-
-
Notifications
You must be signed in to change notification settings - Fork 78.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a badge to track our dependencies #23125
Conversation
Only commen is that I'd move the dependencies badge before the devDependencies one. Other than that, I'm definitely in favor of requiring jQuery 3.x. |
Thank you @XhmikosR , I made those changes 👍 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, let's do it for Beta 2! <3
I quickly merged this, but we might need to revisit for |
It seems ok because you merged v4-dev in this branch |
Oh yeah sorry I just woke up... But yeah now we need a |
Yeah what @Johann-S said :D |
Add a badge to track easely our dependencies, currently this badge looks like that (inSecure) :
Because we choose to require at least jQuery
1.9.1
but all the release of jQuery under jQuery3
are vulnerable to this XSS issue : https://nodesecurity.io/advisories/jquery_xssSo I recommand to change our required jQuery version to :
>=3.0.0
Side Note : jQuery
3
compatibility https://jquery.com/browser-support//CC @mdo @XhmikosR @bardiharborow