What's Changed

• Bump ip from 1.1.8 to 1.1.9 by@dependabot in#96
• Bump json5 from 1.0.1 to 1.0.2 by@dependabot in#97
• Bump braces from 3.0.2 to 3.0.3 by@dependabot in#98
• Bump the npm_and_yarn group with 7 updates by@dependabot in#99
• Upgrade node to 22 and add provenance by@gracepark in#100
• Adding correct permissions for actions maintenance by@gracepark in#101
• Update Dockerfile by@gracepark in#102
• Bump esbuild from 0.17.19 to 0.25.0 in the npm_and_yarn group by@dependabot in#104
• Bump the npm_and_yarn group across 1 directory with 2 updates by@dependabot in#105
• Bump the npm_and_yarn group across 1 directory with 2 updates by@dependabot in#106
• Fix typo fromoccured tooccurred by@BaseMax in#107
• Send error information to event by@manuelpuyol in#108

New Contributors

• @gracepark made their first contribution in#100
• @BaseMax made their first contribution in#107

Full Changelog:v6.3.0...v6.4.0

Contributors

What's Changed

• add customelements manifest by@keithamus in#95

Full Changelog:v6.2.1...v6.3.0

Contributors

What's Changed

• remove global define by@keithamus in#94

Full Changelog:v6.2.0...v6.2.1

Contributors

What's Changed

• upgrade to new web component standards by@keithamus in#93

Full Changelog:v6.1.1...v6.2.0

Contributors

What's Changed

• add refetch API by@manuelpuyol in#92

New Contributors

• @manuelpuyol made their first contribution in#92

Full Changelog:v6.1.0...v6.1.1

Contributors

CSP trusted types is an API that allows a website to reduce the possibility of XSS by controlling what kind of content can be placed in a "sink" like.innerHTML.

This release introduces a flexible callback that allows the calling code to provide its own sanitization or rejection of an server response for an<include-fragment-element>. For example, the site may want to allow the server to send a header to assert that certain HTML is sanitized and safe to use as-is, or the site may want to run the response through a sanitizer.

What's Changed

• move AOR to primer by@keithamus in#80
• Switch Promise chaining to async-await syntax. by@lgarron in#82
• Fix the location oftry in new async code. by@lgarron in#83
• Fix up types for cached and returned data. by@lgarron in#84
• Add a script fornpm run format. by@lgarron in#85
• Switch to web test runner by@keithamus in#86
• AddsetCSPTrustedTypesPolicy() for CSP trusted types. by@lgarron in#81
• throw errors rather than resolving them by@keithamus in#87

New Contributors

• @lgarron made their first contribution in#82
• @rzhade3 and@fletchto99 made their first contribution in#81

Full Changelog:v6.0.1...v6.1.0

Contributors

What's Changed

• Use chromium for karma tests by@theinterned in#73
• Add a .devcontainer by@koddsson in#74
• Add a release action by@koddsson in#76
• Update dependencies by@koddsson in#77
• Refactor private functions into the component by@koddsson in#78
• Check if there's a network request already in flight by@koddsson in#79

New Contributors

• @theinterned made their first contribution in#73

Full Changelog:v6.0.0...v6.0.1

Contributors

What's Changed

• Update developer dependencies by@koddsson in#68
• Remove a redundant line by@kidonng in#71
• Set host element to a block its Shadow DOM by@koddsson in#72

New Contributors

• @kidonng made their first contribution in#71

Full Changelog:v5.3.2...v6.0.0

Contributors

This release fixes a bug where callingload() on aloading=lazy element causes the contents not to be replaced when the element becomes visible.

Thanks to@latentflip for his contributions to this release 🙌🏻

v5.3.1...v5.3.2

Contributors

This release guarantees the order of events. The order will now always be:

• loadstart
• include-fragment-replace
• include-fragment-replaced
• load
• loadend

This release also guarantees that during theloadstart dispatch, the<include-fragment> element will still exist and be connected to the DOM.