On January 14, 2006, John Resig introduced a JavaScript library called jQuery at BarCamp in New York City. Now, 20 years later, the jQuery team is happy to announce the final release of jQuery 4.0.0. After a long development cycle and several pre-releases, jQuery 4.0.0 brings many improvements and modernizations. It is the first major version release in almost 10 years and includes some breaking changes, so be sure to read through the details below before upgrading. Still, we expect that most users will be able to upgrade with minimal changes to their code.
Many of the breaking changes are ones the team has wanted to make for years, but couldn’t in a patch or minor release. We’ve trimmed legacy code, removed some previously-deprecated APIs, removed some internal-only parameters to public functions that were never documented, and dropped support for some “magic” behaviors that were overly complicated.
We have an upgrade guide and jQuery Migrate plugin release ready to assist with the transition. Please upgrade and let us know if you encounter any issues.
As usual, the release is available on our CDN and the npm package manager. Other third party CDNs will probably have it available soon as well, but remember that we don’t control their release schedules and they will need some time. Here are the highlights for jQuery 4.0.0.
IE<11 support removed
jQuery 4.0 drops support for IE 10 and older. Some may be asking why we didn’t remove support for IE 11. We plan to remove support in stages, and the next step will be released in jQuery 5.0. For now, we’ll start by removing code specifically supporting IE versions older than 11.
We also dropped support for other very old browsers, including Edge Legacy, iOS versions earlier than the last 3, Firefox versions earlier than the last 2 (aside from Firefox ESR), and Android Browser. No changes should be required on your end. If you need to support any of these browsers, stick with jQuery 3.x.
Trusted Types and CSP
jQuery 4.0 adds support for Trusted Types, ensuring that HTML wrapped in TrustedHTML can be used as input to jQuery manipulation methods in a way that doesn’t violate the require-trusted-types-for Content Security Policy directive.
Along with this, while some AJAX requests were already using <script> tags to maintain attributes such as crossdomain, we have since switched most asynchronous script requests to use <script> tags to avoid any CSP errors caused by using inline scripts. There are still a few cases where XHR is used for asynchronous script requests, such as when the"headers" option is passed (use scriptAttrs instead!), but we now use a <script> tag whenever possible.
jQuery source migrated to ES modules
It was a special day when the jQuery source on the main branch was migrated from AMD to ES modules. The jQuery source has always been published with jQuery releases on npm and GitHub, but could not be imported directly as modules without RequireJS, which was jQuery’s build tool of choice. We have since switched to Rollup for packaging jQuery and we do run all tests on the ES modules separately. This makes jQuery compatible with modern build tools, development workflows, and browsers through the use of <script type=module>.
Deprecated APIs removed
These functions have been deprecated for several versions. It’s time to remove them now that we’ve reached a major release. These functions were either always meant to be internal or ones that now have native equivalents in all supported browsers. The removed functions include:
jQuery.isArray, jQuery.parseJSON, jQuery.trim, jQuery.type, jQuery.now, jQuery.isNumeric, jQuery.isFunction, jQuery.isWindow, jQuery.camelCase, jQuery.nodeName, jQuery.cssNumber, jQuery.cssProps, and jQuery.fx.interval.
Use native equivalents like Array.isArray(), JSON.parse(), String.prototype.trim(), and Date.now() instead.
The removal of deprecated APIs combined with the removal of code supporting old IE resulted in a size reduction of over 3k bytes gzipped.
Internal-only methods removed from jQuery prototype
The jQuery prototype has long had Array methods that did not behave like any other jQuery methods and were always meant for internal-use only. These methods are push, sort, and splice. They have now been removed from the jQuery prototype. If you were using these methods, $elems.push( elem ) can be replaced with [].push.call( $elems, elem ).
Focus event order now follows W3C spec
For a long time, browsers did not agree on the order of focus and blur events, which includes focusin, focusout, focus, and blur. Finally, the latest versions of all browsers that jQuery 4.0 supports have converged on a common event order. Unfortunately, it differs from the consistent order that jQuery had chosen years ago, which makes this a breaking change. At least everyone is on the same page now!
Starting with jQuery 4.0, we no longer override native behavior. This means that all browsers except IE will follow the current W3C specification, which is:
- blur
- focusout
- focus
- focusin
jQuery’s order in previous versions was: focusout, blur, focusin, focus. Ironically, the only browser to ever follow the old W3C spec (before it was updated in 2023) was Internet Explorer.
Updated slim build
The slim build has gotten even smaller in jQuery 4.0.0 with the removal of Deferreds and Callbacks (now around 19.5k bytes gzipped!). Deferreds have long-supported the Promises A+ standard, so native Promises can be used instead in most cases and they are available in all of jQuery’s supported browsers except IE11. Deferreds do have some extra features that native Promises do not support, but most usage can be migrated to Promise methods. If you need to support IE11, it’s best to use the main build or add a polyfill for native Promises.
Download
You can get the files from the jQuery CDN, or link to them directly:
https://code.jquery.com/jquery-4.0.0.js
https://code.jquery.com/jquery-4.0.0.min.js
You can also get this release from npm:
npm install jquery@4.0.0
Slim build
Sometimes you don’t need ajax, or you prefer to use one of the many standalone libraries that focus on ajax requests. And often it is simpler to use a combination of CSS and class manipulation for web animations. Finally, all of jQuery’s supported browsers (except for IE11) now have support for native Promises across the board, so Deferreds and Callbacks are no longer needed in most cases. Along with the regular version of jQuery that includes everything, we’ve released a “slim” version that excludes these modules. The size of jQuery is very rarely a load performance concern these days, but the slim build is about 8k gzipped bytes smaller than the regular version. These files are also available in the npm package and on the CDN:
https://code.jquery.com/jquery-4.0.0.slim.js
https://code.jquery.com/jquery-4.0.0.slim.min.js
These updates are already available as the current versions on npm and Bower. Information on all the ways to get jQuery is available at https://jquery.com/download/. Public CDNs receive their copies today, please give them a few days to post the files. If you’re anxious to get a quick start, use the files on our CDN until they have a chance to update.
Thanks
Thank you to all of you who participated in this release by submitting patches, reporting bugs, or testing, including ac-mmi, Alex, Ulises Gascón, Richard Gibson, Michał Gołębiowski-Owczarek, Gabriela Gutierrez, J.Son, Liam James, Anders Kaseorg, Simon Legner, neogy-akash, Christian Oliff, Dimitri Papadopoulos Orfanos, Bruno PIERRE, Baoshuo Ren, studystill, Timo Tijhof, and the whole jQuery team.Happy 20th Birthday jQuery!
Lots of wonderful people have contributed to jQuery and its associated projects in the past 20 years and many of us met up for a reunion in Dallas. John Resig even joined over Zoom. This release was posted while we were all together.
Changelog
Full changelog: 4.0.0
Ajax
- Don't treat array data as binary (992a1911)
- Allow
processData: trueeven for binary data (ce264e07) - Support binary data (including FormData) (a7ed9a7b)
- Support
headersfor script transport even when cross-domain (#5142, 6d136443) - Support
nullas success functions injQuery.get(#4989, 74978b7e) - Don't auto-execute scripts unless dataType provided (#4822, 025da4dd)
- Make responseJSON work for erroneous same-domain JSONP requests (68b4ec59)
- Execute JSONP error script responses (#4771, a1e619b0)
- Avoid CSP errors in the script transport for async requests (#3969, 07a8e4a1)
- Drop the json to jsonp auto-promotion logic (#1799, #3376, e7b3bc48)
- Overwrite s.contentType with content-type header value, if any (#4119, 7fb90a6b)
- Deprecate AJAX event aliases, inline event/alias into deprecated (23d53928)
- Do not execute scripts for unsuccessful HTTP responses (#4250, 50871a5a)
- Simplify jQuery.ajaxSettings.xhr (#1967, abdc89ac)
Attributes
- Make
.attr( name, false )remove for all non-ARIA attrs (#5388, 063831b6) - Shave off a couple of bytes (b40a4807)
- Don't stringify attributes in the setter (#4948, 4250b628)
- Drop the
toggleClass(boolean|undefined)signature (#3388, a4421101) - Refactor val(): don't strip carriage return, isolate IE workarounds (ff281991)
- Don't set the type attr hook at all outside of IE (9e66fe9a)
Core
- Remove obsolete workarounds, update support comments (e2fe97b7)
- Switch
$.parseHTMLfromdocument.implementationtoDOMParser(0e123509) - Fix the exports setup to make bundlers work with ESM & CommonJS (#5416, 60f11b58)
- Add more info about named exports (5f869590)
- Simplify code post browser support reduction (93ca49e6)
- Move the factory to separate exports (46f6e3da)
- Use named exports in
src/(#5262, f75daab0) - Fix regression in jQuery.text() on HTMLDocument objects (#5264, a75d6b52)
- Selector: Move jQuery.contains from the selector to the core module (024d8719)
- Drop the root parameter of jQuery.fn.init (d2436df3)
- Don't rely on splice being present on input (9c6f64c7)
- Manipulation: Add basic TrustedHTML support (#4409, de5398a6)
- Report browser errors in parseXML (#4784, 89697325)
- Make jQuery.isXMLDoc accept falsy input (#4782, fd421097)
- Drop support for Edge Legacy (i.e. non-Chromium Microsoft Edge) (#4568, e35fb62d)
- Fire iframe script in its context, add doc param in globalEval (#4518, 4592595b)
- Exclude callbacks & deferred modules in the slim build as well (fbc44f52)
- Migrate from AMD to ES modules
(d0ce00cd) - Use Array.prototype.flat where supported (#4320, 9df4f1de)
- Remove private copies of push, sort & splice from the jQuery prototype (b59107f5)
- Implement .even() & .odd() to replace POS :even & :odd (78420d42)
- Deprecate jQuery.trim (#4363, 5ea59460)
- Remove IE-specific support tests, rely on document.documentMode (#4386, 3527a384)
- Drop support for IE <11, iOS <11, Firefox <65, Android Browser & PhantomJS (#3950, #4299, cf84696f)
- Remove deprecated jQuery APIs (#4056, 58f0c00b)
CSS
- Fix dimensions of table
<col>elements (#5628, eca2a564) - Drop the cache in finalPropName (640d5825)
- Tests: Fix tests & support tests under CSS Zoom (#5489, 071f6dba)
- Fix reliableTrDimensions support test for initially hidden iframes (b1e66a5f)
- Selector: Align with 3.x, remove the outer
selector.jswrapper (53cf7244) - Make the reliableTrDimensions support test work with Bootstrap CSS (#5270, 65b85031)
- Make
offsetHeight( true ), etc. include negative margins (#3982, bce13b72) - Return
undefinedfor whitespace-only CSS variable values (#5120) (7eb00196) - Don’t trim whitespace of undefined custom property (#5105, ed306c02)
- Skip falsy values in
addClass( array ), compress code (#4998, a338b407) - Justify use of rtrim on CSS property values (655c0ed5)
- Trim whitespace surrounding CSS Custom Properties values (#4926, efadfe99)
- Include
show,hide&togglemethods in the jQuery slim build (297d18dd) - Remove the opacity CSS hook (865469f5)
- Workaround buggy getComputedStyle on table rows in IE/Edge (#4490, 26415e08)
- Don't automatically add "px" to properties with a few exceptions (#2795, 00a9c2e5)
Data
- Refactor to reduce size (805cdb43)
- Event:Manipulation: Prevent collisions with Object.prototype (#3256, 9d76c0b1)
- Separate data & css/effects camelCase implementations (#3355, 8fae2120)
Deferred
- Rename
getStackHooktogetErrorHook(#5201, 258ca1ec) - Respect source maps in jQuery.Deferred.exceptionHook (#3179, 0b9c5037)
- Rename master to primary (a32cf632)
Deprecated
- Define
.hover()using non-deprecated methods (fd6ffc5e) - Remove jQuery.trim (0b676ae1)
- Fix AMD parameter order (f810080e)
Dimensions
Docs
- updated the vulnerability reporting process and added escalation steps (02cf4ee0)
- Fix some minor issues in comments (e4d4dd81)
- update herodevs link in README (#5695, 093e63f9)
- Align CONTRIBUTING.md with
3.x-stable(d9281061) - Update CONTRIBUTING.md (4ef25b0d)
- add version support section to README (cbc2bc1f)
- Update remaining HTTP URLs to HTTPS (7cdd8374)
- Fix module links in the package README (ace646f6)
- update watch task in CONTRIBUTING.md (77d6ad71)
- Fix typos found by codespell (620870a1)
- remove stale gitter badge from readme (67cb1af7)
- Remove the "Grunt build" section from the PR template (988a5684)
- Remove stale badge from README (bcd9c2bc)
- Update the README of the published package (edccabf1)
- Remove git.io from a GitHub Actions comment (016872ff)
- Update webpack website in README (01819bc3)
- add link to patchwelcome and help wanted issues (924b7ce8)
- add link to preview the new CLAs (683ceb8f)
- Fix incorrect
trac-NUMBERreferences (eb9ceb2f) - remove expired links from old jquery source (#4997) (ed066ac7)
- Remove links to Web Archive from source (#4981, e24f2dcf)
- Replace
#NUMBERTrac issue references withtrac-NUMBER(5d5ea015) - Update the URL to the latest jQuery build in CONTRIBUTING.md (9bdb16cd)
- Remove the CLA checkbox in the pull request template (e1248931)
- update irc to Libera and fix LAMP dead link (175db73e)
- Update Frequently Reported Issues in the GitHub issue template (7a6fae6a)
- Change JS Foundation mentions to OpenJS Foundation (11611967)
- add SECURITY.md, show security email address (2ffe54ca)
- Fix typos (1a7332ce)
- Update the link to the jsdom repository (a62309e0)
- Use https for hyperlinks in README (73415da2)
- Remove a mention of the event/alias.js module from README (3edfa1bc)
- Update links to EdgeHTML issues to go through Web Archive (1dad1185)
- direct users to GitHub docs for cloning the repo (f1c16de2)
- Change OS X to macOS in README (5a3e0664)
- Update most URLs to HTTPS (f09d9210)
- Convert link to Homebrew from HTTP to HTTPS (e0022f23)
Effect
Effects
- Remove jQuery.fx.interval (6c2c7362)
Event
- Use
.preventDefault()in beforeunload (7c123dec) - Increase robustness of an inner native event in leverageNative (#5459, 527fb3dc)
- Avoid collisions between jQuery.event.special & Object.prototype (bcaeb000)
- Simplify the check for saved data in leverageNative (dfe212d5)
- Make trigger(focus/blur/click) work with native handlers (#5015, 6ad3651d)
- Simulate focus/blur in IE via focusin/focusout (#4856, #4859, #4950, ce60d318)
- Don't break focus triggering after
.on(focus).off(focus)(#4867, e539bac7) - Make focus re-triggering not focus the original element back (#4382, dbcffb39)
- Don't crash if an element is removed on blur (#4417, 5c2d0870)
- Remove the event.which shim (#3235, 1a5fff4c)
- remove jQuery.event.global (18db8717)
- Only attach events to objects that accept data – for real (#4397, d5c505e3)
- Stop shimming focusin & focusout events (#4300, 8a741376)
- Prevent leverageNative from registering duplicate dummy handlers (eb6c0a7c)
- Fix handling of multiple async focus events (#4350, ddfa8376)
Manipulation
- Make jQuery.cleanData not skip elements during cleanup (#5214, 3cad5c43)
- Generalize a test to support IE (88690ebf)
- Support $el.html(selfRemovingScript) (#5378) (#5377, 937923d9)
- Extract domManip to a separate file (ee6e8740)
- Don't remove HTML comments from scripts (#4904, 2f8f39e4)
- Respect script crossorigin attribute in DOM manipulation (#4542, 15ae3614)
- Avoid concatenating strings in buildFragment (9c98e4e8)
- Make jQuery.htmlPrefilter an identity function (90fed4b4)
- Selector: Use the nodeName util where possible to save size (4504fc3d)
Offset
- Increase search depth when finding the 'real' offset parent (556eaf4a)
Selector
- Remove the workaround for
:has; test both on iPhone & iPad (65e35450) - Properly deprecate
jQuery.expr[ ":" ]/jQuery.expr.filters(329661fd) - Make
selector.jsmodule depend onattributes/attr.js(#5379, e06ff088) - Eliminate
selector.jsdepenencies from various modules (e8b7db4b) - Re-expose jQuery.find.{tokenize,select,compile,setDocument} (#5259, 338de359)
- Stop relying on CSS.supports( "selector(…)" ) (#5194, 68aa2ef7)
- Backport jQuery selection context logic to selector-native (#5185, 2e644e84)
- Make selector lists work with
qSAagain (#5177, 09d988b7) - Implement the
uniqueSortchainable method (#5166, 5266f23c) - Re-introduce selector-native.js (4c1171f2)
- Manipulation: Fix DOM manip within template contents (#5147, 3299236c)
- Drop support for legacy pseudos, test custom pseudos (8c7da22c)
- Use jQuery
:hasifCSS.supports(selector(...))non-compliant (#5098, d153c375) - Remove the "a:enabled" workaround for Chrome <=77 (c1ee33ad)
- Make empty attribute selectors work in IE again (#4435, 05184cc4)
- Use shallow document comparisons in uniqueSort (#4441, 15750b0a)
- Add a test for throwing on post-comma invalid selectors (6eee5f7f)
- Make selectors with leading combinators use qSA again (ed66d5a2)
- Use shallow document comparisons to avoid IE/Edge crashes (#4441, aa6344ba)
- reduce size, simplify setDocument (29a9544a)
- Leverage the :scope pseudo-class where possible (#4453, df6a7f7f)
- Bring back querySelectorAll shortcut usage (cef4b731)
- Inline Sizzle into the selector module (47835965)
- Port Sizzle tests to jQuery (79b74e04)
Support
Tests
- Fix the "outside view position" test in Headless Chrome (23d72cb1)
- Fix selector tests in Chrome 141 (25a1b080)
- Increase nomodule test timeout for IE from 1s to 5s (5eab0a3c)
- Fix module/nomodule tests flakiness (5964acf3)
- Use releases.jquery.com as external host for AJAX testing (f21a6ea6)
- Fix tests for
jQuery.get( String, null-ish, null-ish, String )(05325801) - Add tests for
jQuery.get( String, null-ish, null-ish, String )(76687566) - Backport the
hidden="until-found"attr tests from 3.x-stable (3a31866b) - migrate test runner to jquery-test-runner (733e62d2)
- Add custom attribute getter tests to the selector module (44667709)
- Switch to an updated fork of promises-aplus-tests (559bc5ac)
- Run tests in Edge in IE mode in GitHub Actions (6d78c076)
- Run tests on both real Firefox ESRs (4b7ecbad)
- align mock.php spacing with 3.x-stable branch (d5ae14f6)
- replace dead links in qunit fixture (dbc9dac7)
- replace express with basic Node server (c85454a8)
- remove unnecessary scroll feature test (ea31e4d5)
- Align
:hasselector tests with3.x-stable(f2d9fde5) - revert concurrency group change (fa73e2f1)
- include github ref in concurrency group (5880e027)
- Make the beforeunload event tests work regardless of extensions (399a78ee)
- share queue/browser handling for all worker types (284b082e)
- improve diffing for values of different types (b9d333ac)
- show any and all actual/expected values (f80e78ef)
- add diffing to test reporter (44fb7fa2)
- add actual and expected messages to test reporter (1e84908b)
- fix worker restarts for failed browser acknowledgements (fedffe74)
- add –hard-retries option to test runner (822362e6)
- fix cleanup in cases where server doesn't stop (0754d596)
- fix flakey message logs; ignore delete worker failures (02d23478)
- reuse browser workers in BrowserStack tests (#5428) (95a4c94b)
- Use allowlist instead of whitelist (2b97b6bb)
- migrate testing infrastructure to minimal dependencies (dfc693ea)
- Fix Karma tests on Node.js 20 (d478a1c0)
- Disable the ":lang respects escaped backslashes" test (#5271, 62b9a258)
- Indicate Chrome 112 & Safari 16.4 pass the cssHas support test (89ef81f8)
- Test AJAX deprecated event aliases properly (cff28998)
- Indicate Firefox 106+ passes the
cssSupportsSelectortest (716130e0) - Remove a workaround for a Firefox XML parsing issue (e7ffe1f1)
- Fix the link to QUnit CSS file (8cf39b78)
- Exclude tests based on compilation flags, not API presence (#5069, fae5fee8)
- Workaround an XML parsing bug in Firefox (af1cd6f2)
- lock colors version to 1.4.0 (9603b3c8)
- Skip ETag AJAX tests on TestSwarm (00c060d1)
- Allow statusText to be "success" in AJAX tests (19ced963)
- Make Karma browser timeout larger than the QUnit one (4fd6912b)
- Don't remove csp.log in the cspClean action of mock.php (1019074f)
- Load the TestSwarm listener via HTTPS (d225639a)
- Switch background image from online file to local 1×1.jpg (482f8462)
- Strip untypical callback parameter characters from mock.php (a7027463)
- Make more tests run natively in Chrome & Firefox (50e8e846)
- Fix tests for not auto-executing scripts without dataType (d38528b1)
- Recognize callbacks with dots in the Node.js mock server (df6858df)
- Skip the "jQuery.ajax() on unload" test in Safari (c18dc496)
- Remove an unused local variable (82b87f6f)
- Remove remaining obsolete jQuery.cache references (d96111e1)
- Workaround failures in recent XSS tests in iOS 8 – 12 (11066a9e)
- Add tests for recently fixed manipulation XSS issues (dc06d68b)
- Use only one focusin/out handler per matching window & document (9b732043)
- Fix flakiness in the "jQuery.ajax() – JSONP – Same Domain" test (7b0864d0)
- Pass a number of necessary done() calls to assert.async() (364476c3)
- Remove obsolete jQuery data tests (eb35be52)
- Skip a "width/height on a table row with phantom borders" test in Firefox (a612733b)
- Don't test synchronous XHR on unload in Chrome (323575fb)
- Stop using jQuery.find in tests (1d624c10)
- Port changes from Sizzle (ac5f7cd8)
- Fix a comment in testinit.js (7bdf307b)
- update npo.js and include unminified source instead (b334ce77)
- Restrict an event test fallback to TestSwarm (bde53edc)
- Fix the new focusin/focusout test in IE (6f2fae7c)
- Fix the core-js polyfill inclusion method (2e4b79ab)
. This release comes with a