[Snyk] Upgrade govuk-frontend from 5.0.0 to 5.3.0 #658
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade govuk-frontend from 5.0.0 to 5.3.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Release notes
Package name: govuk-frontend
To install this version with npm, run
npm install govuk-frontend@5.3.0
. You can also find more information about how to stay up to date in our documentation.New features
Use the Password input component to help users accessibly enter passwords
The Password input component allows users to choose:
This helps users use longer and more complex passwords without needing to remember what they've already typed.
This change was introduced in pull request #4442: Create password input component. Thanks to @ andysellick for the original contribution.
Recommended changes
Update the HTML for the Character count component
We've updated the HTML for the Character count component. The component wrapper
data-module="govuk-character-count"
and its form groupclass="govuk-form-group"
are now combined as the same<div>
. The hint text used as the count message now appears directly after the<textarea>
.If you're not using Nunjucks macros, then you should:
<div>
to the component wrapper<div>
<div>
and closing</div>
tags used by the form group<textarea>
The following example shows some HTML and the difference once it’s updated.
HTML before:
HTML after:
Check your changes against the Character count example in the Design System to make sure you’ve correctly implemented them.
This change was introduced in pull request #4566: Use Character count
formGroup
as module wrapper.Remove redundant
role
attributes from elementsWe've made minor changes to the HTML of the page template, as well as the header, footer and pagination components.
You can update your HTML to remove the
role
attribute from some elements. These include the:main
role on themain
element in the templatebanner
role on theheader
element in the Header componentcontentinfo
role on thefooter
element in the Footer componentnavigation
role on thenav
element in the Pagination componentThese roles were present to support legacy browsers, such as older versions of Internet Explorer. GOV.UK Frontend no longer supports these browsers, so you can now remove these roles.
You do not need to change anything if you're using the Nunjucks versions of the page template or these components,
This change was introduced in pull request #4854: Remove redundant
role
attributes.Fixes
We've fixed an upstream issue in the cssnano npm package that caused elements with transparency to render incorrectly in Internet Explorer 11. This affected the pre-compiled CSS files in the GOV.UK Frontend npm package and GitHub releases for versions 5.0, 5.1 and 5.2. This was fixed in:
We've made fixes to GOV.UK Frontend in the following pull requests:
KeyboardEvent.key
over deprecatedKeyboardEvent.keyCode
in the Tabs componentKeyboardEvent.key
over deprecatedKeyboardEvent.keyCode
in the Button componentKeyboardEvent
properties from the Exit this Page componentIn this release, we’ve adjusted our responsive type scale, which is available behind a feature flag. The type scale change is to make text easier to read on smaller screens. We’ve also deprecated the
useTudorCrown
parameter.To install this version with npm, run
npm install govuk-frontend@5.2.0
. You can also find more information about how to stay up to date in our documentation.New features
We've adjusted our responsive type scale
We've made the following adjustments to our responsive type scale:
To enable these changes, set the feature flag variable
$govuk-new-typography-scale
totrue
before you import GOV.UK Frontend in your Sass files:If your service uses custom elements made using GOV.UK Frontend, test your service against the new typography scale to assess if you need to make any adjustments.
You can read more on upgrading your service to the new type scale in our upgrade guide.
This change was introduced in pull request #2421: Adjust the responsive type scale
Insert custom HTML into component form group wrappers
You can now insert custom HTML into form group wrappers for all components with form fields.
This change was introduced in pull request #4567: Add
beforeInput(s)
andbeforeInput(s)
options to form groups.Deprecated features
Stop using the
useTudorCrown
parameter in the Heading componentThe rollout for the revised GOV.UK logo has started and the Tudor crown logo is now shown by default. We’ve deprecated the
useTudorCrown
parameter and will remove it in the next major release.You can now remove the
useTudorCrown
parameter, along with any other adjustments made to display the Tudor crown logo in your service.This change was introduced in pull request #4740: Make Tudor Crown logo the default
Fixes
We've made fixes to GOV.UK Frontend in the following pull requests:
calc()
compatibility in Radios and CheckboxesRead more
Read more
Commit messages
Package name: govuk-frontend
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs