Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hide version from js file #11917

Open
Elikill58 opened this issue Oct 3, 2024 · 1 comment
Open

Hide version from js file #11917

Elikill58 opened this issue Oct 3, 2024 · 1 comment
Labels
type: enhancement

Comments

@Elikill58
Copy link

Feature Proposal

For my website, I just received the result of pen-test.

They found some versions on JS file as on chartjs. They think it's an issue to show version of librairies we're using.
Do you think it's possible to remove it from the final file?

Here is they screenshoot they sent to us:
image

Possible Implementation

I tried to remove it from the file, or set like static version = "hidden"; but I get error by some plugins as annotations which can no longer parse it.

I think this would be hard. Is that possible to have a way to say "I know what I'm doing, it's in right version" ?
@LeeLenaleee
Copy link
Collaborator

I don't think removing the version number will solve anything.

Firstly as you mentioned some libraries depend on it to know if certain features are available. Secondly if you remove the version number you can still check the source code and match it against all the versions. So it takes a step more to find the version used but it will never be a secret.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Elikill58 @LeeLenaleee