arky
commented
3 years ago Please file the bug for each plugin in upstream tracker for resolution.
Closed S-mardii closed 3 years ago
arky
commented
3 years ago Please file the bug for each plugin in upstream tracker for resolution.
S-mardii
commented
3 years ago Upstream tracker is referring to IssueManagement repo?
arky
commented
3 years ago @S-mardii Yes, Updating plugins needs write access to the server. Only the developers can do that.
Not all security issues comes from plugins, our theme itself uses numerous outdated JavaScript libraries.
S-mardii
commented
3 years ago @arky do we have plan to resolve those outdated plugins and JavaScript libraries?
arky
commented
3 years ago @S-mardii I have filed numerous bugs regarding the fixes that are needed for the frontend theme to be secure and modern. There is a lot of JavaScript code in the existing theme (based on Jeo theme) that are no longer needed or used. This add so much weight to our page when they are accessed from slower networks and devices. I have told @prustar that perhaps you could move away this theme in future.
S-mardii
commented
3 years ago @arky I agreed that the current theme has numerous issues. Anyway, as long as this theme is still in use, the theme and its plugin would need to be maintained and updated. Security and responsiveness on mobile screen device are ones among the main priorities.
A number of plugins on our WordPress production is out of date.
The update should be performed as the out of dated font can cause security issues.
The plugin should be tested on staging or pre-production site before update on the production site, as the update could break some features or functionalities.