Bump axe-core from 4.10.3 to 4.11.0 in the testing group across 1 directory

[dependabot]

Bumps the testing group with 1 update in the / directory: axe-core.

Updates axe-core from 4.10.3 to 4.11.0

Release notes

Sourced from axe-core's releases.

Release 4.11.0

This release adds the new RGAA standard to many rules. Of particular note is that some best practice rules under WCAG are required under the RGAA standard: focus-order-semantics (experimental), region, skip-link, table-duplicate-name. This means that these rules are tagged as both best-practice and RGAAv4. Applications which are filtering rules based on the best-practice tags will need to update the logic in order to handle RGAA rules that are tagged best-practice.

Features

• add RGAA tags to rules (#4862) (53a925a)
• aria-prohibited-attr: add support for fallback roles (#4325) (62a19a9)
• axe.d.ts: add nodeSerializer typings (#4551) (a2f3a48), closes #4093
• DqElement: deprecate fromFrame function (#4881) (374c376), closes #4093
• DqElement: Truncate large html strings when the element has a large outerHTML string (#4796) (404a4fb), closes #4544
• get-xpath: return proper relative selector for id (#4846) (1035f9e), closes #4845
• i18n: Add Portugal Portuguese translation (#4725) (5b6a65a)
• incomplete with node on which an error occurred (#4863) (32ed8da)
• locale: Added ru locale (#4565) (067b01d)
• tap: some best practice rules map to RGAA (#4895) (bc33f4c)
• td-headers-attr: report headers attribute referencing other elements as unsupported (#4589) (ec7c6c8), closes #3987

Bug Fixes

• aria-allowed-role: add form to allowed roles of form element (#4588) (8aa47ac), closes /github.com/dequelabs/axe-core/blob/develop/lib/standards/html-elms.js#L264
• aria-allowed-role: Add math to allowed roles for img element (#4658) (95b6c18), closes #4657
• autocomplete-valid : Ignore readonly autocomplete field (#4721) (491f4ec), closes #4708
• autocomplete-valid: treat values "xon" and "xoff" as non-WCAG-violations (#4878) (52bc611), closes #4877
• axe.d.ts: add typings for preload options object (#4543) (cfd2974)
• button-name,input-button-name,input-img-alt: allow label to give accessible name (#4607) (a9710d7), closes #4472 #3696 #3696
• captions: fix grammar in captions check incomplete message (#4661) (11de515)
• color-contrast: do not run on elements with font-size: 0 (#4822) (d77c885), closes #4820
• consistently parse tabindex, following HTML 5 spec (#4637) (645a850), closes #4632
• core: measure perf for async checks (#4609) (7e9bacf)
• fix grammar when using "alternative text" in a sentence (#4811) (237a586), closes #4394
• get-ancestry: add nth-child selector for multiple siblings of shadow root (#4606) (1cdd6c3), closes #4563
• get-ancestry: don't error when there is no parent (#4617) (a005703)
• locale: fix typos in japanese (ja) locale (#4856) (3462cc5)
• locale: fixed typos in german (DE) locale (#4631) (b7736de)
• locale: proofread and updated de.json (#4643) (8060ada)
• meta-viewport: lower impact to moderate (#4887) (2f32aa5), closes #4714
• no-autoplay-audio: don't timeout for preload=none media elements (#4684) (cdc871e)
• performanceTimer: throwing in axe catch clause (#4852) (a4ade04), closes /github.com/dequelabs/axe-core/blob/e7dae4ec48cbfef74de9f833fdcfb178c1002985/lib/core/base/rule.js#L297-L300
• performanceTimer: work in frames (#4834) (d7dfebc)
• rules: Change "alternate text" to "alternative text" (#4582) (b03ada3)
• target-size: do not treat focusable tabpanels as targets (#4702) (60d11f2), closes #4421 #4701
• type: correct RuleError type (#4893) (d1aa8e2)
• types: correct raw types (#4903) (3eade11)

Changelog

Sourced from axe-core's changelog.

4.11.0 (2025-10-07)

Features

• add RGAA tags to rules (#4862) (53a925a)
• aria-prohibited-attr: add support for fallback roles (#4325) (62a19a9)
• axe.d.ts: add nodeSerializer typings (#4551) (a2f3a48), closes #4093
• DqElement: deprecate fromFrame function (#4881) (374c376), closes #4093
• DqElement: Truncate large html strings when the element has a large outerHTML string (#4796) (404a4fb), closes #4544
• get-xpath: return proper relative selector for id (#4846) (1035f9e), closes #4845
• i18n: Add Portugal Portuguese translation (#4725) (5b6a65a)
• incomplete with node on which an error occurred (#4863) (32ed8da)
• locale: Added ru locale (#4565) (067b01d)
• tap: some best practice rules map to RGAA (#4895) (bc33f4c)
• td-headers-attr: report headers attribute referencing other elements as unsupported (#4589) (ec7c6c8), closes #3987

Bug Fixes

• aria-allowed-role: add form to allowed roles of form element (#4588) (8aa47ac), closes /github.com/dequelabs/axe-core/blob/develop/lib/standards/html-elms.js#L264
• aria-allowed-role: Add math to allowed roles for img element (#4658) (95b6c18), closes #4657
• autocomplete-valid : Ignore readonly autocomplete field (#4721) (491f4ec), closes #4708
• autocomplete-valid: treat values "xon" and "xoff" as non-WCAG-violations (#4878) (52bc611), closes #4877
• axe.d.ts: add typings for preload options object (#4543) (cfd2974)
• button-name,input-button-name,input-img-alt: allow label to give accessible name (#4607) (a9710d7), closes #4472 #3696 #3696
• captions: fix grammar in captions check incomplete message (#4661) (11de515)
• color-contrast: do not run on elements with font-size: 0 (#4822) (d77c885), closes #4820
• consistently parse tabindex, following HTML 5 spec (#4637) (645a850), closes #4632
• core: measure perf for async checks (#4609) (7e9bacf)
• fix grammar when using "alternative text" in a sentence (#4811) (237a586), closes #4394
• get-ancestry: add nth-child selector for multiple siblings of shadow root (#4606) (1cdd6c3), closes #4563
• get-ancestry: don't error when there is no parent (#4617) (a005703)
• locale: fix typos in japanese (ja) locale (#4856) (3462cc5)
• locale: fixed typos in german (DE) locale (#4631) (b7736de)
• locale: proofread and updated de.json (#4643) (8060ada)
• meta-viewport: lower impact to moderate (#4887) (2f32aa5), closes #4714
• no-autoplay-audio: don't timeout for preload=none media elements (#4684) (cdc871e)
• performanceTimer: throwing in axe catch clause (#4852) (a4ade04), closes /github.com/dequelabs/axe-core/blob/e7dae4ec48cbfef74de9f833fdcfb178c1002985/lib/core/base/rule.js#L297-L300
• performanceTimer: work in frames (#4834) (d7dfebc)
• rules: Change "alternate text" to "alternative text" (#4582) (b03ada3)
• target-size: do not treat focusable tabpanels as targets (#4702) (60d11f2), closes #4421 #4701
• type: correct RuleError type (#4893) (d1aa8e2)
• types: correct raw types (#4903) (3eade11)

Commits

• 7dc4242 chore(release): v4.11.0 (#4904)
• 96927cb chore(release): 4.11.0
• 3eade11 fix(types): correct raw types (#4903)
• 8fc6520 chore(types): errorNode is SerialDqElement (#4901)
• 9e35511 chore: bump jsdom from 26.1.0 to 27.0.0 (#4900)
• 6d0cb75 chore: bump actions/setup-node from 4 to 5 (#4898)
• a0e9da4 chore: bump the npm-low-risk group with 8 updates (#4899)
• b91369a chore: sync generated files (#4897)
• bc33f4c feat(tap): some best practice rules map to RGAA (#4895)
• 670be64 test(performance-timer): reduce flakiness of tests involving actual sleeps (r...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions