Q1 2018 - Support for jQuery 3.x, jQuery 1.12.4

2 posts, 0 answers
  1. Marek
    Marek avatar
    1 posts
    Member since:
    Sep 2015

    Posted 19 Jan 2018 Link to this post

    Hi,

    The recent version has a dependency on jQuery 1.12.4. This is strange for me as previous versions were including 1.12.3. The version 1.12.4 has a serious security vulnerability https://snyk.io/test/npm/jquery/1.12.4?severity=high&severity=medium&severity=low . On the other hand 1.12.3 does not have it https://snyk.io/test/npm/jquery/1.12.3?severity=high&severity=medium&severity=low.

    So my questions:

    1) Why the version was upgraded?

    2) Is it save to replace jquery.min.js content with the 1.12.3 version ?

    3) Is it save to replace jquery.min.js content with the 3.x version ? I have found the compatibility list for UI for jQuery (https://docs.telerik.com/kendo-ui/intro/installation/prerequisites#supported-jquery-versions) - I hope MVC is the same code with additional MVC wrappers.

  2. Bozhidar
    Admin
    Bozhidar avatar
    1189 posts

    Posted 22 Jan 2018 Link to this post

    Hello,

    We strive to update to the latest available version of jQuery when they come out. It's okay to use the 1.12.3 version, as we maintain backwards compatibility. 

    Kendo is also compatible with jQuery 3, so you can use it in your project as well. As you suspected, the javascript code used by the MVC Wrappers is the same as the native jQuery Kendo, so the compatibility table is the same.

    Regards,
    Bozhidar
    Progress Telerik
    Try our brand new, jQuery-free Angular components built from ground-up which deliver the business app essential building blocks - a grid component, data visualization (charts) and form elements.
Back to Top