axe-core - npm Package Compare versions

Comparing version 3.0.0-alpha.4 to 3.0.0-alpha.5

bower.json

 {
   "name": "axe-core",
-  "version": "3.0.0-alpha.4",
+  "version": "3.0.0-alpha.5",
   "contributors": [
@@ -5,0 +5,0 @@ {

CHANGELOG.md

@@ -5,2 +5,14 @@ # Change Log
 
+<a name="3.0.0-alpha.5"></a>
+# [3.0.0-alpha.5](https://github.com/dequelabs/axe-core/compare/v3.0.0-alpha.4...v3.0.0-alpha.5) (2017-09-25)
+
+
+### Bug Fixes
+
+* **aria:** adding support for aria-expanded in menuitem ([#521](https://github.com/dequelabs/axe-core/issues/521)) ([b30b451](https://github.com/dequelabs/axe-core/commit/b30b451))
+* **postinstall:** use node, more conditionals ([#520](https://github.com/dequelabs/axe-core/issues/520)) ([f5b5299](https://github.com/dequelabs/axe-core/commit/f5b5299))
+* Match prerelease versions for helpUrl ([#546](https://github.com/dequelabs/axe-core/issues/546)) ([5300577](https://github.com/dequelabs/axe-core/commit/5300577))
+
+
+
 <a name="3.0.0-alpha.4"></a>
@@ -7,0 +19,0 @@ ## [3.0.0-alpha.4](https://github.com/dequelabs/axe-core/compare/v3.0.0-alpha.3...v3.0.0-alpha.4) (2017-09-08)

doc/code-submission-guidelines.md

@@ -36,3 +36,3 @@ # Code Submission Guidelines
 ```sh
-perf(color-contrast): improve speed of color contrast rules
+perf(rule): improve speed of color contrast rules
 
@@ -67,7 +67,8 @@ Use async process to compare elements without UI lockup
 The scope specifies the place of the commit change in the codebase along with the type. It could
-reference a rule name, a commons file, or anything really. E.g. `perf(color-contrast)` or
-`test(p-as-heading)`.
+reference a rule, a commons file, or anything really. E.g. `feat(rule)` or
+`test(commons/aria)`. It would help us call to out rule changes in our changelog with `rule` used as the scope.
 
 If the scope is too broad to summarize, use the type only and leave off the parentheses. E.g.
-`type: some subject`
+`type: some subject`. Keep in mind that a long scope often pushes your commit message over 100 characters.
+Brevity is helpful for everyone!
 
@@ -74,0 +75,0 @@

lib/commons/aria/index.js

@@ -527,3 +527,3 @@ var aria = commons.aria = {},
 		attributes: {
-			allowed: ['aria-posinset', 'aria-setsize']
+			allowed: ['aria-posinset', 'aria-setsize', 'aria-expanded']
 		},
@@ -530,0 +530,0 @@ owned: null,

lib/core/base/audit.js

@@ -302,3 +302,3 @@ /*global Rule, Check, RuleResult, commons: true */
 Audit.prototype._constructHelpUrls = function (previous = null) {
-	var version = axe.version.substring(0, axe.version.lastIndexOf('.'));
+	var version = (axe.version.match(/^[1-9][0-9]*\.[1-9][0-9]*/) || ['x.y'])[0];
 	this.rules.forEach(rule => {
@@ -305,0 +305,0 @@ if (!this.data.rules[rule.id]) {

package.json

 {
   "name": "axe-core",
   "description": "Accessibility engine for automated Web UI testing",
-  "version": "3.0.0-alpha.4",
+  "version": "3.0.0-alpha.5",
   "license": "MPL-2.0",
+  "engines": {
+    "node": ">=4"
+  },
   "contributors": [
@@ -55,3 +58,3 @@ {
     "prepublishOnly": "grunt build && node build/sri-update --validate",
-    "postinstall": "./bin/postinstall.sh",
+    "postinstall": "node build/utils/postinstall.js",
     "release": "standard-version"
@@ -69,2 +72,3 @@ },
     "dot": "~1.0.3",
+    "fs-extra": "^4.0.1",
     "grunt": "^1.0.1",
@@ -71,0 +75,0 @@ "grunt-babel": "^6.0.0",

sri-history.json

@@ -53,3 +53,7 @@ {
 		"axe.min.js": "sha256-BGAllCBTUJjJXw3yOPMVai2Bj+1PVaEhK2na699nI/o="
+	},
+	"2.4.1": {
+		"axe.js": "sha256-nR7Ix22wBzWJJw7bNukb3n8Bw16bvHdpGKW86+G8dU4=",
+		"axe.min.js": "sha256-xVpSddrzxbQVFp90jaOUOQGp3fwCwK4sYxYmkIU3N2c="
 	}
-}
+}

test/core/base/audit.js

@@ -155,2 +155,34 @@ /*global Audit, Rule */
 		});
+		it('understands prerelease type version numbers', function () {
+			var tempVersion = axe.version;
+			var audit = new Audit();
+			audit.addRule({
+				id: 'target',
+				matches: 'function () {return "hello";}',
+				selector: 'bob'
+			});
+
+			axe.version = '3.2.1-alpha.0';
+			audit._constructHelpUrls();
+
+			axe.version = tempVersion;
+			assert.equal(audit.data.rules.target.helpUrl,
+				'https://dequeuniversity.com/rules/axe/3.2/target?application=axeAPI');
+		});
+		it('sets x.y as version for invalid versions', function () {
+			var tempVersion = axe.version;
+			var audit = new Audit();
+			audit.addRule({
+				id: 'target',
+				matches: 'function () {return "hello";}',
+				selector: 'bob'
+			});
+
+			axe.version = 'in-3.0-valid';
+			audit._constructHelpUrls();
+
+			axe.version = tempVersion;
+			assert.equal(audit.data.rules.target.helpUrl,
+				'https://dequeuniversity.com/rules/axe/x.y/target?application=axeAPI');
+		});
 	});
@@ -157,0 +189,0 @@

New alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2148389

increased by0.11%

Lines of code

53609

increased by0.09%

Number of low supply chain risk alerts

9

decreased by-10%

Worsened metrics

Dev dependency count

31

increased by3.33%

No dependency changes