Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade select2 from 4.0.7 to 4.0.13 #2

Open
wants to merge 1 commit into
base: 2.x
Choose a base branch
from
Open

[Snyk] Upgrade select2 from 4.0.7 to 4.0.13 #2

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade select2 from 4.0.7 to 4.0.13.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 6 versions ahead of your current version.
  • The recommended version was released 2 years ago, on 2020-01-28.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Cross-site Scripting (XSS)
SNYK-JS-SELECT2-456562		 519/1000
Why? Has a fix available, CVSS 6.1		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: select2
  • 4.0.13 - 2020-01-28

    New features / improvements

    • Trigger input event before change events (#4649)
    • Feed back the keypress code that was responsible for the 'close' event (#5513)
    • Only trigger selection:update once on DOM change events (#5734)

    Bug fixes

    • Prevent opening of disabled elements (#5751)

    Documentation

    • Fix "edit this page" links in docs (#5689)

    Miscellaneous

    Select2 is a looking for sponsors to keep development active. Interested in seeing Select2 continue to be developed? Sponsor @ kevin-brown (and by extension, Select2) on GitHub Sponsors or sponsor Select2 on Open Collective!

  • 4.0.12 - 2019-11-06

    Bug fixes

    • Fixes incorrect offset when using the Shadow DOM and styling the <html> element (#5682)

    Miscellaneous

    • Replace cdnjs with jsDelivr in the documentation (#5687)
    • Fix incorrect provider for the automated NPM deployment (#5686)

    Select2 is a looking for sponsors to keep development active. Interested in seeing Select2 continue to be developed? Sponsor @ kevin-brown (and by extension, Select2) on GitHub Sponsors!

  • 4.0.11 - 2019-10-13

    Bug fixes

    • Fixes jQuery migrate error when getting offset when dropdownParent not in document (#5584)

    Miscellaneous

    • Enable GitHub actions for CI (#5591)
    • Documentation has been moved into and is deployed from the code repository (#5638)
    • Remove Travis CI integration (#5665)
  • 4.0.10 - 2019-08-28

    New features / improvements

    • Support passing in a selector for dropdownParent option (#5622)

    Bug fixes

    • Fix bug where dropdowns pointing upwards were incorrectly positioned (#5621)
  • 4.0.9 - 2019-08-22

    New features / improvements

    • Mirror disabled state through aria-disabled on selection (#5579)
    • Select2 now clears the internal ID when it is destroyed (#5587)
    • Set the main ARIA 1.1 roles and properties for comboboxes (#5582)
    • The language option now has a clearly defined fallback chain (#5602)

    Bug fixes

    • Do not propagate click when search box is not empty (#5580)
    • Fix maximumSelectionLength being ignored by closeOnSelect (#5581)
    • Fix generated options not receiving result IDs (#5586)
    • Remove selection title attribute if text is empty (#5589)
    • Reposition dropdown whenever items are selected (#5590)
    • Fix dropdown positioning when displayed above with messages (#5592)
    • Fix search box expanding width of container (#5595)
    • allowClear no longer shifts selections to a new line (#5603)

    Translations

    • Fix error in German translations (#5604)

    Miscellaneous

    • Updated development grunt version so it no longer shows as vulnerable (#5597)
    • Remove unused variables (#5554)
  • 4.0.8 - 2019-07-21

    New features / improvements

    • Test against and fix compatibility with jQuery 3.4.1 (#5531)
    • Results respect disabled state of <option> (#5560)
    • Add computedstyle option for calculating the width (#5559)

    Bug fixes

    • Fix tag creation being broken in 4.0.7 (#5558)
    • Fix infinite scroll when the scrollbar is not visible (#5575)
    • Revert change to focusing behaviour in 4.0.6 (#5576)

    Translations

    • Fix wording in French translations (#5521)

    Miscellaneous

    • Update grunt-contrib-qunit to latest version (#5530)
    • Removed unused .select2-selection__placeholder CSS definitions for multiple selects (#5508)
    • Remove deprecated jQuery shorthand (#5564)
  • 4.0.7 - 2019-05-14

    New features/improvements

    • Do not close on select if Ctrl or Meta (Cmd) keys being held (#5222)

    Bug fixes

    • Fixed issue where single select boxes would automatically reopen when they were closed (#5490, #5492)

    Miscellaneous

    • Move almond and jquery-mousewheel to devDependencies (#5489)
from select2 GitHub release notes
Commit messages
Package name: select2
  • 45f2b83 Merge pull request #5754 from select2/develop
  • 51be56a Merge pull request #5753 from select2/release/4.0.13
  • 9fd005f Updated changelog for 4.0.13
  • 10f1540 Recompiled dist for 4.0.13
  • 3b85e4f Bump versions for 4.0.13 release
  • f34c84b Prevent opening of disabled elements (#5751)
  • e0855a2 Only trigger 'selection:update' once on DOM change events (#5734)
  • 3b69d35 Feed back the keypress code that was responsible for the 'close' even… (#5513)
  • 42364b1 Trigger 'input' event before 'change' events (#4649)
  • 77620ed Merge pull request #5741 from VSPPedro/update-readme
  • 48775d0 Merge pull request #5689 from swrobel/patch-1
  • 0c155d3 Fix Contribute link
  • 44b955a Fix "edit this page" links in docs
  • 783ad11 Merge pull request #5721 from opencollective/opencollective
  • 0177881 Added financial contributors to the README
  • d2f3937 Merge pull request #5700 from select2/kevin-brown-patch-1
  • 49f8076 Connected GitHub to Open Collective for funding
  • 5765090 Merge pull request #5698 from select2/develop
  • b73238f Merge pull request #5697 from select2/release/4.0.12
  • 1f97288 Updated changelog for 4.0.12
  • 752eabb Recompiled dist for 4.0.12
  • c94dfad Bump versions for 4.0.12 release
  • 1da125f Merge pull request #5691 from paxnovem/GH-5682
  • 69bcf1a Fix line length issue

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@github-actions
Copy link

This pull request has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
no-pr-activity
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot