chore(deps): update dependency jsdom to v27

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
jsdom	16.2.2 -> 27.0.1
jsdom	14.0.0 -> 27.0.1

---

Release Notes

jsdom/jsdom (jsdom)

v27.0.1

Compare Source

• Fixed some regressions in CSS selectors. Most such regression fixes were done in a minor update of a dependency, and thus available for all fresh installs of v27.0.0. However, one related to class="" attribute changes is only possible with a new version of jsdom. (asamuzaK)

v27.0.0

Compare Source

Changes since 26.1.0

• Node.js v20 is now the minimum supported version.
• Added a variety of event constructors, even though we do not implement their associated specifications or ever fire them: BeforeUnloadEvent, BlobEvent, DeviceMotionEvent (omitting requestPermission()), DeviceOrientationEvent (omitting requestPermission()), PointerEvent, PromiseRejectionEvent, and TransitionEvent.
• Added movementX and movementY to MouseEvent. (These are from the Pointer Lock specification, the rest of which is not implemented.)
• Added customElements.getName(). (mash-graz)
• Updated the virtual console:
  • "jsdomError" events are now documented, with specific type properties and other properties that depend on the type.
  • sendTo() was renamed to forwardTo().
  • The jsdomErrors option to forwardTo() can be used to control which errors are sent to the Node.js console. This replaces the previous omitJSDOMErrors boolean option.
  • "jsdomError"s for failed XMLHttpRequest fetches are no longer emitted.
  • The values that are printed when forwarding "jsdomError"s to the Node.js console are streamlined.
• Switched our CSS selector engine from nwsapi to @asamuzakjp/dom-selector, closing over 20 selector-related bugs.
• Upgraded tough-cookie, which now considers URLs like http://localhost/ to be secure contexts (per the spec), and thus will return Secure-flagged cookies for such URLs. (colincasey)
• Upgraded cssstyle, which brings along many improvements and fixes to the CSSStyleDeclaration object and its properties.
• Updated the user agent stylesheet to be derived from the HTML Standard, instead of from an old revision of Chromium.
• Changed element.click() to fire a PointerEvent instead of a MouseEvent.
• Changed certain events to be passive by default.
• Changed the <input> element's pattern="" attribute to use the v regular expression flag, instead of u.
• Fixed many specification conformance issues with the Window object, including named properties and changing various data properties to accessor properties.
• Fixed document.createEvent() to accept a more correct set of event names.
• Fixed the ElementInternals accessibility getters and setters. (They were introduced in v23.1.0, but due to inadequate test coverage never actually worked.)
• Fixed using Object.defineProperty() on certain objects, such as HTMLSelectElement instances.
• Fixed jsdom.reconfigure({ url }) not updating document.baseURI or properties derived from it. (This regressed in v26.1.0.)
• Fixed CSS system colors, as well as the initial, inherit, and unset keywords, to resolve correctly. (asamuzaK)
• Fixed CSS display style resolution. (asamuzaK)

Changes since 27.0.0-beta.3

• Upgraded cssstyle, which brings along various CSS parsing fixes.

v26.1.0

Compare Source

• Added at least partial support for various SVG elements and their classes: <defs> (SVGDefsElement), <desc> (SVGDescElement), <g> (SVGGElement), <metadata> (SVGMetadataElement), <switch> (SVGSwitchElement), and <symbol> (SVGSymbolElement).
• Added SVGAnimatedPreserveAspectRatio and SVGAnimatedRect, including support in the reflection layer.
• Added the SVGSVGElement createSVGRect() method, and the SVGRect type (which is distinct from DOMRect.)
• Added indexed property support to HTMLFormElement.
• Updated the SVGElement viewportElement() method to correctly establish the viewport based on ancestor elements.
• Removed the now-bloated form-data dependency in favor of our own smaller implementation of multipart/form-data serialization. No functional changes are expected.
• Various performance improvements, caches, microoptimizations, and deferred object creation.

v26.0.0

Compare Source

Breaking change: canvas peer dependency requirement has been upgraded from v2 to v3. (sebastianwachter)

Other changes:

• Added AbortSignal.any(). (jdbevan)
• Added initial support for form-associated custom elements, in particular making them labelable and supporting the ElementInternals labels property. The form-associated callbacks are not yet supported. (hesxenon)
• Updated whatwg-url, adding support for URL.parse().
• Updated cssstyle and rrweb-cssom, to improve CSS parsing capabilities.
• Updated nwsapi, improving CSS selector matching.
• Updated parse5, fixing a bug around <noframes> elements and HTML entity decoding.
• Fixed JSDOM.fromURL() to properly reject the returned promise if the server redirects to an invalid URL, instead of causing an uncaught exception.

v25.0.1

Compare Source

• Updated dependencies, notably tough-cookie, which no longer prints a deprecation warning.

v25.0.0

Compare Source

This major release changes the prototype of a jsdom's EventTarget.prototype to point to the Object.prototype inside the jsdom, instead of pointing to the Node.js Object.prototype. Thus, the prototype chain of Window stays entirely within the jsdom, never crossing over into the Node.js realm.

This only occurs when runScripts is set to non-default values of "dangerously" or "outside-only", as with the default value, there is no separate Object.prototype inside the jsdom.

This will likely not impact many programs, but could cause some changes in instanceof behavior, and so out of an abundance of caution, we're releasing it as a new major version.

v24.1.3

Compare Source

• Fixed calls to postMessage() that were done as a bare property (i.e., postMessage() instead of window.postMessage()).

v24.1.2

Compare Source

• Fixed an issue with the in operator applied to EventTarget methods, e.g. 'addEventListener' in window, which only appeared in Node.js ≥22.5.0. (legendecas)
• Fixed the events fired by blur(): it no longer fires focus and focusin on the Document, and blur and focusout no longer have their relatedTarget property set. (asamuzaK)

v24.1.1

Compare Source

• Fixed selection methods to trigger the selectionchange event on the Document object. (piotr-oles)

v24.1.0

Compare Source

• Added the getSetCookie() method to the Headers class. (ushiboy)
• Fixed the creation and parsing of elements with names from Object.prototype, like "constructor" or "toString".
• Updated rweb-cssom, which can now parse additional CSS constructs.

v24.0.0

Compare Source

This release reverts our selector engine back to nwsapi. As discussed in #​3659, the performance regressions from @asamuzakjp/dom-selector turned out to be higher than anticipated. In the future, we can revisit @asamuzakjp/dom-selector after it reaches nwsapi's performance on the two real-world benchmarks provided by the community.

Since reverting to nwsapi causes several functionality regressions, e.g. removing :has() support, we've decided to make this a major version.

Additionally:

• Small fixes to edge-case behavior of the following properties: input.maxLength, input.minLength, input.size, progress.max, tableCell.colSpan, tableCell.rowSpan, tableCol.span, textArea.cols, textArea.maxLength, textArea.minLength, textArea.rows.

v23.2.0

Compare Source

This release switches our CSS selector engine from nwsapi to @asamuzakjp/dom-selector. The new engine is more actively maintained, and supports many new selectors: see the package's documentation for the full list. It also works better with shadow trees.

There is a potential of a performance regression due to this change. In our stress test benchmark, which runs most of these 273 selectors against this 128 KiB document, the new engine completes the benchmark only 0.25x as fast. However, we're hopeful that in more moderate usage this will not be a significant issue. Any help speeding up @asamuzakjp/dom-selector is appreciated, and feel free to open an issue if this has had a significant impact on your project.

v23.1.0

Compare Source

• Added an initial implementation of ElementInternals, including the shadowRoot getter and the string-valued ARIA properties. (zjffun)
• Added the string-valued ARIA attribute-reflecting properties to Element.
• Fixed history.pushState() and history.replaceState() to follow the latest specification, notably with regards to how they handle empty string inputs and what new URLs are possible.
• Fixed the input.valueAsANumber setter to handle NaN correctly. (alexandertrefz)
• Updated various dependencies, including cssstyle which contains several bug fixes.

v23.0.1

Compare Source

• Fixed the incorrect canvas peer dependency introduced in v23.0.0.

v23.0.0

Compare Source

• Node.js v18 is now the minimum supported version.
• Updated various dependencies, including whatwg-url which integrates various additions to the URL and URLSearchParams objects.

v22.1.0

Compare Source

• Added crypto.randomUUID(). (jamesbvaughan)
• Added DOMRect and DOMRectReadOnly.
• Added AbortSignal.timeout().
• Added abortSignal.throwIfAborted().
• Added support for the submitter argument to the FormData constructor. (jenseng)
• Improved getComputedStyle()'s results for color-based properties, to resolve named colors and attempt to provide initial inheritance support. (hoekz-wwt)
• Updated Window's event handler properties (e.g. oncopy, ontouchstart, etc.) to reflect the latest list from the standard.
• Fixed DOMParser-created documents to inherit their URL from the creating document.

v22.0.0

Compare Source

• Node.js v16 is now the minimum supported version.
• Removed support for running jsdom in the browser via a browserified bundle. This carried with it too much complexity, especially for our testing infrastructure, and a testing package we relied on was recently deprecated.

v21.1.2

Compare Source

• Fixed setRangeText() used on <input> and <textarea> elements to calculate the new end index correctly. (pmstss)
• Fixed pageX, pageY, offsetX, and offsetY on MouseEvents during dispatch. (jenseng)
• Upgraded nwsapi to v2.2.4, bringing along various fixes to our selector engine.

v21.1.1

Compare Source

• Fixed jsdom.reconfigure() to also adjust the URL as seen by the history API, so that e.g. history.replaceState(null, "") would not mess up the URL. (jdufresne)
• Fixed location.hash = "" to leave any # in location.href.
• Fixes a few bugs with CSS parsing by replacing cssom with rweb-cssom, since the latter is maintained. (seanparmelee)

v21.1.0

Compare Source

• Added x, y, pageX, pageY, offsetX, and offsetY to MouseEvent. (jenseng, ViniciusFXavier)
• Added support for unset with getComputedStyle(). (jsnajdr)
• Added the submitter property to SubmitEvent. (jenseng)
• Fixed MouseEvent's screenX and screenY to no longer coerce to integers, allowing fractional values. (jenseng)
• Fixed formEl.submit() to not longer fire submit events. (jenseng)
• Fixed stylesheets to no longer affect the document after their corresponding <link> is removed. (jsnajdr)
• Fixed pointer-events to inherit when used with getComputedStyle(). (jnajdr)
• Fixed <script> elements with no src="" to no longer fire load events. (t1ger2080)
• Improved getComputedStyle() to cache its results, which should make it much faster. (jsnajdr)

v21.0.0

Compare Source

A potentially-breaking bug fix:

• Fixed the window, document, location, and top properties of Window to be non-configurable. (ExE-Boss)

Other changes:

• Added support for <input type=image> submitting forms. (jenseng)
• Added the location setter to the Window object, which forwards to the location.href setter. Setting the URL is still only implemented for fragment navigations, however. (ExE-Boss)
• Fixed defer="" <script> elements that are added after DOMContentLoaded to execute, instead of being skipped.
• Fixed selectElement.selectedOptions being incorrect when optionElement.selected is set. This was a regression introduced in v20.0.1. Unfortunately this also reverts the performance improvement when appending <option> elements that was introduced then. (eps1lon)
• Fixed the self, locationbar, menubar, personalbar, scrollbars, statusbar, toolbar, frames, parent, external, length, and screen properties of Window to be replaceable: that is, setting them will override their values, instead of having the new value be ignored. (ExE-Boss)
• Fixed a few issues with JSDOM.fromURL() in the browser build of jsdom. (LungZeno)

v20.0.3

Compare Source

• Updated dependencies, notably w3c-xmlserializer, which fixes using DOMParser on XML documents containing emoji.

v20.0.2

Compare Source

• Fixed xhr.abort() to no longer give an exception when the constructed XMLHttpRequest was invalid. (whamtet)
• Fixed event.getModifierState() on MouseEvent and KeyboardEvent instances to properly consult the ctrlKey, altKey, metaKey, and shiftKey properties of the event. (juzerzarif)
• Fixed custom element creation to not be affected by any modifications to the window.customElements property. (bicknellr)

v20.0.1

Compare Source

• Improved the performance of appending <option> elements to <select> elements. (TheHound)
• Fixed location.pathname getter to not crash when the JSDOM instance was created using an opaque-path URL, including the default URL of about:blank.
• Fixed crypto.getRandomValues() to accept typed array subclasses. (sebamarynissen)
• Updated various dependency minor versions. Notably, nwsapi fixed some selectors bugs, and tough-cookie fixed some cookie bugs.

v20.0.0

Compare Source

• Node.js v14 is now the minimum supported version.
• Added crypto.getRandomValues(). (sjrd)
• Added HTMLFormControlsCollection and RadioNodeList, so formEl.elements now behaves correctly. (UndefinedBehavior)
• Added the signal option to addEventListener(). (cheap-glitch)
• Fixed the :root pseudoclass to work correctly. (hughs-ch)
• Updated parse5, bringing along some HTML parsing and serialization fixes. (fb55)

v19.0.0

Compare Source

• Changed jsdom.nodeLocation() to return undefined when used on nodes that originate via fragment parsing (e.g., via innerHTML). Previously it would return based on the node location of the fragment string, which made node locations unreliable with respect to the original document source. This restores the behavior that was present in v14.0.0, and was accidentally broken in v14.1.0. (bakkot)
• Fixed calling window.close() inside the Window's load event to no longer crash. (MattiasBuelens)

v18.1.1

Compare Source

• Fixed connectedCallback to fire in situations involving document fragments, which was broken in v18.0.1. (GrantGryczan)

v18.1.0

Compare Source

• Fixed headers.append() and headers.set() to normalize values. (MattiasBuelens)
• Fixed pageshow events to have bubbles: true and cancelable: true. (MattiasBuelens)
• Implemented the reason property on AbortSignals, along with the corresponding reason argument to abortSignal.abort() and AbortSignal.abort(). (MattiasBuelens)

v18.0.1

Compare Source

• Fixed live Ranges to update correctly after calling node.normalize(). (hgiesel)
• Fixed live Ranges to update correctly after removing child nodes. (hgiesel)
• Fixed setting inputEl.valueAsDate = null to no longer throw an exception, but instead set the value to the empty string. (simon-weimann)
• Improved performance of node insertion and node.contains(). (GrantGryczan)

v18.0.0

Compare Source

Potentially-breaking bug fixes:

• Fixed SSL certificate checking for WebSocket connections. Previously, invalid SSL certificates were always accepted; now, they properly respect the ResourceLoader's strictSSL option (which defaults to true).
• Changed the global in which almost all Promise and TypeError instances are created to be the jsdom global, not the Node.js global. This could affect any code that uses instanceof.

Other changes:

• Fixed moving an element between HTML and XML documents to reset the tagName cache, allowing it to return a lowercase value once it's in the XML document. (LucasLefevre)
• Fixed form submission to not happen when the form is invalid. (pozil)

v17.0.0

Compare Source

Breaking change: Node v12 is now the minimum supported version.

v16.7.0

Compare Source

• Added AbortSignal.abort(). (ninevra)
• Added dummy x and y properties to the return value of getBoundingClientRect(). (eiko)
• Implemented wrapping for textareaEl.value if the wrap="" attribute is specified. (ninevra)
• Changed newline normalization in <textarea>s according to recent HTML Standard updates. (ninevra)
• Fixed some bad cascade computation in getComputedStyle(). (romain-trotard)

v16.6.0

Compare Source

• Added parentNode.replaceChildren(). (ninevra)
• Fixed jsdom's handling of when code running inside the jsdom throws null or undefined as an exception. (mbest)
• Removed the dependency on the deprecated request package, in the process fixing several issues with the XMLHttpRequest implementation around header processing. Special thanks to vegardbb for completing this months-long effort!

v16.5.3

Compare Source

• Fixed infinite recursion when using MutationObservers to observe elements inside a MutationObserver callback.

v16.5.2

Compare Source

• Fixed Access-Control-Allow-Headers: * to work with XMLHttpRequest. (silviot)
• Fixed xhr.response to strip any leading BOM when xhr.responseType is "json".
• Fixed new Text() and new Comment() constructors to properly set the resulting node's ownerDocument.
• Fixed customElements.whenDefined() to resolve its returned promise with the custom element constructor, per recent spec updates. (ExE-Boss)
• Fixed parsing to ensure that <svg><template></template></svg> does not throw an exception, but instead correctly produces a SVG-namespace <template> element.
• Fixed domParser.parseFromString() to treat <noscript> elements appropriately.
• Fixed form control validity checking when the control was outside the <form> element and instead associated using the form="" attribute.
• Fixed legendEl.form to return the correct result based on its parent <fieldset>.
• Fixed optionEl.text to exclude <script> descendants.
• Fixed radio buttons and checkboxes to not fire input and change events when disconnected.
• Fixed inputEl.indeterminate to reset to its previous value when canceling a click event on a checkbox or radio button.
• Fixed the behavior of event handler attributes (e.g. onclick="...code...") when there were global variables named element or formOwner. (ExE-Boss)
• On Node.js v14.6.0+ where WeakRefs are available, fixed NodeIterator to no longer stop working when more than ten NodeIterator instances are created, and to use less memory due to inactive NodeIterators sticking around. (ExE-Boss)

v16.5.1

Compare Source

• Fixed a regression that broke customElements.get() in v16.5.0. (fdesforges)
• Fixed window.event to have a setter which overwrites the window.event property with the given value, per the specification. This fixes an issue where after upgrading to jsdom v16.5.0 you would no longer be able to set a global variable named event in the jsdom context.

v16.5.0

Compare Source

• Added window.queueMicrotask().
• Added window.event.
• Added inputEvent.inputType. (diegohaz)
• Removed ondragexit from Window and friends, per a spec update.
• Fixed the URL of about:blank iframes. Previously it was getting set to the parent's URL. (SimonMueller)
• Fixed the loading of subresources from the filesystem when they had non-ASCII filenames.
• Fixed the hidden="" attribute to cause display: none per the user-agent stylesheet. (ph-fritsche)
• Fixed the new File() constructor to no longer convert / to :, per a pending spec update.
• Fixed mutation observer callbacks to be called with the MutationObserver instance as their this value.
• Fixed <input type=checkbox> and <input type=radio> to be mutable even when disabled, per a spec update.
• Fixed XMLHttpRequest to not fire a redundant final progress event if a progress event was previously fired with the same loaded value. This would usually occur with small files.
• Fixed XMLHttpRequest to expose the Content-Length header on cross-origin responses.
• Fixed xhr.response to return null for failures that occur during the middle of the download.
• Fixed edge cases around passing callback functions or event handlers. (ExE-Boss)
• Fixed edge cases around the properties of proxy-like objects such as localStorage or dataset. (ExE-Boss)
• Fixed a potential memory leak with custom elements (although we could not figure out how to trigger it). (soncodi)

v16.4.0

Compare Source

• Added a not-implemented warning if you try to use the second pseudo-element argument to getComputedStyle(), unless you pass a ::part or ::slotted pseudo-element, in which case we throw an error per the spec. (ExE-Boss)
• Improved the performance of repeated access to el.tagName, which also indirectly improves performance of selector matching and style computation. (eps1lon)
• Fixed form.elements to respect the form="" attribute, so that it can contain non-descendant form controls. (ccwebdesign)
• Fixed el.focus() to do nothing on disconnected elements. (eps1lon)
• Fixed el.focus() to work on SVG elements. (zjffun)
• Fixed removing the currently-focused element to move focus to the <body> element. (eps1lon)
• Fixed imgEl.complete to return true for <img> elements with empty or unset src="" attributes. (strager)
• Fixed imgEl.complete to return true if an error occurs loading the <img>, when canvas is enabled. (strager)
• Fixed imgEl.complete to return false if the <img> element's src="" attribute is reset. (strager)
• Fixed the valueMissing validation check for <input type="radio">. (zjffun)
• Fixed translate="" and draggable="" attribute processing to use ASCII case-insensitivity, instead of Unicode case-insensitivity. (zjffun)

v16.3.0

Compare Source

• Added firing of focusin and focusout when using el.focus() and el.blur(). (trueadm)
• Fixed elements with the contenteditable="" attribute to be considered as focusable. (jamieliu386)
• Fixed window.NodeFilter to be per-Window, instead of shared across all Windows. (ExE-Boss)
• Fixed edge-case behavior involving use of objects with handleEvent properties as event listeners. (ExE-Boss)
• Fixed a second failing image load sometimes firing a load event instead of an error event, when the canvas package is installed. (strager)
• Fixed drawing an empty canvas into another canvas. (zjffun)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.