remove jQuery

[martymcguire]

In ~June 2024 GitHub started sending Dependabot warnings about this repo using a "vulnerable" version of jQuery.

This site is read-only and doesn't accept user input, so I don't think there's any actual risk, here. However, a quick fix was done to update jQuery with #127

That should hold us for a while, but even better would be to remove reliance on jQuery altogether.

Each event page has a small section of JavaScript that uses jQuery. For example, summit.php:

  $(document)
    .ready(function() {

      // fix menu when passed
      $('.masthead')
        .visibility({
          once: false,
          onBottomPassed: function() {
            $('.fixed.menu').transition('fade in');
          },
          onBottomPassedReverse: function() {
            $('.fixed.menu').transition('fade out');
          }
        })
      ;

      // create sidebar and attach to menu open
      $('.ui.sidebar')
        .sidebar('attach events', '.toc.item')
      ;

    })
  ;

Near the bottom of the file is some JavaScript that interacts with a map widget, including a popup containing the venue address:

$(function(){
  $(".popup").popup();
});

The fixed menu behavior, sans the fades, could be accomplished with some CSS changes using position: fixed.

Similarly, the sidebar behavior could likely be accomplished with some CSS and the :target pseudoselector. (Or some vanilla Javascript).

The popup could be handled with vanilla Javascript, as well.

That's all I found with a quick look!

[aaronpk]

This likely also applies to

https://github.com/indieweb/2018.indieweb.org

https://github.com/indieweb/2017.indieweb.org

https://github.com/indieweb/2016.indieweb.org