Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jQuery vulnerability in scala-lang.org #11594

Closed
exoego opened this issue Jun 26, 2019 · 2 comments
Closed

jQuery vulnerability in scala-lang.org #11594

exoego opened this issue Jun 26, 2019 · 2 comments
Assignees
@eed3si9n
Labels
has PR language spec security
Milestone
2.11.13

Comments

@exoego
Copy link

exoego commented Jun 26, 2019
edited

White working on #11567 (vulnerability in ScalaDoc), I found HTML templates for scala-lang.org also uses jQuery.js 2.1.3 that is considered vulnerable.

Use-site
https://github.com/scala/scala/blob/a37e40399b65554241ee0f4276a915b3d0f723f9/spec/_layouts/toc.yml#L9

I suggest to migrate to jQuery 3 (as planed so in #11567).
@SethTisue SethTisue modified the milestones: 2.13.1, 2.12.9 Jul 4, 2019
@eed3si9n eed3si9n self-assigned this Jul 19, 2019
eed3si9n added a commit to eed3si9n/scala that referenced this issue Jul 19, 2019
@eed3si9n
Update jQuery used in specs page to 3.4.1
ebf5b05 
Fixes scala/bug#11594

I used jQuery Migrate (https://github.com/jquery/jquery-migrate/) to let it print out deprecation warnings, and updated `.bind` to `.on`.
eed3si9n added a commit to eed3si9n/scala that referenced this issue Jul 19, 2019
@eed3si9n
Update jQuery used in specs page to 3.4.1
ff01f41 
Fixes scala/bug#11594

I used jQuery Migrate (https://github.com/jquery/jquery-migrate/) to let it print out deprecation warnings, and updated `.bind` to `.on`.

Here's how I locally tested the page:

```
bundle exec jekyll build -s spec/ -d build/spec
ruby -run -e httpd build/spec -p 9090
```
@eed3si9n eed3si9n mentioned this issue Jul 19, 2019
Merged
@eed3si9n
Copy link
Member

Here's my PR - scala/scala#8250

eed3si9n added a commit to eed3si9n/scala that referenced this issue Jul 22, 2019
@eed3si9n
Update jQuery used in specs page to 3.4.1
0fe8209 
Fixes scala/bug#11594

I used jQuery Migrate (https://github.com/jquery/jquery-migrate/) to let it print out deprecation warnings, and updated `.bind` to `.on`.

Here's how I locally tested the page:

```
bundle exec jekyll build -s spec/ -d build/spec
ruby -run -e httpd build/spec -p 9090
```
@eed3si9n eed3si9n mentioned this issue Jul 22, 2019
Merged
@exoego
Copy link
Author

exoego commented Jul 23, 2019

Closing since addressed in scala/scala#8250

@exoego exoego closed this as completed Jul 23, 2019
@SethTisue SethTisue modified the milestones: 2.12.9, 2.11.13 Jul 23, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eed3si9n eed3si9n

Labels
has PR language spec security
Projects
None yet
Milestone
2.11.13
Development

No branches or pull requests
3 participants
@exoego @SethTisue @eed3si9n