(avro) branch main updated: Upgrade jquery to 3.7.1 due to CVE-2019-11358 (#3579)

[mgrigorov]

This is an automated email from the ASF dual-hosted git repository.

mgrigorov pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/avro.git


The following commit(s) were added to refs/heads/main by this push:
     new 8c2c0da3b0 Upgrade jquery to 3.7.1 due to CVE-2019-11358 (#3579)
8c2c0da3b0 is described below

commit 8c2c0da3b0dcbaf6463bbbad01918f4ee8455300
Author: Patrick Hayes <73637732+patrickhayes...@users.noreply.github.com>
AuthorDate: Tue Feb 17 00:10:38 2026 -0600

    Upgrade jquery to 3.7.1 due to CVE-2019-11358 (#3579)
    
    * Upgrade jquery to 3.5.0 due to CVE-2019-11358
    
    * bump jquery to 3.7.1
---
 .../velocity/org/apache/avro/ipc/stats/static/jquery-1.6.3.min.js     | 4 ----
 .../velocity/org/apache/avro/ipc/stats/static/jquery-3.7.1.min.js     | 2 ++
 .../main/velocity/org/apache/avro/ipc/stats/templates/statsview.vm    | 2 +-
 pom.xml                                                               | 2 +-
 4 files changed, 4 insertions(+), 6 deletions(-)

diff --git 
a/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-1.6.3.min.js
 
b/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-1.6.3.min.js
deleted file mode 100644
index 20d7f61e39..0000000000
--- 
a/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-1.6.3.min.js
+++ /dev/null
@@ -1,4 +0,0 @@
-/*! jQuery v1.6.3 http://jquery.com/ | http://jquery.org/license */
-(function(a,b){function cu(a){return 
f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function 
cr(a){if(!cg[a]){var 
b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){ch||(ch=c.createElement("iframe"),ch.frameBorder=ch.width=ch.height=0),b.appendChild(ch);if(!ci||!ch.createElement)ci=(ch.contentWindow||ch.contentDocument).document,ci.write((c.compatMode==="CSS1Compat"?"<!doctype
 html>":"")+"<html><body>"),ci.close();d=ci.createElement( [...]
-,delete t[h]}if(f.isEmptyObject(t)){var u=s.handle;u&&(u.elem=null),delete 
s.events,delete 
s.handle,f.isEmptyObject(s)&&f.removeData(a,b,!0)}}},customEvent:{getData:!0,setData:!0,changeData:!0},trigger:function(c,d,e,g){var
 
h=c.type||c,i=[],j;h.indexOf("!")>=0&&(h=h.slice(0,-1),j=!0),h.indexOf(".")>=0&&(i=h.split("."),h=i.shift(),i.sort());if(!!e&&!f.event.customEvent[h]||!!f.event.global[h]){c=typeof
 c=="object"?c[f.expando]?c:new f.Event(h,c):new 
f.Event(h),c.type=h,c.exclusive=j,c.nam [...]
-return{fragment:e,cacheable:g}},f.fragments={},f.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(a,b){f.fn[a]=function(c){var
 
d=[],e=f(c),g=this.length===1&&this[0].parentNode;if(g&&g.nodeType===11&&g.childNodes.length===1&&e.length===1){e[b](this[0]);return
 this}for(var h=0,i=e.length;h<i;h++){var 
j=(h>0?this.clone(!0):this).get();f(e[h])[b](j),d=d.concat(j)}return 
this.pushStack(d,a,e.selector)}}),f.extend({clone: [...]
\ No newline at end of file
diff --git 
a/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-3.7.1.min.js
 
b/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-3.7.1.min.js
new file mode 100644
index 0000000000..7f37b5d991
--- /dev/null
+++ 
b/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-3.7.1.min.js
@@ -0,0 +1,2 @@
+/*! jQuery v3.7.1 | (c) OpenJS Foundation and other contributors | 
jquery.org/license */
+!function(e,t){"use strict";"object"==typeof module&&"object"==typeof 
module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw
 new Error("jQuery requires a window with a document");return 
t(e)}:t(e)}("undefined"!=typeof window?window:this,function(ie,e){"use 
strict";var 
oe=[],r=Object.getPrototypeOf,ae=oe.slice,g=oe.flat?function(e){return 
oe.flat.call(e)}:function(e){return 
oe.concat.apply([],e)},s=oe.push,se=oe.indexOf,n={},i=n.toString,ue=n.hasOwnProperty,o=ue
 [...]
diff --git 
a/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/templates/statsview.vm
 
b/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/templates/statsview.vm
index 1e9659b0b0..3f45626891 100644
--- 
a/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/templates/statsview.vm
+++ 
b/lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/templates/statsview.vm
@@ -51,7 +51,7 @@
 <title>$title</title>
 <script type="text/javascript" src="static/protovis-r3.2.js"></script>
 <script type="text/javascript" src="static/tipsy.js"></script>
-<script src="static/jquery-1.6.3.min.js" type="text/javascript"></script>
+<script src="static/jquery-3.7.1.min.js" type="text/javascript"></script>
 <script src="static/jquery.tipsy.js" type="text/javascript"></script>
 <script src="static/tipsy.js" type="text/javascript"></script>
 <link href="static/tipsy.css" type="text/css" rel="stylesheet"/>
diff --git a/pom.xml b/pom.xml
index 770cda92eb..364019bf22 100644
--- a/pom.xml
+++ b/pom.xml
@@ -542,7 +542,7 @@
                 <exclude>lang/c++/m4/*.m4</exclude>
                 
<exclude>lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/protovis-r3.2.js</exclude>
                 
<exclude>lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/g.bar.js</exclude>
-                
<exclude>lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-1.6.3.min.js</exclude>
+                
<exclude>lang/java/ipc/src/main/velocity/org/apache/avro/ipc/stats/static/jquery-3.7.1.min.js</exclude>
                 <!-- License files -->
                 
<exclude>lang/java/tools/src/main/resources/META-INF/cddl-1.0.text</exclude>
                 
<exclude>lang/java/tools/src/main/resources/META-INF/cddl-1.1.text</exclude>