From 2fb5cfe6d9d304b6898402f21dd77d9af08be5a8 Mon Sep 17 00:00:00 2001
From: Sylvain <bond.never.die@gmail.com>
Date: Tue, 27 Nov 2018 16:54:57 +0100
Subject: [PATCH] [security] updated jquery to fix CVE-2015-9251

---
 CHANGELOG.md |  3 +++
 package.json |  2 +-
 yarn.lock    | 12 ++++++------
 3 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e3619350f..d1609bf6c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Changelog Fab Manager
 
+- Updated angular.js to 1.6
+- Fix a security issue: dependency jQuery < 3.0.0 has a vulnerability as described in [CVE-2015-9251](https://nvd.nist.gov/vuln/detail/CVE-2015-9251)
+
 # v2.7.0 2018 November 27
 
 - Nom using standard [package.json](package.json) file to save application version number
diff --git a/package.json b/package.json
index 114506bd1..1a9638e75 100644
--- a/package.json
+++ b/package.json
@@ -60,7 +60,7 @@
     "fullcalendar": "2.3.1",
     "holderjs": "2.6",
     "jasny-bootstrap": "3.1",
-    "jquery": "1",
+    "jquery": "3",
     "jquery-minicolors": "^2.1.10",
     "jquery-ui": "https://github.com/devongovett/jqueryui-npm.git#1.10.4",
     "medium-editor": "4.4.0",
diff --git a/yarn.lock b/yarn.lock
index cd6989a57..f834ca40d 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -880,16 +880,16 @@ jquery-minicolors@^2.1.10:
   version "1.10.4"
   resolved "https://github.com/devongovett/jqueryui-npm.git#51bc3549dd6530a18f43be45c3e8ae520805b9e4"
 
-jquery@1, jquery@^1.11.1:
-  version "1.12.4"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-1.12.4.tgz#01e1dfba290fe73deba77ceeacb0f9ba2fec9e0c"
-  integrity sha1-AeHfuikP5z3rp3zurLD5ui/sngw=
-
-"jquery@>= 1.7.x", jquery@>=1.7.1, jquery@>=1.9.0:
+jquery@3, "jquery@>= 1.7.x", jquery@>=1.7.1, jquery@>=1.9.0:
   version "3.3.1"
   resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.3.1.tgz#958ce29e81c9790f31be7792df5d4d95fc57fbca"
   integrity sha512-Ubldcmxp5np52/ENotGxlLe6aGMvmF4R8S6tZjsP6Knsaxd/xp3Zrh50cG93lR6nPXyUFwzN3ZSOQI0wRJNdGg==
 
+jquery@^1.11.1:
+  version "1.12.4"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-1.12.4.tgz#01e1dfba290fe73deba77ceeacb0f9ba2fec9e0c"
+  integrity sha1-AeHfuikP5z3rp3zurLD5ui/sngw=
+
 js-tokens@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499"