Old jquery version used

[davejbur]

I've just run the OWASP dependency check on my project, and it found the following vulnerability:

"One or more dependencies were identified with known vulnerabilities in :
js-beautify-1.6.12.jar: jquery.js (pkg:javascript/jquery@1.11.3) : CVE-2015-9251, CVE-2019-11358"

Since js-beautify has now been updated to 1.9.0, would it be possible to update the pom file to use the latest version?

[mxro]

I tried just bumping the version - but that didn't work. So might take a bit of time to ensure it will work with the correct version. But definitely something we should be doing.

[davejbur]

OK, thanks!

[SimonErm]

We are using proxy-vole which uses this library in our Apps and Google Playstore shows a security warning too.

[mxro]

Thanks @SimonErm for the further info and @davejbur for the patience. This should now be addressed in the upcoming version 0.1.28 (see commit above). If the security warning still comes up with this version, please let me know!