BotFramework-WebChat icon indicating copy to clipboard operation
BotFramework-WebChat copied to clipboard
verified publisher icon microsoft

Numerous obsolete versions of core-js

Open fredleb opened this issue 1 year ago • 0 comments

I have a question

We integrated the WebChat control into our website by including the HTML script tag on our page.

During our compliance and cybersecurity reviews, we encountered an issue: our site is using outdated versions of core-js.

We researched and discovered on GitHub that the command window['__core-js_shared__']?.versions can provide a list of the core-js versions in use.

We found that the WebChat control script adds 10 different version numbers to an array, indicating that several obsolete versions of core-js are being used on this page, as shown in the following image:

image

I am not very experienced with JavaScript, so I am unsure about the implications of this.

  1. Are all these versions actually being used on our webpage?
  2. What are the potential risks?
  3. Is there a way to configure the script to use only a current version of core-js?

Thanks !

fredleb avatar Aug 14 '24 14:08 fredleb