This is an automated email from the ASF dual-hosted git repository.
psomogyi pushed a commit to branch branch-2
in repository https://gitbox.apache.org/repos/asf/hbase.git
The following commit(s) were added to refs/heads/branch-2 by this push:
new e8ecf2e HBASE-25261 Upgrade Bootstrap to 3.4.1
e8ecf2e is described below
commit e8ecf2e016bc8e5929143def75991c7e0e392aff
Author: Mate Szalay-Beko <sy...@apache.com>
AuthorDate: Mon Nov 16 11:52:32 2020 +0100
HBASE-25261 Upgrade Bootstrap to 3.4.1
HBase UI is currently using in bootstrap 3.3.7. This version is vulnerable
to 4
medium CVEs (CVE-2018-14040, CVE-2018-14041, CVE-2018-14042, and
CVE-2019-8331).
Details on all the bootstrap versions and vulnerabilities is
here: https://snyk.io/vuln/npm:bootstrap
Upgrading to bootstrap 4 would be nice, but potentially more work to do. We
should at least upgrade to the latest bootstrap 3, which is 3.4.1 currently.
closes #2661
Signed-off-by: Wellington Chevreuil <wchevre...@apache.org>
Signed-off-by: Peter Somogyi <psomo...@apache.org>
---
.../resources/hbase-webapps/static/css/bootstrap-theme.min.css | 6 +++---
.../src/main/resources/hbase-webapps/static/css/bootstrap.min.css | 6 +++---
.../src/main/resources/hbase-webapps/static/js/bootstrap.min.js | 7 +++----
.../resources/hbase-webapps/static/css/bootstrap-theme.min.css | 6 +++---
.../src/main/resources/hbase-webapps/static/css/bootstrap.min.css | 6 +++---
.../src/main/resources/hbase-webapps/static/js/bootstrap.min.js | 7 +++----
6 files changed, 18 insertions(+), 20 deletions(-)
diff --git
a/hbase-server/src/main/resources/hbase-webapps/static/css/bootstrap-theme.min.css
b/hbase-server/src/main/resources/hbase-webapps/static/css/bootstrap-theme.min.css
index 5e39401..2a69f48 100644
---
a/hbase-server/src/main/resources/hbase-webapps/static/css/bootstrap-theme.min.css
+++
b/hbase-server/src/main/resources/hbase-webapps/static/css/bootstrap-theme.min.css
@@ -1,6 +1,6 @@
/*!
- * Bootstrap v3.3.7 (http://getbootstrap.com)
- * Copyright 2011-2016 Twitter, Inc.
+ * Bootstrap v3.4.1 (https://getbootstrap.com/)
+ * Copyright 2011-2019 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
-
*/.btn-danger,.btn-default,.btn-info,.btn-primary,.btn-success,.btn-warning{text-shadow:0
-1px 0 rgba(0,0,0,.2);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0
1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0 1px
1px
rgba(0,0,0,.075)}.btn-danger.active,.btn-danger:active,.btn-default.active,.btn-default:active,.btn-info.active,.btn-info:active,.btn-primary.active,.btn-primary:active,.btn-success.active,.btn-success:active,.btn-warning.active,.btn-warnin
[...]
+
*/.btn-danger,.btn-default,.btn-info,.btn-primary,.btn-success,.btn-warning{text-shadow:0
-1px 0 rgba(0,0,0,.2);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0
1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0 1px
1px
rgba(0,0,0,.075)}.btn-danger.active,.btn-danger:active,.btn-default.active,.btn-default:active,.btn-info.active,.btn-info:active,.btn-primary.active,.btn-primary:active,.btn-success.active,.btn-success:active,.btn-warning.active,.btn-warnin
[...]
/*# sourceMappingURL=bootstrap-theme.min.css.map */
\ No newline at end of file
diff --git
a/hbase-server/src/main/resources/hbase-webapps/static/css/bootstrap.min.css
b/hbase-server/src/main/resources/hbase-webapps/static/css/bootstrap.min.css
index ed3905e..5b96335 100644
--- a/hbase-server/src/main/resources/hbase-webapps/static/css/bootstrap.min.css
+++ b/hbase-server/src/main/resources/hbase-webapps/static/css/bootstrap.min.css
@@ -1,6 +1,6 @@
/*!
- * Bootstrap v3.3.7 (http://getbootstrap.com)
- * Copyright 2011-2016 Twitter, Inc.
+ * Bootstrap v3.4.1 (https://getbootstrap.com/)
+ * Copyright 2011-2019 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
- *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css
*/html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr
[...]
+ *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css
*/html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr
[...]
/*# sourceMappingURL=bootstrap.min.css.map */
\ No newline at end of file
diff --git
a/hbase-server/src/main/resources/hbase-webapps/static/js/bootstrap.min.js
b/hbase-server/src/main/resources/hbase-webapps/static/js/bootstrap.min.js
index 9bcd2fc..eb0a8b4 100644
--- a/hbase-server/src/main/resources/hbase-webapps/static/js/bootstrap.min.js
+++ b/hbase-server/src/main/resources/hbase-webapps/static/js/bootstrap.min.js
@@ -1,7 +1,6 @@
/*!
- * Bootstrap v3.3.7 (http://getbootstrap.com)
- * Copyright 2011-2016 Twitter, Inc.
+ * Bootstrap v3.4.1 (https://getbootstrap.com/)
+ * Copyright 2011-2019 Twitter, Inc.
* Licensed under the MIT license
*/
-if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires
jQuery");+function(a){"use strict";var b=a.fn.jquery.split("
")[0].split(".");if(b[0]<2&&b[1]<9||1==b[0]&&9==b[1]&&b[2]<1||b[0]>3)throw new
Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but
lower than version 4")}(jQuery),+function(a){"use strict";function b(){var
a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"
[...]
-this.activeTarget=b,this.clear();var
c=this.selector+'[data-target="'+b+'"],'+this.selector+'[href="'+b+'"]',d=a(c).parents("li").addClass("active");d.parent(".dropdown-menu").length&&(d=d.closest("li.dropdown").addClass("active")),d.trigger("activate.bs.scrollspy")},b.prototype.clear=function(){a(this.selector).parentsUntil(this.options.target,".active").removeClass("active")};var
d=a.fn.scrollspy;a.fn.scrollspy=c,a.fn.scrollspy.Constructor=b,a.fn.scrollspy.noConflict=function(){return
[...]
\ No newline at end of file
+if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires
jQuery");!function(t){"use strict";var e=jQuery.fn.jquery.split("
")[0].split(".");if(e[0]<2&&e[1]<9||1==e[0]&&9==e[1]&&e[2]<1||3<e[0])throw new
Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but
lower than version 4")}(),function(n){"use
strict";n.fn.emulateTransitionEnd=function(t){var
e=!1,i=this;n(this).one("bsTransitionEnd",function(){e=!0});return
setTimeout(function(){e||n(i).tri [...]
\ No newline at end of file
diff --git
a/hbase-thrift/src/main/resources/hbase-webapps/static/css/bootstrap-theme.min.css
b/hbase-thrift/src/main/resources/hbase-webapps/static/css/bootstrap-theme.min.css
index 5e39401..2a69f48 100644
---
a/hbase-thrift/src/main/resources/hbase-webapps/static/css/bootstrap-theme.min.css
+++
b/hbase-thrift/src/main/resources/hbase-webapps/static/css/bootstrap-theme.min.css
@@ -1,6 +1,6 @@
/*!
- * Bootstrap v3.3.7 (http://getbootstrap.com)
- * Copyright 2011-2016 Twitter, Inc.
+ * Bootstrap v3.4.1 (https://getbootstrap.com/)
+ * Copyright 2011-2019 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
-
*/.btn-danger,.btn-default,.btn-info,.btn-primary,.btn-success,.btn-warning{text-shadow:0
-1px 0 rgba(0,0,0,.2);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0
1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0 1px
1px
rgba(0,0,0,.075)}.btn-danger.active,.btn-danger:active,.btn-default.active,.btn-default:active,.btn-info.active,.btn-info:active,.btn-primary.active,.btn-primary:active,.btn-success.active,.btn-success:active,.btn-warning.active,.btn-warnin
[...]
+
*/.btn-danger,.btn-default,.btn-info,.btn-primary,.btn-success,.btn-warning{text-shadow:0
-1px 0 rgba(0,0,0,.2);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0
1px 1px rgba(0,0,0,.075);box-shadow:inset 0 1px 0 rgba(255,255,255,.15),0 1px
1px
rgba(0,0,0,.075)}.btn-danger.active,.btn-danger:active,.btn-default.active,.btn-default:active,.btn-info.active,.btn-info:active,.btn-primary.active,.btn-primary:active,.btn-success.active,.btn-success:active,.btn-warning.active,.btn-warnin
[...]
/*# sourceMappingURL=bootstrap-theme.min.css.map */
\ No newline at end of file
diff --git
a/hbase-thrift/src/main/resources/hbase-webapps/static/css/bootstrap.min.css
b/hbase-thrift/src/main/resources/hbase-webapps/static/css/bootstrap.min.css
index ed3905e..5b96335 100644
--- a/hbase-thrift/src/main/resources/hbase-webapps/static/css/bootstrap.min.css
+++ b/hbase-thrift/src/main/resources/hbase-webapps/static/css/bootstrap.min.css
@@ -1,6 +1,6 @@
/*!
- * Bootstrap v3.3.7 (http://getbootstrap.com)
- * Copyright 2011-2016 Twitter, Inc.
+ * Bootstrap v3.4.1 (https://getbootstrap.com/)
+ * Copyright 2011-2019 Twitter, Inc.
* Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
- *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css
*/html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr
[...]
+ *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css
*/html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr
[...]
/*# sourceMappingURL=bootstrap.min.css.map */
\ No newline at end of file
diff --git
a/hbase-thrift/src/main/resources/hbase-webapps/static/js/bootstrap.min.js
b/hbase-thrift/src/main/resources/hbase-webapps/static/js/bootstrap.min.js
index 9bcd2fc..eb0a8b4 100644
--- a/hbase-thrift/src/main/resources/hbase-webapps/static/js/bootstrap.min.js
+++ b/hbase-thrift/src/main/resources/hbase-webapps/static/js/bootstrap.min.js
@@ -1,7 +1,6 @@
/*!
- * Bootstrap v3.3.7 (http://getbootstrap.com)
- * Copyright 2011-2016 Twitter, Inc.
+ * Bootstrap v3.4.1 (https://getbootstrap.com/)
+ * Copyright 2011-2019 Twitter, Inc.
* Licensed under the MIT license
*/
-if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires
jQuery");+function(a){"use strict";var b=a.fn.jquery.split("
")[0].split(".");if(b[0]<2&&b[1]<9||1==b[0]&&9==b[1]&&b[2]<1||b[0]>3)throw new
Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but
lower than version 4")}(jQuery),+function(a){"use strict";function b(){var
a=document.createElement("bootstrap"),b={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"
[...]
-this.activeTarget=b,this.clear();var
c=this.selector+'[data-target="'+b+'"],'+this.selector+'[href="'+b+'"]',d=a(c).parents("li").addClass("active");d.parent(".dropdown-menu").length&&(d=d.closest("li.dropdown").addClass("active")),d.trigger("activate.bs.scrollspy")},b.prototype.clear=function(){a(this.selector).parentsUntil(this.options.target,".active").removeClass("active")};var
d=a.fn.scrollspy;a.fn.scrollspy=c,a.fn.scrollspy.Constructor=b,a.fn.scrollspy.noConflict=function(){return
[...]
\ No newline at end of file
+if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires
jQuery");!function(t){"use strict";var e=jQuery.fn.jquery.split("
")[0].split(".");if(e[0]<2&&e[1]<9||1==e[0]&&9==e[1]&&e[2]<1||3<e[0])throw new
Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but
lower than version 4")}(),function(n){"use
strict";n.fn.emulateTransitionEnd=function(t){var
e=!1,i=this;n(this).one("bsTransitionEnd",function(){e=!0});return
setTimeout(function(){e||n(i).tri [...]
\ No newline at end of file
