You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Dale Clarke (Jira)" <ji...@apache.org> on 2020/01/27 22:16:00 UTC
[jira] [Created] (SPARK-30655) Update WebUI Bootstrap to 4.4.1
Dale Clarke created SPARK-30655:
-----------------------------------
Summary: Update WebUI Bootstrap to 4.4.1
Key: SPARK-30655
URL: https://issues.apache.org/jira/browse/SPARK-30655
Project: Spark
Issue Type: Improvement
Components: Web UI
Affects Versions: 3.0.0
Reporter: Dale Clarke
Spark is using an older version of Bootstrap (v. 2.3.2) for the Web UI pages. Bootstrap 2.x was moved to EOL in Aug 2013 and Bootstrap 3.x was moved to EOL in July 2019 ([https://github.com/twbs/release)]. Older versions of Bootstrap are also getting flagged in security scans for various CVEs:
* [https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889]
* [https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-173700]
* [https://snyk.io/vuln/npm:bootstrap:20180529]
* [https://snyk.io/vuln/npm:bootstrap:20160627]
I haven't validated each CVE, but it would probably be good practice to resolve any potential issues and get on a supported release.
The bad news is that there have been quite a few changes between Bootstrap 2 and Bootstrap 4. I've tried updating the library, refactoring/tweaking the CSS and JS to maintain a similar appearance and functionality, and testing the documentation. As with the ticket created for the outdated Bootstrap version in the docs (SPARK-30654), this is a fairly large change so I'm sure additional testing and fixes will be needed.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org