mudhorn/prometheus
1
0
Fork 0
mirror of https://github.com/prometheus/prometheus.git synced 2025-01-11 22:07:27 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

web/ui: bump jQuery to 3.5.1 for the legacy UI (#7447)

Browse source 
jQuery prior to 3.4.0 is affected by an Object.prototype pollution
vulnerability (CVE-2019-11358). Even though our code doesn't seem to be
vulnerable to the issue, lets upgrade to the latest jQuery release so we
don't have to bother.

Signed-off-by: Simon Pasquier <spasquie@redhat.com>
This commit is contained in:
Simon Pasquier 2020-06-24 16:14:28 +02:00 committed by GitHub
parent b788986717
commit cf6890a3a8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 3 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
web/ui/static/vendor/js/jquery-3.3.1.min.js vendored
View file

File diff suppressed because one or more lines are too long

2
web/ui/static/vendor/js/jquery-3.5.1.min.js vendored Normal file
View file

File diff suppressed because one or more lines are too long

4
web/ui/static/vendor/js/jquery.min.js vendored
View file

File diff suppressed because one or more lines are too long

2
web/ui/templates/_base.html
View file

@ -5,7 +5,7 @@
<meta name="robots" content="noindex,nofollow">
<title>{{ pageTitle }}</title>
<link rel="shortcut icon" href="{{ pathPrefix }}/static/img/favicon.ico?v={{ buildVersion }}">
<script src="{{ pathPrefix }}/static/vendor/js/jquery-3.3.1.min.js?v={{ buildVersion }}"></script>
<script src="{{ pathPrefix }}/static/vendor/js/jquery-3.5.1.min.js?v={{ buildVersion }}"></script>
<script src="{{ pathPrefix }}/static/vendor/js/popper.min.js?v={{ buildVersion }}"></script>
<script src="{{ pathPrefix }}/static/vendor/bootstrap-4.3.1/js/bootstrap.min.js?v={{ buildVersion }}"></script>