-
Notifications
You must be signed in to change notification settings - Fork 256
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade jQuery to 3.x #1790
Comments
Blacklight will use whatever version of jquery you install into your rails app. I'm not sure there's any change to be made in blacklight, is there? |
There're JavaScript code in blacklight that doesn't work with jQuery3. For example, the function "form.find" would break for jQuery3. Also the blacklight assets generator generate reference to jQuery 1.x by default. |
@jiaola it sounds like you know a lot about this. Would you be interested in submitting a pull request? |
What is the status of Jquery3? I'm using BL 5.14 (!) with jquery 3, but checkbox_submit need a bit of reworking ( .size() deprecated, etc) and is a blocker for me - would you be interested in a pull request? |
Yes @xhero a PR is most welcome. |
If this is to be in BL7, there needs to be:
|
Scoping to 7.0 since it seems urgent for the security considerations and is a backwards compatibility issue. |
Blacklight at |
@cdmo so you expect using jquery3 by default is a one line change to the manifest? |
If you're using Blacklight 7, you don't have a choice, you're using jquery 3 because Bootstrap 4 requires it as far as I can tell. I'm using
Here's a stanza from "blacklight-frontend@https://github.com/projectblacklight/blacklight#c435caddf14af6aa36c1428995b8cc52d76d4bf2":
version "7.0.0-alpha.1"
resolved "https://github.com/projectblacklight/blacklight#c435caddf14af6aa36c1428995b8cc52d76d4bf2"
dependencies:
bloodhound-js "^1.2.2"
bootstrap "^4.0.0"
jquery "^3.2.1"
typeahead.js "^0.11.1"
EDIT: see https://github.com/projectblacklight/blacklight/blob/master/package.json AsideYou'll notice I'm point to a hash for my blacklight front end dependency. This is because the latest tagged release still has jquery 3 issues IIRC. |
@cdmo ok, let me rephrase my question: Is this issue fixed in master, and thus close-able? |
😁 yeah, I think so. I have clicked around a lot and haven't seen any errors in console or other things not working. There is one small issue where if you check a bookmark, uncheck and re-check, you get an error - but the trace on that looks like it's coming from Rails/Blacklight ruby code and I haven't had a chance to dig into it. I mention it only because it presents as something that appears to be a js issue but I'm 99% sure it isn't |
@cdmo ok, I'm closing - we can open new issues for newly identified bugs. |
Blacklight uses the jquery-rails gem, and it uses jquery 1.x by default. However, jquery 1 and 2 are officially end of life, and not supported any more. jquery/jquery.com#162
There're potential security issues in 1.x and the last commit in 1.x is about a year ago.
https://www.willchatham.com/web-dev/a-jquery-1-x-vulnerability-exists-and-no-fix-is-planned/
jquery needs to be upgraded to 3 in Blacklight.
The text was updated successfully, but these errors were encountered: