This is a migrated thread and some comments may be shown as answers.

Q1 2018 - Support for jQuery 3.x, jQuery 1.12.4

1 Answer 336 Views
General Discussions
This is a migrated thread and some comments may be shown as answers.
Marek
Top achievements
Rank 1
Marek asked on 19 Jan 2018, 11:33 AM

Hi,

The recent version has a dependency on jQuery 1.12.4. This is strange for me as previous versions were including 1.12.3. The version 1.12.4 has a serious security vulnerability https://snyk.io/test/npm/jquery/1.12.4?severity=high&severity=medium&severity=low . On the other hand 1.12.3 does not have it https://snyk.io/test/npm/jquery/1.12.3?severity=high&severity=medium&severity=low.

So my questions:

1) Why the version was upgraded?

2) Is it save to replace jquery.min.js content with the 1.12.3 version ?

3) Is it save to replace jquery.min.js content with the 3.x version ? I have found the compatibility list for UI for jQuery (https://docs.telerik.com/kendo-ui/intro/installation/prerequisites#supported-jquery-versions) - I hope MVC is the same code with additional MVC wrappers.

1 Answer, 1 is accepted

Sort by
0
Bozhidar
Telerik team
answered on 22 Jan 2018, 07:50 AM
Hello,

We strive to update to the latest available version of jQuery when they come out. It's okay to use the 1.12.3 version, as we maintain backwards compatibility. 

Kendo is also compatible with jQuery 3, so you can use it in your project as well. As you suspected, the javascript code used by the MVC Wrappers is the same as the native jQuery Kendo, so the compatibility table is the same.

Regards,
Bozhidar
Progress Telerik
Try our brand new, jQuery-free Angular components built from ground-up which deliver the business app essential building blocks - a grid component, data visualization (charts) and form elements.
Phil
Top achievements
Rank 1
commented on 20 Mar 2025, 06:22 PM

Our security scanning software tagged jQuery version 1.12.4 as vulnerable and recommends an upgrade to 3.7.1. I've done a lot of searching for information on how to do the upgrade but I've yet to find any information on how to do it. Can someone please tell me how to upgrade jQuery on a Windows 2019 IIS web server? Apparently one of our COTS application uses jQuery library.

Thanks,

Phil

Anton Mironov
Telerik team
commented on 24 Mar 2025, 07:48 AM

Hi Phil,

Thank you for the details provided.

In order to download the desired jQuery version, I would recommend the following:

For the update process:

As this thread was opened for MVC, I would recommend using the approach where jQuery is used by the following link in the _Layout of the project:

<script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>

Kind Regards,
Anton Mironov

 

 

Tags
General Discussions
Asked by
Marek
Top achievements
Rank 1
Answers by
Bozhidar
Telerik team
Share this question
or