You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@spark.apache.org by "Dale Clarke (Jira)" <ji...@apache.org> on 2020/01/27 22:16:00 UTC

[jira] [Created] (SPARK-30655) Update WebUI Bootstrap to 4.4.1

Dale Clarke created SPARK-30655:
-----------------------------------

             Summary: Update WebUI Bootstrap to 4.4.1
                 Key: SPARK-30655
                 URL: https://issues.apache.org/jira/browse/SPARK-30655
             Project: Spark
          Issue Type: Improvement
          Components: Web UI
    Affects Versions: 3.0.0
            Reporter: Dale Clarke


Spark is using an older version of Bootstrap (v. 2.3.2) for the Web UI pages.  Bootstrap 2.x was moved to EOL in Aug 2013 and Bootstrap 3.x was moved to EOL in July 2019 ([https://github.com/twbs/release)].  Older versions of Bootstrap are also getting flagged in security scans for various CVEs:
 * [https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889]
 * [https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-173700]
 * [https://snyk.io/vuln/npm:bootstrap:20180529]
 * [https://snyk.io/vuln/npm:bootstrap:20160627]

I haven't validated each CVE, but it would probably be good practice to resolve any potential issues and get on a supported release.

The bad news is that there have been quite a few changes between Bootstrap 2 and Bootstrap 4.  I've tried updating the library, refactoring/tweaking the CSS and JS to maintain a similar appearance and functionality, and testing the documentation.  As with the ticket created for the outdated Bootstrap version in the docs (SPARK-30654), this is a fairly large change so I'm sure additional testing and fixes will be needed.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org