Update dependency vuetify to v2.6.10 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
vuetify (source)	2.5.0 -> 2.6.10

GitHub Vulnerability Alerts

CVE-2022-25873

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization in the 'eventName' function within the VCalendar component.

---

Release Notes

vuetifyjs/vuetify (vuetify)

v2.6.10

Compare Source

🔧 Bug Fixes

• VCalendar: prevent XSS from eventName function (ade1434), closes #​15757
• VDialog: don't try to focus tabindex="-1" or hidden inputs (89e3850), closes #​15745
• VMenu: disable activatorFixed when attach is enabled (#​15709) (464529a), closes #​14922
• VTextField: only show clear icon on hover or when focused (7a51ad0)
• VTextField: prevent tabbing to clear button (f8ee680), closes #​11202
• web-types: add support for VDataTable pattern slots (#​15694) (ac45c98)

🔬 Code Refactoring

• VSelect: render highlight with vnodes instead of innerHTML (4468e3c)

BREAKING CHANGES

• VCalendar: eventName function can no longer render arbitrary HTML, convert to VNodes instead.
  eventSummary can no longer be used with v-html, replace with <component :is="{ render: eventSummary }" />

v2.6.9

Compare Source

🔧 Bug Fixes

• VCalendar: add aria roles to monthly calendar (#​14640) (2cd34b4), closes #​14604
• VCalendar: forward all bound events to internal elements (#​15592) (299330c)
• VCarousel: add keys to delimiter buttons (#​15459) (8d3895b)
• VPagination: ignore invalid length values (f3f8d15), closes #​15499
• VRadio: change icon color when disabled (0cc43e2)
• VSwitch: only affect control opacity when disabled (1e0a4ad)

v2.6.8

Compare Source

🔧 Bug Fixes

• VDataTable: display header text instead of value in group headers (100053f), closes #​11516
• VItemGroup: use valueComparator when updating value (#​15395) (8bedb7c), closes #​15394
• VSimpleCheckbox: directly specify ripple directive definition (00a9668), closes #​12224

v2.6.7

Compare Source

🔧 Bug Fixes

• styles: resolve css validation errors (621f273), closes #​15320
• VDialog: focus on internal content when shown (#​14584) (ffbaae1), closes #​14581
• VInput: allow text selection in disabled inputs (#​14465) (760490d), closes #​14238
• VList: don't trigger keyboard events on disabled items (#​15339) (817df79), closes #​15322
• VOtpInput: support paste and autofill on mobile (8c67ed8), closes #​14801
• VRadio: use correct disabled color for icons (3115798)
• VSelect: allow keyboard selection of items with value 0 (969aba4), closes #​15166
• VTabs: use ResizeObserver if available (ff519c6), closes #​4733 #​10455 #​12783 #​14195 #​15316
• VTimeline: disable arrow shadow on clickable cards (27ba2c9), closes #​14193

v2.6.6

Compare Source

🔧 Bug Fixes

• locale: update catalan translations (#​15012) (2eab4f2)
• mdi-svg: update contextual icons (5918484), closes #​14327
• VOverflowBtn: make persistentPlaceholder label visible (#​15055) (002afbe), closes #​15052
• VSelect: set min-height on correct element (d41a327), closes #​15047

🔬 Code Refactoring

• VDatePicker: single split call (#​15082) (dc48652)

v2.6.5

Compare Source

🔧 Bug Fixes

• locale: add missing Finnish translations (#​14824) (f0e5889)
• locale: improve spanish translations (#​14965) (a427b96)
• selection controls: emit focus/blur events (75404fb), closes #​14862
• VCalendar: fix transparent header on category calendar (#​14725) (33002fa), closes #​14723
• VImg: accept scopedSlots (96888d5), closes #​14686
• VTreeview: independent selection inheriting parent state (#​14956) (2034df6), closes #​14955

v2.6.4

Compare Source

🔧 Bug Fixes

• VDialog/VMenu: remove duplicate toggleable mixin (860be6b), closes #​14719
• VPagination: get available width before initial mount (472bbb4), closes #​14590
• VSelect: update menu position on selection change (5974a84), closes #​14688

v2.6.3

Compare Source

🔧 Bug Fixes

• VCalendar: use theme background color for categories (#​14558) (185408b), closes #​14433
• VData: don't reset sortBy/sortDesc to [] on clear (9cf48e4), closes #​14423
• VDialog: change the role from "document" to "dialog" (#​14602) (158e0b5), closes #​14231
• VMenu: null check content in mouseleave handler (e13eee1), closes #​14619
• VMenu: wrong alignment in RTL mode (#​14556) (446963f), closes #​12195
• VNavigationDrawer: don't update miniVariant without expandOnHover (bb2b11e), closes #​14555
• VTab: disabled tab can be reached by keyboard (#​14606) (d110f58), closes #​14601

v2.6.2

Compare Source

🔧 Bug Fixes

• application: allow use of multiple drawers (#​14450) (85a1186), closes #​13665
• types: add missing VOtpInput export in lib.d.ts (#​14497) (00f3f0a), closes #​14496
• VBottomNavigation: only calculate isActive state when using hideOnScroll (f58afb4), closes #​11640
• VCombobox: don't reset search when cleared (#​14531) (79cd41d), closes #​14507
• VMenu: don't add button role with openOnHover (24ccd88), closes #​14377
• VNavigationDrawer: always bind mouseover events (#​14523) (03e683f), closes #​13309
• VOtpInput: update internalValue on paste (bab2fa2), closes #​14536
• VOtpInput: update the otp when value changes (#​14460) (c58f02a), closes #​14437
• VSelect: Do not keep null items when filtering duplicates (#​14464) (8fd3510), closes #​14421
• VSlideGroup: account for inverted RTL scrolling (092fceb), closes #​14529
• VSlideGroup: skip width update if destroyed (1bb1455), closes #​14470
• VStepper: editable step tab navigation (#​14036) (256fa93), closes #​14022
• VTabs: correctly set active state with exact prop (#​14500) (74ec950), closes #​14431 #​14459
• VTextarea: apply correct input styles with solo-inverted prop (ea96084), closes #​11848
• VTooltip: allow disabling openOnClick/openOnFocus (28a64c4), closes #​14444

v2.6.1

Compare Source

🔧 Bug Fixes

• locale: update it translations (#​14398) (33385d5)
• VBanner: remove background when using the outlined prop (2af9a41), closes #​12081
• VCalendar: add nativeEvent to all re-emitted events (#​14307) (bb78e4e), closes #​9485
• VCalendar: continue touchMove event between days (#​14392) (10c78d2), closes #​13174
• VCard: remove default click handler (6d1c0f6), closes #​14447
• VDataTable: use hasOwnProperty to check dynamic slot presence (ca4cbda), closes #​14425
• VDialog: allow width to be set to auto (ef8b3cc), closes #​6919 #​14419
• VItemGroup: allow null values (#​14436) (a0dd90d), closes #​9073
• VItemGroup: allow object values and custom comparator (#​14328) (324b818), closes #​10571
• VRipple: use $ripple-animation-visible-opacity variable (#​14365) (3f8f577), closes #​11505
• VStepper: expand stepper label to full width (#​14362) (e6e5fd2), closes #​12584
• VTabs: allow set VTab inactive if optional property is set (#​14399) (958d4e6), closes #​14397

v2.6.0

Compare Source

v2.6.0 (Horizon)

Welcome to the v2.6.0 release of Vuetify!

❗️ Important Links

• 📄 Docs
• 🚨 Issues
• 🏬 Store
• 🎮 Play
• 💬 Discord
• 🐦 Twitter
• 👽 Reddit

🤚 FAQ

• Where is the upgrade guide?
  • There are no upgrade steps to go from v2.5 to v2.6

💪 Support Vuetify Development

Vuetify is an open source MIT project that has been made possible due to the generous contributions by our sponsors and backers. If you are interested in supporting this project, please consider:

• Sponsoring John and Kael on Github
• Requesting Enterprise Support
• Supporting the team on Open Collective
• Becoming a sponsor on Patreon
• Becoming a subscriber on Tidelift
• Making a one-time donation with Paypal

💯 Release notes

🔧 Bug Fixes

• VAutocomplete: remove selected item when input is cleared (#​13854) (57d3469), closes #​5917
• VDialog: default to auto width (6ac8007), closes #​6919

🚀 Features

• framework: add tag attribute to createSimpleFunctional (682936b), closes #​10026 #​5469

• locale: add danish locale (#​13733) (0ec9d53)

• styles: add $spacers-steps sass variable (#​14367) (60d3e54), closes #​12341

• VCalendar: pass native event to v-calendar click:* events (#​13760) (4429e6e), closes #​13142

• VCalendar: support horizontal scroll (#​13164) (f55ee97), closes #​13070

• VDataTable: allow item.* slots to return a <td> or <th> element (a4b8856), closes #​8474 #​12791

• VDatePicker: add date range first & last classes (#​12855) (988558b), closes #​12851 #​12851 #​12851 #​12851

• VInput: add hide-spin-buttons prop (#​13682) (bc2d6cb), closes #​6157

• VOtpInput: create new component (#​12761) (e3aeae7), closes #​11425

• VSlideGroup: add overscroll friction (3796587)

• VSnackbar: only add app padding if app prop is true (28e9e9d), closes #​11758

• VTooltip: add $tooltip-opacity sass variable (bfdd32c), closes #​11184

• VTreeview: add disabled prop (de0820c), closes #​5918

• VTreeview: add disablePerNode prop (#​14297) (f37438b), closes #​14282

v2.6.0.beta.0 - v2.6.0

Includes bugfixes from 2.5.11 to 2.5.14

🚀 Features

• styles: add $spacers-steps sass variable (#​14367) (60d3e54), closes #​12341
• VTreeview: add disablePerNode prop (#​14297) (f37438b), closes #​14282

v2.5.14

Compare Source

🔧 Bug Fixes

• directives: null check handlers on unbind (0eec92f), closes #​14390
• VSelect: don't select dividers or headers on arrow press (13f08b6), closes #​14372
• VTextField: set label dimensions on mount (6e3d83f), closes #​14391

v2.5.13

Compare Source

🔧 Bug Fixes

• directives: remove listeners if bound multiple times to one element (64c254f), closes #​13701 #​14386
• transitions: don't remove display style afterLeave (99f77d9), closes #​14312
• VCalendar: resolve drag drop issue on firefox (#​14385) (2d63881), closes #​14243
• VDialog: allow scrolling <select multiple> in safari (0ca7d0d), closes #​9470
• VDialog: support horizontal scrolling (bc82074), closes #​3765
• VOverlay: passthrough native events (6e2f6cd), closes #​11326
• VRadioGroup: passthrough custom attributes (75e0ecc), closes #​10704
• VRangeSlider: allow both thumbs to be set to the same value (2aedfc5), closes #​13738
• VTabs: don't try to reactivate inactive tabs (c41b5bf), closes #​14387

v2.5.12

Compare Source

🔧 Bug Fixes

• detachable: remove content element in beforeDestroy (0a0d743), closes #​14380

v2.5.11

Compare Source

🔧 Bug Fixes

• breakpoints: prevent overlap on HiDPI displays (#​14358) (e3f28a4), closes #​14353
• detachable: wait for transition to finish before removing activator (4c12e40), closes #​7422
• locale: fix aria-label for FR locale (#​14296) (933212c)
• VCalendar: implicitly narrow TouchEvent (#​14280) (15e28f6), closes #​14276
• VCombobox: keep highlighted item on filteredItems change (#​14196) (da5493b), closes #​14194
• VDialog: don't re-focus autofocused children (262057a), closes #​14345
• VDialog: prevent pointer events during transition (562294b), closes #​14224
• VListItem: allow default color to change when inactive (#​14207) (3df308f), closes #​9285
• VTabs: prevent selection of disabled tabs (#​14229) (13545ab), closes #​13728

v2.5.10

Compare Source

🔧 Bug Fixes

• click-outside: check for ShadowRoot support (30dd6bc), closes #​13845
• goTo: check targetLocation when reach bottom (#​13903) (c5e181e)
• menuable: apply custom absolute position when attached (83f262a), closes #​6877
• menuable: remove unused fixed prop (52ac86e), closes #​10946
• Ripple: don't use Symbol to prevent ripples on parent elements (4c28ef1), closes #​13383
• selection-controls: don't override icon color in label if disabled (674fd5d), closes #​14050 #​14081
• transitions: make hideOnLeave display !important (0e5438b), closes #​13973
• VAppBar: update active state when hide-on-scroll is changed (5eae27d), closes #​12505
• VCalendar: seconds -> milliseconds in error message (69bd908), closes #​14160
• VCalendar: touchmove does not notice category change (#​14084) (1ec8c6a), closes #​12366
• VDataTable: don't empty header on mobile (#​14191) (031b1f5), closes #​14174
• VSlideGroup: update scroll position on tab focus (5836928), closes #​14003 #​14019
• VSnackbar: show background below text (ea33d85), closes #​13075
• VStepper: correct vertical padding in rtl (#​14267) (b86eb5e), closes #​13981
• VTabs: do not deactivate item on same route query change (#​14240) (c999017), closes #​14156
• VTextarea: update height when auto-grow is toggled (6045d49), closes #​12444
• VTooltip: ignore scroll offset when attached (#​14223) (46938c7), closes #​13961
• VTreeView: independent selection drops async children (#​13950) (71d6bde), closes #​8791

v2.5.9

Compare Source

🔧 Bug Fixes

• click-outside: check for ShadowRoot support (a1ce45d), closes #​13845
• click-outside: listen for events on document instead of body (0635cd3), closes #​14040
• locale: update czech translations (#​14171) (1a76236)
• locale: update es translation (#​14095) (48c3158)
• VAutocomplete: don't reset tab focus on blur (5ce6946), closes #​14009
• VFileInput: support persistent-placeholder (#​14154) (d34c50d), closes #​13969
• VIcon: properly apply dense height to svg (#​14129) (c15cfc7)
• VListItem: override subtitle color when disabled (283218e)
• VMenu: only scroll selected item into view if needed (919cc26)
• VSelect: focus newly selected item on click when multiple (7f5901b), closes #​11969
• VSlider: prevent NaN for inputWidth when same min & max (#​14116) (46cb7a2), closes #​14114
• VSlider: remove attributes inherit from thumb container (#​14173) (50c02fd), closes #​14010
• VTextField: properly inherit state colors on iOS (25e9e57), closes #​11942

🔄 Reverts

• fix(VChip): icon size based on chip size prop (#​13412) (0f980ad), closes #​13813
• fix(VListItem): allow default color to change when inactive (#​13719) (4e4b1ea), closes #​14186

v2.5.8

Compare Source

🔨 Bug Fixes

• VAppBar: increase elevation override specificity (0aa692a), closes #​13982
• VDataTable: selection bug when using numbers as item-key (#​14008) (248add9), closes #​14006
• VTreeView: null check when building tree from children (#​13913) (0f71231)

v2.5.7

Compare Source

🔧 Bug Fixes

• VAutocomplete: don't try to reset search on blur if multiple (15d7dae), closes #​13877
• VCombobox: handle duplicates on chip edit (#​13794) (7fac117), closes #​6364
• VDataTable: no multiple select if last entry not selected (#​13686) (9fd2afa), closes #​13684
• VDialog: allow nested elements to overflow scroll (#​13548) (24af61e)
• VDialog: don't remove overlay if dialog is still active (4ca8391), closes #​13947
• VFileInput: allow multiple to be bound as false (08c1e89), closes #​9530
• VListItem: allow default color to change when inactive (#​13719) (6fb889d), closes #​9285
• VSlider: increase touch target size (9c6a4a6), closes #​4356
• VSlider: keep initial offset from thumb centre when dragging (23f8d89)
• VSnackbar: don't cancel close timeout after a touch event (74ecaa9), closes #​13904
• VSnackbar: don't use !important for box-shadow (11fd714), closes #​13438
• VTextField: don't translate outlined fieldset (6bb9484), closes #​13256
• VTextField: only emit change when initial value != lazy (6aaf52b), closes #​5070
• VTextField: remove border width transition (fb287ff), closes #​12248

v2.5.6

Compare Source

🔧 Bug Fixes

• types: declare vuetify/lib/services/goto module (#​13838) (4537798)
• VBtnToggle: apply min-width to dense buttons (6589ed8), closes #​13820
• VCombobox: re-compute menu items before setting index (#​13825) (8c0e2bc), closes #​12567
• VDataTable: convert dates to timestamps before sorting (3171d6f), closes #​13829
• VDataTable: display as flex column on mobile (4cc80ca), closes #​11337

v2.5.5

Compare Source

🔧 Bug Fixes

• routable: support exactPath (8f4773c), closes #​13132
• styles: remove unnecessary will-change (a3ec892), closes #​12890
• types: add missing goTo types (#​13812) (9f6d0c0), closes #​9648
• VCard: use a child combinator for v-card-subtitle color style (a29b965), closes #​13745
• VListGroup: support regexp in the group prop (43b0406), closes #​7812
• VMenu: apply position: relative to v-app (#​13823) (d8679b9), closes #​13821
• VProgressCircular: prevent animation flicker (944077e), closes #​12813
• VSelect: show placeholder when using persistent-placeholder prop (44ef316), closes #​13792

v2.5.4

Compare Source

🔧 Bug Fixes

• VCalendar: missing events under certain circumstances (#​13763) (8226cc9), closes #​13720
• VCard: set correct radius for direct VAvatar children (#​13789) (00b29ba)
• VCombobox: correctly handle duplicate items (#​13366) (5fbea51), closes #​12351
• VExpansionPanel: don't boot before showing if opened externally (0b8fc27), closes #​10140
• VMenu: activator should not return non Element nodes (#​13774) (25e80a1), closes #​13755
• types: add declaration for vuetify/lib/components (#​13395) (d8a6cff)

v2.5.3

Compare Source

🔧 Bug Fixes

• menuable: don't account for app offset in fixed context (ec8fafa), closes #​13740

🔄 Reverts

• fix(styles): use math.div instead of / (c9c0cb7), closes #​13737

v2.5.2

Compare Source

⚠️ Note ⚠️

We are aware of an issue affecting projects with custom sass variables. See https://github.com/vuetifyjs/vuetify/issues/13737 for more information and workarounds.

🔧 Bug Fixes

• Menuable: correctly calculate position in embedded v-app (#​13670) (9145a5e), closes #​7703
• styles: use math.div instead of / (52c98d5), closes #​13694 #​13704
• VCalendar: add support for a string[] of categories (#​13270) (1a12f12), closes #​12922
• VCalendar: display events ending at midnight (#​13667) (9a48b0f), closes #​11767 #​12223
• VCalendar: fix interval-style day when categoryDays > 1 (#​13384) (434df3b)
• VCarousel: prevent TypeError in v-if (#​13669) (22db933), closes #​13656
• VChip: icon size based on chip size prop (#​13412) (f6866d4), closes #​13248
• VDataIterator: use itemKey instead of name for select (#​13679) (b750730), closes #​13677
• VDatePicker: prevent scroll beyond max date with touchpad (#​13456) (41e0311)
• VPagination: don't show ellipsis for one item (#​13560) (bcd0379)
• VSelect: don't resolve item values twice when emitting change (6bdbc86), closes #​13729
• VTabs: right aligned tabs in vertical mode (#​13012) (18c2d6c)
• VTextField: fix click dead zone when using clearabl

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.