Created by: dependabot-preview[bot]
Bumps vnu-jar from 20.2.28 to 20.3.16.
Release notes
Sourced from vnu-jar's releases.
16 March 2020
First release in more than one year. This release provides a number of improvements in ARIA role checking and in CSS checking, as well as support for checking a number of HTML features that weren’t supported previously. It’s the first release to provide binary runtime images, as an alternative to the jar/war distributions. It's also the last release for which the Web-based checker will be configured to listen on all interfaces; after this release, the checker will bind by default to
127.0.0.1
— so to make the checker listen on a different address, you’ll need to specify an exact address.More: https://github.com/validator/validator/blob/master/CHANGELOG.md#20316
The files in this release provide a portable standalone version of the Nu Html Checker in a number different forms: as a Java jar file, as a Java war file, and as binary runtime images that can be used even on a system that doesn’t have Java installed.
Use the binary images and jar file either for batch checking of documents from the command line and other scripts/apps, as documented at https://validator.github.io/validator/, or as a self-contained service for browser-based checking of HTML documents over the Web—similar to https://validator.w3.org/nu/.
Use the war file to deploy the Nu Html Checker through a servlet container such as Tomcat, as documented at https://validator.github.io/validator/#servlet.
Changelog
Sourced from vnu-jar's changelog.
20.3.16
16 March 2020
- Disallow
accept-charset
values other thanUTF-8
- Disallow object[typemustmatch]
- Allow SVG feDropShadow element (from Filter Effects spec)
- Allow
loading
attribute for theimg
element (lazy loading)- Allow
rel=modulepreload
for thelink
element- Allow
integrity
attribute on link[rel=preload|modulepreload]- Allow
integrity
attribute on script[type=module]- Allow
autofocus
as a global attribute- Allow
inputmode
as a global attribute- Allow
nonce
as a global attribute- Allow
allow-downloads
in iframe[sandbox]- Allow heading content within
legend
element- Allow negated media features in
media
andsizes
attributes- Align
autocomplete
checking with current spec- CSS: Improve support for color values
- ARIA: Allow implicit roles to satisfy owned-by requirements
- ARIA: Add proper ARIA checking for the
math
element- ARIA: Align all role checking with current HTML-ARIA spec
- Add option to specify additional script for Web-based checker
- CLI: Make --errors-only option take precedence over --Werror
- CLI: Enable checking standard input as SVG or CSS
- Include binary runtime images in release (alternative to jar/war)
- Dockerfile: Switch to using binary runtime image rather than jar
- Add checker.py script to repo (for building/testing/running checker)
- Add option to bind to specific IP address (rather than all interfaces)
18.11.5
05 November 2018
- Fix bugs that can cause the command-line checker to emit broken JSON output
- Allow
dppx
andx
and units in media queries18.8.29
29 August 2018
- CSS: Allow unit-less values for stroke-width and other from-SVG props
- CSS: Bring checking up to date w/ CSS Align3; support font-display
18.7.23
23 July 2018
- Disable logging in the language detector
18.7.22
22 July 2018
... (truncated)
- Allow the
decoding
attribute for theimg
element- Allow the
allow
attribute for theiframe
element (initial support)- Align ARIA checking further with ARIA in HTML spec requirements
- Restore the language-detection feature to vnu.jar command-line checker
- Ensure vnu.jar is always runnable under Java8, even if built under Java9
Commits
-
48490ce
Prepare the 20.3.16 release. -
2d28cc5
Allow 'allow-downloads' in iframe[sandbox] -
4430974
Travis: (Re)add release uploads for OSX binaries -
7296bdb
Update htmlparser -
98480d7
Refine autocomplete checking further to match spec -
99edc79
Restrict aria-dropeffect to specified values -
ad3e5c8
Update css-validator -
522d3a4
Add workaround to allow newlines in CSP policies -
34f2044
Travis: Don’t specify JDK version for OSX build -
10bebfd
Travis: Ensure JAVA_HOME gets set for OSX build - Additional commits viewable in compare view
You can trigger a rebase of this PR by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot badge me
will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in the .dependabot/config.yml
file in this repo:
- Update frequency
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)