Actions

Developer Area/Plugins/Third party: Difference between revisions

From Mahara Wiki

< Developer Area‎ | Plugins
No edit summary
No edit summary
Line 24: Line 24:
! Min support
! Min support
! Upgrade type: Sec|Maj|Min
! Upgrade type: Sec|Maj|Min
! Security Req. of latest version
! Security fix
! Notes
! Notes
! style="font-weight:normal;" | Estimated upgrade time
! style="font-weight:normal;" | Estimated upgrade time
Line 53: Line 53:
|  
|  
|  
|  
| Bootstrap has an RSS feed: https://blog.getbootstrap.com/feed.xml <br />and a twitter account: https://twitter.com/getbootstrap
| <br />
|-
|-
| Bootstrap <br />Datetimepicker
| Bootstrap <br />Datetimepicker
Line 66: Line 66:
| runs using bootstrap and moment.js  <br />Version 4 is not maintained anymore.<br />There is a version 5 but not finished.<br /><br />
| runs using bootstrap and moment.js  <br />Version 4 is not maintained anymore.<br />There is a version 5 but not finished.<br /><br />
|  
|  
| n/a
|  
|-
|-
| Chart.js
| Chart.js
Line 79: Line 79:
|  
|  
|  
|  
| n/a
|  
|-
|-
| Clipboard js
| Clipboard js
Line 92: Line 92:
|  
|  
|  
|  
| n/a
|  
|-
|-
| Cookie consent
| Cookie consent
Line 105: Line 105:
| Looks like the opensource version is not maintained - last update two years ago.<br />The site talks about new versions 2021.6 and 2021.2.3 which are not available. on GitHub.<br />
| Looks like the opensource version is not maintained - last update two years ago.<br />The site talks about new versions 2021.6 and 2021.2.3 which are not available. on GitHub.<br />
|  
|  
| n/a
|  
|-
|-
| CSS Tidy
| CSS Tidy
Line 118: Line 118:
|  
|  
|  
|  
| n/a
|  
|-
|-
| Dragon-drop
| Dragon-drop
Line 131: Line 131:
| Current as of 2021-02-18 <br /> last updated August 2019
| Current as of 2021-02-18 <br /> last updated August 2019
|  
|  
| n/a
|  
|-
|-
| Datatables
| Datatables
Line 157: Line 157:
| Released 2021-02-09 <br /> last updated July 2020
| Released 2021-02-09 <br /> last updated July 2020
|  
|  
| n/a
|  
|-
|-
| Dwoo
| Dwoo
Line 165: Line 165:
| 1.3.7
| 1.3.7
| 1.3.7
| 1.3.7
|  
| Needs replacing.<br />
| None
|  
|  
| PHP 5.3+
| PHP 5.3+
| Current as of 2021-02-18. Last updated July 2018PHP 5.3+
| NB: This library is no longer maintained
| NB: This library is no longer maintained
| n/a <br />We will soon look at replacing this library
| We will soon look at replacing this library
|-
|-
| Elastic Search
| Elastic Search
Line 179: Line 179:
| 7.11.0
| 7.11.0
|  
|  
| WIP - Gold
|  
|  
| - look in the bug report
| https://github.com/elastic/elasticsearch-php/blob/master/CHANGELOG.md <br /> Patch in review to upgrade to 7.5, (Bug 1840101: update elasticsearch-php to 7.5) <br />  -  currently works with ES server 6.8, but not 7.<br />Note that our code needs to be upgraded so we can connect to ES server 7.6, which is a separate issue.
| https://github.com/elastic/elasticsearch-php/blob/master/CHANGELOG.md <br /> Patch in review to upgrade to 7.5, (Bug 1840101: update elasticsearch-php to 7.5) <br />  -  currently works with ES server 6.8, but not 7.<br />Note that our code needs to be upgraded so we can connect to ES server 7.6, which is a separate issue.
| Investigation in process to upgrade our code.<br />---<br /> Elastic Search PHP 7.8.0 is compatible with Elastic Search 7.8.0
| Investigation in process to upgrade our code.<br />---<br /> Elastic Search PHP 7.8.0 is compatible with Elastic Search 7.8.0
Line 187: Line 187:
| fancybox3
| fancybox3
| ./htdocs/js/fancybox/
| ./htdocs/js/fancybox/
| https://fancyapps.com/fancybox/3/
| https://fancyapps.com/fancybox/3/ - discont.<br />https://fancyapps.com/docs/ui/fancybox - final v4<br /><br />https://github.com/fancyapps/ui - in BETA stage<br />https://fancyapps.com/docs/ui/installation<br />
| GPL 3.0
| Creative Commons: CC BY-SA 4.0 license
| 3.5.6
| 3.5.6
| 3.5.7
| 3.5.7
|  
|  
| None - wait until v4 is not in Beta.<br />
|  
|  
|  
|  
| no significant changes
| https://fancyapps.com/next/
|  
| https://twitter.com/thefancyapps
| Make their announcements via twitter <br />https://twitter.com/thefancyapps
|-
|-
| gridstack
| gridstack
Line 202: Line 202:
| https://github.com/gridstack/gridstack.js
| https://github.com/gridstack/gridstack.js
| MIT License
| MIT License
| 0.4.0
| 0.6.4
| 3.3.0
| 3.3.0
|  
|  
|  
| WIP<br />
|  
|  
| A lot of activity in the past few months - looks to be significant structural changes, including removing jquery.
| A lot of activity in the past few months - looks to be significant structural changes, including removing jquery.
Line 218: Line 218:
| 4.13.0
| 4.13.0
|  
|  
| None
|  
|  
| PHP >5.3
| No releases since June 2020
| New version supports PHP 7.4
|  
|  
| updates via the 'NEWS' section on github README <br />https://github.com/ezyang/htmlpurifier/blob/v4.13.0/NEWS
| updates via the 'NEWS' section on github README <br />https://github.com/ezyang/htmlpurifier/blob/v4.13.0/NEWS
Line 228: Line 228:
| https://github.com/blueimp/JavaScript-Templates
| https://github.com/blueimp/JavaScript-Templates
| MIT License
| MIT License
| 3.11.0
| 3.19.0
| 3.19.0
| 3.19.0
|  
|  
| None
|  
|  
| node.js
| No releases since Sept 2020
| They made some formatting changes, but no real changes. We don't need to upgrade
| n/a
| n/a
| n/a
|
|-
|-
| jQuery
| jQuery
| ./htdocs/js/jquery/
| ./htdocs/js/jquery/
| http://jquery.com/
| http://jquery.com/<br />https://github.com/jquery/jquery<br />
| MIT License
| MIT License
| 3.5.1
| 3.5.1
| 3.5.1
| 3.6.0
|
|
|  
|  
| Minor
|  
|  
| https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/
|  
|  
| Twitter: https://twitter.com/jquery <br /> QA: https://forum.jquery.com/<br /> IRC https://irc.jquery.org/Looks like Bug #1840101 has started looking into this.
| Twitter: https://twitter.com/jquery <br /> QA: https://forum.jquery.com/<br /> IRC https://irc.jquery.org/Looks like Bug #1840101 has started looking into this.
Line 257: Line 257:
| 1.5.0-rc1
| 1.5.0-rc1
|  
|  
| None
|  
|  
|
| released Sept 2018<br />touch.js last updated June 2016 (https://github.com/jquery/jquery-mobile/blob/master/js/events/touch.js)
| released Sept 2018, last updated  Jun 14, 2019 <br />touch.js last updated June 2016 (https://github.com/jquery/jquery-mobile/blob/master/js/events/touch.js)
| No significant changes
| No significant changes
| QA: https://forum.jquery.com/jquery-mobile/
| QA: https://forum.jquery.com/jquery-mobile/
Line 269: Line 269:
| 1.12.1
| 1.12.1
| 1.12.1
| 1.12.1
|
| None
|  
|  
|  
|  
| jQuery 1.7+
| last updated July 2020
| n/a
| n/a
| jQuery Accessibility [https://groups.google.com/forum/#!forum/jquery-a11y jquery a11y forum] <br />
| jQuery Accessibility [https://groups.google.com/forum/#!forum/jquery-a11y jquery a11y forum] <br />
Line 283: Line 283:
| 0.2.3
| 0.2.3
|  
|  
| None
|  
|  
| jquery, jquery-ui
| Doesn't exist anymore.<br /><br />jquery, jquery-ui<br />
| is not currently being maintained - update: the site no longer exists
| n/a
| n/a
| n/a
|
|-
|-
| JS Color
| JS Color
Line 293: Line 293:
| http://jscolor.com/
| http://jscolor.com/
| GPL 3
| GPL 3
| 2.3.3
| 2.4.5
| 2.4.5
| 2.4.5
|  
|  
| None
|  
|  
|  
|  
| bug fixes, extended features, performance tweaks
| we have no customisations, hopefull straight forward upgrade
| we have no customisations, hopefull straight forward upgrade
| n/a
|  
|-
|-
| Json editor
| Json editor
Line 306: Line 306:
| https://github.com/json-editor/json-editor
| https://github.com/json-editor/json-editor
| MIT License
| MIT License
| 1.3.0
| 1.3.5
| 2.5.1
| 2.5.4
|  
|  
| Major 2.x
|  
|  
| https://github.com/json-editor/json-editor/blob/2.0.0/CHANGELOG.md
| Investigation needed
|  
|  
| There are a number of changes, not sure how it will affect us
| Investigation needed
| n/a
|-
|-
| jTLine
| jTLine
Line 321: Line 321:
| 1.0
| 1.0
| 1.0
| 1.0
| Not maintained, 2018<br />
|  
|  
|  
|  
|  
|  
| Last updated Aug 2018. Our version is forked from the original
| n/a
| n/a
| Twitter: https://twitter.com/naadydev
| Twitter: https://twitter.com/naadydev
Line 332: Line 332:
| https://github.com/lodash/lodash
| https://github.com/lodash/lodash
| MIT License
| MIT License
| 4.17.15
| style="color:#333333;" | 4.17.15
| 4.17.20
| 4.17.21
|  
|  
| Patch fix<br />
|  
|  
|  
|  
| -
| n/a?? Lodash was brought in with gridstack- gridstack v0.5.0 no longer have it as a requirement, <br />if we upgrade gridstack we can probably let lodash go?
| n/a?? Lodash was brought in with gridstack- gridstack v0.5.0 no longer have it as a requirement, <br />if we upgrade gridstack we can probably let lodash go?
| n/a - after we upgrade gridstack Lodash will be gone
| n/a - after we upgrade gridstack Lodash will be gone
Line 345: Line 345:
| https://github.com/markedjs/marked
| https://github.com/markedjs/marked
| MIT License
| MIT License
| 1.1.1
| 2.0.0
| 2.0.0
| 3.0.0
|  
|  
| Major 3.x<br />- breaking changes<br /><br /><br />Minor 2.1.(1,2,3)<br />
|  
|  
|  
|  
| No security updates
| What we use is a min.js file, so it's hard to diff. Probably small effort to upgrade, but allow for medium due to unknown
| What we use is a min.js file, so it's hard to diff. Probably small effort to upgrade, but allow for medium due to unknown
| n/a
|  
|-
|-
| Masonry
| Masonry
Line 365: Line 365:
| Current as of 2021-02-18. Last updated Jul 2018
| Current as of 2021-02-18. Last updated Jul 2018
| n/a
| n/a
| n/a
|  
|-
|-
| Mobile detect
| Mobile detect
Line 378: Line 378:
| Supported devices have been updated
| Supported devices have been updated
| Updating effort looks small
| Updating effort looks small
| n/a
|  
|-
|-
| Moment.js
| Moment.js
Line 391: Line 391:
| used in conjunction with the bootstrap datetimepicker.
| used in conjunction with the bootstrap datetimepicker.
| 2 releases have come out, looks like bug fixes <br />change log: https://gist.github.com/marwahaha <br /> probably a small upgrade effort
| 2 releases have come out, looks like bug fixes <br />change log: https://gist.github.com/marwahaha <br /> probably a small upgrade effort
| n/a
|  
|-
|-
| Oauth PHP
| Oauth PHP
Line 404: Line 404:
| This package is not maintained and was last updated in 2010
| This package is not maintained and was last updated in 2010
| We should replace with an oauth2 php library https://oauth.net/code/php/ and / or checkout what Moodle do
| We should replace with an oauth2 php library https://oauth.net/code/php/ and / or checkout what Moodle do
| n/a
|  
|-
|-
| PDFjs
| PDFjs
Line 417: Line 417:
| change log:https://github.com/mozilla/pdf.js/releases
| change log:https://github.com/mozilla/pdf.js/releases
| Medium to large upgrade, depending on if structure changes. Investigation needed
| Medium to large upgrade, depending on if structure changes. Investigation needed
| n/a
|  
|-
|-
| PHPMailer
| PHPMailer
Line 430: Line 430:
| Security update as well as compatibility for PHP 8 in latest version.
| Security update as well as compatibility for PHP 8 in latest version.
| In progress <-- is there a patch for this? The latest version is now 6.1.7 (maintenance release)
| In progress <-- is there a patch for this? The latest version is now 6.1.7 (maintenance release)
| n/a
|  
|-
|-
| Popper
| Popper
Line 443: Line 443:
| Very active project with a lot of releases.
| Very active project with a lot of releases.
| Used by Bootstrap. When Bootstrap updates to use popper V2x we will be able to upgrade popper.<br />https://github.com/twbs/bootstrap/pull/31178
| Used by Bootstrap. When Bootstrap updates to use popper V2x we will be able to upgrade popper.<br />https://github.com/twbs/bootstrap/pull/31178
| n/a
|  
|-
|-
| ReCaptcha
| ReCaptcha
Line 451: Line 451:
| 1.2.1
| 1.2.1
| 1.2.4
| 1.2.4
|
|  
|  
|  
|  
| 5.5+
| 5.5+
| Changes are to documentation, not code, so no need to update
| n/a
| n/a
| n/a
|
|-
|-
| Select2
| Select2
Line 469: Line 469:
| Bug fixes and improvements, no major changes or security fixes
| Bug fixes and improvements, no major changes or security fixes
| At least medium effort to upgrade, as there are several changes in Mahara and quite a bit of testing
| At least medium effort to upgrade, as there are several changes in Mahara and quite a bit of testing
| n/a
|  
|-
|-
| simplesamlphp
| simplesamlphp
Line 495: Line 495:
| no changes
| no changes
| n/a
| n/a
| n/a
|  
|-
|-
| System fonts
| System fonts
Line 508: Line 508:
| changes to unicode for fontawesome <br />- https://github.com/FortAwesome/Font-Awesome/blob/master/UPGRADING.md
| changes to unicode for fontawesome <br />- https://github.com/FortAwesome/Font-Awesome/blob/master/UPGRADING.md
| medium effort to upgrade due to needing to check for issues.
| medium effort to upgrade due to needing to check for issues.
| n/a<br />Current at July 2020
|  
|-
|-
| TinyMCE
| TinyMCE
Line 534: Line 534:
| no changes<br />Our version is now forked to keep make it work with Tinymce 5
| no changes<br />Our version is now forked to keep make it work with Tinymce 5
| n/a
| n/a
| n/a
|  
|-
|-
| Video.js
| Video.js

Revision as of 22:33, 19 August 2021

A list of the third party plugins within Mahara.

A helpful way to update this list is to go: 

 find ./htdocs -type f -iname "README.Mahara" -exec grep 'Version' -B1 {} \; -print

on the current codebase.

Note: another thing to keep in sync is the country names we use for 'Country' dropdowns. To check what the current state of play is 

 perl -MLocale::Country -le 'print join("\n", sort map { country2code($_) . " => " . country2code($_, LOCALE_CODE_ALPHA_3) . ", // " . $_ } all_country_names())'

and check the results against htdocs/lib/country.php and htdocs/lang/en.utf8/mahara.php files For any confusion you can also check against https://www.iso.org

Indicating what version they are on in Mahara and what they currently are on at time of publishing 18 Feb 2021.

Current versions marked in Red indicate the plugin needs updating/upgrading.

Name Readme file URL License Current version Latest version Min support Maj|Min Security fix Notes Estimated upgrade time Notifications
ADODB ./htdocs/lib/adodb/ - https://adodb.org/dokuwiki/doku.php
- https://github.com/ADOdb/ADOdb
- https://github.com/ADOdb/ADOdb/blob/v5.21.0/docs/changelog.md
 - BSD 3-Clause
- GNU Lesser General Public Licence 		5.20.20
 5.21.1 5.20.20 Security - 5.21.0 incl.5.21.0-beta.1 - 2020-12-20
- adodb: prevent SQL injection in SelectLimit()
- session: add 'httponly' flag to cookie

Minor
- Deprecation
- mysqli: Deprecate $optionFlags property in favor
of standard setConnectionParameter() method
 Yes - Compatible with all PHP versions ADOB release all news on current releases + important bug fixes on https://twitter.com/ADOdb_announce first.
Bootstrap htdocs/lib/bootstrap/assets/javascripts/
 - https://getbootstrap.com/
- https://github.com/twbs/release 		MIT License 4.6.0 5.1.0 4.x (LTS) - 01 Nov 2022 Major
Bootstrap
Datetimepicker 		./htdocs/js/bootstrap-datetimepicker/ - https://getdatepicker.com/
- https://github.com/tempusdominus/bootstrap-4
 MIT License 4.17.47 5.39.0 Developer has stopped
working on the project.
 None runs using bootstrap and moment.js
Version 4 is not maintained anymore.
There is a version 5 but not finished.
Chart.js ./htdocs/js/chartjs/ http://www.chartjs.org MIT License 2.9.3 3.5.1 2.x - 2.9.4
3.x - 3.0.0 rel Apr 21
 Minor - 2.9.4: bug fixes

Major - 3.0.0 breaking changes
- https://www.chartjs.org/docs/next/getting-started/v3-migration
- https://www.npmjs.com/package/chart.js
- https://www.chartjs.org/docs/next/typedoc/
- https://www.chartjs.org/samples/next/
- https://www.chartjs.org/docs/next/

Minor - 3.0.1 bug fixes
Clipboard js ./htdocs/js/clipboard/ https://clipboardjs.com/ MIT License 2.0.6 2.0.8 Patch fix
Cookie consent ./htdocs/js/cookieconsent/ - https://www.osano.com/cookieconsent
- https://github.com/osano/cookieconsent
 MIT License 3.1.1 3.1.1 New updates are
proprietary. 		None Looks like the opensource version is not maintained - last update two years ago.
The site talks about new versions 2021.6 and 2021.2.3 which are not available. on GitHub.
CSS Tidy ./htdocs/lib/csstidy/ https://github.com/Cerdic/CSSTidy LGPL 1.7.1 1.7.3 Not maintained, 2020 None -
Dragon-drop ./htdocs/js/dragondrop/ https://github.com/schne324/dragon-drop MIT License 3.2.1 3.6.1 Minor - changelog not available. Current as of 2021-02-18
last updated August 2019
Datatables https://datatables.net/
https://datatables.net/download/index
 MIT License 1.10.20 1.10.25 Patch
Dropzone ./htdocs/js/dropzone/ https://github.com/dropzone/dropzone/release


 MIT License 5.7.6 5.9.2 Minor
- switched to yarn
- moved the ./src/options.js previewTemplate in its own
preview-template.html file
- Dropzone triggers custom events on DOM using dropzone:
 Released 2021-02-09
last updated July 2020
Dwoo ./htdocs/lib/dwoo/ http://dwoo.org/, https://github.com/dwoo-project/dwoo GNU Lesser General Public License 1.3.7 1.3.7 Needs replacing.
 None PHP 5.3+ NB: This library is no longer maintained We will soon look at replacing this library
Elastic Search ./htdocs/lib/elasticsearch/ https://github.com/elastic/elasticsearch-php Apache v2.0
LGPL v2.1 		6.1.0 7.11.0 WIP - Gold https://github.com/elastic/elasticsearch-php/blob/master/CHANGELOG.md
Patch in review to upgrade to 7.5, (Bug 1840101: update elasticsearch-php to 7.5)
- currently works with ES server 6.8, but not 7.
Note that our code needs to be upgraded so we can connect to ES server 7.6, which is a separate issue. 		Investigation in process to upgrade our code.
---
Elastic Search PHP 7.8.0 is compatible with Elastic Search 7.8.0 		signed up to mailing list
fancybox3 ./htdocs/js/fancybox/ https://fancyapps.com/fancybox/3/ - discont.
https://fancyapps.com/docs/ui/fancybox - final v4

https://github.com/fancyapps/ui - in BETA stage
https://fancyapps.com/docs/ui/installation
 Creative Commons: CC BY-SA 4.0 license 3.5.6 3.5.7 None - wait until v4 is not in Beta.
 https://fancyapps.com/next/ https://twitter.com/thefancyapps
gridstack ./htdocs/js/gridstack/ https://github.com/gridstack/gridstack.js MIT License 0.6.4 3.3.0 WIP
 A lot of activity in the past few months - looks to be significant structural changes, including removing jquery. Investigation needed, but looks like a large change (Cecilia?)
Change log: https://github.com/gridstack/gridstack.js/blob/develop/doc/CHANGES.md 		questions can be posted in their slack channel
slack channel
HTML Purifier ./htdocs/lib/htmlpurifier/ http://www.htmlpurifier.org/ LGPL v2.1+ 4.13.0 4.13.0 None No releases since June 2020 updates via the 'NEWS' section on github README
https://github.com/ezyang/htmlpurifier/blob/v4.13.0/NEWS
Javascript templates ./htdocs/js/javascript-templates/ https://github.com/blueimp/JavaScript-Templates MIT License 3.19.0 3.19.0 None No releases since Sept 2020 n/a
jQuery ./htdocs/js/jquery/ http://jquery.com/
https://github.com/jquery/jquery
 MIT License 3.5.1 3.6.0 Minor https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/ Twitter: https://twitter.com/jquery
QA: https://forum.jquery.com/
IRC https://irc.jquery.org/Looks like Bug #1840101 has started looking into this.
jQuery mobile ./htdocs/js/jquery/jquery-mobile/ http://jquerymobile.com MIT License 1.5.0-alpha.1 1.5.0-rc1 None released Sept 2018
touch.js last updated June 2016 (https://github.com/jquery/jquery-mobile/blob/master/js/events/touch.js) 		No significant changes QA: https://forum.jquery.com/jquery-mobile/
jQuery UI ./htdocs/js/jquery/jquery-ui/ http://jqueryui.com/ MIT License 1.12.1 1.12.1 None n/a jQuery Accessibility jquery a11y forum
jQuery UI plugin
touch-punch 		./htdocs/js/jquery/jquery-ui/
jquery-ui-touch-punch.min.js 		http://touchpunch.furf.com/
https://github.com/furf/jquery-ui-touch-punch 		MIT or GPL Version 2 licenses 0.2.3 0.2.3 None Doesn't exist anymore.

jquery, jquery-ui
 n/a
JS Color ./htdocs/js/jscolor/README.Mahara http://jscolor.com/ GPL 3 2.4.5 2.4.5 None we have no customisations, hopefull straight forward upgrade
Json editor ./htdocs/js/jsoneditor/README.Mahara https://github.com/json-editor/json-editor MIT License 1.3.5 2.5.4 Major 2.x https://github.com/json-editor/json-editor/blob/2.0.0/CHANGELOG.md Investigation needed
jTLine .htdocs/js/jTLine/README.Mahara https://naadydev.github.io/jTLine/ MIT License 1.0 1.0 Not maintained, 2018
 n/a Twitter: https://twitter.com/naadydev
Lodash ./htdocs/js/lodash/README.Mahara https://github.com/lodash/lodash MIT License 4.17.15 4.17.21 Patch fix
 n/a?? Lodash was brought in with gridstack- gridstack v0.5.0 no longer have it as a requirement,
if we upgrade gridstack we can probably let lodash go? 		n/a - after we upgrade gridstack Lodash will be gone
Marked ./htdocs/js/marked/README.Mahara https://github.com/markedjs/marked MIT License 2.0.0 3.0.0 Major 3.x
- breaking changes


Minor 2.1.(1,2,3)
 What we use is a min.js file, so it's hard to diff. Probably small effort to upgrade, but allow for medium due to unknown
Masonry ./htdocs/js/masonry/README.Mahara https://masonry.desandro.com/ MIT License 4.2.2 4.2.2 Current as of 2021-02-18. Last updated Jul 2018 n/a
Mobile detect ./htdocs/lib/mobile_detect/ http://mobiledetect.net/ MIT License 2.8.34 2.8.36 Supported devices have been updated Updating effort looks small
Moment.js ./htdocs/js/momentjs/ http://momentjs.com/ MIT License 2.24.0 2.29.1 used in conjunction with the bootstrap datetimepicker. 2 releases have come out, looks like bug fixes
change log: https://gist.github.com/marwahaha
probably a small upgrade effort
Oauth PHP ./htdocs/webservice/libs/oauth-php/ http://code.google.com/p/oauth-php/ MIT License 175 175 This package is not maintained and was last updated in 2010 We should replace with an oauth2 php library https://oauth.net/code/php/ and / or checkout what Moodle do
PDFjs ./htdocs/artefact/file/blocktype/pdf/js/pdfjs/ http://mozilla.github.io/pdf.js/getting_started/#download Apache License 2 2.2.228 2.6.347 change log:https://github.com/mozilla/pdf.js/releases Medium to large upgrade, depending on if structure changes. Investigation needed
PHPMailer ./htdocs/lib/phpmailer/ https://github.com/PHPMailer/PHPMailer LGPL 6.1.5 6.2.0 Security update as well as compatibility for PHP 8 in latest version. In progress <-- is there a patch for this? The latest version is now 6.1.7 (maintenance release)
Popper ./htdocs/lib/popper/ https://popper.js.org/ MIT License 1.16.0 2.7.0 Very active project with a lot of releases. Used by Bootstrap. When Bootstrap updates to use popper V2x we will be able to upgrade popper.
https://github.com/twbs/bootstrap/pull/31178
ReCaptcha ./htdocs/lib/recaptcha/ https://github.com/google/recaptcha BSD-3 1.2.1 1.2.4 5.5+ n/a
Select2 ./htdocs/js/select2/ https://select2.org/ MIT License 4.0.9 4.0.13 Bug fixes and improvements, no major changes or security fixes At least medium effort to upgrade, as there are several changes in Mahara and quite a bit of testing
simplesamlphp /htdocs/auth/saml/extlib/simplesamlphp/ https://github.com/simplesamlphp/simplesamlphp GPL 2.1 1.18.7 1.18.8 We have joined the mailing list
https://simplesamlphp.org/lists
Skin fonts /htdocs/lib/fonts/README.Mahara - http://www.fontsquirrel.com/fonts/Aurulent-Sans
- http://www.fontsquirrel.com/fonts/DejaVu-Sans
- http://scripts.sil.org/cms/scripts/page.php?item_id=CharisSIL
- http://sourceforge.net/projects/gs-fonts/ 		Multiple licenses - n/a
- 2.29
- 5.000
- 8.11 		no changes n/a
System fonts - ./htdocs/theme/raw/fonts/
- ./htdocs/theme/raw/sass/lib/font-awesome/ 		- http://fontawesome.io
- https://www.google.com/fonts/specimen/Open+Sans
- https://www.google.com/fonts/specimen/Roboto+Slab 		- http://fontawesome.io/license
- MIT License
- Apache License version 2.0 		- 5.8.1
- 1
- 1
- 1.9 		- 5.14.0
- 1
- 1
- 1.9 		changes to unicode for fontawesome
- https://github.com/FortAwesome/Font-Awesome/blob/master/UPGRADING.md 		medium effort to upgrade due to needing to check for issues.
TinyMCE ./htdocs/js/tinymce/README.Mahara https://www.tiny.cloud/ LGPL 5.0.13 5.7.0 A number of bug fixes and improvements
https://www.tiny.cloud/docs/changelog/
Test on mobile when updating 		probably only worth updating if we are affected by any of the bugs they are fixing.
Need to investigate that and how long it would take. 		Blog: https://www.tiny.cloud/blog/category/news-and-updates/
TinyMCE - Mathslate ./htdocs/js/tinymce/plugins/mathslate/ https://github.com/dthies/tinymce4-mathslate GPL 3 1.1 1.1 no changes
Our version is now forked to keep make it work with Tinymce 5 		n/a
Video.js ./htdocs/artefact/file/blocktype/internalmedia/
videojs/ 		http://videojs.com/ Apache License 2.0 7.6.5 7.11.4 Some bug fixes. Looks mostly minor changes
https://github.com/videojs/video.js/releases 		Needs investigation. Probably small to medium we have signed up to their mailing list
zxcvbn ./htdocs/js/zxcvbn/ https://github.com/dropbox/zxcvbn MIT License 4.4.2 4.4.2 Current as of 2021-02-18
Last updated Feb 2017 		Should we change to a maintained library, eg https://github.com/bjeavons/zxcvCurrent at July 2020bn-php?
Yes we should but is that one just a port of the js version or is it an updated / more robust system?
composer.json https://git.mahara.org/mahara/mahara/
-/blob/master/external/composer.json 		There is a list of libraries that Mahara uses sitting in this file which also need updating too
Retrieved from ‘https://wiki.mahara.org/index.php?title=Developer_Area/Plugins/Third_party&oldid=12246