Skip to content

chore(deps-dev): bump axe-core from 4.11.4 to 4.12.0 in /frontend in the npm-development group across 1 directory#488

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/npm-development-752bbde0dd
Closed

chore(deps-dev): bump axe-core from 4.11.4 to 4.12.0 in /frontend in the npm-development group across 1 directory#488
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/npm-development-752bbde0dd

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the npm-development group with 1 update in the /frontend directory: axe-core.

Updates axe-core from 4.11.4 to 4.12.0

Release notes

Sourced from axe-core's releases.

Release 4.12.0

In this release you'll find:

  1. A new aria-tab-name rule that tests role="tab" elements have an accessible name
  2. The landmark-complementary-is-top-level rule is deprecated, as ARIA no longer requires this
  3. Preparations for Element Internal support (behind a feature flag)
  4. Various other bug fixes for target-size, scrollable-region-focusable, and more

This release can see reveal new issues, as well as close out a few existing ones that might have come from false positives or the now deprecated rule.

Features

  • add gather-internals.js external script (#5099) (c61d58b), closes #5080
  • aria-allowed/prohibited-attr, aria-required-parent/children: partially support element internals role (#5080) (417b48a), closes #5039 #4259
  • axe.externalAPIs: add public api for setting elementInternal data (#5105) (63bab8f)
  • core: expose normalizeRunOptions (#4998) (b8e6a59)
  • expose axe.resetLocale() to restore the default locale (#5108) (c2b5292), closes #5107
  • getRules: include rule enabled state in returned objects (#5118) (75bf772), closes #5116
  • list,listitem: support element internals role (#5119) (7d9d696)
  • new-rule: check that aria-tab have an accessible name (#5001) (0d4e4e7), closes #4842
  • rules: deprecate landmark-complementary-is-top-level rules (#4992) (9e09139), closes #4950
  • utils: add getElementInternals function (#5077) (1c15f82)

Bug Fixes

  • aria-allowed-attr: restrict br and wbr elements to aria-hidden only (#4974) (c6245e7)
  • aria-conditional-attr: add support for radio (#5100) (8223c98)
  • aria-valid-attr-value: handle multiple aria-errormessage IDs (#4973) (0489e30)
  • aria: prevent getOwnedVirtual from returning duplicate nodes (#4987) (48ca955), closes #4840
  • commons/text: exclude natively hidden elements from aria-labelledby accessible name (#5076) (ea7202c), closes #4704
  • DqElement: avoid calling constructors with cloneNode (#5013) (0281fa1)
  • existing-rule: aria-busy now shows an error message for a use with unallowed children (#5017) (2067b87)
  • helpUrl: ensure axe.configure always updates the help URLs (#5114) (c4f60ff)
  • label-content-name-mismatch: match visible text with aria-label and exclude invisible text (#5096) (3a012a1)
  • locale: ensure all subtags are correctly set (#5112) (13005ed)
  • scrollable-region-focusable: clarify the issue is in safari (#4995) (4ec5211), closes WebKit#190870 WebKit#277290
  • scrollable-region-focusable: do not fail scroll areas when all content is visible without scrolling (#4993) (838707a)
  • target-size: determine offset using clientRects if target is display:inline (#5012) (a4b8091)
  • target-size: ignore position: fixed elements that are offscreen when page is scrolled (#5066) (1229a6e), closes #5065
  • target-size: ignore widgets that are inline with other inline elements (#5000) (a8dd81b)
  • utils/getAncestry: escape node name (#5079) (d1fabaa), closes #5078
  • utils: Add null check to parseCrossOriginStylesheet, closes #5074 (#5075) (f12ef32)
  • utils: update isShadowRoot to use spec-compliant custom element regex (#5059) (edc6ce2), closes #5030
Changelog

Sourced from axe-core's changelog.

4.12.0 (2026-06-01)

Features

  • add gather-internals.js external script (#5099) (c61d58b), closes #5080
  • aria-allowed/prohibited-attr, aria-required-parent/children: partially support element internals role (#5080) (417b48a), closes #5039 #4259
  • axe.externalAPIs: add public api for setting elementInternal data (#5105) (63bab8f)
  • core: expose normalizeRunOptions (#4998) (b8e6a59)
  • expose axe.resetLocale() to restore the default locale (#5108) (c2b5292), closes #5107
  • getRules: include rule enabled state in returned objects (#5118) (75bf772), closes #5116
  • list,listitem: support element internals role (#5119) (7d9d696)
  • new-rule: check that aria-tab have an accessible name (#5001) (0d4e4e7), closes #4842
  • rules: deprecate landmark-complementary-is-top-level rules (#4992) (9e09139), closes #4950
  • utils: add getElementInternals function (#5077) (1c15f82)

Bug Fixes

  • aria-allowed-attr: restrict br and wbr elements to aria-hidden only (#4974) (c6245e7)
  • aria-conditional-attr: add support for radio (#5100) (8223c98)
  • aria-valid-attr-value: handle multiple aria-errormessage IDs (#4973) (0489e30)
  • aria: prevent getOwnedVirtual from returning duplicate nodes (#4987) (48ca955), closes #4840
  • commons/text: exclude natively hidden elements from aria-labelledby accessible name (#5076) (ea7202c), closes #4704
  • DqElement: avoid calling constructors with cloneNode (#5013) (0281fa1)
  • existing-rule: aria-busy now shows an error message for a use with unallowed children (#5017) (2067b87)
  • helpUrl: ensure axe.configure always updates the help URLs (#5114) (c4f60ff)
  • label-content-name-mismatch: match visible text with aria-label and exclude invisible text (#5096) (3a012a1)
  • locale: ensure all subtags are correctly set (#5112) (13005ed)
  • scrollable-region-focusable: clarify the issue is in safari (#4995) (4ec5211), closes WebKit#190870 WebKit#277290
  • scrollable-region-focusable: do not fail scroll areas when all content is visible without scrolling (#4993) (838707a)
  • target-size: determine offset using clientRects if target is display:inline (#5012) (a4b8091)
  • target-size: ignore position: fixed elements that are offscreen when page is scrolled (#5066) (1229a6e), closes #5065
  • target-size: ignore widgets that are inline with other inline elements (#5000) (a8dd81b)
  • utils/getAncestry: escape node name (#5079) (d1fabaa), closes #5078
  • utils: Add null check to parseCrossOriginStylesheet, closes #5074 (#5075) (f12ef32)
  • utils: update isShadowRoot to use spec-compliant custom element regex (#5059) (edc6ce2), closes #5030
Commits
  • e260c7e ci: continue-on-error for text_examples (#5124)
  • 90e6c45 ci: continue-on-error for text_examples
  • 0016ef9 chore(release): v4.12.0 (#5122)
  • 1e9df5a chore(release): 4.12.0
  • 75bf772 feat(getRules): include rule enabled state in returned objects (#5118)
  • c621011 docs(check-options): fix duplicate "the" (passLength/failLength rows) (#5113)
  • f12ef32 fix(utils): Add null check to parseCrossOriginStylesheet, closes #5074 (#5075)
  • 7d9d696 feat(list,listitem): support element internals role (#5119)
  • c01a37d ci: ignore gather-internals.js from import deploy validation (#5110)
  • edc6ce2 fix(utils): update isShadowRoot to use spec-compliant custom element regex (#...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump axe-core
91ffdb2 
Bumps the npm-development group with 1 update in the /frontend directory: [axe-core](https://github.com/dequelabs/axe-core).


Updates `axe-core` from 4.11.4 to 4.12.0
- [Release notes](https://github.com/dequelabs/axe-core/releases)
- [Changelog](https://github.com/dequelabs/axe-core/blob/develop/CHANGELOG.md)
- [Commits](dequelabs/axe-core@v4.11.4...v4.12.0)

---
updated-dependencies:
- dependency-name: axe-core
  dependency-version: 4.12.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 8, 2026
@remyluslosius

remyluslosius commented Jun 11, 2026

Copy link
Copy Markdown
Contributor

@dependabot merge

This was referenced Jun 11, 2026
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
@remyluslosius

remyluslosius commented Jun 11, 2026

Copy link
Copy Markdown
Contributor

@dependabot rebase

@remyluslosius remyluslosius enabled auto-merge (squash) June 11, 2026 03:18
@dependabot @github

dependabot Bot commented on behalf of github Jun 11, 2026

Copy link
Copy Markdown
Contributor Author

Looks like axe-core is updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 11, 2026
auto-merge was automatically disabled June 11, 2026 03:20

Pull request was closed

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/frontend/npm-development-752bbde0dd branch June 11, 2026 03:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@remyluslosius