Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
In the past, we had a number of issues with updating the jQuery version passed 1.7. See:
- #1883640: Support jQuery 1.7+ in Panels
- #2447521: [META] Update contrib modules to be compatible with jQuery 1.8+
However, I've been going through them and doing some testing, and everything seems to be working now with jQuery 1.10.
I think it's finally time to update to the latest allowed by the jquery_update 2.x module, at least on new sites.
Comment | File | Size | Author |
---|---|---|---|
#3 | panopoly_core-jquery-110-2975931-3.patch | 634 bytes | dsnopek |
Comments
Comment #2
dsnopekComment #3
dsnopekHere's the patch for testing!
EDIT: Here's a Travis build: https://travis-ci.org/panopoly/panopoly/builds/385003123
Comment #4
aubjr_drupal CreditAttribution: aubjr_drupal commented@dsnopek - I was just looking at going to 1.12.2 for our Panopoly distro because per https://www.drupal.org/project/jquery_update/issues/2939759 it's the best we can do for security because Panels IPE breaks with 3.x.
I see that you stopped at 1.10 here, however. In your testing, did jQuery 1.11 and 1.12 not work out?
Comment #5
aubjr_drupal CreditAttribution: aubjr_drupal commentedI've tested updating jQuery Update to 3.0-alpha5 and applied a similar patch to that module for updating the 1.12 version to 1.12.2 (the latest and best 1.x jQuery with the fewest possible security issues).
After briefly skimming the code in jQuery Update, the key differences in 3.x (over 2.7) appear to be:
I’ve run it through Travis-CI testing for my Panopoly sub-distro and it doesn't appear to cause any issues.
I'm assuming that the .make files of Panopoly would handle the jQuery Update module update to 3.0-alpha5 (in panopoly_admin and panopoly_core)?
Also attaching a tiny patch to update 3.0-alpha5 jquery 1.12 true version to v1.12.2 to apply to jQuery Update 3.0-alpha5, and I'm assuming there'd need to be a separate patch to do the jQuery downgrade in the module - which I'll put up here if needed.
Comment #6
dsnopekHere's some patches to do this update to jquery 1.12.2 (using the linked patch). I did some manual testing: Panels IPE and Page Manager worked fine, but I had issues with inserting Media in the WYSIWYG. Switching back to 1.7 didn't seem to help (although, I didn't try reverting the update to jquery_update) so it could have been some other issue my development environment, but I'm not sure. I'll run these patches through the automated tests and we'll see how it fares there.
EDIT: Here's the Travis build: https://travis-ci.org/panopoly/panopoly/builds/488884022
Comment #7
dsnopekHm. The issue with Media seems to be caused by the jquery_update patch at #2939759: Warn users of outdated/insecure jQuery and jQuery UI versions. Without that patch, even on 1.12, Media in WYSIWYG seems to work. So, it's something else in that patch besides switching from 1.12.4 to 1.12.2...
Comment #8
dsnopekOk, I fixed up some weird issues in that patch, and figured out what's breaking Media: it also updates jquery_ui to work with the updated jquery version, and it's the jquery_ui update that's causing problems. Odds are we'll have to patch Media to get this to work, but it could also be some issue in customizations.
Comment #9
dsnopekHm, I guess jquery_update is moving to not having any jQuery or jQuery UI code in the module, and instead always loading from a CDN. Here's the issue from Mark Carver which will make that change: #1869928: Better CDN/API/automation support
I think we should maybe postpone this on that? That'll make doing an update to a secure version of jQuery easier, and for the Media changes, there will actually be a way for the community to test that (or allow us to stay back on an older jQuery UI temporarily).
Comment #10
aubjr_drupal CreditAttribution: aubjr_drupal commentedSorry about the delay in responding on this, @dsnopek.
I've sent a note out to our community to see if anyone has experienced this issue since I pushed it out as a Webspark-only patch a few months ago.
Comment #11
dsnopekGiven the uncertainty around jquery_update and how to handle the latest and most secure versions, I'm inclined to just return this issue to the patch on #3 (since I think that update just works) and make a child issue to update further once it's possible to set a security version combo with jquery_update without patching it.
Comment #12
dsnopekComment #14
dsnopekCommitted!
We can open a new issue for later jQuery updates once #1869928: Better CDN/API/automation support is in.