-
New Feature
-
Resolution: Fixed
-
Minor
luxon-1.21.1.js
luxon-1.21.1.min.js
Both are High Findings in Whitesource.
Is it possible to update the libs in the next release?
Thanks in advance
[JENKINS-70409] Update dependency to dendency Luxon to latest version
Nicole
created issue -
| Assignee | Original: Ulli Hafner [ drulli ] | |
| Labels | New: help-wanted newbie-friendly |
| Summary | Original: Whitesource-Finding luxon | New: Update dependency to dendency Luxon |
| Summary | Original: Update dependency to dendency Luxon | New: Update dependency to dendency Luxon to latest version |
Fiona
added a comment - Hi i would like to contribute to this but i have seen from the package-lock JSON file that luxon is already the latest version.
Maybe adding it to the package.json file is the issue? please guide me .Thanks.
Fiona
added a comment - Hi i would like to contribute to this but i have seen from the package-lock JSON file that luxon is already the latest version.
Maybe adding it to the package.json file is the issue? please guide me .Thanks. 
Nicole
added a comment - Maybe I am wrong, but data-tables-api-plugin\src\main\webapp\js\luxon.js and cdnjs/ajax/libs/luxon/1.21.1 at master · cdnjs/cdnjs · GitHub
seems to be the same...
Diff with https://github.com/cdnjs/cdnjs/tree/master/ajax/libs/luxon/3.2.1 seems to be more different.
Whitesource recommends Upgrade to version luxon - 1.28.1,2.5.2,3.2.1
...maybe upgrading to 1.28 would fit
Nicole
added a comment - Maybe I am wrong, but data-tables-api-plugin\src\main\webapp\js\luxon.js and cdnjs/ajax/libs/luxon/1.21.1 at master · cdnjs/cdnjs · GitHub
seems to be the same...
Diff with https://github.com/cdnjs/cdnjs/tree/master/ajax/libs/luxon/3.2.1 seems to be more different.
Whitesource recommends Upgrade to version luxon - 1.28.1,2.5.2,3.2.1
...maybe upgrading to 1.28 would fit
The actual problem is that luxon.js is currently deployed as a fixed and checked in JS file that is part of the sources folder. We need to remove that file and deploy the automatically downloaded artifact right after npm install has been invoked. This is done for all other JS libraries of the data tables distribution but Luxon simply has been forgotten.
Steps to fix the problem:
1. Remove Luxon from https://github.com/jenkinsci/data-tables-api-plugin/tree/master/src/main/webapp/js
2. Reference Luxon latest version in package.json
3. Copy Luxon in the same way to the output JS folder as shown in https://github.com/jenkinsci/data-tables-api-plugin/blob/master/pom.xml#L130
4. Create and deploy the plugin to your Jenkins instance to see if timestamps are still correctly shown in a table that uses Luxon
| Comment | [ The actual problem is that luxon.js is currently deployed as a fixed and checked in JS file that is part of the sources folder. We need to remove that file and deploy the automatically downloaded artifact right after {{npm install}} has been invoked. This is done for all other JS libraries of the data tables distribution but Luxon simply has been forgotten. ] |
Udit
added a comment - I would like to work on this issue nicoleschultz
Currently I am understanding how implementation can be done according to Ulli Hafner's msg.
Udit
added a comment - I would like to work on this issue nicoleschultz
Currently I am understanding how implementation can be done according to Ulli Hafner's msg.
Maybe it would make even more sense to add it as dependency to package.json so that it gets automatically updated via Dependabot.
Interested in providing a PR?