Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade axe-core from 4.8.4 to 4.9.1 #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

wingn8t
Copy link
Owner

@wingn8t wingn8t commented Jun 14, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade axe-core from 4.8.4 to 4.9.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 38 versions ahead of your current version.

  • The recommended version was released on a month ago.

Release notes
Package name: axe-core
  • 4.9.1 - 2024-05-06

    This release addresses a number of false positives, which may result in fewer issues reported. It also prevents a problem where axe-core wouldn't load on pages due to a conflict with a long-ago deprecated javascript library.

    Bug Fixes

    • Prevent errors when loading axe in a page with prototype.js
    • aria-allowed-attr: allow meter role allowed aria-* attributes on meter element (#4435) (7ac6392)
    • aria-allowed-role: add gridcell, separator, slider and treeitem to allowed roles of button element (#4398) (4788bf8)
    • aria-roles: correct abstract roles (types) for aria-roles(#4421)
    • aria-valid-attr-value: aria-controls & aria-haspopup incomplete (#4418)
    • fix building axe-core translation files with region locales (#4396) (5c318f3), closes #4388
    • invalidrole: allow upper and mixed case role names (#4358) (105016c), closes #2695
    • isVisibleOnScreen: account for position: absolute elements inside overflow container (#4405) (2940f6e), closes #4016
    • label-content-name-mismatch: better dismiss and wysiwyg symbolic text characters (#4402)
    • region: Decorative images ignored by region rule (#4412)
    • target-size: ignore descendant elements in shadow dom (#4410) (6091367)
    • target-size: pass for element that has nearby elements that are obscured (#4422) (3a90bb7), closes #4387
  • 4.9.1-canary.f584e8e - 2024-05-17
  • 4.9.1-canary.ed1c874 - 2024-06-04
  • 4.9.1-canary.ebb1b95 - 2024-05-06
  • 4.9.1-canary.e32f803 - 2024-06-04
  • 4.9.1-canary.db4ec05 - 2024-06-04
  • 4.9.1-canary.d3db593 - 2024-06-03
  • 4.9.1-canary.c9d4bc9 - 2024-05-13
  • 4.9.1-canary.ae320fa - 2024-06-04
  • 4.9.1-canary.79f0908 - 2024-05-13
  • 4.9.1-canary.7844c7c - 2024-05-06
  • 4.9.1-canary.68bae74 - 2024-06-06
  • 4.9.1-canary.6699ee4 - 2024-05-23
  • 4.9.1-canary.3f13aa1 - 2024-05-20
  • 4.9.1-canary.3ef9353 - 2024-06-13
  • 4.9.1-canary.3d36f97 - 2024-05-07
  • 4.9.1-canary.23b43dc - 2024-06-13
  • 4.9.1-canary.070bc01 - 2024-06-04
  • 4.9.1-canary.00b9fba - 2024-05-08
  • 4.9.1-canary.2481379 - 2024-06-07
  • 4.9.0 - 2024-03-25

    Features

    Bug Fixes

    • Add LICENSE-3RD-PARTY.txt file (#4304) (daa0fe6)
    • add Object.values polyfill for node <=6 (#4274) (5eb867b)
    • aria-required-children: avoid confusing aria-busy message in failures (#4347) (591607d), closes #fail13 #4340
    • avoid reading element-specific node properties of non-element node types (#4317) (b853b18), closes #4316 #4316
    • color-contrast: handle text that is outside overflow: hidden ancestor (#4357) (bdb7300), closes #4253
    • color-contrast: support color blend modes hue, saturation, color, luminosity (#4365) (7ae4761)
    • d.ts: RawNodesResult issues (#4229) (d660518)
    • d.ts: RunOptions.reporter can be any string (#4218) (e53f5c5)
    • i18n: update Italian translations (#4377) (4d65d4b)
    • listitem: clarify roleNotValid message (#4374) (0f8a9af)
    • scrollable-region-focusable: missing wcag213 tag (#4201) (0080a72)
    • target-size: always pass 10x targets (avoid perf bottleneck) (#4376) (be327c4)
    • target-size: do not crash for nodes with many overlapping widgets (#4373) (1dbea83), closes #4359 #4359 #4360
    • utils/get-selector: ignore 'xmlns' attribute when generating a selector (#4303) (938b411)
  • 4.9.0-canary.f89c13b - 2024-03-25
  • 4.9.0-canary.ef1e09d - 2024-04-29
  • 4.9.0-canary.eac8223 - 2024-04-29
  • 4.9.0-canary.9ecf596 - 2024-04-10
  • 4.9.0-canary.7ac6392 - 2024-05-01
  • 4.9.0-canary.75b0c11 - 2024-04-15
  • 4.9.0-canary.61cbf30 - 2024-04-24
  • 4.9.0-canary.5c5ede0 - 2024-04-26
  • 4.9.0-canary.5c318f3 - 2024-04-10
  • 4.9.0-canary.56e139a - 2024-04-15
  • 4.9.0-canary.4788bf8 - 2024-04-05
  • 4.9.0-canary.44e39ec - 2024-04-10
  • 4.9.0-canary.3a90bb7 - 2024-04-23
  • 4.9.0-canary.2940f6e - 2024-04-15
  • 4.9.0-canary.19bde94 - 2024-05-02
  • 4.9.0-canary.08ddcbc - 2024-04-22
  • 4.9.0-canary.6091367 - 2024-04-23
  • 4.8.4 - 2024-02-07

    This release should not result in different issue numbers. For TypeScript users, an error in type definitions has been corrected. This release could require a correction to how axe-core types are used. This release may change selectors on elements with the xmlns attribute, as the selectors axe-core prosed with those was invalid. Deduplication based on selectors between this and and prior versions of axe-core can fail because of this change.

    Bug Fixes

    • Add LICENSE-3RD-PARTY.txt file (#4304) (139c553)
    • avoid reading element-specific node properties of non-element node types (#4317) (a2a6935), closes #4316 #4316
    • d.ts: RawNodesResult issues (#4229) (f105266)
    • d.ts: RunOptions.reporter can be any string (#4218) (80de793)
    • utils/get-selector: ignore 'xmlns' attribute when generating a selector (#4303) (8c68546)
from axe-core GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade axe-core from 4.8.4 to 4.9.1.

See this package in npm:
axe-core

See this project in Snyk:
https://app.snyk.io/org/wingn8t/project/f3169c74-73f1-4787-9ef2-e1386736ba14?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment