0

Kentico 13 internally uses Angular 1.5.5 which are no longer supported. Can we upgrade or remove the referncses to the Angular library? Will it cause any issue in Kentico Admin side?

Same was the issue with jquery UI. When I tried to upgrade, I got console errors. So not sure about angular. The Admin side is too big to test all the pages.

2
  • I'd probably raise it with Kentico directly if they're shipping unsupported versions. They might well say that they're supporting the version they ship themselves, so maybe there's no issue? What are you worried about, general JS project vulnerabilities?
    – Rup
    Commented Jun 21 at 8:56
  • However I don't think Angular 1->2 is a straight drop in upgrade, nor jQuery 1->3 as you've discovered. If you're willing to do the work to port the admin site over to a more modern version I'm sure Kentico would be happy to accept a PR on GitHub. But it's going to be a fair amount of work I'd expect, so I'd talk to them about it first to see if anyone else has attempted it already.
    – Rup
    Commented Jun 21 at 8:56

1 Answer 1

Reset to default
1

Make sure you are running latest hotfix. Kentico security experts are checking the vulnerabilities regularly. Moreover, Kentico's implementation is not using the vulnerable parts of this library. And also, the attacked must be already in the admin UI anyway. Upgrading the version on your own, without source code license is not possible nor supported - many parts of the admin UI may stop working.

Not the answer you're looking for? Browse other questions tagged or ask your own question.