Dale Clarke created SPARK-30655:
-----------------------------------
Summary: Update WebUI Bootstrap to 4.4.1
Key: SPARK-30655
URL: https://issues.apache.org/jira/browse/SPARK-30655
Project: Spark
Issue Type: Improvement
Components: Web UI
Affects Versions: 3.0.0
Reporter: Dale Clarke
Spark is using an older version of Bootstrap (v. 2.3.2) for the Web UI pages.
Bootstrap 2.x was moved to EOL in Aug 2013 and Bootstrap 3.x was moved to EOL
in July 2019 ([https://github.com/twbs/release)]. Older versions of Bootstrap
are also getting flagged in security scans for various CVEs:
* [https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889]
* [https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-173700]
* [https://snyk.io/vuln/npm:bootstrap:20180529]
* [https://snyk.io/vuln/npm:bootstrap:20160627]
I haven't validated each CVE, but it would probably be good practice to resolve
any potential issues and get on a supported release.
The bad news is that there have been quite a few changes between Bootstrap 2
and Bootstrap 4. I've tried updating the library, refactoring/tweaking the CSS
and JS to maintain a similar appearance and functionality, and testing the
documentation. As with the ticket created for the outdated Bootstrap version
in the docs (SPARK-30654), this is a fairly large change so I'm sure additional
testing and fixes will be needed.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
