From b95445ba8657fd154d3bba6a2877c1f2f165845c Mon Sep 17 00:00:00 2001
From: Takuya Noguchi <takninnovationresearch@gmail.com>
Date: Thu, 23 Nov 2017 19:47:05 +0900
Subject: [PATCH] Upgrade jQuery to 2.2.4

---
 Gemfile                                              |  2 +-
 Gemfile.lock                                         |  4 ++--
 changelogs/unreleased/40481-bump-jquery-to-2-2-4.yml |  5 +++++
 package.json                                         |  4 ++--
 yarn.lock                                            | 12 ++++++------
 5 files changed, 16 insertions(+), 11 deletions(-)
 create mode 100644 changelogs/unreleased/40481-bump-jquery-to-2-2-4.yml

diff --git a/Gemfile b/Gemfile
index 6034323956c..eb396964fd2 100644
--- a/Gemfile
+++ b/Gemfile
@@ -245,7 +245,7 @@ gem 'font-awesome-rails', '~> 4.7'
 gem 'gemojione', '~> 3.3'
 gem 'gon', '~> 6.1.0'
 gem 'jquery-atwho-rails', '~> 1.3.2'
-gem 'jquery-rails', '~> 4.1.0'
+gem 'jquery-rails', '~> 4.3.1'
 gem 'request_store', '~> 1.3'
 gem 'select2-rails', '~> 3.5.9'
 gem 'virtus', '~> 1.0.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index 4787be92365..ff013f8572c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -411,7 +411,7 @@ GEM
       multipart-post
       oauth (~> 0.5, >= 0.5.0)
     jquery-atwho-rails (1.3.2)
-    jquery-rails (4.1.1)
+    jquery-rails (4.3.1)
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
@@ -1061,7 +1061,7 @@ DEPENDENCIES
   influxdb (~> 0.2)
   jira-ruby (~> 1.4)
   jquery-atwho-rails (~> 1.3.2)
-  jquery-rails (~> 4.1.0)
+  jquery-rails (~> 4.3.1)
   json-schema (~> 2.8.0)
   jwt (~> 1.5.6)
   kaminari (~> 1.0)
diff --git a/changelogs/unreleased/40481-bump-jquery-to-2-2-4.yml b/changelogs/unreleased/40481-bump-jquery-to-2-2-4.yml
new file mode 100644
index 00000000000..e275c65e8c8
--- /dev/null
+++ b/changelogs/unreleased/40481-bump-jquery-to-2-2-4.yml
@@ -0,0 +1,5 @@
+---
+title: Upgrade jQuery to 2.2.4
+merge_request: 15570
+author: Takuya Noguchi
+type: security
diff --git a/package.json b/package.json
index 383f6b9fb6e..5f15924cfe6 100644
--- a/package.json
+++ b/package.json
@@ -41,8 +41,8 @@
     "fuzzaldrin-plus": "^0.5.0",
     "imports-loader": "^0.7.1",
     "jed": "^1.1.1",
-    "jquery": "^2.2.1",
-    "jquery-ujs": "^1.2.1",
+    "jquery": "^2.2.4",
+    "jquery-ujs": "1.2.2",
     "js-cookie": "^2.1.3",
     "jszip": "^3.1.3",
     "jszip-utils": "^0.0.2",
diff --git a/yarn.lock b/yarn.lock
index 9ac5690a96e..2c403bd07b2 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3713,15 +3713,15 @@ jed@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/jed/-/jed-1.1.1.tgz#7a549bbd9ffe1585b0cd0a191e203055bee574b4"
 
-jquery-ujs@^1.2.1:
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/jquery-ujs/-/jquery-ujs-1.2.1.tgz#6ee75b1ef4e9ac95e7124f8d71f7d351f5548e92"
+jquery-ujs@1.2.2:
+  version "1.2.2"
+  resolved "https://registry.yarnpkg.com/jquery-ujs/-/jquery-ujs-1.2.2.tgz#6a8ef1020e6b6dda385b90a4bddc128c21c56397"
   dependencies:
     jquery ">=1.8.0"
 
-"jquery@>= 1.9.1", jquery@>=1.8.0, jquery@^2.2.1:
-  version "2.2.1"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-2.2.1.tgz#3c3e16854ad3d2ac44ac65021b17426d22ad803f"
+"jquery@>= 1.9.1", jquery@>=1.8.0, jquery@^2.2.4:
+  version "2.2.4"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-2.2.4.tgz#2c89d6889b5eac522a7eea32c14521559c6cbf02"
 
 js-base64@^2.1.9:
   version "2.1.9"
-- 
GitLab