jQuery upgrade for SmartForms
KB003705
PRODUCTIntroduction
The jQuery version used in Nintex Automation (formerly known as K2 Five) and Nintex K2 Cloud has been upgraded to jQuery 3.7.0 and all jQuery dependent libraries updated to reduce vulnerabilities and ensure your solutions are secure. All out of the box usage has been updated to mitigate security vulnerabilities and refactored to remove deprecated components and maximize compatibility with this jQuery version. The Telerik UI for ASP.NET components have also been updated to version R2 2023 to be compatible with jQuery 3.7.0. If you have custom controls using Telerik UI, this update affects those controls and may require an update to custom styling.
Testing was done on Nintex K2 platform code, but if you are using custom controls and custom scripts in your solutions, we suggest you enable the jQuery Migrate warnings to test your solutions for vulnerabilities and compatibility. See Enable jQuery Migrate warnings section below for more information about enabling the warnings.
How does this change affect existing solutions?
With the upgrade to jQuery 3.7.0, updates were done for runtime and design time and testing has been performed on Nintex K2 platform code. If you have not used any custom, community, or partner controls in your SmartForms, you should not be impacted. If you extended SmartForms by injecting custom JS code that relies on jQuery libraries, you may be impacted and these custom controls may no longer work. We recommend enabling the jQuery Migrate warnings to test your solutions.
Implementation
To minimize upgrade and backwards compatibility issues with custom controls or extensions, the jQuery upgrade is released in two phases.
Phase 1 - Release updated code in Nintex Automation 5.7 and Nintex K2 Cloud late 2023 Update (Update 20). Ensure you test your solutions using the jQuery Migrate warnings if you are using custom controls and custom scripts in your solutions.
Phase 2 - Remove the jQuery Migrate plugin (future release). This will remove the remaining vulnerability.
Enable jQuery Migrate warnings
If you extended SmartForms by injecting custom JS code that relies on jQuery libraries, you can test your customized solutions for vulnerabilities and compatibility with the new code by enabling the jQuery Migrate warnings. The warnings allow you to see where you must replace your code with the latest updates. An example of updating your code is to use <div></div> for the self-closing-tag instead of <div/>.
 | Note: Nintex K2 Cloud – Contact Nintex Customer Central to change the web.config files. |
See the steps below to enable jQuery Migrate warnings.
- Edit the web.config files for design time and runtime.
You can find the web.config files in the following locations:
"%ProgramFiles%\K2\K2 smartforms Designer\web.config"
"%ProgramFiles%\K2\K2 smartforms Runtime\web.config"
- Disable bundling by setting the UseBundledFiles’s value to false. This setting can be found in the <appSettings> section of the configuration files.
- Once bundling is disabled, the jQuery Migrate plugin allows you to see the warnings. The plugin is part of the Nintex Automation 5.7 and Nintex K2 Cloud Update 20 releases. You don’t have to load the plugin. See jQuery Migrate for more information about the plugin.
- Use the warnings to test your solutions.
- Update your existing custom code if necessary. You can also disable the minification which makes the code more readable while refactoring and aligning code.
| Note: |
For more information and code examples, please see the jQuery upgrade guide at https://jquery.com/upgrade-guide/3.0/.
Examples of jQuery Migrate warnings
Considerations
- Telerik UI tree control - The newer version of the Telerik UI tree control no longer employs the CSS class names of k-state-selected & k-state-focused but instead uses k-selected & k-focus respectively. Any dependent CSS selectors in custom implementations must be updated.
