F23 System Wide Change: jQuery

[Jan Kurik]

= Proposed System Wide Change: jQuery =
https://fedoraproject.org/wiki/Changes/jQuery

Change owner(s): T.C. Hollingsworth <tchollingsworth at gmail dot com>

jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript.

Traditionally, a copy of jQuery has been included with every web application that requires it. This change will migrate many of those applications to a shared system copy of jQuery. Both the 1.x branch of jQuery that supports Internet Explorer 6 and the 2.x branch of jQuery that only works with modern web browsers will be provided. 

== Detailed Description ==
Traditionally, a copy of jQuery has been included with every web application that requires it. This change will migrate many of those applications to a shared system copy of jQuery.

The following packages are available in Fedora 21 and later and EPEL 6 and later:

* js-jquery - The latest version of the jQuery 2.x branch, suitable for web applications that are only compatible with modern web browsers that fully support modern web standards.
* js-jquery1 - The latest version of the jQuery 1.x branch, suitable for web applications that endeavor to be compatible with older web browsers such as Internet Explorer 6.
* js-jquery-migrate - The jQuery migrate plugin, which is a compatibility shim that enables web applications that depend on older versions of jQuery to work with the latest version, so that they can be ported away from old, unsupported jQuery versions that may potentially have security issues. 

Some new packages are already beginning to use the system version of jQuery with little trouble, so for Fedora 23 we're going to open the doors to converting existing packages. We'll send announcements explaining how to unbundle existing packages. We'll also find all the packages we can that are bundling jQuery and inform maintainers about them, via e-mail only at this time. (We'll save the mass bug filing for F24 to allow maintainers to have a go at it voluntarily first.  :-) 

== Scope ==
* Migrating Web Applications
  -- Web applications that depend on modern versions of jQuery will simply be ported to use the systemwide version instead,
  -- Web applications that use older versions of jQuery (> 1.6.4 but <1.9) will be ported to use jquery-migrate and the systemwide version of jQuery. Packagers will be encouraged to work with upstream to migrate to the latest version of jQuery without jquery-migrate, since using this plugin re-enables misfeatures rightly removed from jQuery core that are XSS holes waiting to happen.
  -- Maintainers of web applications that use extremely old versions of jQuery (< 1.6.4) will be strongly encouraged to work with upstream to migrate to the latest versions of jQuery and update their packages. However, current Fedora policy regarding bundled libraries permits these packages to be grandfathered in, so I am unable to force any action here.
  -- Preliminary repoqueries have been performed to identify potentially affected packages, see the dependencies section for more details.

* Migrating documentation frameworks
  -- Certain documentation frameworks, such as python-sphinx, ship copies of jQuery as well. These frameworks will be modified to use a symlink or other means so that they too can use the new systemwide versions.

* Release Engineering
  -- No special attention required. 
-- 
Jan Kuřík