Skip to content
GitLab

Bump vnu-jar from 20.2.28 to 20.3.16

Merged Administrator requested to merge dependabot/npm_and_yarn/vnu-jar-20.3.16 into master

Created by: dependabot-preview[bot]

Bumps vnu-jar from 20.2.28 to 20.3.16.

Release notes

Sourced from vnu-jar's releases.

16 March 2020

First release in more than one year. This release provides a number of improvements in ARIA role checking and in CSS checking, as well as support for checking a number of HTML features that weren’t supported previously. It’s the first release to provide binary runtime images, as an alternative to the jar/war distributions. It's also the last release for which the Web-based checker will be configured to listen on all interfaces; after this release, the checker will bind by default to 127.0.0.1 — so to make the checker listen on a different address, you’ll need to specify an exact address.

More: https://github.com/validator/validator/blob/master/CHANGELOG.md#20316

The files in this release provide a portable standalone version of the Nu Html Checker in a number different forms: as a Java jar file, as a Java war file, and as binary runtime images that can be used even on a system that doesn’t have Java installed.

Use the binary images and jar file either for batch checking of documents from the command line and other scripts/apps, as documented at https://validator.github.io/validator/, or as a self-contained service for browser-based checking of HTML documents over the Web—similar to https://validator.w3.org/nu/.

Use the war file to deploy the Nu Html Checker through a servlet container such as Tomcat, as documented at https://validator.github.io/validator/#servlet.

Changelog

Sourced from vnu-jar's changelog.

20.3.16

16 March 2020

  • Disallow accept-charset values other than UTF-8
  • Disallow object[typemustmatch]
  • Allow SVG feDropShadow element (from Filter Effects spec)
  • Allow loading attribute for the img element (lazy loading)
  • Allow rel=modulepreload for the link element
  • Allow integrity attribute on link[rel=preload|modulepreload]
  • Allow integrity attribute on script[type=module]
  • Allow autofocus as a global attribute
  • Allow inputmode as a global attribute
  • Allow nonce as a global attribute
  • Allow allow-downloads in iframe[sandbox]
  • Allow heading content within legend element
  • Allow negated media features in media and sizes attributes
  • Align autocomplete checking with current spec
  • CSS: Improve support for color values
  • ARIA: Allow implicit roles to satisfy owned-by requirements
  • ARIA: Add proper ARIA checking for the math element
  • ARIA: Align all role checking with current HTML-ARIA spec
  • Add option to specify additional script for Web-based checker
  • CLI: Make --errors-only option take precedence over --Werror
  • CLI: Enable checking standard input as SVG or CSS
  • Include binary runtime images in release (alternative to jar/war)
  • Dockerfile: Switch to using binary runtime image rather than jar
  • Add checker.py script to repo (for building/testing/running checker)
  • Add option to bind to specific IP address (rather than all interfaces)

18.11.5

05 November 2018

  • Fix bugs that can cause the command-line checker to emit broken JSON output
  • Allow dppx and x and units in media queries

18.8.29

29 August 2018

  • CSS: Allow unit-less values for stroke-width and other from-SVG props
  • CSS: Bring checking up to date w/ CSS Align3; support font-display

18.7.23

23 July 2018

  • Disable logging in the language detector

18.7.22

22 July 2018

  • Allow the decoding attribute for the img element
  • Allow the allow attribute for the iframe element (initial support)
  • Align ARIA checking further with ARIA in HTML spec requirements
  • Restore the language-detection feature to vnu.jar command-line checker
  • Ensure vnu.jar is always runnable under Java8, even if built under Java9
... (truncated)
Commits
  • 48490ce Prepare the 20.3.16 release.
  • 2d28cc5 Allow 'allow-downloads' in iframe[sandbox]
  • 4430974 Travis: (Re)add release uploads for OSX binaries
  • 7296bdb Update htmlparser
  • 98480d7 Refine autocomplete checking further to match spec
  • 99edc79 Restrict aria-dropeffect to specified values
  • ad3e5c8 Update css-validator
  • 522d3a4 Add workaround to allow newlines in CSP policies
  • 34f2044 Travis: Don’t specify JDK version for OSX build
  • 10bebfd Travis: Ensure JAVA_HOME gets set for OSX build
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

  • Update frequency
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)