[wp-trac] [WordPress Trac] #37110: Update to jQuery 3.*
WordPress Trac
noreply at wordpress.org
Fri Nov 22 19:09:24 UTC 2019
#37110: Update to jQuery 3.*
-------------------------------------------------+-------------------------
Reporter: jorbin | Owner: (none)
Type: task (blessed) | Status: new
Priority: normal | Milestone: Future
| Release
Component: External Libraries | Version:
Severity: critical | Resolution:
Keywords: early has-patch needs-testing | Focuses: javascript
needs-dev-note needs-screenshots needs- |
refresh |
-------------------------------------------------+-------------------------
Comment (by jacklinkers):
@remzicavdar Thanks, but my question is security related. Adding an
external plugin on top which increases risks is not an option (regardless
your coding skills / code quality standards / compliance).
There is 2 well known critical security breaches in v1.12 (I will not
publish here), which prevent PCI-DSS compliance (hundreds websites get
hacked with everyday).
I agree with you, an EOL should have been put in place, there is no point
holding / forcing other users to stick with outdated library (not talking
in days, weeks, or months, but several years !!!) because of compat with
crappy plugins it might break.
Look at HTTPS it's a common standard now. Search engines ignore not
secured websites. Look at QUIC / HTTP/3 which will secure by default
communications, look at Bootstrap 5 which will drop completely jQuery...
Stick to v1.12 fails on every industry standard
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37110#comment:81>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list