Remove html5shiv

[mix4242]

Hi all. First, thank you for the theme. It's great!

I would like to propose the removal of the html5shiv library. I've seen it discussed in past when Modernizr was removed but html5shiv left to support IE. I see however from the supported browsers page that IE < 9 is no longer supported.

Further, html5shiv is a bit outdated, not having updates & it appears no development for a few years.

Lasty, there appears to be a vulnerability reported by some scanning tools. This was reported by one of our users from a JFrog scan:

html5shiv html5shiv-printshiv.js ownerDocument.createDocumentFragment() Function Arbitrary Code Execution		High	security	JFrog	html5shiv	3.4 ≤ Version ≤ 3.7.3		2021-05-20T19:55:08Z	html5shiv	9.3/CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C			XRAY-78889	FALSE	npm://html5shiv:3.7.3	npm://html5shiv	sha256__d6c54436e60bc608283ddf62185350ab36b1596a0a9f27758e8238ca86424b91.tar.gz/app/wwwprivate/help/_static/js/html5shiv.min.js	unknown
html5shiv html5shiv.js ownerDocument.createDocumentFragment() Function Arbitrary Code Execution		High	security	JFrog	html5shiv	3.4 ≤ Version ≤ 3.7.3		2021-05-20T19:55:08Z	html5shiv	9.3/CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C			XRAY-78890	FALSE	npm://html5shiv:3.7.3	npm://html5shiv	sha256__d6c54436e60bc608283ddf62185350ab36b1596a0a9f27758e8238ca86424b91.tar.gz/app/wwwprivate/help/_static/js/html5shiv.min.js	unknown

& there is also an open issue from SonarQube

Is it possible to remove this library? And if not, is there a way for me to exclude it during build? (atm I'm just trying to delete the lib files) Thanks!

[benjaoming]

I agree with this! PR is most welcome 👍

We have 2 upcoming releases, 1.3.0 and 2.0.0, so there should be a possibility to release this. It doesn't seem to break anything, and the vulnerability seems to lend some importance to this.