Upgrade jQuery to 3.5.x for Notebook 5.x #6469

dylanraws · 2022-07-12T21:36:46Z

As reported in #5489, jQuery versions below 3.5.0 have known security vulnerabilities. My organization provides customers with a managed compute environment with Jupyter Notebook 5.x installed. Our customers have the requirement that we update jQuery to resolve known CVEs. Long term, we will work with our customers to use newer major versions of Jupyter Notebook and Jupyter Lab, but for now, we ask that the jQuery version be upgraded and a new version of Jupyter Notebook 5.x be released.

dylanraws · 2022-07-12T21:38:38Z

Tagging @jweill-aws for visibility

jtpio · 2023-08-01T08:21:23Z

Closing as this would have to be implemented in https://github.com/jupyter/nbclassic if still needed.

Please open a new issue there if the issue is still relevant, thanks!

JasonWeill added this to the 5.8 milestone Jul 12, 2022

dylanraws mentioned this issue Jul 12, 2022

Bump minimum version of jQuery to 3.6.0 #6471

Merged

jtpio mentioned this issue Jul 28, 2022

Notebook Weekly Meetings Nov 2021 - Dec 2022 jupyter/notebook-team-compass#5

Closed

jtpio closed this as completed Aug 1, 2023

antonysigma mentioned this issue Aug 28, 2023

Enable Github depend bot to scan for Javascript vulnerability halide/Halide#7789

Closed

github-actions bot locked as resolved and limited conversation to collaborators Aug 1, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade jQuery to 3.5.x for Notebook 5.x #6469

Upgrade jQuery to 3.5.x for Notebook 5.x #6469

dylanraws commented Jul 12, 2022

dylanraws commented Jul 12, 2022

jtpio commented Aug 1, 2023

Upgrade jQuery to 3.5.x for Notebook 5.x #6469

Upgrade jQuery to 3.5.x for Notebook 5.x #6469

Comments

dylanraws commented Jul 12, 2022

dylanraws commented Jul 12, 2022

jtpio commented Aug 1, 2023