Describe the issue or problem
How to update Chart.js,jquery validation and jquery-ui in OJS 3.4.0-4?
Steps I took leading up to the issue
What application are you using?
OJS 3.4.0-4
Additional information
Describe the issue or problem
How to update Chart.js,jquery validation and jquery-ui in OJS 3.4.0-4?
Steps I took leading up to the issue
What application are you using?
OJS 3.4.0-4
Additional information
Hi Yen,
can you provide some additional context what you would like to achieve?
Thank you
Jarda
Hello jardakotesovec,
I used Acunetix vulnerability scan of my website and it showed that Chart.js needs to be updated to version 2.9.4 or above, jQuery Validation to version 1.19.5 or above and jQuery UI to version 1.13.0 or above (currently OJS version 3.4.0-4 is used chart.js v2.0.1, jquery validation v1.19.3 and jquery-ui v1.12.1)
Thank you
yen
Hi Yen,
thanks for the report. From my experience, when looking into specifics of these security reports - its very rare that these would be actually impactful, as these libraries provides very wide range of functionality and we use just small subset, which is most commonly used.
That being said - it still would be best if we can keep up and keep the dependencies up to date. I created issue to track your report Update jquery, jquery-ui and chart.js to address security vulnerability reports · Issue #9753 · pkp/pkp-lib · GitHub . And will try to accommodate it.