiers <WilcoFiers@users.noreply.github.com>

* fixes

* remove only

* remove log

Co-authored-by: Wilco Fiers <WilcoFiers@users.noreply.github.com>
@straker @WilcoFiers
fix(color-contrast): account for text client rects that start outside…
a4e4a34 
… the parent container (#2682)

* fix(color-contrast): account for text client rects that start otuside the parent container

* fix?

* Update lib/commons/dom/get-text-element-stack.js

Co-authored-by: Wilco Fiers <WilcoFiers@users.noreply.github.com>

Co-authored-by: Wilco Fiers <WilcoFiers@users.noreply.github.com>
@straker
fix(aria-required-children): only match for roles that require childr…
95de169 
…en (#2703)

* fix(aria-required-children): only match for roles that require children

* fix

* fix tests
@SandersAaronD @straker
docs: added information on building for locale with npm (#2713)
1c1c829 
* docs: added information on building for locale with npm

* Update README.md

Co-authored-by: Steven Lambert <2433219+straker@users.noreply.github.com>

Co-authored-by: Steven Lambert <2433219+straker@users.noreply.github.com>
@straker
docs: fix nested-interactive rule location (#2705)
f318a2c
@straker
tests: re-run tests for integration/rule html files in develop mode (#…
8c34175 
…2706)
@straker
fix(aria-required-parent): only match for roles that require parents (#…
ce8281e 
…2707)

* fix(aria-required-parent): only match for roles that require parents

* fix
dylanb and others added 17 commits March 22, 2021 10:54
@dylanb
chore:update to add product field for easier triage
939574f
@straker
chore: allow html-has-lang to run virtually (#2844)
694f93f
@straker
chore: rerun rule-description (#2847)
482cd65 
I'd totally be OK with an action to update the doc for us
@dylanb
Merge pull request #2846 from dequelabs/Issue-Template
5bf7906 
chore:update to add product field for easier triage
@straker
fix: properly translate checks when building axe.js using --lang (#2848)
76545b0
@WilcoFiers
fix(respondable): work on iframes in shadow DOM (#2857)
38cad94
@straker
chore(release): 4.1.4
8117183
@straker
Merge pull request #2865 from dequelabs/merge-master-4.1.4
f62f0cf 
chore: merge master
@dependabot-preview
chore(deps): [security] bump ini from 1.3.5 to 1.3.8 (#2869)
70d1273 
Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.8. **This update includes security fixes.**
- [Release notes](https://github.com/isaacs/ini/releases)
- [Commits](npm/ini@v1.3.5...v1.3.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
@dependabot-preview
chore(deps): [security] bump y18n from 4.0.0 to 4.0.3 (#2870)
2d33ca1 
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3. **This update includes a security fix.**
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md)
- [Commits](yargs/y18n@v4.0.0...y18n-v4.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
@straker
fix(focus-order-semantics): allow role=tooltip to pass (#2871)
dc526d8
@straker
fix(heading-order): handle iframe as first result (#2876)
33428d8
@WilcoFiers @straker
feat: add axe.frameMessenger with configurable allowedOrigins (#2880)
b27bab3 
* feat(axe.frameMessenger): api to allow custom iframe communication

* reset doc

* fixes

* fix

* tests

* chore(wip): refactor messageHandler

* add allowed origins

* rename directory

* fix ie11 window.origin

* fix build

* fix origin

* Update test/core/base/audit.js

Co-authored-by: Wilco Fiers <WilcoFiers@users.noreply.github.com>

* resolve comments

* WIP: chanages

* chore: fix up couple more minor points

* docs(api): add frameMessenger & allowedOrigins

* chore(types): add frameMessenger & allowedOrigins

* fix(allowedOrigins): consistently use http

* chore: resolve comments

* docs(API): document use with file://

* chore: minor improvements

* docs(API): recommendation not to test on file://

Co-authored-by: Steven Lambert <steven.lambert@deque.com>
Co-authored-by: Steven Lambert <2433219+straker@users.noreply.github.com>
@WilcoFiers
chore: bump chromedriver lockfile (#2881)
5011239
@WilcoFiers
refactor(locales): convert tabs to spaces (#2878)
b388eb3
@WilcoFiers
chore(release): 4.2.0
69962a3
@WilcoFiers
chore: Merge branch 'master' into release-4.2
207f352
@WilcoFiers WilcoFiers requested a review from a team as a code owner April 23, 2021 13:46
@stephenmathieson
Copy link
Member

CI failure:

1) latest axe version (4.2) rule help docs should be active:

      Uncaught AssertionError [ERR_ASSERTION]: The expression evaluated to a falsy value:

  assert(res.statusCode >= 200 && res.statusCode <= 299)

      + expected - actual

      -false
      +true
      
      at ClientRequest.<anonymous> (test/test-rule-help-version.js:15:7)
      at HTTPParser.parserOnIncomingClient [as onIncoming] (_http_client.js:565:21)
      at HTTPParser.parserOnHeadersComplete (_http_common.js:111:17)
      at TLSSocket.socketOnData (_http_client.js:451:20)
      at addChunk (_stream_readable.js:288:12)
      at readableAddChunk (_stream_readable.js:269:11)
      at TLSSocket.Readable.push (_stream_readable.js:224:10)
      at TLSWrap.onStreamRead [as onread] (internal/stream_base_commons.js:94:17)

Looks like the tests get mad when we bump the version number? 🤔

WilcoFiers
WilcoFiers commented Apr 26, 2021
View reviewed changes
Copy link
Contributor Author

@WilcoFiers WilcoFiers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Release Audit

@dylanb
Copy link
Contributor

dylanb commented Apr 26, 2021

#2843 is not reviewed for security
#2761 is not reviewed for security

@WilcoFiers how did we miss so many security reviews?

@straker
Copy link
Contributor

straker commented Apr 26, 2021

@dylanb #2843 and #2761 were both reviewed for security. 2843 had the security app checked and 2761 wasn't working so Wilco left a comment.

@stephenmathieson
Copy link
Member

stephenmathieson commented Apr 26, 2021
edited
Loading

FWIW I believe there's a bug (also a GitHub "feature") in the security review app which prevents it from working unless contributors allow edits from maintainers on their PRs. The app doesn't have write access to commits authored by non-Deque'ers, so it cannot change their statuses.

When this happens, it'd be nice if the robot would let us know (by placing a comment on the PR or something) rather than forcing me to dig thru logs 🤷 Unfortunately I doubt I'll have any time to work on this in the near future, so it may be up to @dequelabs/axe-api-team.

Adding a try/catch here which created a comment in the catch is probably all we need.

@dylanb
Copy link
Contributor

dylanb commented Apr 26, 2021

@dylanb #2843 and #2761 were both reviewed for security. 2843 had the security app checked and 2761 wasn't working so Wilco left a comment.

#2843 does not have the security review checked

Screen Shot 2021-04-26 at 11 18 01 AM

@dylanb
Copy link
Contributor

dylanb commented Apr 26, 2021

FWIW I believe there's a bug (also a GitHub "feature") in the security review app which prevents it from working unless contributors allow edits from maintainers on their PRs. The app doesn't have write access to commits authored by non-Deque'ers, so it cannot change their statuses.

When this happens, it'd be nice if the robot would let us know (by placing a comment on the PR or something) rather than forcing me to dig thru logs 🤷 Unfortunately I doubt I'll have any time to work on this in the near future, so it may be up to @dequelabs/axe-api-team.

Can someone take this on? @WilcoFiers we need to make this a priority

@straker
Copy link
Contributor

straker commented Apr 26, 2021

That's odd. The one and only commit was approved for security

image

@WilcoFiers WilcoFiers merged commit 199eed2 into master Apr 26, 2021
@WilcoFiers WilcoFiers deleted the release-4.2 branch April 26, 2021 15:50
@dylanb
Copy link
Contributor

dylanb commented Apr 26, 2021

reviewed, status not good as noted above

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@straker straker straker approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet