-
-
Notifications
You must be signed in to change notification settings - Fork 219
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Datatables version security issue #5628
Comments
@thomas-topway-it , can you upgrade to 1.10.23? |
If I understand, we have 1.13.2 in there which is several versions above 1.10.23 Oh. I see this is related to the something in SMW core, not the new result format. Thus moving back to SMW. |
Since it is SMW core it is about the "datatable" class to the table format. "onoi/shared-resources" was already merged into SMW last year. The dataTables stuff is now sitting in this spot. |
I guess we have three options
|
@krabina if SRF datatables could be a drop in replacement for the datatables class, I suggest to maintain only one and drop the other. |
Setup
Issue
Hello @JeroenDeDauw ,
Am geting a security issue with Datatables version on upgrade from SMW 4.1.2 According to the security team, Semantic should be bundled with datatable 1.10.23, or 2.0.3, published on 22 Mar, 2024 see discussion on version safe
Detailed description of the issue and a stack trace if applicable:
When installation is launched, the SMW is sent to quarantaine by security system
https://github.com/SemanticMediaWiki/SemanticMediaWiki/tree/master/res/onoi/jquery.dataTables
Steps to reproduce the observation (recommendation is to use the sandbox):
Upgrade with composer
Regards!
The text was updated successfully, but these errors were encountered: