How can I update outdated JS libraries in the Venture theme without causing errors?

Dry-Ager
Excursionist
33 1 3

Hello,

a scan with the tool Pentest-Tools.com revealed messages in our store that the JS libraries Handlebars.js, jQueryJS and LodashJS were outdated and had security vulnerabilities. We use the Venture theme, which actually loads these scripts in the deprecated version in the vendor.js template.
An attempt to replace these entries with the current versions resulted in JavaScript errors on the store page. We then downloaded the current version of the Venture theme as a test, but it contains the same versions.

Is there a way for the theme to manually update the affected libraries without affecting the functionality of the rest of the scripts?

Thanks.

Replies 3 (3)

Shop_Lovers
Shopify Partner
281 46 73

Hi,

 

As per my experience with such type of issue you need to update your jquery library to fix jquery js similarly you need to update handlebar js as well.

 

If you are using Klaviyo reach out the klaviyo support to fix Lodash Vulnerabilities.

 

Thanks

Dry-Ager
Excursionist
33 1 3

Thanks for your reply. When I'm trying to update handlebars and Lodash to the latest version I get some Javascript errors in the console window. We're not using Klaviyo at all.

Shop_Lovers
Shopify Partner
281 46 73

Hi,

 

Many apps using the Lodash library. Shopify also using the Lodash.  lodash library is a sub-dependency so there is no need to take action for lodash.

 

Thanks