[
https://issues.apache.org/jira/browse/SPARK-30654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17105744#comment-17105744
]
Apache Spark commented on SPARK-30654:
--------------------------------------
User 'sarutak' has created a pull request for this issue:
https://github.com/apache/spark/pull/28515
> Update Docs Bootstrap to 4.4.1
> ------------------------------
>
> Key: SPARK-30654
> URL: https://issues.apache.org/jira/browse/SPARK-30654
> Project: Spark
> Issue Type: Improvement
> Components: Documentation
> Affects Versions: 3.1.0
> Reporter: Dale Clarke
> Assignee: Dale Clarke
> Priority: Major
>
> We are using an older version of Bootstrap (v. 2.1.0) for the online
> documentation site. Bootstrap 2.x was moved to EOL in Aug 2013 and Bootstrap
> 3.x was moved to EOL in July 2019 ([https://github.com/twbs/release)]. Older
> versions of Bootstrap are also getting flagged in security scans for various
> CVEs:
> * [https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889]
> * [https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-173700]
> * [https://snyk.io/vuln/npm:bootstrap:20180529]
> * [https://snyk.io/vuln/npm:bootstrap:20160627]
> I haven't validated each CVE, but it would probably be good practice to
> resolve any potential issues and get on a supported release.
> The bad news is that there have been quite a few changes between Bootstrap 2
> and Bootstrap 4. I've tried updating the library, refactoring/tweaking the
> CSS and JS to maintain a similar appearance and functionality, and testing
> the documentation. This is a fairly large change so I'm sure additional
> testing and fixes will be needed.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org
