Jun 17-19 | jQuery Virtual Training
Sep 12-13 | jQuery Chicago
Oct 13-15 | CSS Dev Conf 2014
Support
Learning Center
Try jQuery
IRC/Chat
Forums
Stack Overflow
Commercial Support
jQuery Foundation
Members
Brand Guide
Donate
Earlier this week the jQuery CDN had an issue that made the jquery-latest.js and jquery-latest.min.js files unavailable for a few hours in some geographical areas. (This wasn’t a problem with the CDN itself, but with the repository that provides files for the CDN.) While we always hope to have 100% uptime, this particular outage emphasized the number of production sites following the antipattern of using this file. So let’s be clear:
Don’t use jquery-latest.js on a production site.
We know that jquery-latest.js is abused because of the
CDN statistics
showing it’s the most popular file. That wouldn’t be the case if it was only being used by developers to make a local copy. The jquery-latest.js and jquery-latest.min.js files were meant to provide a simple way to download the latest released version of jQuery core. Instead, some developers include this version directly in their production sites, exposing users to the risk of a broken site each time a new version of jQuery is released. The team tries to minimize those risks, of course, but the jQuery ecosystem is so large that we can’t possibly check it all before making a new release.
To mitigate the risk of “breaking the web”, the jQuery team decided back in 2013 that jquery-latest.js could not be upgraded to the 2.0 branch even though that is technically the latest version. There would just be too many sites that would mysteriously stop working with older versions of Internet Explorer, and many of those sites may not be maintained today.
As jQuery adoption has continued to grow, even that safeguard seems insufficient to protect against careless use of http://code.jquery.com/jquery-latest.js. So we have decided to stop updating this file, as well as the minified copy, keeping both files at version 1.11.1 forever. The latest released version is always available through either the
jQuery core download page
or the
CDN home page
. Developers can download the latest version from one of those pages or reference it in a script tag directly from the jQuery CDN by version number.
The Google CDN team has joined us in this effort to prevent inadvertent web breakage and no longer updates the file at http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.js. That file will stay locked at version 1.11.1 as well. However, note that this file currently has a very short cache time, which means you’re losing the performance benefit of of a long cache time that the CDN provides when you request a full version like 1.11.1 instead.
So please spread the word! If you see a site directly using the jQuery CDN’s jquery-latest.js or the Google CDN equivalent in their script tags, let them know they should change to a specific version. If you need the latest version, get it from the download page or our CDN page. For both the jQuery and Google CDNs, always provide a full version number when referencing files in a
<script>
tag. Thanks!
after reading these:
“We know that jquery-latest.js is abused”
“The jquery-latest.js and jquery-latest.min.js files were meant to provide a simple way to download the latest released version of jQuery core”
I wonder why you don’t simply put a download button with latest instead of keeping this version in the CDN.
Having it there is like a colorful candy/chocolate bar for developers.
If the message is “DON’T USE LATEST FROM CDN” and it’s for dev purpose only, put in such version only a console.warn(“latest support from CDN is being removed”) for 3 months and drop it after that time.
I am also in favor of a console warning. Not a deprecation warning, but a simple warning for those who simply do not know that.
try{console.warn(“The version of jQuery used by this page is not meant to be used in production. Also, it is no longer updated, so there is no use for it anymore. For more details, see http://blog.jquery.com/2014/07/03/dont-use-jquery-latest-js/ “);}catch(e){}
That should be enough for the innocent cases of sites that are maintained by developers who simply thought they were following the rules and should not worry about any breakage.
Frankly, I cannot think of a reason not to add such a warning right now.
Simply have the CDN insert a 1 second delay before serving the file contents (of jquery-latest.js).
Consumers will soon stop using it in production sites.
I’ve emailed http://jquerylatest.com/ about this blog suggesting they put a notice on their site.
I’ve also posted a link to this blog from Stackoverflow:
http://stackoverflow.com/questions/441412/is-there-a-link-to-the-latest-jquery-library-on-google-apis/24802890#24802890
In response to the first comment by Andrea, I agree, serve it as a download. even better, just set the headers as an octet-download stream which forces the download. :)
Good to know we’re not alone in this as we used it as a CDN file as well on a couple of sites.
Recent Posts
Archives