jQuery 3.5.0 Released!

Posted on by

jQuery 3.5.0 has been released! As usual, the release is available on our cdn and the npm package manager. Other third party CDNs will probably have it soon as well, but remember that we don’t control their release schedules and they will need some time.

We hope you’re staying healthy and safe while so many of us are stuck at home. With a virus ravaging the planet, we realize that jQuery may not be a high priority for you or the sites you manage. When you do have a moment, we recommend that you review this new version and upgrade.

Security Fix

The main change in this release is a security fix, and it’s possible you will need to change your own code to adapt. Here’s why: jQuery used a regex in its jQuery.htmlPrefilter method to ensure that all closing tags were XHTML-compliant when passed to methods. For example, this prefilter ensured that a call like jQuery("<div class='hot' />") is actually converted to jQuery("<div class='hot'></div>"). Recently, an issue was reported that demonstrated the regex could introduce a cross-site scripting (XSS) vulnerability.

The HTML parser in jQuery <=3.4.1 usually did the right thing, but there were edge cases where parsing would have unintended consequences. The jQuery team agreed it was necessary to fix this in a minor release, even though some code relies on the previous behavior and may break. The jQuery.htmlPrefilter function does not use a regex in 3.5.0 and passes the string through unchanged.

If you absolutely need the old behavior, using the latest version of the jQuery migrate plugin provides a function to restore the old jQuery.htmlPrefilter. After including the plugin you can call jQuery.UNSAFE_restoreLegacyHtmlPrefilter() and jQuery will again ensure XHTML-compliant closing tags.

However, to sanitize user input properly, we also recommend using dompurify with the SAFE_FOR_JQUERY option to sanitize HTML from a user. If you don’t need the old behavior, but would still like to sanitize HTML from a user, dompurify should be used without the SAFE_FOR_JQUERY option, starting in jQuery 3.5.0. For more details, please see the 3.5 Upgrade Guide.

Features

With what we call “positional selectors” being deprecated and slated for removal in jQuery 4.0, we’ve added the last two necessary replacement methods. Specifically, we’ve added the .even() and .odd() methods to replace the :even and :odd selectors. With these methods in place, we can safely remove these overly complicated selectors in jQuery 4.0.

Another small feature that we’ve added to this release is the ability to add a context to jQuery.globalEval. This was done as part of fixing a bug with script execution in iframes.

Fixes

One bug worth highlighting is a bug we fixed in the Ajax script transport. jQuery used to evaluate any response to a request for a script as a script, which is not always the desired behavior. This is different than other data types where such a convention was fine (e.g. in the case of JSON). jQuery 3.5.0 will now only evaluate successful HTTP responses.

Other bug fixes and improvements include performance improvements in Sizzle, support for massive arrays in jQuery.map, using the native .flat() method where supported, a fix for syntax errors in the AMD modules, several improvements to our testing infrastructure, and more. You’ll find the full changelog below.

Deprecations

It wouldn’t be a jQuery release without some deprecations. In jQuery 3.5.0, we’ve put jQuery.trim on the list. JavaScript’s own String.prototype.trim() is an easy replacement for it.

We’ve also put AJAX event aliases on the list, they can be replaced by .on("ajaxStart", …) and the like. jQuery Migrate will warn about these now-deprecated methods, but they’ll stick around until jQuery 4.0.

Upgrading

Aside from the change to no longer ensure XHTML-compliant tags for you, we do not expect other compatibility issues when upgrading from a jQuery 3.0+ version. To upgrade, have a look at the new 3.5 Upgrade Guide. If you haven’t yet upgraded to jQuery 3+, first have a look at the 3.0 Upgrade Guide.

The jQuery Migrate plugin will help you to identify compatibility issues in your code. Please try out this new release and let us know about any issues you experienced.

If you can’t yet upgrade to 3.5+, Daniel Ruf has kindly provided patches for previous jQuery versions.

Download

You can get the files from the jQuery CDN, or link to them directly:

https://code.jquery.com/jquery-3.5.0.js

https://code.jquery.com/jquery-3.5.0.min.js

You can also get this release from npm:

npm install jquery@3.5.0

Slim build

Sometimes you don’t need ajax, or you prefer to use one of the many standalone libraries that focus on ajax requests. And often it is simpler to use a combination of CSS and class manipulation for web animations. Along with the regular version of jQuery that includes the ajax and effects modules, we’ve released a “slim” version that excludes these modules. The size of jQuery is very rarely a load performance concern these days, but the slim build is about 6k gzipped bytes smaller than the regular version. These files are also available in the npm package and on the CDN:

https://code.jquery.com/jquery-3.5.0.slim.js

https://code.jquery.com/jquery-3.5.0.slim.min.js

These updates are already available as the current versions on npm and Bower. Information on all the ways to get jQuery is available at https://jquery.com/download/. Public CDNs receive their copies today, please give them a few days to post the files. If you’re anxious to get a quick start, use the files on our CDN until they have a chance to update.

Thanks

Thank you to all of you who participated in this release by submitting patches, reporting bugs, or testing, including Ahmed S. El-Afifi, Michał Gołębiowski-Owczarek, Wonseop Kim, Dave Methvin, Shashanka Nataraj, Pat O’Callaghan, Sean Robinson, Christian Oliff, Christian Wenz, and the whole jQuery team.

We also would like to thank Masato Kinugawa for helping us identify and fix the security-related issues in this release.

Changelog

Full changelog: 3.5.0

Ajax

  • Do not execute scripts for unsuccessful HTTP responses (#4250, #4655, da3dd85b)
  • Overwrite s.contentType with content-type header value, if any (#4119, 065143c2)
  • Deprecate AJAX event aliases, inline event/alias into deprecated (7a3cf9c0)

Build

  • Resolve Travis config warnings (7506c9ca)
  • Enable ESLint one-var rule for var declarations in browser code (0fdfdd82)
  • Test the no-Sizzle build on Travis (362075ae)
  • Update .mailmap & AUTHORS.txt (19f2dcba)
  • Tests: Fix custom build tests, verify on Travis; name Travis jobs (d525ae34)
  • Lint the minified jQuery file as well (#3075, 37df5cdf)
  • Make Karma work in AMD mode (46c284b1)
  • Create a `grunt custom:slim` alias for the Slim build (4cbdc745)
  • Run tests on Travis only on browsers defined in the config (471b0043)
  • Run tests on Firefox ESR as well (0a73b94a)
  • Run tests on Node.js 13 in addition to 8, 10 & 12 (64c1fcc1)
  • Drop workarounds for Node.js 6 in Gruntfile.js (9f4204ec)
  • Run tests on Travis on FirefoxHeadless as well (ad3c2efa)
  • Require strict mode in Node.js scripts via ESLint (ac2da4e6)
  • Support jquery-release –dry-run flag (c7a5e1bd)
  • Stop copying src/core.js to dist on release (#4489, 279d2e97)
  • ESLint: forbid unused function parameters (d7e13f12)
  • Fix the regex parsing AMD var-modules (#4389) (36b59c96)

Core

  • Ajax: Align nonce & global with master, fix an AMD issue (22bf701f)
  • Fire iframe script in its context, add doc param in globalEval (#4518, 3dedc3f2)
  • Deprecate jQuery.trim (#4363, 56e73e0c)
  • Use Array.prototype.flat where supported (#4320, 2f666c1d)
  • Implement .even() & .odd() to replace POS :even & :odd (409cbda7)

CSS

  • Workaround buggy getComputedStyle on table rows in IE/Edge (#4490, 6d31477a)

Data

  • Event:Manipulation: Prevent collisions with Object.prototype (#3256, 413ff796)

Docs

  • Update links to EdgeHTML issues to go through Web Archive (d72faced)
  • Convert link to Homebrew from HTTP to HTTPS (ff5a43eb)

Effect

  • Fix a unnecessary conditional statement in .stop() (#4374, 30f5c6c3)

Event

  • Use only one focusin/out handler per matching window & document (#4652, 9e15d6b4)
  • Only attach events to objects that accept data – for real (#4397, f36f6abb)

Manipulation

  • Skip the select wrapper for option elements
  • Make jQuery.htmlPrefilter an identity function (1d61fd94)

Offset

Selector

Tests

  • Blacklist one focusin test in IE (1a4f10dd)
  • Pass a number of necessary done() calls to assert.async() (5ea844f6)
  • Make the support tests pass on Firefox 4x/5x/60 (f0d5ec62)
  • Skip a “width/height on a table row with phantom borders” test in Firefox (c79e1d5f)
  • Don’t test synchronous XHR on unload in Chrome (c5b48c8c)
  • Fix offset fractions tests in Chrome for Android (0c67da4b)
  • Move Android user agent detection above iOS, put Safari last (6276cb2e)
  • Make support tests accept Safari 13 & newer (8167327f)
  • update npo.js and include unminified source instead (3654bc83)

Traversing

  • Fix contents() on object elements with children in IE (90f78b9a)
  • Fix contents() on object elements with children (#4384, 42badf34)

ESLint Joins the jQuery Foundation

Posted on by

After last week’s announcement that JSCS is merging with ESLint, this week the ESLint team is announcing that they are bringing their project to the jQuery Foundation. We are very excited to be the providers of a long-term, openly governed home for ESLint. We are also looking forward to seeing the outcomes of this new partnership with JSCS.

At the Foundation, we are constantly striving to find ways to make the development experience better for JavaScript developers. We believe both ESLint and JSCS have been leaders on this front. With these two incredibly bright teams coming together at the jQuery Foundation, we expect to see and support accelerated development of ESLint and an easier discovery and decision process for developers looking to bring JavaScript analysis, linting and code style checking to their projects.

Going forward, we hope to continue supporting innovation in the JavaScript space while at the same time, providing a suitable environment for collaboration in all aspects of the JavaScript development world. For more information about why ESLint chose the jQuery Foundation and how this impacts the teams and users involved, check out their announcement on the ESLint blog.

Community Notice on npm dependencies in your projects

Posted on by

As most of you are likely aware by now, a potentially dangerous security vulnerability was highlighted recently in the use of npm modules in your projects. In general, the jQuery Foundation still believes this is a safe and very powerful practice and in no way are we saying you should no longer use npm for package management in your JavaScript projects. What we would like to advocate is caution for our community of jQuery plugin developers and users of the many projects in the foundation who distribute packages on npm when installing a package and its dependencies.

A Quick Recap

Rather than rewrite the story, go ahead and check out the full recap and summary from npm on their blog.

The Concern

What happened next is the reason we are writing this post. Azer Koçulu published a number of packages on npm, one of which was the left-pad package which is a simple bit of code that is depended upon by many other packages. After the package was unpublished, many popular projects began having build failures due to the missing package. This is concerning in itself that anyone could unpublish a dependency you have, or a dependency of a dependency of a dependency and cause you or your team real headaches. Shortly after left-pad was unpublished, the npm team decided to un-unpublish it with a new owner to fix the many breaking builds around the internet. What is more concerning though, is the fact that once a package is unpublished, anyone can grab those package names you depend on somewhere in your dependency tree and push new, potentially malicious code into your project. In general, this wouldn’t be too bad because your package likely relies on a version that was unpublished and the new published version would not be pulled in. However, many people when installing dependencies use the commands npm i --save <package-name> or npm i --save-dev <package-name> which by default installs the latest version published at the time preceded by a ^ like ^1.0.0 which tells npm to install any updated version through minor releases the next time dependencies are updated. This means that if you reinstall or update your project and someone has pushed malicious code into a patch (1.0.1) or minor (1.1.0) release from our example, it will automatically be installed in your project.

Recommendations

Our primary recommendation is to be careful. Know what you are installing and know what your dependencies and their dependencies down the tree are installing. You should definitely go through your projects now and see if any of the modules you depend on have been unpublished as well as if any of them are on this list and have recently published new versions that you may want to avoid until you verify it is safe. Though we haven’t spoken with them directly, we are sure the folks at npm, inc. are working hard on a way to address these concerns but until then, be vigilant and keep your projects and plugins safe. We have believed for a while and continue to believe that JavaScript has been and will continue to be one of the strongest options for developing everything from your personal blog to enterprise class applications. With any technology, we will have hiccups along the way but as long as we learn from them and retain that knowledge as we continue on, JavaScript will prevail.

PEP 0.4.0

Posted on by

Today, we’re happy to announce a new release of PEP: Version 0.4.0. Notable changes include better support for module bundlers such as webpack and browserify and the inclusion of a WIP build on the CDN. The WIP build can be found at http://code.jquery.com/pep/pep-git.js but should only be used for testing (please don’t deploy the WIP build to a production site).

For full details on what’s included in this release, see the changelog.

To get started with PEP, you can get the files from npm, bower (pepjs), the jQuery CDN, or the GitHub release. Check out the samples or view the project README for more details. If you run into any issues using PEP, please file an issue or join us on IRC in #pep on freenode.

Thanks to all who helped with this release, specifically: Anders D. Johnson, Colin Snover, John-David Dalton, Jörn Zaefferer, Mike Mariano, Scott González, Stefan Neubert, Stuart P. Bentley, Will Binns-Smith.

jQuery Foundation Project Updates

Posted on by

In order to make it easier for jQuery Foundation Members and Web developers to quickly stay abreast of all our projects, we will periodically publish consolidated project updates here.

jQuery Core

Powering 2/3 of sites, jQuery is a fast, small, and feature-rich JavaScript library

Since last December’s release, the team has been hard at work on a major 3.0 release. This release – the alpha of which came out on July 8 – comes with many updates (including Promises/A+ compliant Deferreds) and bug fixes, and it finally removes some previously deprecated and underused features.

Links: download, meeting notes, full list of 3.0 changes

A big thank you to the core team and everyone who contributed – and will contribute – to the upcoming release.
Questions?  Contact Timmy Willison

globalize-mark-light (1) Globalize

JavaScript library for internationalization and localization that leverages the official Unicode CLDR JSON data.

Globalize version 1.0 was released in April and provides developers with localized number formatting and parsing, date and time formatting and parsing, relative time formatting, currency formatting, and message formatting (with pluralization and gender support) that runs in browsers and Node.js, consistently across all of them.

One exciting thing the community is focused on is the ability to compile Globalize for production. This will enable applications to generate custom runtime code that is extremely small and fast.

Links: git, mailing list,
Questions?  Contact Rafael Xavier de Souza

icn-jquerymobile-logo jQuery Mobile

Unified, HTML5-based user interface system for all popular mobile device platforms, built on the jQuery and jQuery UI foundation

The team has been heads down on version 1.5.0, which will bring numerous improvements including:

  • A new standalone enhancer module for customizable, fast declarative initialization of any javascript including jQuery widgets and plugins.
  • Improved and re-written shared with jQuery UI including button, checkboxradio, and controlgroup and the accordion widget which will replace the current collapsible and collapsible set widgets.
  • All of jQuery Mobile’s widget will now also feature the classes option for improved customizability and theming.
  • Re-written table and navbar widgets
  • Greatly improved modularity

Check out full release plans here

Links: download, meeting notes

Questions?  Contact Alexander Schmitz

Esprima

High performance, standard-compliant ECMAScript parser written in JavaScript

In March, we released Esprima 2.1.0, introducing support for several new pieces of ES6 syntax. In the mean time, a lot of work has been done to complete its ES6 support (check the roadmap). We’ve also improved the testing infrastructure and workflow to make the codebase more contributor-friendly.

Links: git, mailing list

A big thank you to all those who contributed patches to this release: Ariya Hidayat, Bei Zhang, Brandon Mills, Mike Rennie, Mike Sherov.

Questions?  Contact Ariya Hidayat

icn-ui-logo jQuery UI

Curated set of UI interactions, effects, widgets, and themes built on top of the jQuery Library.

The team released jQuery UI 1.11.4 in March, bringing bug fixes for Draggable, Resizable, Sortable, Accordion, Dialog, Slider, and Tooltip.

We are focused now on support for Pointer Events, and splitting up UI Core and old jQuery support to enable smaller builds

Links: git, meeting notes
Questions? Contact Scott González

ChassisChassis

Creating open standards for CSS libraries, JavaScript UI libraries, and web developers in general.

The team is working on its Phase One release which will involve an initial CSS Framework – this is planned for later this summer.

Work is also underway for a themeroller.

Links: git, meeting notes

Thanks to Micheal Arestad, Alexander Schmitz and Rohit Mulange

Questions?  Contact Sarah Frisk

qunitQUnit

Powerful, easy-to-use JavaScript unit testing framework

The latest release, 1.18.0, made a lot of improvements to the HTML reporter, making it more efficient to debug failures. For example, a new diff algorithm makes it easier to spot the difference in failed expected/actual assertions.

We’re currently working on the js-reporters project, which QUnit will implement, along with hopefully many other JavaScript testing frameworks and tools. The goal is to standardize an API with events and event data for test runners. A tool like Karma could then adopt a single interface instead of having to support each testing tool individually.

If you want to help moving QUnit along, check out these issues.

Links: git, meeting notes

Questions?  Contact Jörn Zaefferer

PEP

PointerEvents Polyfill: a unified event system for the web platform

PEP’s First release (0.3.0) came out in April and the the project is presently working to automate and improve the W3C test suite.

Links: git, meeting notes,

Questions?  Contact Scott González

Announcing Globalize 1.0

Posted on by

The jQuery Foundation is excited to announce the 1.0 release of the Globalize project, our internationalization (i18n) library. This release has been a long time coming and as Globalize picks up steam and gains more and more adoption every day, we are proud to finally announce the first stable release of this project. We could go on about the features and benefits of this latest release but we felt it was important that you hear it from the source. Below, Rafael Xavier, the lead for the Globalize project, details everything you need to know about the 1.0 release of Globalize and what is yet to come.

An always up-to-date, modular and simple i18n library

Allow me to skip the details and jump to the fun part. Below is what you get with Globalize today, which provides number formatting and parsing, date and time formatting and parsing, currency formatting, message formatting (ICU message format pattern with gender and pluralization support).

Date formatting and parsing

The date module provides methods that convert dates and times from their internal representations to textual form (formatting) and back again (parsing) in a language-independent manner. Your code can conveniently control the length of the formatted date, time, datetime.

locale .dateFormatter({ datetime: "medium" })( new Date() );
en "Feb 20, 2015, 12:15:00 PM"
zh "2015年2月20日 下午12:15:00"
zh-u-nu-native "二〇一五年二月二〇日 下午一二:一五:〇〇"
es "20 de feb. de 2015 12:15:00"
ar "٢٠‏/٠٢‏/٢٠١٥ ١٢،١٥،٠٠ م"

Your code can even select the fields individually, completely independent of the locale conventions. The pattern “GyMMMd” selects era in its abbreviated form, year, month in its abbreviated form, and day.

locale .dateFormatter({ skeleton "GyMMMd" })( new Date() );
en "Feb 20, 2015 AD"
zh "公元2015年2月20日"
es "20 feb. de 2015 d. C."
ar "٢٠ فبراير، ٢٠١٥ م"

 

Relative time formatting

In addition to formatting dates and times, the relative time module provides internationalized messages for date and time fields, using customary word or phrase when available.

locale, value .relativeTimeFormatter( "day" )( value );
en, -15 "15 days ago"
en, 0 "today"
en, 1 "tomorrow"

 

Number formatting and parsing

The number module provides methods that format and parse numbers. Your code can be completely independent of the locale conventions for decimal points, thousands-separators, or even the particular decimal digits used, or whether the number format is even decimal. Though, it can still conveniently control various aspects of the formatted number like the minimum and maximum fraction digits, integer padding, rounding method, display as percentage, and others.

locale .numberFormatter()( Math.PI );
en (English) "3.142"
es (Spanish) "3,142"
ar (Arabic) "٣٫١٤٢"

Formatting thousands-separators:

locale .numberFormatter()( 1000000 );
en-US (English as spoken in the United States) "1,000,000"
en-IN (English as spoken in India) "10,00,000"

Formatting percentages:

locale .numberFormatter({ style: "percent" })( 0.15 );
en (English) "15%"
es (Spanish) "15 %"
ar (Arabic) "١٥٪"

 

Currency formatting

The currency module provides methods that allow to format a currency. Your code can be completely independent of the locale conventions for which currency symbol to use, whether or not there’s a space between the currency symbol and the value, the side where the currency symbol must be placed, or even decimal digits used by particular currencies. Currencies can be displayed using symbols (the default), accounting form, 3-letter code, or plural messages.

Formatting currencies using symbols:

3-letter currency code en (English) de (German) zh (Chinese) ar (Arabic)
.currencyFormatter( "USD" )( 1 ); "$1.00" "1,00 $" "US$ 1.00" "US$ ١٫٠٠"
.currencyFormatter( "EUR" )( 1 ); "€1.00" "1,00 €" "€ 1.00" "€ ١٫٠٠"
.currencyFormatter( "CNY" )( 1 ); "CN¥1.00" "1,00 CN¥" "¥ 1.00" "ي.ص ١٫٠٠"
.currencyFormatter( "JPY" )( 1 ); "¥1" "1 ¥" "JP¥ 1" "JP¥ ١"
.currencyFormatter( "GBP" )( 1 ); "£1.00" "1,00 £" "£ 1.00" "£ ١٫٠٠"
.currencyFormatter( "BRL" )( 1 ); "R$1.00" "1,00 R$" "R$ 1.00" "R$ ١٫٠٠"

Formatting currencies in their full names:

locale .currencyFormatter( "USD", { style: "name" })( 1 );
en (English) "1.00 US dollar"
de (German) "1,00 US-Dollar"
zh (Chinese) "1.00美元"
ar (Arabic) "١٫٠٠ دولار أمريكي"

Formatting currencies in the accounting form, which, for example, in the English locale uses parens instead of the minus sign for negative numbers:

locale .currencyFormatter( "USD", { style: "accounting" })( -1 );
en (English) "($1.00)"

 

ICU message format support (with gender and pluralization support)

The message module provides methods that allow for the creation of internationalized messages, with optional arguments (variables/placeholders) allowing for simple replacement, gender and plural inflections. The arguments can occur in any order, which is necessary for translation into languages with different grammars.

Globalize.loadMessages({
  en: {
   likeIncludingMe: [
      "{count, plural,",
      "    one {You have one task remaining}",
      "  other {You have {count} tasks remaining}",
      "}"
    ]
  }
});

 

locale, count .messageFormatter( "likeIncludingMe" )({ count: count });
en, 1 "You have one task remaining"
en, 99 "You have 99 tasks remaining"

 

Built on standards

Globalize is based on the Unicode Consortium standards and specifications (UTS#35) and it uses its Common Locale Data Repository (CLDR), the largest and most extensive standard repository of locale data available. CLDR is constantly updated and is used by many large applications and operating systems, so you’ll always have access to the most accurate and up-to-date locale data.

CLDR content

Globalize needs CLDR content to function properly, although it doesn’t embed or host such content. Instead, Globalize empowers developers to load CLDR data the way they want. Vanilla CLDR in its official JSON format (no pre-processing) is expected to be provided. As a consequence, (a) Globalize avoids bugs caused by outdated i18n content. Developers can use up-to-date CLDR data directly from Unicode as soon as it’s released, without having to wait for any pipeline on our side. (b) Developers have full control over which locale coverage they want to provide on their applications. (c) Developers are able to share the same i18n dataset between Globalize and other libraries that leverage CLDR. There’s no need for duplicating data. For more information read our documentation on CLDR Usage.

Browser and Node.js Support

Globalize is systematically tested against desktop and mobile browsers and Node.js. So, using it you’ll get consistent results across the various browsers and between client and server. For more details read our Browser Support section.

Get Started

Install it and use it today. See examples for AMD + bower, or Node.js + npm, or plain JavaScript in our Usage section.

If you’re coming from Globalize 0.x, don’t panic. We’ve created a migration guide for you.

Team and Community

We’re grateful for all the support we have received, specifically from Jörn Zaefferer and Scott González for their help with the initial rewrite concept and for being constant advisors; John Emmons, Steven R. Loomis, and Mark Davis (Unicode) for their help with CLDR and UTS#35 specification questions; Alex Sexton and Eemeli Aro for their messageformat.js and make-plural.js libraries that power respectively our MessageFormat and Plural modules; and the jQuery Foundation for the community building, collaborative efforts and its continued support of Globalize and web internationalization.

We want to also thank Nebojša Ćirić, Mihai Niță, and Shanjian Li (Google); Steven Loomis, Steven Atkin, and John Emmons (IBM); Rick Waldron (Ecma-402 2nd Edition editor); Caridy Patiño and Eric Ferraiuolo (Yahoo); Christophe Jolif and Clement Mathieu (Dojo); Cameron Dutro and Kirill Lashuk (Twitter); Craig Cummings and Tex Texin (jsi18n.com); Santhosh Thottingal and Kartik Mistry (Wikipedia); Axel Hecht (Mozilla); Bruno Lewin and Daniel Goldschmidt (Microsoft); Lily Wen (Adobe); Edwin Hoogerbeets (LG); Eirik Rude (Oracle); Xiang Xu (Paypal); Iskren Chernev (moment.js); and Tingan Ho (l10ns.org) to have joined us in an effort to better coordinate the globalization (internationalization and localization) activity of the JavaScript community. If you want to get involved or read more about it, head over to the javascript-globalization@googlegroups.com mailing list or take a look at our JavaScript Globalization overview page.

Upcoming

We’re working on even more exciting features that will soon be part of Globalize. To name a few: runtime optimization and non-gregorian calendar support. So, if any of these are of your interest, make sure you chime in. Express your thoughts and your needs (e.g., which calendars you want to be supported).
We are always looking for contributors to join our team. If you want to get involved, please read the contributing guide. Your help is very welcome.

Announcing PEP 0.3.0

Posted on by

Today, we’re happy to announce the first release of PEP (jQuery Foundation’s Pointer Events polyfill) since Google transferred the Pointer Events polyfill to the jQuery Foundation. There’s more work to do in order to address changes to the Pointer Events specification and flesh out our test suite, but you can start using Pointer Events in your projects today! Other projects, like jQuery UI, jQuery Mobile, and Dojo are in the process of switching to Pointer Events with PEP.

To celebrate our first release, Alex Schmitz built a little demo which he used to show PEP working on different devices.

P drawn on desktop ChromeE drawn in Chrome on AndroidP drawn in Mobile Safari

Since the transfer, we’ve been focusing on moving over to new infrastructure to allow easier contributions and faster development. We’ve switched the tests over to using Intern and set up continuous integration with Travis CI, using BrowserStack to run the tests in all of our supported browsers. We’ve also switched away from plain file concatenation to using ES6 modules via Esperanto to make the cross-file dependencies explicit. Lastly, we’ve moved to our common release infrastructure to ensure consistent releases.

To get started with PEP, you can get the files from npm, bower (pepjs), the jQuery CDN, or the GitHub release. Check out the samples or view the project README for more details. If you run into any issues using PEP, please file an issue or join us on IRC in #pep on freenode.

Come help the jQuery Foundation

Posted on by

For many years now the jQuery team first, and then the jQuery Foundation as an organization, has helped developers all over the world to write simple, concise, and clean code that isn’t affected by all the browser incompatibilities that developers are well-accustomed to. As you know, all the jQuery Foundation projects are maintained by a group of volunteers who keep the libraries relevant and in line with modern browser APIs and issues. The team also keeps the API documentation and educational guides up to date.

In the next few months, the team will work on the several jQuery-related websites to ensure an even higher standard of quality to help millions of users write their code. There is so much to do and our resources are limited, so today we are asking you for help. Part of the team is currently focusing their attention on the Learning Center, but we appreciate help in any repository. If ever the jQuery Foundation projects have saved you work and frustration, this is the right time to give something back. There are many ways in which you can contribute, and you don’t have to be an expert developer. You can help the project by fixing issues in the code or improving the documentation. Everything counts. The jQuery Foundation welcomes contributions from anyone willing to put in the time and effort to help us and our community of users.

To learn more about how you can contribute, visit the Contribute website, sign our Contributor License Agreement and start helping. In case you can’t help us by addressing code or documentation problems but you still love our projects, you can help us by making a small donation.

Esprima 2.1 Released

Posted on by

We’ve just released Esprima 2.1.0! This release introduces support for several new pieces of ES6 syntax: Classes, Rest Parameters, Computed Property Names, let and const. See the release notes below for full details. We’ve also made various improvements to our testing infrastructure to make the codebase more contributor friendly. A big thank you to all those who contributed patches to this release: Ariya Hidayat, Bei Zhang, Brandon Mills, Mike Rennie, Mike Sherov.

While working on bringing more ES6 features to Esprima, we began collaborating with other JavaScript parsers and parser consumers to help define a community standard for JS AST generation. The result of that effort is the ESTree spec, located here: https://github.com/estree/estree. We wanted to say thank you to all who are contributing, which includes members from Esprima, the Mozilla SpiderMonkey parser, the Acorn parser, and Babel, to name a few. A full list of contributors is located here: https://github.com/estree/estree/blob/master/README.md

Expect a 2.2 release to follow in a few weeks bringing even more ES6 support. If you’d like to help contribute, we hang out in the #esprima room on Freenode IRC, and have a weekly meeting at 2PM ET on Wednesdays in #esprima-meeting on Freenode IRC as well. We look forward to seeing you there!

Release Notes

  • Support ES6 class #1001
  • Support ES6 rest parameter #1011
  • Support ES6 computed property name #1037
  • Support ES6 lexical declaration #1065
  • Expand the location of property getter, setter, and methods #1029
  • Enable TryStatement transition to a single handler #1031
  • Tolerate unclosed block comment #1041

Getting on Point

Posted on by

We’re excited to announce that the Pointer Events specification has become a W3C Recommendation! As we’ve said before, we love Pointer Events because they support all of the common input devices today – mouse, pen/stylus, and fingers – but they’re also designed in such a way that future devices can easily be added, and existing code will automatically support the new device. While reaching Recommendation status is a monumental moment, there’s still much work to do.

Pointer Events aren’t a viable solution until they’re usable in all of the browsers that developers are supporting. While that day may seem far away, the jQuery Foundation is dedicated to getting usable Pointer Events in every developer’s hands as soon as possible. We’re working on PEP, our Pointer Events polyfill that Google transferred from the Polymer project to the jQuery Foundation. PEP will be integrated into projects such as jQuery UI, jQuery Mobile, and Dojo. We’re hoping to get out our first release in the next few weeks. If you’re interested in helping out, let us know.

Microsoft is already shipping a full implementation of Pointer Events in IE11 and they had a mostly complete, prefixed implementation in IE10. Mozilla also has a full implementation for Firefox on Windows Metro, though it’s not currently enabled. Both implementation are passing 100% of the W3C Pointer Events test suite. You can follow Mozilla’s progress for all of their supported platforms on https://wiki.mozilla.org/Gecko/Touch.

Of course, the world ain’t all sunshine and rainbows. There’s still no sign that Apple will ever implement Pointer Events. Because of this, Google has decided not to ship Pointer Events in Blink, but rather to try to extend Touch Events to have the power of Pointer Events. The work to extend Touch Events is happening in the Touch Events Community Group to ensure interoperability and standardization. However, there is reasonable concern that adding several extensions to Touch Events will just result in an even more fragmented landscape, eventually worsening the situation rather than improving it. It’s not clear that Apple would implement all of these features anyway, and adding support for hover would require awkward APIs due to the logic that already exists in Touch Events. Even if the power of Pointer Events were added to Touch Events, the awkward event interface isn’t nearly as nice or easy to transition to from Mouse Events.

Despite Google’s current position, they’re willing to continually re-evaluate if shipping Pointer Events will help move the web forward. We’re hopeful that Google will reverse their decision in the future and Apple will eventually be compelled to implement Pointer Events once Safari is the only major browser without support. The Chromium issue for implementing Pointer Events is already in the the 99th percentile of all issues (open and closed) based on number of stars.

As a community, we can shape the future of the web right now. We need to stop letting Apple stifle the work of browser vendors and standards bodies. Too many times, we’ve seen browser vendors with the best intentions fall victim to Apple’s reluctance to work with standards bodies and WebKit’s dominance on mobile devices. We cannot let this continue to happen. The jQuery Foundation is dedicated to driving standards, like Pointer Events, to improve the developer experience and in turn, make the web a better, more accessible place for everyone. Together, we can push the web forward and let standards and better APIs win. We can choose Pointer Events over Touch Events. And we can do it right now, with PEP.