jquery (3.1.1-2+deb9u2) stretch-security; urgency=high

  * Non-maintainer upload by the LTS Team.
  * Prevent untrusted code execution when passing untrusted HTML to DOM
    manipulation methods.  (CVE-2020-11022)
  * Prevent untrusted code execution when passing HTML containing <option>
    elements to DOM manipulation methods.  (CVE-2020-11023)

 -- Roberto C. Sánchez <roberto@debian.org>  Sat, 20 Feb 2021 15:04:37 -0500

jquery (3.1.1-2+deb9u1) stretch; urgency=medium

  * Team upload
  * Add patch to prevent Object.prototype pollution
    (Closes: #927385, CVE-2019-11358)
  * Disable check-against-upstream-build test (autopkgtest) since file is now
    patched

 -- Xavier Guimard <yadd@debian.org>  Thu, 18 Apr 2019 22:57:29 +0200

jquery (3.1.1-2) unstable; urgency=medium

  * debian/rules: adapt path to r.js after a change in nodejs-requirejs
    (Closes: #847740)

 -- Antonio Terceiro <terceiro@debian.org>  Sun, 11 Dec 2016 13:18:53 -0200

jquery (3.1.1-1) unstable; urgency=medium

  * Uploading jQuery 3.x to unstable
  * New upstream version 3.1.1
  * debian/rules, debian/build.js: adapt Debian build to changes in upstream
    build
  * Bump Standards-Version to 3.9.8; no changes needed.

 -- Antonio Terceiro <terceiro@debian.org>  Sun, 16 Oct 2016 14:34:46 -0200

jquery (3.0.0~beta1-1) experimental; urgency=medium

  * New upstream release
    - Drop `compat` branch, which has also been dropped upstream.
      See http://blog.jquery.com/2016/01/14/jquery-3-0-beta-released/
      for details
    - Removed embedded copies of external libraries (of which some didn't have
      proper sources and only provided minified code):
      - external/npo
      - external/qunit
      - external/qunit-assert-step
      - external/requirejs
      - external/sinon
  * Drop the version number mangling to add a `+dfsg` suffix. First the
    changes from upstream are not due to the DFSG, but are removing pre-built
    Javascript files, which is not a problem according to the DFSG, but a
    policy. Second, if the package is in the Debian main component, obviously
    it complies with the DFSG. Anyway, the files removed are documented in
    debian/copyright.
    - debian/watch: remove version mangling options.
    - debian/rules: updated version number parsing
    - debian/tests/check-against-upstream-build: updated version number parsing
  * debian/build.js: adapt to changes in upstream build system
  * debian/rules: change date formatting to cope with changes in output
    of `date --iso-8601=m` starting with coreutils 8.25
  * debian/control:
    - bump Standards-Version to 3.9.7; no changes needed
    - use https URLs in Vcs-*
  * debian/tests/check-against-upstream-build: download upstream build over
    https
  * debian/rules: add simple build-time tests on override_dh_auto_test

 -- Antonio Terceiro <terceiro@debian.org>  Sat, 09 Apr 2016 14:30:31 -0300

jquery (3.0.0~alpha1+dfsg-2) experimental; urgency=medium

  * remove unused lintian overrides
  * debian/minify: remove `//# sourceMappingURL=..` magic comment, as uptream
    does (Closes: #799825)

 -- Antonio Terceiro <terceiro@debian.org>  Wed, 23 Sep 2015 09:33:43 -0300

jquery (3.0.0~alpha1+dfsg-1) experimental; urgency=medium

  * New upstream release. Includes:
    - the regular release (successor to jQuery 2.x) in
      /usr/share/javascript/jquery/
    - the "compat" branch (successor to jquery 1.x) in
      /usr/share/javascript/jquery-compat/
  * debian/watch:
    - also look for alpha/beta versions
    - automate adding +dfsg to downloaded upstream tarballs
    - call debian/prepare-tarball to prepare the tarball used as upstream
      source. See debian/README.source.md.
  * Added DEP-8 tests:
    - debian/tests/check-against-upstream-build: checks that our build matches
      upstream's.

 -- Antonio Terceiro <terceiro@debian.org>  Wed, 02 Sep 2015 11:01:01 -0300

jquery (1.12.3-1) unstable; urgency=medium

  * New upstream release
    - debian/build.js: port applicable upstream changes in
      build/tasks/build.js since previous version
    - Bundled copies of external libraries removed:
      - external/npo
      - external/qunit
      - external/qunit-assert-step
      - external/requirejs
      - external/sinon
  * Drop the version number mangling to add a `+dfsg` suffix. First the
    changes from upstream are not due to the DFSG, but are removing pre-built
    Javascript files, which is not a problem according to the DFSG, but a
    policy. Second, if the package is in the Debian main component, obviously
    it complies with the DFSG. Anyway, the files removed are documented in
    debian/copyright.
    - debian/watch: remove version mangling options.
  * Copy and adapt autopkgtest tests from experimental branch
    - debian/tests/check-against-upstream-build: use https instead of http for
      retrieving upstream release
  * debian/rules:
    - cope with removal of upstream version mangling
    - change date formatting to cope with changes in output of `date
      --iso-8601=m` starting with coreutils 8.25
    - drop workaround for bug in upstream build that has been fixed
    - add a simple build-time test under override_dh_auto_test
  * debian/control:
    - Bump Standards-Version to 3.9.7, no changes needed
    - Use https in Vcs-* URLs
  * debian/copyright:
    - cope with the location change for sizzle

 -- Antonio Terceiro <terceiro@debian.org>  Sat, 09 Apr 2016 10:55:14 -0300

jquery (1.11.3+dfsg-4) unstable; urgency=medium

  * debian/rules: remove `//# sourceMappingURL=..` magic comment from minified
    file, as uptream does (Closes: #799825)

 -- Antonio Terceiro <terceiro@debian.org>  Wed, 23 Sep 2015 09:31:49 -0300

jquery (1.11.3+dfsg-3) unstable; urgency=medium

  * move logic from debian/build.mk to debian/rules
  * debian/rules: use node-requirejs to build, as does upstream
  * debian/build.js: turned into a node-requirejs build file
  * debian/control: Build-Depends: node-requirejs

 -- Antonio Terceiro <terceiro@debian.org>  Fri, 28 Aug 2015 22:45:19 -0300

jquery (1.11.3+dfsg-2) unstable; urgency=medium

  * debian/build.mk: read date from changelog (Closes: #782899)
  * Acknowledge previous NMUs (Closes: #748377, #759672)
    - Thanks Paul Gevers
    - The corresponding changes do not apply anymore since the build is now
      completely different.

 -- Antonio Terceiro <terceiro@debian.org>  Tue, 25 Aug 2015 15:55:54 -0300

jquery (1.11.3+dfsg-1) unstable; urgency=medium

  * New upstream release (Closes: #730014)
  * drop debian/patches: only patch in there does not apply anymore
  * Added locally-hacked build system:
    - debian/build.mk (called from debian/rules)
    - debian/build.js (called from debian/build.mk)
    - debian/build-1.11.3.txt (used as input by debian/build.mk)
    .
    This reproduces the build that you would get with grunt, modulo comment
    lines and empty lines, which go away when the file is minified anyway.
  * debian/install: also ship jquery.min.map
  * debian/watch: point at github
  * Add myself to Uploaders:
  * debian/copyright: list dist/ in Files-Excluded:
  * bump debhelper compatibility level to 9

 -- Antonio Terceiro <terceiro@debian.org>  Fri, 21 Aug 2015 20:49:22 +0200

jquery (1.7.2+dfsg-3.2) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix in previous upload was technically not correct. Re-add the phony build
    target again and actually fix the make problem (mixed implicit and normal
    rules) by unmixing.

 -- Paul Gevers <elbrus@debian.org>  Fri, 29 Aug 2014 10:59:15 +0200

jquery (1.7.2+dfsg-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix FTBFS by removing build target as it used deprecated syntax
    (Closes: #709901)

 -- Paul Gevers <elbrus@debian.org>  Wed, 27 Aug 2014 21:29:27 +0200

jquery (1.7.2+dfsg-3) unstable; urgency=low

  * Generating jquery minified from source again (Closes: #495178)
  * Added lintian override:
    jquery source: license-problem-json-evil debian/README.Debian
  * Updated Standards-Version to 3.9.4 (no changes)

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Thu, 01 Aug 2013 21:27:33 -0300

jquery (1.7.2+dfsg-2) unstable; urgency=high

  * Added Breaks to movabletype-opensource (Closes: #700527)
    Thanks Dominic Hargreaves and gregor herrmann

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Sat, 11 May 2013 13:34:03 -0300

jquery (1.7.2+dfsg-1) unstable; urgency=high

  * Removed non-free files in upstream tarball (Closes: #692618)

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Thu, 15 Nov 2012 13:11:00 -0200

jquery (1.7.2+debian-2.1) unstable; urgency=high

  * Non-maintainer upload.
  * Don't ship minified js, uglify is not in wheezy (closes: #679665).
  * Make build a phony target explicitly, since there's a build directory in
    the source package.

 -- Julien Cristau <jcristau@debian.org>  Sat, 04 Aug 2012 08:26:20 +0200

jquery (1.7.2+debian-2) unstable; urgency=low

  * libjs-jquery package should be marked Multi-Arch: foreign
    (Closes: #676838); Thanks Nicolas Le Cam

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Thu, 14 Jun 2012 12:18:51 -0300

jquery (1.7.2+debian-1) unstable; urgency=high

  * Distfile does not contain complete source code (Closes: #665968)
    + Repacking tarball to add necessary build files
    + Using uglify to minify files
    + Updating copyright file

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Tue, 22 May 2012 21:26:51 -0300

jquery (1.7.2-1) unstable; urgency=low

  * New upstream release
  * Updated Standards-Version to 3.9.3
    + Machine-readable debian/copyright version 1.0

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Sun, 25 Mar 2012 20:19:22 -0300

jquery (1.7.1-1) unstable; urgency=low

  * New upstream release

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Sat, 24 Dec 2011 13:08:57 -0200

jquery (1.7-1) unstable; urgency=low

  * New upstream release (Closes: #649440)

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Sun, 20 Nov 2011 22:14:10 -0200

jquery (1.6.4-1) unstable; urgency=low

  * New upstream release

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Mon, 26 Sep 2011 12:30:46 -0300

jquery (1.6.2-1) unstable; urgency=low

  * New upstream release

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Thu, 14 Jul 2011 15:04:32 -0300

jquery (1.6.1-1) unstable; urgency=low

  * New upstream release (Closes: #628052)

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Sun, 29 May 2011 20:21:27 -0300

jquery (1.5.1-1) unstable; urgency=low

  * New upstream release

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Sat, 26 Feb 2011 23:36:04 -0300

jquery (1.5-3) unstable; urgency=low

  * Installing version.txt (Closes: #595001)

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Thu, 24 Feb 2011 07:08:06 -0300

jquery (1.5-2) unstable; urgency=low

  [Steve kemp]

  * Updated to mention the filesystem-path, as per #596212

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Fri, 04 Feb 2011 20:25:02 -0200

jquery (1.5-1) unstable; urgency=low

  * New upstream release
  * Updated Standards-Version to 3.9.1 (no changes)
  * Switch to dpkg-source 3.0 (quilt) format

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Thu, 03 Feb 2011 22:47:43 -0200

jquery (1.4.2-2) unstable; urgency=low

  * Setting debhelper version to >= 7.0.50~
    - Fixed lintian warning about debhelper overrides.

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Wed, 17 Mar 2010 23:14:37 -0300

jquery (1.4.2-1) unstable; urgency=low

  * New upstream release
  * Fixed watch file
  * Updating package to debhelper 7
  * Minimizing rules file
  * Generating jquery minified from source (Closes: #571786)

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Mon, 15 Mar 2010 21:28:46 -0300

jquery (1.4.1-1) unstable; urgency=low

  * New upstream release (Closes: #568143)
  * Updated Standards-Version to 3.8.4 (no changes)
  * Changing my email for Debian address

 -- Marcelo Jorge Vieira (metal) <metal@debian.org>  Wed, 03 Feb 2010 00:06:22 -0200

jquery (1.4-1) unstable; urgency=low

  [Steve Kemp]
  * New upstream release.

 -- Steve Kemp <skx@debian.org>  Thu, 14 Jan 2010 17:39:30 +0200

jquery (1.3.3-2) unstable; urgency=low

  [ Steve Kemp ]
  * Removed all non-Debian/ files.  We should work from the .orig.gz
  * Added.
  * Updated to use a -release.zip not the .js file for looking for releases.

  [ Daniel Baumann ]
  * Removing myself from uploaders.

 -- Daniel Baumann <daniel@debian.org>  Wed, 26 Aug 2009 17:39:30 +0200

jquery (1.3.3-1) unstable; urgency=high

  [ Steve Kemp ]
  * Re-upload with orig.tar.gz file present, unfortunately this means
    bumping the release number, but that is a small price to pay.
    (Closes: #526228)
  * Updated to standards version 3.8.1

 -- Steve Kemp <skx@debian.org>  Tue, 19 May 2009 21:11:01 +0000

jquery (1.3.2-2) unstable; urgency=high

  [ Steve Kemp ]
  * Correctly update the .min.js, .light.js, and .packaged.js files to
    be symlinks.
    - My own bad git usage.

 -- Steve Kemp <skx@debian.org>  Thu, 26 Feb 2009 16:00:16 +0000

jquery (1.3.2-1) unstable; urgency=low

  [ Steve Kemp ]
  * Updated to release 1.3.2 of jquery.
    (Closes: #515112)

 -- Steve Kemp <skx@debian.org>  Thu, 26 Feb 2009 15:55:51 +0000

jquery (1.2.6-2) unstable; urgency=medium

  [ Daniel Baumann ]
  * Updating to standards 3.8.0.

  [ Steve Kemp ]
  * Updated to the new 1.2.6 release
  * Correct the name of the library

  [ Daniel Baumann ]
  * Removing 'files' from unclean build.
  * Removing useless empty line at the end of links file.
  * Temporarily don't install packaged javascript files compressed by
    upstream until we have yuicompressor in the archive. To not break
    existing installations, symlinks to uncompressed jquery.js are
    shipped.
  * Correcting wrong symlinks of previous commit, thanks to Christian
    Hammers <ch@debian.org> (Closes: #495178).

 -- Daniel Baumann <daniel@debian.org>  Sat, 10 Jan 2009 14:21:00 -0500

jquery (1.2.6-1) unstable; urgency=low

  [ Steve Kemp ]
  * New upstream release

 -- Steve Kemp <skx@debian.org>  Fri, 18 Jul 2008 15:55:55 +0000

jquery (1.2.3-4) unstable; urgency=low

  [ Steve Kemp ]
  * Moved to collaborative hosting:
    - http://git.debian.org/git/pkg-javascript/

  [ Daniel Baumann ]
  * Downgrading relation to javascript-common from depends to recommends.
  * Removing useless empty line on top of README.Debian.
  * Removing explicit appearance of README.Debian in dh_installdocs call, since
    this is taken automatically anyway.

 -- Steve Kemp <skx@debian.org>  Sat, 10 May 2008 16:17:18 +0000

jquery (1.2.3-3) unstable; urgency=medium

  * Renamed the binary package from 'jquery' to 'libjs-jquery'
    to follow the very early Javascript policy.

 -- Steve Kemp <skx@debian.org>  Sun, 6 Apr 2008 15:44:51 +0000

jquery (1.2.3-2) unstable; urgency=high

  * Updated to follow the very early Javascript policy.
    - Install files beneath /usr/share/javascript

 -- Steve Kemp <skx@debian.org>  Sat, 5 Apr 2008 15:14:13 +0000

jquery (1.2.3-1) unstable; urgency=low

  * Initial release.  (Closes: #473125)

 -- Steve Kemp <skx@debian.org>  Fri, 28 Mar 2008 15:14:13 +0000