Open ConnorSheremeta opened 9 months ago
I imagine that this upgrade will break some front-end components and will require following the upgrade guide followed by extensive testing.
From @jefferya on slack regarding a CVE which this upgrade (or an upgrade to 5.x.x) resolves:
- PR breaks tests
- Vulnerability only impacts the Bootstrap carousel component according to https://github.com/ualbertalib/jupiter/security/dependabot/142
- I'm not seeing the use of the carousel component in Jupiter
A bootstrap upgrade to at least 5.3.2 (currently on 4.6.2) is required to resolve this deprecation warning (https://blog.getbootstrap.com/2023/09/14/bootstrap-5-3-2/).