Are there any plans to update jQuery to 3.x line? The version being used currently (v2.1.4) can make the application vulnerable to XSS.
Furthermore, vendor.js resource uses a moment.js versions that is quite outdated - 2.10.6. Are there any plans to also update this one?
At my company we had a pentest for a Sentry instance running on k8s, and currently the release is being blocked because of these findings. I guess this might also happen in many other places.