Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revert "Security fix: Upgrade jQuery to v3.5.1" #252

Merged
merged 1 commit into from Oct 19, 2020
Merged

Revert "Security fix: Upgrade jQuery to v3.5.1" #252

merged 1 commit into from Oct 19, 2020

Conversation

skeggse
Copy link
Member

@skeggse skeggse commented Oct 19, 2020
edited

Reverts #249

Per #249 (comment)

cc @Piccirello, @bvallelunga, @justrealmilk - we'll likely need to switch away from the deprecated CDN /g/ to /npm/

@Piccirello
Copy link
Contributor

Apologies for my lack of testing of the jsdelivr URL. Based on your suggestion, it looks like the following URLs will work. It does mean making two separate requests as bootstrap doesn't appear to work with the /npm/ url.

I'm happy to put up PRs using these urls. Lmk!

@skeggse
Copy link
Member Author

skeggse commented Oct 19, 2020

We should be able to use bootstrap from npm, no? In which case we'd be able to combine back into one under /npm/, I think.

@skeggse skeggse merged commit 2a268c3 into master Oct 19, 2020
@skeggse skeggse deleted the revert-249-tom_upgrade_jquery branch October 19, 2020 16:44
@Piccirello
Copy link
Contributor

jdelivr doesnt seem to likely the structure of the bootstrap repo: https://cdn.jsdelivr.net/npm/bootstrap@3.3.7

@skeggse
Copy link
Member Author

skeggse commented Oct 19, 2020
edited

https://cdn.jsdelivr.net/combine/npm/jquery@3.5.1,npm/bootstrap@3.3.7/dist/js/bootstrap.min.js seems to work for me

(edit: sorry - wrong link)

@Piccirello
Copy link
Contributor

I wasn't aware that jsdelivr supported such fanciness. I'll put up a new PR tonight for jQuery and Bootstrap.

beequeueci pushed a commit that referenced this pull request Oct 28, 2020
@semantic-release-bot
chore(release): 3.2.4 [skip ci]
a9a0e35 
### [3.2.4](v3.2.3...v3.2.4) (2020-10-28)

### Bug Fixes

* **security:** upgrade jquery and bootstrap ([#253](#253)) ([14b317b](14b317b))
* revert jQuery upgrade ([#252](#252)) ([2a268c3](2a268c3))
@beequeueci
Copy link
Collaborator

🎉 This PR is included in version 3.2.4 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@skeggse @Piccirello @beequeueci