Developer Area/Plugins/Third party: Difference between revisions
From Mahara Wiki
< Developer Area | Plugins
No edit summary |
No edit summary |
||
| Line 14: | Line 14: | ||
Current versions marked in <span style="color:red">Red</span> indicate the plugin needs updating/upgrading. | Current versions marked in <span style="color:red">Red</span> indicate the plugin needs updating/upgrading. | ||
{| class=wikitable | {| class="wikitable" | ||
|- style="font-weight:bold;" | |||
! Name | |||
! Readme file | |||
! URL | |||
! License | |||
! Current version | |||
! Latest version | |||
! Min support | |||
! Upgrade type: Sec|Maj|Min | |||
! Security Req. of latest version | |||
! Notes | |||
! style="font-weight:normal;" | Estimated upgrade time | |||
! style="font-weight:normal;" | Notifications | |||
|- | |- | ||
| ADODB | |||
| ./htdocs/lib/adodb/README.mahara | |||
| - https://adodb.org/dokuwiki/doku.php<br />- https://github.com/ADOdb/ADOdb<br />- https://github.com/ADOdb/ADOdb/blob/v5.21.0/docs/changelog.md<br /> | |||
| - BSD 3-Clause<br />- GNU Lesser General Public Licence | |||
| 5.20.20<br /> | |||
| style="color:#000000;" | 5.21.1 | |||
| 5.20.20 | |||
| Security - 5.21.0 incl.5.21.0-beta.1 - 2020-12-20<br />- adodb: prevent SQL injection in SelectLimit()<br />- session: add 'httponly' flag to cookie<br /><br />Minor<br />- Deprecation<br /> - mysqli: Deprecate $optionFlags property in favor<br /> of standard setConnectionParameter() method<br /> | |||
| Yes | |||
| - Compatible with all PHP versions | |||
| ADOB release all news on current releases + important bug fixes on https://twitter.com/ADOdb_announce first. | |||
| | |||
|- | |- | ||
| | | Bootstrap | ||
| htdocs/lib/bootstrap/assets/javascripts/README.Mahara<br /> | |||
| - https://getbootstrap.com/<br />- https://github.com/twbs/release | |||
| MIT License | |||
| 4.6.0 | |||
| 5.1.0 | |||
| 4.x (LTS) - 01 Nov 2022 | |||
| Major | |||
| | |||
| There have been minor point releases since we upgraded and v5 rolling out soon<br />Dependencies: Updated to jQuery v3.5.1, Jekyll v4, and dropped Node.js < 10 for developmen<br /> | |||
| Investigation needed (Liam?) | |||
| Bootstrap has an RSS feed: https://blog.getbootstrap.com/feed.xml <br />and a twitter account: https://twitter.com/getbootstrap | |||
|- | |- | ||
| Bootstrap | | Bootstrap <br />Datetimepicker | ||
| ./htdocs/js/bootstrap-datetimepicker/README.mahara | |||
| - https://getdatepicker.com/<br />- https://github.com/tempusdominus/bootstrap-4<br /> | |||
| MIT License | |||
| 4.17.47 | |||
| 5.39.0 | |||
| Developer has stopped<br />working on the project.<br /> | |||
| None | |||
| | |||
| runs using bootstrap and moment.js <br />Version 4 is not maintained anymore.<br />There is a version 5 but not finished.<br /><br /> | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | Chart.js | ||
| ./htdocs/js/chartjs/README.mahara | |||
| http://www.chartjs.org | |||
| MIT License | |||
| 2.9.3 | |||
| 3.5.1 | |||
| 2.x - 2.9.4<br />3.x - 3.0.0 rel Apr 21<br /> | |||
| Minor - 2.9.4: bug fixes<br /><br />Major - 3.0.0<br /><br />3.0.0 - breaking changes<br />- Migration guide<br /> - https://www.chartjs.org/docs/next/getting-started/v3-migration<br /> - https://www.npmjs.com/package/chart.js - https://www.chartjs.org/docs/next/typedoc/<br /> - https://www.chartjs.org/samples/next/ - https://www.chartjs.org/docs/next/<br /><br /><br />- performance enhancements<br />- new features e.g. animations, legend, axes, grid, tool-tip<br />- dist file rename from Chart.js to chart.js<br />- npm users must register the charts, scales, elements, and <br /> plugins they wish to use.<br />- time scale split into time and timeseries scales<br />- indexable options now loop<br />- horizontal bar tooltip is now 'nearest' to match vertical bar <br /> charts<br />- line chart tension defaults to 0<br />- horizontal bar chart type was removed in favour of new<br /> indexAxis concept<br />- scale ticks are now generated from smallest to largest.<br />- tooltop model changed to include data point. <br /> - value renamed to formattedValue<br />- typescript is used<br />- method provided to lookup a chart from a canvas<br />- LineElement: no fill by default<br />- Rename uppercase types to camel case- Move title, tooltip and legend to options.plugins- Drop legacy browser support- Rename scaleLabel to title in scale options- Use maxOverflow as minimum layout padding- Remove line interaction overrides + hover.onHover<br /><br />Minor - 3.0.1 bug fixes<br /> | |||
| - | |||
| | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | Clipboard js | ||
| ./htdocs/js/clipboard/README.Mahara | |||
| https://clipboardjs.com/ | |||
| MIT License | |||
| 2.0.6 | |||
| 2.0.6 | |||
| | |||
| | |||
| | |||
| Current as of 2021-02-18 | |||
| looks like a bug fix, looks like one of the smaller upgrades | |||
| n/a | |||
|- | |- | ||
| | | Cookie consent | ||
| ./htdocs/js/cookieconsent/README.mahara | |||
| https://www.osano.com/cookieconsent | |||
| MIT License | |||
| 3.1.1 | |||
| 3.1.1 | |||
| | |||
| | |||
| | |||
| Current as of 2021-02-18 <br /> Previous .. NB: Has changed ownership, but there is still an OS version, which we are using | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | CSS Tidy | ||
| ./htdocs/lib/csstidy/README.Mahara | |||
| https://github.com/Cerdic/CSSTidy | |||
| LGPL | |||
| 1.7.1 | |||
| 1.7.3 | |||
| | |||
| | |||
| - | |||
| | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | Dragon-drop | ||
| ./htdocs/js/dragondrop/README.mahara | |||
| https://github.com/schne324/dragon-drop | |||
| MIT License | |||
| 3.2.1 | |||
| 3.2.1 | |||
| | |||
| | |||
| | |||
| Current as of 2021-02-18 <br /> last updated August 2019 | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | Dropzone | ||
| ./htdocs/js/dropzone/README.mahara | |||
| https://github.com/enyo/dropzone | |||
| MIT License | |||
| 5.7.0 | |||
| 5.7.6 | |||
| | |||
| | |||
| | |||
| Released 2021-02-09 <br /> last updated July 2020 | |||
| - | |||
| n/a | |||
|- | |- | ||
| | | Dwoo | ||
| ./htdocs/lib/dwoo/README.Mahara | |||
| http://dwoo.org/, https://github.com/dwoo-project/dwoo | |||
| GNU Lesser General Public License | |||
| 1.3.7 | |||
| 1.3.7 | |||
| | |||
| | |||
| PHP 5.3+ | |||
| Current as of 2021-02-18. Last updated July 2018PHP 5.3+ | |||
| n/a <br />NB: This library is no longer maintained | |||
| n/a <br />We will soon look at replacing this library | |||
|- | |- | ||
| | | Elastic Search | ||
| ./htdocs/lib/elasticsearch/README.Mahara | |||
| https://github.com/elastic/elasticsearch-php | |||
| Apache v2.0 <br />LGPL v2.1 | |||
| 6.1.0 | |||
| 7.11.0 | |||
| | |||
| | |||
| - look in the bug report | |||
| https://github.com/elastic/elasticsearch-php/blob/master/CHANGELOG.md <br /> Patch in review to upgrade to 7.5, (Bug 1840101: update elasticsearch-php to 7.5) <br /> - currently works with ES server 6.8, but not 7.<br />Note that our code needs to be upgraded so we can connect to ES server 7.6, which is a separate issue. | |||
| Investigation in process to upgrade our code.<br />---<br /> Elastic Search PHP 7.8.0 is compatible with Elastic Search 7.8.0 | |||
| signed up to mailing list | |||
|- | |- | ||
| | | fancybox3 | ||
| ./htdocs/js/fancybox/README.Mahara | |||
| https://fancyapps.com/fancybox/3/ | |||
| GPL 3.0 | |||
| 3.5.6 | |||
| 3.5.7 | |||
| | |||
| | |||
| | |||
| no significant changes | |||
| n/a | |||
| Make their announcements via twitter <br />https://twitter.com/thefancyapps | |||
|- | |- | ||
| | | gridstack | ||
| ./htdocs/js/gridstack/README.Mahara | |||
| https://github.com/gridstack/gridstack.js | |||
| MIT License | |||
| 0.4.0 | |||
| 3.3.0 | |||
| | |||
| | |||
| | |||
| A lot of activity in the past few months - looks to be significant structural changes, including removing jquery. | |||
| Investigation needed, but looks like a large change (Cecilia?) <br />Change log: https://github.com/gridstack/gridstack.js/blob/develop/doc/CHANGES.md | |||
| questions can be posted in their slack channel <br />[https://join.slack.com/t/gridstackjs/shared_invite/enQtODE1NzkxMTUzNTIzLTA1NTEzZGE2NzliMGY5M2IwN2UzNWUzYmY2YTA0OTFlMTlmMDA3MTg3MGViZTRhZjM0N2QyODMyMjc1NzY4ZWQ slack channel] | |||
|- | |- | ||
| | | HTML Purifier | ||
| ./htdocs/lib/htmlpurifier/README.Mahara | |||
| http://www.htmlpurifier.org/ | |||
| LGPL v2.1+ | |||
| 4.13.0 | |||
| 4.13.0 | |||
| | |||
| | |||
| PHP >5.3 | |||
| New version supports PHP 7.4 | |||
| | |||
| updates via the 'NEWS' section on github README <br />https://github.com/ezyang/htmlpurifier/blob/v4.13.0/NEWS | |||
|- | |- | ||
| | | Javascript templates | ||
| ./htdocs/js/javascript-templates/README.Mahara | |||
| https://github.com/blueimp/JavaScript-Templates | |||
| MIT License | |||
| 3.11.0 | |||
| 3.19.0 | |||
| | |||
| | |||
| node.js | |||
| They made some formatting changes, but no real changes. We don't need to upgrade | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | jQuery | ||
| ./htdocs/js/jquery/README.Mahara | |||
| http://jquery.com/ | |||
| MIT License | |||
| 3.5.1 | |||
| 3.5.1 | |||
| | |||
| | |||
| | |||
| | |||
| | |||
| Twitter: https://twitter.com/jquery <br /> QA: https://forum.jquery.com/<br /> IRC https://irc.jquery.org/Looks like Bug #1840101 has started looking into this. | |||
|- | |- | ||
| jQuery | | jQuery mobile | ||
| ./htdocs/js/jquery/jquery-mobile/README.Mahara | |||
| http://jquerymobile.com | |||
| MIT License | |||
| 1.5.0-alpha.1 | |||
| 1.5.0-rc1 | |||
| | |||
| | |||
| | |||
| released Sept 2018, last updated Jun 14, 2019 <br />touch.js last updated June 2016 (https://github.com/jquery/jquery-mobile/blob/master/js/events/touch.js) | |||
| No significant changes | |||
| QA: https://forum.jquery.com/jquery-mobile/ | |||
|- | |- | ||
| jQuery | | jQuery UI | ||
| ./htdocs/js/jquery/jquery-ui/README.Mahara | |||
| http://jqueryui.com/ | |||
| MIT License | |||
| 1.12.1 | |||
| 1.12.1 | |||
| | |||
| | |||
| jQuery 1.7+ | |||
| last updated July 2020 | |||
| n/a | |||
| jQuery Accessibility [https://groups.google.com/forum/#!forum/jquery-a11y jquery a11y forum] <br /> | |||
|- | |- | ||
| jQuery UI | | jQuery UI plugin <br />touch-punch | ||
| ./htdocs/js/jquery/jquery-ui/jquery-ui-touch-punch.min.js | |||
| http://touchpunch.furf.com/<br />https://github.com/furf/jquery-ui-touch-punch | |||
| MIT or GPL Version 2 licenses | |||
| 0.2.3 | |||
| 0.2.3 | |||
| | |||
| | |||
| jquery, jquery-ui | |||
| is not currently being maintained - update: the site no longer exists | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | JS Color | ||
| ./htdocs/js/jscolor/README.Mahara | |||
| http://jscolor.com/ | |||
| GPL 3 | |||
| 2.3.3 | |||
| 2.4.5 | |||
| | |||
| | |||
| | |||
| bug fixes, extended features, performance tweaks | |||
| we have no customisations, hopefull straight forward upgrade | |||
| n/a | |||
|- | |- | ||
| | | Json editor | ||
| ./htdocs/js/jsoneditor/README.Mahara | |||
| https://github.com/json-editor/json-editor | |||
| MIT License | |||
| 1.3.0 | |||
| 2.5.1 | |||
| | |||
| | |||
| | |||
| There are a number of changes, not sure how it will affect us | |||
| Investigation needed | |||
| n/a | |||
|- | |- | ||
| | | jTLine | ||
| .htdocs/js/jTLine/README.Mahara | |||
| https://naadydev.github.io/jTLine/ | |||
| MIT License | |||
| 1.0 | |||
| 1.0 | |||
| | |||
| | |||
| | |||
| Last updated Aug 2018. Our version is forked from the original | |||
| n/a | |||
| Twitter: https://twitter.com/naadydev | |||
|- | |- | ||
| | | Lodash | ||
| ./htdocs/js/lodash/README.Mahara | |||
| https://github.com/lodash/lodash | |||
| MIT License | |||
| 4.17.15 | |||
| 4.17.20 | |||
| | |||
| | |||
| | |||
| - | |||
| n/a?? Lodash was brought in with gridstack- gridstack v0.5.0 no longer have it as a requirement, <br />if we upgrade gridstack we can probably let lodash go? | |||
| n/a - after we upgrade gridstack Lodash will be gone | |||
|- | |- | ||
| | | Marked | ||
| ./htdocs/js/marked/README.Mahara | |||
| https://github.com/markedjs/marked | |||
| MIT License | |||
| 1.1.1 | |||
| 2.0.0 | |||
| | |||
| | |||
| | |||
| No security updates | |||
| What we use is a min.js file, so it's hard to diff. Probably small effort to upgrade, but allow for medium due to unknown | |||
| n/a | |||
|- | |- | ||
| | | Masonry | ||
| ./htdocs/js/masonry/README.Mahara | |||
| https://masonry.desandro.com/ | |||
| MIT License | |||
| 4.2.2 | |||
| 4.2.2 | |||
| | |||
| | |||
| | |||
| Current as of 2021-02-18. Last updated Jul 2018 | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | Mobile detect | ||
| ./htdocs/lib/mobile_detect/README.Mahara | |||
| http://mobiledetect.net/ | |||
| MIT License | |||
| 2.8.34 | |||
| 2.8.36 | |||
| | |||
| | |||
| | |||
| Supported devices have been updated | |||
| Updating effort looks small | |||
| n/a | |||
|- | |- | ||
| | | Moment.js | ||
| ./htdocs/js/momentjs/README.Mahara | |||
| http://momentjs.com/ | |||
| MIT License | |||
| 2.24.0 | |||
| 2.29.1 | |||
| | |||
| | |||
| | |||
| used in conjunction with the bootstrap datetimepicker. | |||
| 2 releases have come out, looks like bug fixes <br />change log: https://gist.github.com/marwahaha <br /> probably a small upgrade effort | |||
| n/a | |||
|- | |- | ||
| | | Oauth PHP | ||
| ./htdocs/webservice/libs/oauth-php/README.Mahara | |||
| http://code.google.com/p/oauth-php/ | |||
| MIT License | |||
| 175 | |||
| 175 | |||
| | |||
| | |||
| | |||
| This package is not maintained and was last updated in 2010 | |||
| We should replace with an oauth2 php library https://oauth.net/code/php/ and / or checkout what Moodle do | |||
| n/a | |||
|- | |- | ||
| | | PDFjs | ||
| ./htdocs/artefact/file/blocktype/pdf/js/pdfjs/README.Mahara | |||
| http://mozilla.github.io/pdf.js/getting_started/#download | |||
| Apache License 2 | |||
| 2.2.228 | |||
| 2.6.347 | |||
| | |||
| | |||
| | |||
| change log:https://github.com/mozilla/pdf.js/releases | |||
| Medium to large upgrade, depending on if structure changes. Investigation needed | |||
| n/a | |||
|- | |- | ||
| | | PHPMailer | ||
| ./htdocs/lib/phpmailer/README.Mahara | |||
| https://github.com/PHPMailer/PHPMailer | |||
| LGPL | |||
| 6.1.5 | |||
| 6.2.0 | |||
| | |||
| | |||
| | |||
| Security update as well as compatibility for PHP 8 in latest version. | |||
| In progress <-- is there a patch for this? The latest version is now 6.1.7 (maintenance release) | |||
| n/a | |||
|- | |- | ||
| | | Popper | ||
| ./htdocs/lib/popper/README.Mahara | |||
| https://popper.js.org/ | |||
| MIT License | |||
| 1.16.0 | |||
| 2.7.0 | |||
| | |||
| | |||
| | |||
| Very active project with a lot of releases. | |||
| Used by Bootstrap. When Bootstrap updates to use popper V2x we will be able to upgrade popper.<br />https://github.com/twbs/bootstrap/pull/31178 | |||
| n/a | |||
|- | |- | ||
| | | ReCaptcha | ||
| ./htdocs/lib/recaptcha/README.Mahara | |||
| https://github.com/google/recaptcha | |||
| BSD-3 | |||
| 1.2.1 | |||
| 1.2.4 | |||
| | |||
| | |||
| 5.5+ | |||
| Changes are to documentation, not code, so no need to update | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | Select2 | ||
| ./htdocs/js/select2/README.Mahara | |||
| https://select2.org/ | |||
| MIT License | |||
| 4.0.9 | |||
| 4.0.13 | |||
| | |||
| | |||
| | |||
| Bug fixes and improvements, no major changes or security fixes | |||
| At least medium effort to upgrade, as there are several changes in Mahara and quite a bit of testing | |||
| n/a | |||
|- | |- | ||
| | | simplesamlphp | ||
| /htdocs/auth/saml/extlib/simplesamlphp/README.md | |||
| https://github.com/simplesamlphp/simplesamlphp | |||
| GPL 2.1 | |||
| 1.18.7 | |||
| 1.18.8 | |||
| | |||
| | |||
| | |||
| | |||
| | |||
| We have joined the mailing list<br />https://simplesamlphp.org/lists | |||
|- | |- | ||
| | | Skin fonts | ||
| /htdocs/lib/fonts/README.Mahara | |||
| - http://www.fontsquirrel.com/fonts/Aurulent-Sans<br />- http://www.fontsquirrel.com/fonts/DejaVu-Sans<br />- http://scripts.sil.org/cms/scripts/page.php?item_id=CharisSIL<br />- http://sourceforge.net/projects/gs-fonts/ | |||
| Multiple licenses | |||
| - n/a<br />- 2.29<br />- 5.000<br />- 8.11 | |||
| | |||
| | |||
| | |||
| | |||
| no changes | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | System fonts | ||
| - ./htdocs/theme/raw/fonts/README.Mahara<br />- ./htdocs/theme/raw/sass/lib/font-awesome/README.Mahara | |||
| - http://fontawesome.io<br />- https://www.google.com/fonts/specimen/Open+Sans<br />- https://www.google.com/fonts/specimen/Roboto+Slab | |||
| - http://fontawesome.io/license<br />- MIT License<br />- Apache License version 2.0 | |||
| - 5.8.1<br />- 1<br />- 1<br />- 1.9 | |||
| - 5.14.0<br />- 1<br />- 1<br />- 1.9 | |||
| | |||
| | |||
| | |||
| changes to unicode for fontawesome <br />- https://github.com/FortAwesome/Font-Awesome/blob/master/UPGRADING.md | |||
| medium effort to upgrade due to needing to check for issues. | |||
| n/a<br />Current at July 2020 | |||
|- | |- | ||
| | | TinyMCE | ||
| ./htdocs/js/tinymce/README.Mahara | |||
| https://www.tiny.cloud/ | |||
| LGPL | |||
| 5.0.13 | |||
| 5.7.0 | |||
| | |||
| | |||
| | |||
| A number of bug fixes and improvements<br />https://www.tiny.cloud/docs/changelog/<br />Test on mobile when updating | |||
| probably only worth updating if we are affected by any of the bugs they are fixing. <br />Need to investigate that and how long it would take. | |||
| Blog: https://www.tiny.cloud/blog/category/news-and-updates/ | |||
|- | |- | ||
| TinyMCE | | TinyMCE - Mathslate | ||
| ./htdocs/js/tinymce/plugins/mathslate/README.Mahara | |||
| https://github.com/dthies/tinymce4-mathslate | |||
| GPL 3 | |||
| 1.1 | |||
| 1.1 | |||
| | |||
| | |||
| | |||
| no changes<br />Our version is now forked to keep make it work with Tinymce 5 | |||
| n/a | |||
| n/a | |||
|- | |- | ||
| | | Video.js | ||
| ./htdocs/artefact/file/blocktype/internalmedia/<br />videojs/README.Mahara | |||
| http://videojs.com/ | |||
| Apache License 2.0 | |||
| 7.6.5 | |||
| 7.11.4 | |||
| | |||
| | |||
| | |||
| Some bug fixes. Looks mostly minor changes<br />https://github.com/videojs/video.js/releases | |||
| Needs investigation. Probably small to medium | |||
| we have signed up to their mailing list | |||
|- | |- | ||
| | | zxcvbn | ||
| ./htdocs/js/zxcvbn/README.Mahara | |||
| https://github.com/dropbox/zxcvbn | |||
| MIT License | |||
| 4.4.2 | |||
| 4.4.2 | |||
| | |||
| | |||
| | |||
| Current as of 2021-02-18<br />Last updated Feb 2017 | |||
| Should we change to a maintained library, eg https://github.com/bjeavons/zxcvCurrent at July 2020bn-php? <br />Yes we should but is that one just a port of the js version or is it an updated / more robust system?<br /> | |||
| | |||
|- | |- | ||
| composer.json | |||
| https://git.mahara.org/mahara/mahara/<br />-/blob/master/external/composer.json | |||
| composer.json | | | ||
| | |||
| | |||
| | |||
| | |||
| | |||
| | |||
| There is a list of libraries that Mahara uses sitting in this file which also need updating too | |||
| | |||
| | |||
|} | |} | ||
Revision as of 20:05, 19 August 2021
A list of the third party plugins within Mahara.
A helpful way to update this list is to go:
find ./htdocs -type f -iname "README.Mahara" -exec grep 'Version' -B1 {} \; -print
on the current codebase.
Note: another thing to keep in sync is the country names we use for 'Country' dropdowns. To check what the current state of play is
perl -MLocale::Country -le 'print join("\n", sort map { country2code($_) . " => " . country2code($_, LOCALE_CODE_ALPHA_3) . ", // " . $_ } all_country_names())'
and check the results against htdocs/lib/country.php and htdocs/lang/en.utf8/mahara.php files For any confusion you can also check against https://www.iso.org
Indicating what version they are on in Mahara and what they currently are on at time of publishing 18 Feb 2021.
Current versions marked in Red indicate the plugin needs updating/upgrading.
| Name | Readme file | URL | License | Current version | Latest version | Min support | Maj|Min | Security Req. of latest version | Notes | Estimated upgrade time | Notifications |
|---|---|---|---|---|---|---|---|---|---|---|---|
| ADODB | ./htdocs/lib/adodb/README.mahara | - https://adodb.org/dokuwiki/doku.php - https://github.com/ADOdb/ADOdb - https://github.com/ADOdb/ADOdb/blob/v5.21.0/docs/changelog.md |
- BSD 3-Clause - GNU Lesser General Public Licence |
5.20.20 |
5.21.1 | 5.20.20 | Security - 5.21.0 incl.5.21.0-beta.1 - 2020-12-20 - adodb: prevent SQL injection in SelectLimit() - session: add 'httponly' flag to cookie Minor - Deprecation - mysqli: Deprecate $optionFlags property in favor of standard setConnectionParameter() method |
Yes | - Compatible with all PHP versions | ADOB release all news on current releases + important bug fixes on https://twitter.com/ADOdb_announce first. | |
| Bootstrap | htdocs/lib/bootstrap/assets/javascripts/README.Mahara |
- https://getbootstrap.com/ - https://github.com/twbs/release |
MIT License | 4.6.0 | 5.1.0 | 4.x (LTS) - 01 Nov 2022 | Major | There have been minor point releases since we upgraded and v5 rolling out soon Dependencies: Updated to jQuery v3.5.1, Jekyll v4, and dropped Node.js < 10 for developmen |
Investigation needed (Liam?) | Bootstrap has an RSS feed: https://blog.getbootstrap.com/feed.xml and a twitter account: https://twitter.com/getbootstrap | |
| Bootstrap Datetimepicker |
./htdocs/js/bootstrap-datetimepicker/README.mahara | - https://getdatepicker.com/ - https://github.com/tempusdominus/bootstrap-4 |
MIT License | 4.17.47 | 5.39.0 | Developer has stopped working on the project. |
None | runs using bootstrap and moment.js Version 4 is not maintained anymore. There is a version 5 but not finished. |
n/a | n/a | |
| Chart.js | ./htdocs/js/chartjs/README.mahara | http://www.chartjs.org | MIT License | 2.9.3 | 3.5.1 | 2.x - 2.9.4 3.x - 3.0.0 rel Apr 21 |
Minor - 2.9.4: bug fixes Major - 3.0.0 3.0.0 - breaking changes - Migration guide - https://www.chartjs.org/docs/next/getting-started/v3-migration - https://www.npmjs.com/package/chart.js - https://www.chartjs.org/docs/next/typedoc/ - https://www.chartjs.org/samples/next/ - https://www.chartjs.org/docs/next/ - performance enhancements - new features e.g. animations, legend, axes, grid, tool-tip - dist file rename from Chart.js to chart.js - npm users must register the charts, scales, elements, and plugins they wish to use. - time scale split into time and timeseries scales - indexable options now loop - horizontal bar tooltip is now 'nearest' to match vertical bar charts - line chart tension defaults to 0 - horizontal bar chart type was removed in favour of new indexAxis concept - scale ticks are now generated from smallest to largest. - tooltop model changed to include data point. - value renamed to formattedValue - typescript is used - method provided to lookup a chart from a canvas - LineElement: no fill by default - Rename uppercase types to camel case- Move title, tooltip and legend to options.plugins- Drop legacy browser support- Rename scaleLabel to title in scale options- Use maxOverflow as minimum layout padding- Remove line interaction overrides + hover.onHover Minor - 3.0.1 bug fixes |
- | n/a | n/a | |
| Clipboard js | ./htdocs/js/clipboard/README.Mahara | https://clipboardjs.com/ | MIT License | 2.0.6 | 2.0.6 | Current as of 2021-02-18 | looks like a bug fix, looks like one of the smaller upgrades | n/a | |||
| Cookie consent | ./htdocs/js/cookieconsent/README.mahara | https://www.osano.com/cookieconsent | MIT License | 3.1.1 | 3.1.1 | Current as of 2021-02-18 Previous .. NB: Has changed ownership, but there is still an OS version, which we are using |
n/a | n/a | |||
| CSS Tidy | ./htdocs/lib/csstidy/README.Mahara | https://github.com/Cerdic/CSSTidy | LGPL | 1.7.1 | 1.7.3 | - | n/a | n/a | |||
| Dragon-drop | ./htdocs/js/dragondrop/README.mahara | https://github.com/schne324/dragon-drop | MIT License | 3.2.1 | 3.2.1 | Current as of 2021-02-18 last updated August 2019 |
n/a | n/a | |||
| Dropzone | ./htdocs/js/dropzone/README.mahara | https://github.com/enyo/dropzone | MIT License | 5.7.0 | 5.7.6 | Released 2021-02-09 last updated July 2020 |
- | n/a | |||
| Dwoo | ./htdocs/lib/dwoo/README.Mahara | http://dwoo.org/, https://github.com/dwoo-project/dwoo | GNU Lesser General Public License | 1.3.7 | 1.3.7 | PHP 5.3+ | Current as of 2021-02-18. Last updated July 2018PHP 5.3+ | n/a NB: This library is no longer maintained |
n/a We will soon look at replacing this library | ||
| Elastic Search | ./htdocs/lib/elasticsearch/README.Mahara | https://github.com/elastic/elasticsearch-php | Apache v2.0 LGPL v2.1 |
6.1.0 | 7.11.0 | - look in the bug report | https://github.com/elastic/elasticsearch-php/blob/master/CHANGELOG.md Patch in review to upgrade to 7.5, (Bug 1840101: update elasticsearch-php to 7.5) - currently works with ES server 6.8, but not 7. Note that our code needs to be upgraded so we can connect to ES server 7.6, which is a separate issue. |
Investigation in process to upgrade our code. --- Elastic Search PHP 7.8.0 is compatible with Elastic Search 7.8.0 |
signed up to mailing list | ||
| fancybox3 | ./htdocs/js/fancybox/README.Mahara | https://fancyapps.com/fancybox/3/ | GPL 3.0 | 3.5.6 | 3.5.7 | no significant changes | n/a | Make their announcements via twitter https://twitter.com/thefancyapps | |||
| gridstack | ./htdocs/js/gridstack/README.Mahara | https://github.com/gridstack/gridstack.js | MIT License | 0.4.0 | 3.3.0 | A lot of activity in the past few months - looks to be significant structural changes, including removing jquery. | Investigation needed, but looks like a large change (Cecilia?) Change log: https://github.com/gridstack/gridstack.js/blob/develop/doc/CHANGES.md |
questions can be posted in their slack channel slack channel | |||
| HTML Purifier | ./htdocs/lib/htmlpurifier/README.Mahara | http://www.htmlpurifier.org/ | LGPL v2.1+ | 4.13.0 | 4.13.0 | PHP >5.3 | New version supports PHP 7.4 | updates via the 'NEWS' section on github README https://github.com/ezyang/htmlpurifier/blob/v4.13.0/NEWS | |||
| Javascript templates | ./htdocs/js/javascript-templates/README.Mahara | https://github.com/blueimp/JavaScript-Templates | MIT License | 3.11.0 | 3.19.0 | node.js | They made some formatting changes, but no real changes. We don't need to upgrade | n/a | n/a | ||
| jQuery | ./htdocs/js/jquery/README.Mahara | http://jquery.com/ | MIT License | 3.5.1 | 3.5.1 | Twitter: https://twitter.com/jquery QA: https://forum.jquery.com/ IRC https://irc.jquery.org/Looks like Bug #1840101 has started looking into this. | |||||
| jQuery mobile | ./htdocs/js/jquery/jquery-mobile/README.Mahara | http://jquerymobile.com | MIT License | 1.5.0-alpha.1 | 1.5.0-rc1 | released Sept 2018, last updated Jun 14, 2019 touch.js last updated June 2016 (https://github.com/jquery/jquery-mobile/blob/master/js/events/touch.js) |
No significant changes | QA: https://forum.jquery.com/jquery-mobile/ | |||
| jQuery UI | ./htdocs/js/jquery/jquery-ui/README.Mahara | http://jqueryui.com/ | MIT License | 1.12.1 | 1.12.1 | jQuery 1.7+ | last updated July 2020 | n/a | jQuery Accessibility jquery a11y forum | ||
| jQuery UI plugin touch-punch |
./htdocs/js/jquery/jquery-ui/jquery-ui-touch-punch.min.js | http://touchpunch.furf.com/ https://github.com/furf/jquery-ui-touch-punch |
MIT or GPL Version 2 licenses | 0.2.3 | 0.2.3 | jquery, jquery-ui | is not currently being maintained - update: the site no longer exists | n/a | n/a | ||
| JS Color | ./htdocs/js/jscolor/README.Mahara | http://jscolor.com/ | GPL 3 | 2.3.3 | 2.4.5 | bug fixes, extended features, performance tweaks | we have no customisations, hopefull straight forward upgrade | n/a | |||
| Json editor | ./htdocs/js/jsoneditor/README.Mahara | https://github.com/json-editor/json-editor | MIT License | 1.3.0 | 2.5.1 | There are a number of changes, not sure how it will affect us | Investigation needed | n/a | |||
| jTLine | .htdocs/js/jTLine/README.Mahara | https://naadydev.github.io/jTLine/ | MIT License | 1.0 | 1.0 | Last updated Aug 2018. Our version is forked from the original | n/a | Twitter: https://twitter.com/naadydev | |||
| Lodash | ./htdocs/js/lodash/README.Mahara | https://github.com/lodash/lodash | MIT License | 4.17.15 | 4.17.20 | - | n/a?? Lodash was brought in with gridstack- gridstack v0.5.0 no longer have it as a requirement, if we upgrade gridstack we can probably let lodash go? |
n/a - after we upgrade gridstack Lodash will be gone | |||
| Marked | ./htdocs/js/marked/README.Mahara | https://github.com/markedjs/marked | MIT License | 1.1.1 | 2.0.0 | No security updates | What we use is a min.js file, so it's hard to diff. Probably small effort to upgrade, but allow for medium due to unknown | n/a | |||
| Masonry | ./htdocs/js/masonry/README.Mahara | https://masonry.desandro.com/ | MIT License | 4.2.2 | 4.2.2 | Current as of 2021-02-18. Last updated Jul 2018 | n/a | n/a | |||
| Mobile detect | ./htdocs/lib/mobile_detect/README.Mahara | http://mobiledetect.net/ | MIT License | 2.8.34 | 2.8.36 | Supported devices have been updated | Updating effort looks small | n/a | |||
| Moment.js | ./htdocs/js/momentjs/README.Mahara | http://momentjs.com/ | MIT License | 2.24.0 | 2.29.1 | used in conjunction with the bootstrap datetimepicker. | 2 releases have come out, looks like bug fixes change log: https://gist.github.com/marwahaha probably a small upgrade effort |
n/a | |||
| Oauth PHP | ./htdocs/webservice/libs/oauth-php/README.Mahara | http://code.google.com/p/oauth-php/ | MIT License | 175 | 175 | This package is not maintained and was last updated in 2010 | We should replace with an oauth2 php library https://oauth.net/code/php/ and / or checkout what Moodle do | n/a | |||
| PDFjs | ./htdocs/artefact/file/blocktype/pdf/js/pdfjs/README.Mahara | http://mozilla.github.io/pdf.js/getting_started/#download | Apache License 2 | 2.2.228 | 2.6.347 | change log:https://github.com/mozilla/pdf.js/releases | Medium to large upgrade, depending on if structure changes. Investigation needed | n/a | |||
| PHPMailer | ./htdocs/lib/phpmailer/README.Mahara | https://github.com/PHPMailer/PHPMailer | LGPL | 6.1.5 | 6.2.0 | Security update as well as compatibility for PHP 8 in latest version. | In progress <-- is there a patch for this? The latest version is now 6.1.7 (maintenance release) | n/a | |||
| Popper | ./htdocs/lib/popper/README.Mahara | https://popper.js.org/ | MIT License | 1.16.0 | 2.7.0 | Very active project with a lot of releases. | Used by Bootstrap. When Bootstrap updates to use popper V2x we will be able to upgrade popper. https://github.com/twbs/bootstrap/pull/31178 |
n/a | |||
| ReCaptcha | ./htdocs/lib/recaptcha/README.Mahara | https://github.com/google/recaptcha | BSD-3 | 1.2.1 | 1.2.4 | 5.5+ | Changes are to documentation, not code, so no need to update | n/a | n/a | ||
| Select2 | ./htdocs/js/select2/README.Mahara | https://select2.org/ | MIT License | 4.0.9 | 4.0.13 | Bug fixes and improvements, no major changes or security fixes | At least medium effort to upgrade, as there are several changes in Mahara and quite a bit of testing | n/a | |||
| simplesamlphp | /htdocs/auth/saml/extlib/simplesamlphp/README.md | https://github.com/simplesamlphp/simplesamlphp | GPL 2.1 | 1.18.7 | 1.18.8 | We have joined the mailing list https://simplesamlphp.org/lists | |||||
| Skin fonts | /htdocs/lib/fonts/README.Mahara | - http://www.fontsquirrel.com/fonts/Aurulent-Sans - http://www.fontsquirrel.com/fonts/DejaVu-Sans - http://scripts.sil.org/cms/scripts/page.php?item_id=CharisSIL - http://sourceforge.net/projects/gs-fonts/ |
Multiple licenses | - n/a - 2.29 - 5.000 - 8.11 |
no changes | n/a | n/a | ||||
| System fonts | - ./htdocs/theme/raw/fonts/README.Mahara - ./htdocs/theme/raw/sass/lib/font-awesome/README.Mahara |
- http://fontawesome.io - https://www.google.com/fonts/specimen/Open+Sans - https://www.google.com/fonts/specimen/Roboto+Slab |
- http://fontawesome.io/license - MIT License - Apache License version 2.0 |
- 5.8.1 - 1 - 1 - 1.9 |
- 5.14.0 - 1 - 1 - 1.9 |
changes to unicode for fontawesome - https://github.com/FortAwesome/Font-Awesome/blob/master/UPGRADING.md |
medium effort to upgrade due to needing to check for issues. | n/a Current at July 2020 | |||
| TinyMCE | ./htdocs/js/tinymce/README.Mahara | https://www.tiny.cloud/ | LGPL | 5.0.13 | 5.7.0 | A number of bug fixes and improvements https://www.tiny.cloud/docs/changelog/ Test on mobile when updating |
probably only worth updating if we are affected by any of the bugs they are fixing. Need to investigate that and how long it would take. |
Blog: https://www.tiny.cloud/blog/category/news-and-updates/ | |||
| TinyMCE - Mathslate | ./htdocs/js/tinymce/plugins/mathslate/README.Mahara | https://github.com/dthies/tinymce4-mathslate | GPL 3 | 1.1 | 1.1 | no changes Our version is now forked to keep make it work with Tinymce 5 |
n/a | n/a | |||
| Video.js | ./htdocs/artefact/file/blocktype/internalmedia/ videojs/README.Mahara |
http://videojs.com/ | Apache License 2.0 | 7.6.5 | 7.11.4 | Some bug fixes. Looks mostly minor changes https://github.com/videojs/video.js/releases |
Needs investigation. Probably small to medium | we have signed up to their mailing list | |||
| zxcvbn | ./htdocs/js/zxcvbn/README.Mahara | https://github.com/dropbox/zxcvbn | MIT License | 4.4.2 | 4.4.2 | Current as of 2021-02-18 Last updated Feb 2017 |
Should we change to a maintained library, eg https://github.com/bjeavons/zxcvCurrent at July 2020bn-php? Yes we should but is that one just a port of the js version or is it an updated / more robust system? |
||||
| composer.json | https://git.mahara.org/mahara/mahara/ -/blob/master/external/composer.json |
There is a list of libraries that Mahara uses sitting in this file which also need updating too |