2012 vs today...

OK, this might sound a bit dumb but….


I got to thinking since I see something in the code editors keep complaining that the installed scripts are outdated. 

Should we update these scripts to the latest releases or leave them to be? 

Sorry if this sounds like a noob question.

Master Rat 

FYI JQuery.js is dated 2012 there are updated versions available that I have researched.
 

Hello.

I'll look into this. Updating core libraries like JQuery might become a big mess for v10 and not worth the effort especially since we are on the home stretch for v11 beta (development unfortunately took a massive slow-down as both Chris and I ran into other real-life situations to address).

Updating a dependency baked into Composr generally would be a bad idea. We might have modifications to it, there might be compatibility breaks in a newer version, or we might have had to package it in a particular way.

If something is outright breaking, or known to be insecure in the real world (*), a tracker issue should be opened.

* There are various jQuery security vulnerabilities but to my knowledge they are very specific rather than something a website user can exploit. If I'm wrong I hope someone will tell us.

We have a process of trying to track and update all our dependencies. There's a permanent tracker issue 0000651: Sync with upstream libraries (dependencies) and with API versions (ongoing) - Composr CMS feature tracker - which references data_custom/third_party_code.csv · v11 · Composr ecosystem / Composr · GitLab

Thanks and well noted.

Rat