build(deps): bump jquery-ui from 1.13.3 to 1.14.1 in the jquery group across 1 directory

[dependabot]

Bumps the jquery group with 1 update in the / directory: jquery-ui.

Updates jquery-ui from 1.13.3 to 1.14.1

Release notes

Sourced from jquery-ui's releases.

jQuery UI 1.14.1 released

https://blog.jqueryui.com/2024/10/jquery-ui-1-14-1-released/

jQuery UI 1.14.0 released

https://blog.jqueryui.com/2024/08/jquery-ui-1-14-0-released/

Commits

• ca5af71 1.14.1
• bf0d4c3 Docs: Update AUTHORS.txt
• 3bb4232 Build: Update a few dependencies, drop grunt-cli
• d591bdd Widget: Don't let widget name affect $.ui prototype & constructor
• 85bed8d Build: Fix an XSS in the test server HTML serving logic
• af8adca Tabs: Use CSS.escape for sanitizing selectors
• ebdcd0d Tests: Fix titles of jquery-patch.js tests
• e399092 Build: Add a CodeQL non-mandatory check
• 49bb397 Build: Fix the ESLint config for demos
• 3934c68 Build: Bump express from 4.19.2 to 4.20.0
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[jayaddison]

⚠️ Adding the same caution here as previously mentioned in #10891:

NB: please do not merge this until we have figured out a longer-term fix for #10861 -- otherwise repeating this upgrade may cause that to happen again.

After reading #2675.. unless anybody else would like to, or would recommend not doing this: I can spend some time to investigate replacing autocomplete and tagsInput with select2 (I have some experience with select2 as a user and also as a contributor). If possible, that would help towards completely removing jquery-ui; a smaller task than updating our Foundation-related dependencies.

cc @CharlesNepote @Valimp @hangy @raphael0202

[jayaddison]

I've begun investigating replacement of jquery-ui autosuggest for nutriments entry with select2 -- so far I've noticed that select2 is used elsewhere on the same page already (for some language selection dropdown menus) and observed that the nutriment names are declared as a JavaScript Array on the client-side, but I haven't made much progress apart from that yet.

[jayaddison]

I ran into difficulties attempting a migration to select2; it was not as simple as I expected. I would like to unblock this upgrade, and so as mentioned in #javascript on Slack, I'm going to attempt and test an upgrade from jquery v2.1.4 to jquery v2.2.4 in the static resources. I am optimistic that that would allow this upgrade of jquery-ui to proceed.

[jayaddison]

I've opened #11109 to unblock this upgrade. I've tested that the nutrition autosuggest continues to work (the first problem reported in #10861) and browsed a few pages successfully in my dev env, but will try to test more functionality, and would be glad for any help.

[teolemon]

@dependabot rebase

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud