tmc-ee
commented
2 years ago Any update on when this change might be approved? We're getting a security alert for this when running ZAP checks on PPT.
Open hannalaakso opened 3 years ago
tmc-ee
commented
2 years ago Any update on when this change might be approved? We're getting a security alert for this when running ZAP checks on PPT.
jQuery is currently being included as a sub-dependency of this component via
openregister-picker-enginewhich includescorejs-typeahead.As jQuery 3.2.1 has reported medium severity vulnerabilities, jQuery should be updated to the latest version 3.6.0 which has no reported vulnerabilities.
The compiled files in
dist/should then be re-built and a new version released.