Upgrade JQuery and Bootstrap

aissab · October 21, 2021, 7:50am

Hi Everyone

We run some security checks against our Frappe custom app, and we found 2 vulnerabilities related to the current version of Jquery and Bootstrap used by Frappe.
Jquery version: 2.2.4
Bootstrap version: 4.0.0

IS there any plans to upgrades to more recent versions of these libraries in the near future?
If not, is there a way to override them using our custom app, without changing Frappe code?

Thanks

Some references of the vulnerabilities:
https://github.com/jquery/jquery/issues/2432
https://github.com/twbs/bootstrap/issues/28236

smino · October 21, 2021, 2:16pm

Hi,

What versions do npm search jquery and npm search bootstrap report?

aissab · October 24, 2021, 6:18am

Hi
npm search jquery
jquery: 3.6.0

npm search bootstrap
bootstrap: 5.1.3

rmehta · October 24, 2021, 7:41am

cc @surajshetty @shariquerik

nostahl · October 26, 2021, 7:22pm

im interested in this too

aissab · November 2, 2021, 1:23pm

Hi dears
Any advice please?

Jecintha · August 24, 2022, 11:46am

Hi everyone,
I am also need JQuery latest version please advice.