Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Upgrade jquery to >= 3.0 #1539
I misinterpreted the (confusing) gemnasium jquery XSS alert that I thought was fixed in jquery 1.12.4 (ref #1533). It actually looks like only jquery v3 has the fix (ref jquery/jquery#2432 (comment) and https://nodesecurity.io/advisories/328).
I'll repeat here that we aren't using jquery to do any cross-origin ajax (we switched to