Release v5.3.0 (#38657)

* Bump version to 5.3.0 * Dist
2025-08-20 20:31:26 +02:00 · 2023-05-30 18:15:55 +03:00
parent 08dff5e8a4
commit 60098ac499
103 changed files with 594 additions and 610 deletions
--- a/dist/js/bootstrap.js
+++ b/dist/js/bootstrap.js
@@ -1,5 +1,5 @@
 /*!
-  * Bootstrap v5.3.0-alpha3 (https://getbootstrap.com/)
+  * Bootstrap v5.3.0 (https://getbootstrap.com/)
  * Copyright 2011-2023 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors)
  * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
  */
@@ -330,6 +330,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -608,6 +609,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Class definition
   */
@@ -660,11 +662,12 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */

-  const VERSION = '5.3.0-alpha2';
+  const VERSION = '5.3.0';

  /**
   * Class definition
@@ -727,6 +730,7 @@
   * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
   * --------------------------------------------------------------------------
   */
+
  const getSelector = element => {
    let selector = element.getAttribute('data-bs-target');
    if (!selector || selector === '#') {
@@ -815,6 +819,7 @@
   * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
   * --------------------------------------------------------------------------
   */
+
  const enableDismissTrigger = (component, method = 'hide') => {
    const clickEvent = `click.dismiss${component.EVENT_KEY}`;
    const name = component.NAME;
@@ -840,6 +845,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -914,6 +920,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -977,6 +984,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -1096,6 +1104,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -1468,6 +1477,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -1701,6 +1711,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -2068,6 +2079,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -2192,6 +2204,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -2290,6 +2303,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -2387,6 +2401,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -2691,6 +2706,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -2921,34 +2937,6 @@
   * --------------------------------------------------------------------------
   */

-  const uriAttributes = new Set(['background', 'cite', 'href', 'itemtype', 'longdesc', 'poster', 'src', 'xlink:href']);
-
-  /**
-   * A pattern that recognizes a commonly useful subset of URLs that are safe.
-   *
-   * Shout-out to Angular https://github.com/angular/angular/blob/12.2.x/packages/core/src/sanitization/url_sanitizer.ts
-   */
-  const SAFE_URL_PATTERN = /^(?:(?:https?|mailto|ftp|tel|file|sms):|[^#&/:?]*(?:[#/?]|$))/i;
-
-  /**
-   * A pattern that matches safe data URLs. Only matches image, video and audio types.
-   *
-   * Shout-out to Angular https://github.com/angular/angular/blob/12.2.x/packages/core/src/sanitization/url_sanitizer.ts
-   */
-  const DATA_URL_PATTERN = /^data:(?:image\/(?:bmp|gif|jpeg|jpg|png|tiff|webp)|video\/(?:mpeg|mp4|ogg|webm)|audio\/(?:mp3|oga|ogg|opus));base64,[\d+/a-z]+=*$/i;
-  const allowedAttribute = (attribute, allowedAttributeList) => {
-    const attributeName = attribute.nodeName.toLowerCase();
-    if (allowedAttributeList.includes(attributeName)) {
-      if (uriAttributes.has(attributeName)) {
-        return Boolean(SAFE_URL_PATTERN.test(attribute.nodeValue) || DATA_URL_PATTERN.test(attribute.nodeValue));
-      }
-      return true;
-    }
-
-    // Check if a regular expression validates the attribute.
-    return allowedAttributeList.filter(attributeRegex => attributeRegex instanceof RegExp).some(regex => regex.test(attributeName));
-  };
-
  // js-docs-start allow-list
  const ARIA_ATTRIBUTE_PATTERN = /^aria-[\w-]*$/i;
  const DefaultAllowlist = {
@@ -2986,6 +2974,28 @@
  };
  // js-docs-end allow-list

+  const uriAttributes = new Set(['background', 'cite', 'href', 'itemtype', 'longdesc', 'poster', 'src', 'xlink:href']);
+
+  /**
+   * A pattern that recognizes URLs that are safe wrt. XSS in URL navigation
+   * contexts.
+   *
+   * Shout-out to Angular https://github.com/angular/angular/blob/15.2.8/packages/core/src/sanitization/url_sanitizer.ts#L38
+   */
+  // eslint-disable-next-line unicorn/better-regex
+  const SAFE_URL_PATTERN = /^(?!javascript:)(?:[a-z0-9+.-]+:|[^&:/?#]*(?:[/?#]|$))/i;
+  const allowedAttribute = (attribute, allowedAttributeList) => {
+    const attributeName = attribute.nodeName.toLowerCase();
+    if (allowedAttributeList.includes(attributeName)) {
+      if (uriAttributes.has(attributeName)) {
+        return Boolean(SAFE_URL_PATTERN.test(attribute.nodeValue));
+      }
+      return true;
+    }
+
+    // Check if a regular expression validates the attribute.
+    return allowedAttributeList.filter(attributeRegex => attributeRegex instanceof RegExp).some(regex => regex.test(attributeName));
+  };
  function sanitizeHtml(unsafeHtml, allowList, sanitizeFunction) {
    if (!unsafeHtml.length) {
      return unsafeHtml;
@@ -3020,6 +3030,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -3155,6 +3166,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -3666,6 +3678,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -3746,6 +3759,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -3924,11 +3938,11 @@
        if (!anchor.hash || isDisabled(anchor)) {
          continue;
        }
-        const observableSection = SelectorEngine.findOne(anchor.hash, this._element);
+        const observableSection = SelectorEngine.findOne(decodeURI(anchor.hash), this._element);

        // ensure that the observableSection exists & is visible
        if (isVisible(observableSection)) {
-          this._targetLinks.set(anchor.hash, anchor);
+          this._targetLinks.set(decodeURI(anchor.hash), anchor);
          this._observableSections.set(anchor.hash, observableSection);
        }
      }
@@ -4005,6 +4019,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -4266,6 +4281,7 @@
   * --------------------------------------------------------------------------
   */

+
  /**
   * Constants
   */
@@ -4448,6 +4464,7 @@
   * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
   * --------------------------------------------------------------------------
   */
+
  const index_umd = {
    Alert,
    Button,