Tested the upgrade to jQuery 3.5.0. No issues. --Misagh
----- Original Message ----- > From: "Francesco Chicchiriccò" <[email protected]> > To: "dev" <[email protected]> > Sent: Thursday, April 23, 2020 6:04:10 PM > Subject: Re: Jquery version on 2.1.x/2.0.x > On 23/04/20 15:31, Misagh Moayyed wrote: >> In the same vein, I'd like to update the master branch to use jQuery 3.5.0. >> While optional for now, this will soon (1-2 days) become a requirement for >> the >> WA module to function correctly. Local testing shows that the upgrade is >> innocuous. > > If the REST service docs showing at > > http://localhost:9080/syncope/ > > works still fine with jQuery 3.5.0, then +1 for me to go ahead and upgrade on > master. > > Console and Enduser do use jQuery via Wicket, so no issues from those. > > Regards. > >> ----- Original Message ----- >>> From: "Colm O hEigeartaigh" <[email protected]> >>> To: "dev" <[email protected]> >>> Sent: Thursday, April 23, 2020 12:10:28 PM >>> Subject: Re: Jquery version on 2.1.x/2.0.x >>> That's great, thanks! >>> >>> Colm. >>> >>> On Thu, Apr 23, 2020 at 8:35 AM Francesco Chicchiriccò <[email protected]> >>> wrote: >>> >>>> On 23/04/20 08:58, Francesco Chicchiriccò wrote: >>>>> On 23/04/20 08:51, Colm O hEigeartaigh wrote: >>>>>> Is it possible to update the JQuery version on 2.1.x/2.0.x to the same >>>>>> version as on master? (3.4.1). It seems the existing version is >>>> vulnerable >>>>>> to https://nvd.nist.gov/vuln/detail/CVE-2019-11358 >>>>> Hi Colm, >>>>> I don't see issue. Let me do some local tests to confirm and I'll revert >>>> here. >>>>> Regards. >>>> Found no issues, proceeded with upgrade: >>>> >>>> * 2_0_X: >>>> https://github.com/apache/syncope/commit/8ec6c23498aa058860024a2940b8d3104b4be7d6 >>>> * 2_1_X: >>>> https://github.com/apache/syncope/commit/40bb5d7fe3790a5a66743d8473de0976bb2780b7 >>>> >>>> Regards. >>>> >>>> -- >>>> Francesco Chicchiriccò >>>> >>>> Tirasa - Open Source Excellence >>>> http://www.tirasa.net/ >>>> >>>> Member at The Apache Software Foundation >>>> Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail >>>> http://home.apache.org/~ilgrosso/ >>>> > > -- > Francesco Chicchiriccò > > Tirasa - Open Source Excellence > http://www.tirasa.net/ > > Member at The Apache Software Foundation > Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail > http://home.apache.org/~ilgrosso/
