search

cross-solution / YAWIK

YAWIK is a web application. It can be used as an ATS applicant tracking system or as a jobboard.
https://yawik.org
MIT License
124 stars 67 forks source link

update jQuery #454

Closed cbleek closed 6 years ago

cbleek commented 6 years ago

there is a Vulnerability in jquery. We're using jquery 2 because

module/Core/public/js/core.init.js uses the jquery function size(), which is deprecated since 1.8 and removed in jquery 3. Since our composer.json requires the latest version, currently jquery 3 will be installed.

https://github.com/cross-solution/YAWIK/issues/285

@kilip can you take a look?

kilip commented 6 years ago

Yes, start working on this issue now.

kilip commented 6 years ago

@cbleek @TiSiE

In #455 pull request I remove components/jquery dependencies in composer configuration. Because jquery is loaded in package.json, and exported with install-assets.sh command. jquery now upgraded into ^3.0.0 version.

I also want to notice that this notification is tested in behat test such as this login.feature. In that test behat will verify that You are now logged in notification is showed.

cbleek commented 6 years ago

Thanks. The demo runs with jQuery3