WordPress.org

Make WordPress Core

Opened 8 months ago

Closed 8 months ago

Last modified 2 months ago

#45953 closed enhancement (duplicate)

Jquery & Jquery UI update

Reported by: Webzzz Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: External Libraries Keywords:
Focuses: javascript, administration Cc:

Description

Will some one please update the jquery core and jquery ui to the latest? I have manually updated it but it's not stable and it can be removed/changed with WordPress updates...

Is there a reason we use the old jquery files by default?

Google's Lighthouse tool reports this too.

https://code.jquery.com/
https://code.jquery.com/ui/

https://www.cvedetails.com/vulnerability-list/vendor_id-6538/Jquery.html

https://nvd.nist.gov/view/vuln/search-results?query=jquery&search_type=all&cves=on

https://developers.google.com/web/tools/lighthouse/

Change History (16)

#1 in reply to: ↑ description @kamalireal
8 months ago

Replying to Webzzz:

Hi @Webzzz, Thanks for the report.

When you are updating wordpress, the files are replaced.

You can remove wordpress jquery / embed from your theme. for do this , insert this code in your functions.php (theme) :

// Remove Jquery
function site_init() { wp_deregister_script('jquery'); }
add_action('init', 'site_init');

// REMOVE WP Embed
function my_deregister_scripts(){ wp_deregister_script( 'wp-embed' ); }
add_action( 'wp_footer', 'my_deregister_scripts' );

And then insert your jquery (new version) in footer.php theme.

for example :

<script type='text/javascript' src='http://yourwebsite_url.com/jquery.js'></script>

Note: If you do not use jQuery, the function of some sections of your template or plugins stops.

Good luck.

#2 @sebastienserre
8 months ago

Hello @kamalireal

Enqueuing the scripts directly in footer.php is a bad practice.
Consider using https://codex.wordpress.org/Plugin_API/Action_Reference/wp_enqueue_scripts

Dear @Webzzz

Many thanks for reporting this issue unfortunately this ticket is a duplicate of #37110. As per #45310 and @swissspidy comment "Note that we're currently still on 1.12 mainly because of browser support.".

Last edited 8 months ago by sebastienserre (previous) (diff)

#3 @Webzzz
8 months ago

Hey, Thank you all for the quick responses.

My solution looks like a mix (a plugin + extra js file):

function rw_jquery_updater()
{
    
    // jQuery
    // Deregister core jQuery
    wp_deregister_script('jquery');
    // Register
    wp_enqueue_script('jquery', plugins_url('/js/jquery-3.3.1.min.js', __FILE__), false, '3.3.1');
    
    // jQuery Migrate
    // Deregister core jQuery Migrate
    wp_deregister_script('jquery-migrate');
    // Register
    wp_enqueue_script('jquery-migrate', plugins_url('/js/jquery-migrate-3.0.0.min.js', __FILE__), array('jquery'), '3.0.0'); 
    // require jquery, as loaded above
	
    // Deregister UI jQuery
    wp_deregister_script('jquery-ui-core');
    // Register
    wp_enqueue_script('jquery-ui-core', plugins_url('/js/jquery-ui-1.12.1.min.js', __FILE__), false, '1.12.1');
    
}

BTW I don't get any errors, everything seems to work fine, Google Lighthouse is not showing vulnerabilities any more!!

Last edited 8 months ago by Webzzz (previous) (diff)

#4 @chriscct7
8 months ago

  • Keywords needs-refresh needs-dev-note needs-patch removed
  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Severity changed from major to normal
  • Status changed from new to closed

Duplicate of #37110.

Closing as duplicate as indicated.

#5 @chriscct7
8 months ago

  • Focuses ui accessibility performance privacy coding-standards removed

#6 @Webzzz
8 months ago

  • Focuses ui added
  • Resolution duplicate deleted
  • Status changed from closed to reopened

I'm sorry but my support ticket is defiantly not the same as stated in #37110 please reconsider what I'm actually saying here and the solution provided needs help....

#7 @Webzzz
8 months ago

  • Focuses administration performance privacy coding-standards added
  • Severity changed from normal to major

The main focus here is the "jquery-ui" the rest are just desperately needed.

and the support ticket #37110 is still not solved after 3 years ! do you understand how pathetic it looks when you close my support ticket for unsolved one that was asked 3 years ago.

Please "@chriscct7" don't be involved here all you want to do is just close tickets.

#8 @Webzzz
8 months ago

  • Keywords needs-patch needs-refresh dev-feedback 2nd-opinion added

#9 @Webzzz
8 months ago

  • Version set to 5.0.3

#10 @Webzzz
8 months ago

Can some one help with this code maybe? as a temporary solution...

// include new version of jQuery
function register_jquery_ls() {

        wp_deregister_script( 'jquery-core' );
        wp_register_script( 'jquery-core', 'https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js', false, '3.3.1' );
        wp_enqueue_script( 'jquery-core' );

        wp_deregister_script( 'jquery-migrate' );
        wp_register_script( 'jquery-migrate', 'https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js', false, '3.3.1' );
        wp_enqueue_script( 'jquery-migrate' );

        wp_deregister_script( 'jquery-ui-core' );
        wp_register_script( 'jquery-ui-core', 'https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js', false, '1.12.1' );
        wp_enqueue_script( 'jquery-ui-core' );
}

add_action('init', 'register_jquery_ls');

For some reason this code is not working properly, the first version of the code + plugin worked 100%

#11 @pento
8 months ago

  • Focuses ui performance privacy coding-standards removed
  • Resolution set to duplicate
  • Severity changed from major to normal
  • Status changed from reopened to closed
  • Version 5.0.3 deleted

@Webzzz: I appreciate that this issue concerns you, but there are significant hurdles to overcome before we can ship an upgraded version of jQuery to all WordPress sites.

#37110 is looking at upgrading both jQuery and jQuery UI in WordPress.

Please also note that we don't provide support in the core bug tracker, but you can post in the WordPress support forums for help getting your workaround functioning correctly.

#12 @desrosj
8 months ago

  • Keywords needs-patch needs-refresh dev-feedback 2nd-opinion removed

Hi @Webzzz,

First off, I appreciate your passion to make WordPress better. However, I disagree with your approach. Personal attacks are not welcome here and everyone is entitled to respect. I can assure you, no ones goal here is to “just close tickets”. I kindly ask that you refrained from this tactic in the future.

As for the intent of your ticket. The original code snippet that you shared attempts to replace jQuery, jQuery UI, and jQuery Migrate to the latest versions, and your ticket title says to update jQuery and jQuery UI. I just read through #37110, and the most recent patch updates both jQuery and jQuery Migrate to the latest version. While reading through the comments, it was also suggested that updating jQuery UI at the same time would help fix lots of warnings that may occur.

To me, #37110 does address the requests in this ticket. That ticket also details and addresses the handful of problems that are experienced in various areas of WordPress experienced as a result of upgrading jQuery to 3.x. In addition to just upgrading and fixing issues in core, this change needs to be communicated far in advance so that plugin and theme developers have adequate time to update and ensure compatibility with the new version of jQuery OR to opt into the fallback approach also being worked on in #37110.

I also looked at the changes included in the latest version of jQuery UI (which WordPress is only slightly behind on). This version drops support for IE 7, 8, 9, and 10. Until very recently, WordPress still supported these versions of IE.

Also, this ticket was closed in favor of #37110 because that one is older, already contains several iterations of a fix, and has links to about ten discussions in Slack on the topic. When a fix is ready and all potential aspects have been adequately considered, it will happen on #37110.

#13 @desrosj
8 months ago

  • Component changed from General to External Libraries

#14 @chriscct7
8 months ago

Hi @Webzzz,
I see this is your first Trac ticket, and first and foremost I want to thank you for participating in helping make WordPress Core better.

I realize you may have never run across me before, so I'll introduce myself. I'm Chris, and a long time ago I was once a first time Trac contributor too, where one of my first tickets I submitted was closed as a duplicate of another ticket from many years earlier, so I get the frustration you are experiencing.

Since then, over the many years I've participated in Core I've worked on quite literally thousands of tickets here, and I also help maintain several sections of WordPress Core's Trac instance (particularly the Ancient Tickets report). I've also been fortunate enough to co-lead several of the point releases for WordPress core. And from time to time I'm also guilty of opening duplicate tickets -- Trac's search isn't perfect.

I would suggest the same advice that was once given to me many years ago by one of the lead developers at the time on my first closed as duplicate ticket when I really, really wanted a bug I reported to core (add_menu_page conflicting with other add_menu_page calls by other plugins causing the menu pages to be hidden), which is that WordPress is what you make of it, and if you want to get something done, the best way is to contribute and to not get discouraged. I ended up writing the patch for Core on the ticket that mine was closed as a duplicate for, that still many years later has remained unchanged, and is the reason that plugin authors can all call add_menu_page with the same position parameter integer, and nothing conflicts. Contributing to WordPress changed both my life, as well as the lives of everyone else who has ever made a plugin with an admin page (and their users) since. It's an awesome thing and I encourage you to keep at it.

Finally, I also wanted to give you a heads up that plugins and themes that load a different version of jQuery and/or jQuery UI are not permitted in the WordPress.org plugin and/or theme directories.

#15 @Webzzz
8 months ago

@pento

Thank you

1] it's not just me, Google Lighthouse reports jQuery UI as major vulnerability in many cases

2] after reading more in #37110 I started to realize @chriscct7 points for closing this, and I'm sorry for the way I came across, I really respect all of their work and all what was already done in the community.

@desrosj

Thanks, I came across in a wrong way and yes I see my mistakes sorry about it and I really do appreciate your approach.
I never meant to personal attack any one, it seamed at first as he just wanted to close it but now after reading more I understand his reasons.

in some way It's unfair to keep all of us with old scripts just because some use old versions, why not keep the old support for IE 7, 8, 9, and 10 as legacy or similar to "classic editor"

@chriscct7

Thank you, I appreciate your answer and approach, I'm sorry. you were right.

Last edited 8 months ago by Webzzz (previous) (diff)

#16 @remzicavdar
2 months ago

Hi @Webzzz

In the meantime I could recommend a plugin I have develop for this specific reason: https://wordpress.org/plugins/jquery-manager/

Note: See TracTickets for help on using tickets.