Skip to content

[Snyk] Upgrade @uswds/uswds from 3.11.0 to 3.12.0 #427

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade @uswds/uswds from 3.11.0 to 3.12.0 #427

wants to merge 1 commit into from

Conversation

jbrown-xentity
Copy link
Contributor

snyk-top-banner

Snyk has created this PR to upgrade @uswds/uswds from 3.11.0 to 3.12.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 1 version ahead of your current version.

  • The recommended version was released a month ago.

Release notes
Package name: @uswds/uswds
  • 3.12.0 - 2025-03-07

    What's new in USWDS 3.12.0

    Features

    Package A11y Breaking Markup change Description
    usa-date-picker, usa-date-range-picker - - - Enabled native JavaScript translation for date picker calendar labels. The calendar now uses the Date.toLocaleString API to automatically build translated labels based on the document's lang attribute. Thanks @ deebloo! (#5679)
    usa-in-page-navigation - - - Added the data-minimum-heading-count property to the in-page navigation component. This property hides the component when the content region does not contain the minimum number of headings. By default, this attribute hides the in-page navigation component when there are fewer than two headings in the content region.

    ✏️ Teams should customize the value of this property based on their content needs. (#6205)
    usa-tooltip - - - Enabled tooltip functionality on non-button elements. Thanks @ anmazz! (#6035)

    Bug fixes

    Package A11y Breaking Markup change Description
    usa-checkbox, usa-radio - - - Updated checkbox and radio styles so that the interactive area now matches the width of the content. Previously, the interactive area extended the full width of its container. (#6192)
    usa-in-page-navigation - - - Fixed a bug that prevented in-page navigation from scrolling to nested headings. Now, the component can smooth scroll to headings within components like card and summary box.

    ✏ Teams that use data-scroll-offset should check to make sure this change does not cause regressions in scroll behaviors. Thanks @ jhancock532! (#5878)
    uswds-core - - - Resolved Sass deprecation warnings related to the color function. This change ensures compatibility with Dart Sass 2.0.0 and eliminates the use of deprecated color functions. (#6270)
    uswds-core - - - Replaced resolve-id-refs dependency with custom JavaScript. (#6308)

    Dependencies and security

    Dependency updates

    Dependency name Previous version New version
    resolve-id-refs 0.1.0 --

    Dev dependency updates

    Dependency name Previous version New version
    @ babel/core 7.26.0 7.26.8
    @ babel/preset-env 7.26.0 7.26.8
    gulp-sass 5.1.0 6.0.0
    postcss 8.4.49 8.5.2
    sass 1.83.1 1.84.0
    sass-embedded 1.83.1 1.83.4
    sass-loader 13.3.2 16.0.4
    snyk 1.1295.0 1.1295.3
    stylelint 16.11.0 16.12.0
    typescript 5.7.2 5.7.3
    webpack 5.97.1 5.98.0

    Additional updates

    Important

    USWDS now requires a verified signature on all commits to this repository. Learn more about how to set up signature verification in our CONTRIBUTING.md file.

    Additional contributions

    • Thanks to @ aduth for making our prettier configuration more explicit. (#6269)
    • Thanks to @ szepeviktor for fixing typos. (#6251)
    • Thanks to @ jcklpe for updating broken links in the USWDS README. (#6239)
    • Thanks to @ aduth for improving the JavaScript examples in our README (#5928)
    • Thanks to @ aduth for improving our automated unit test scans (#6171)

    0 vulnerabilities in regular dependencies (dependencies for USWDS projects installed with npm install @ uswds/uswds)
    30 moderate, 26 high vulnerabilities in devDependencies (development dependencies).

    Release TGZ SHA-256 hash: 8a562ec0c24d93b7eeaeaa9056f54050054344331dd34ca96d5be161442f09cd

  • 3.11.0 - 2024-12-18

    What's new in USWDS 3.11.0

    Features

    Package A11y Breaking Markup change Description
    usa-elements - - - Removed outdated browser normalization styles. This update drops normalize support for Internet Explorer. Thanks @ aduth! (#5555)
    usa-form, usa-input-prefix-suffix, usa-input, uswds-core - - - Moved .usa-input--[width] and .usa-input-group--[width] classes out of the usa-form package. These classes are now generated in the usa-input and usa-input-prefix-suffix packages and can be used without the .usa-form parent element. Thanks @ aduth! (#6232)
    usa-table - - - Updated table header styles to be consistent across all table elements. Now, all thead th, tbody th, and tfoot th cells will all have the same visual styles. Thanks @ ajanickiv!

    ✏️ Teams should confirm that their tables display as expected. (#5986)

    Bug fixes

    Package A11y Breaking Markup change Description
    usa-button, usa-collection, usa-file-input, usa-icon-list, usa-icon, usa-input-prefix-suffix, usa-modal, usa-pagination - - Yes Replaced deprecated xlink:href references with href.

    ✏ Teams should update their markup to replace xlink:href references with href and pull in the updated loader.svg file. (#6165)
    usa-file-input Yes - - Fixed a bug that prevented screen readers from announcing the invalid file type error message. (#6168)

    ✏ Teams who support additional languages should update the error message string to match the new copy.
    usa-footer Yes - - Removed overflow: hidden from usa-footer to allow the full focus outline to show. This fix also improves horizontal alignment in the slim footer variant. Thanks @ 6TELOIV! (#6237)

    Markup changes

    MDN warns that the deprecated xlink:href attribute can stop working at any time. When referencing SVG icon sprites, teams should use href instead of the deprecated xlink:href attribute.

    <!-- usa-icon example -->
<svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
- <use xlink:href="./img/sprite.svg#close"></use>
+ <use href="./img/sprite.svg#close"></use>
</svg>

    Dependencies and security

    Dependency name Previous version New version
    @ babel/core 7.25.7 7.26.0
    @ babel/preset-env 7.25.7 7.26.0
    axe-core 4.10.0 4.10.2
    cross-spawn 7.0.3 7.0.6
    html-webpack-plugin 5.6.0 5.6.3
    mocha 10.7.3 10.8.2
    nwsapi (added via npm overrides) -- 2.2.13
    postcss 8.4.47 8.4.49
    prettier 3.3.3 3.4.2
    sass 1.79.4 1.83.0
    sass-embedded 1.79.4 1.83.0
    snyk 1.1293.1 1.1294.3
    stylelint 16.9.0 16.11.0
    typescript 5.6.2 5.7.2
    webpack 5.95.0 5.97.1

    0 vulnerabilities in regular dependencies (dependencies for USWDS projects installed with npm install @ uswds/uswds)
    29 moderate, 26 high vulnerabilities in devDependencies (development dependencies).

    Release TGZ SHA-256 hash: 1c10cd70a3c627fd14d9ee74a4071e67c4e5ba4bf14ca1c50c19c2fe5885e70a

from @uswds/uswds GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade @uswds/uswds from 3.11.0 to 3.12.0
d79995d 
Snyk has created this PR to upgrade @uswds/uswds from 3.11.0 to 3.12.0.

See this package in npm:
@uswds/uswds

See this project in Snyk:
https://app.snyk.io/org/data.gov/project/3be75de7-3443-41fe-bed6-a223b97703ed?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neilmb neilmb neilmb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jbrown-xentity @neilmb @snyk-bot