[
https://issues.apache.org/jira/browse/RANGER-4304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17916351#comment-17916351
]
Arnout Engelen commented on RANGER-4304:
----------------------------------------
This is great, thanks for deploying those changes!
> Update swagger version in Ranger
> --------------------------------
>
> Key: RANGER-4304
> URL: https://issues.apache.org/jira/browse/RANGER-4304
> Project: Ranger
> Issue Type: Improvement
> Components: documentation
> Reporter: Arnout Engelen
> Assignee: Mugdha Varadkar
> Priority: Major
> Fix For: 3.0.0, 2.5.0
>
> Attachments: 0001-RANGER-4304-ranger-site.patch,
> 0001-RANGER-4304.patch, 0002-RANGER-4304.patch, screenshot-swagger-version.png
>
>
> The Ranger website embeds a Swagger UI, AFAICS currently version 2.2.10.
> Older versions of swagger, such as this one, suffer from a number of security
> weaknesses.
>
> While fortunately [https://ranger.apache.org|https://ranger.apache.org/] does
> not have any sensitive cookies or login mechanism or similar, so there isn't
> really anything to compromise, it would be good to update to a recent version
> of Swagger. Could you look into that?
>
> It is somewhat unclear to me whether the ranger site is maintained in SVN
> ([https://svn.apache.org/viewvc/ranger/site/)] or git
> ([https://github.com/apache/ranger-site])
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
