Actions

Developer Area/Plugins/Third party: Difference between revisions

From Mahara Wiki

< Developer Area‎ | Plugins
No edit summary
No edit summary
 
(179 intermediate revisions by 4 users not shown)
Line 1: Line 1:
A list of the third party plugins within Mahara.
A list of the third-party plugins within Mahara.


A helpful way to update this list is to go:
=== Composer commands ===
   find ./htdocs -type f -iname "README.Mahara" -exec grep 'Version' -B1 {} \; -print
For available versions, e.g.  <code>composer show phpro/grumphp-shim 1.14.* --all</code>
on the current codebase.
 
For our composer dependencies:  <code>composer show  --tree</code>
 
For checking the dependencies of a library version, e.g. <code>composer show elasticsearch/elasticsearch 7.17.* --tree</code>
 
Check if there are any outdated libraries (according to the [[SemVer Info|version syntax]] in <code>composer.json</code>)  <code>composer outdated</code>
 
=== Checking the <code>.Mahara</code> files ===
To check the versions in the <code>.Mahara</code> files, a helpful way to update this list is to go:
   <code>find ./htdocs -type f -iname "README.Mahara" -exec grep 'Version' -B1 {} \; -print</code>
... on the current codebase.
 
=== Syncing the list in 'Country' dropdowns ===
To keep in sync is the country names we use for 'Country' dropdowns. To check what the current state of play is
<code>perl -MLocale::Country -le 'print join("\n", sort map { country2code($_) . " => " . country2code($_, LOCALE_CODE_ALPHA_3) . ", // " . $_ } all_country_names())'</code>
and check the results against <code>htdocs/lib/country.php</code> and <code>htdocs/lang/en.utf8/mahara.php</code> files


Note: another thing to keep in sync is the country names we use for 'Country' dropdowns. To check what the current state of play is
  perl -MLocale::Country -le 'print join("\n", sort map { country2code($_) . " => " . country2code($_, LOCALE_CODE_ALPHA_3) . ", // " . $_ } all_country_names())'
and check the results against htdocs/lib/country.php and htdocs/lang/en.utf8/mahara.php files
For any confusion you can also check against https://www.iso.org
For any confusion you can also check against https://www.iso.org


Indicating what version they are on in Mahara and what they currently are on at time of publishing 18 Feb 2021.
== Third-party libraries (PHP and JS) ==
 
=== Legend ===
*'''Mahara version''' = the <code>README.Mahara</code> file for the library | [https://nodejs.dev/learn/semantic-versioning-using-npm SemVer Info] - explaining the symbols in the Mahara version column
*'''Latest version''' = the most recent available version
*'''Update type''' = what upgrades are available for this plugin, i.e. major, minor, patch, or security?
*'''Support''' = Is there a community supporting this library? When was the last release year if not in active support
**Active: There is ongoing work being put into the library
**Inactive: Maintained but not actively making releases
**Archived: Not being maintained
**Deprecated (officially): All maintainers have left, and site may not exist in extreme cases.
*'''License''' = software license for the library
*'''Notes''' = extra information, e.g. resources, notes, and new
*'''Composer''' = check if the library is managed by Composer
*'''NPM''' = check if the library is managed by NPM
'''PHP versions in support''' https://www.php.net/supported-versions.php<nowiki/>⁣ – 14 LTS - Ends security support in 30 Apr 2023, go to 16 LTS soon
 
💡 A new idea is being proposed to better handle customisations on updating third party libraries lives here → https://reviews.mahara.org/c/mahara/+/13780


Current versions marked in <span style="color:red">Red</span> indicate the plugin needs updating/upgrading.
=== PHP libraries (excluding external) ===
https://eusonlito.github.io/php-changes-cheatsheet/deprecated.html


{| class="wikitable"  
Libraries are managed by Composer. See <code>composer.json</code>
|- style="font-weight:bold;"
 
! Name
Run <code>composer show</code> to get a quick summary of library versions managed by Composer.
! Readme file
 
! URL
Run <code>composer outdated</code> to get a list of outdated libraries.
! License
 
! Current version
🟡 Libraries yet to be moved to Composer: SimpleSAMLPHP - currently lives in <code>htdocs/auth/saml/extlib</code> and the version is managed in Makefile by curl.
! Latest version
{| class="wikitable sortable" style="vertical-align:middle;"
! Min support
|- style="font-weight:bold; text-align:center;"
! Upgrade type: Sec|Maj|Min
!'''Name'''
! Security fix
!'''Mahara <br />version'''
! Notes
!'''Update type'''
! style="font-weight:normal;" | Estimated upgrade time
!'''Support'''
! style="font-weight:normal;" | Notifications
!'''License'''
!'''URL/Notes'''
!'''Composer'''
|-
|-
| ADODB
| style="font-weight:bold;" |'''ADODB'''
| ./htdocs/lib/adodb/
|5.22.6
| - https://adodb.org/dokuwiki/doku.php<br />- https://github.com/ADOdb/ADOdb<br />- https://github.com/ADOdb/ADOdb/blob/v5.21.0/docs/changelog.md<br />
|Up to date
| - BSD 3-Clause<br />- GNU Lesser General Public Licence
|Active
| 5.20.20<br />
|BSD 3-Clause<br />LGPL
| style="color:#000000;" | 5.21.1
|[https://adodb.org/dokuwiki/doku.php Official site]<nowiki> | </nowiki>[https://github.com/ADOdb/ADOdb GitHub]<nowiki> |  </nowiki>[https://twitter.com/ADOdb_announce Twitter]<br />Wish-list: [https://bugs.launchpad.net/mahara/+bug/1945264 extract $SESSION]
| 5.20.20
|
| Security - 5.21.0 incl.5.21.0-beta.1 - 2020-12-20<br />- adodb: prevent SQL injection in SelectLimit()<br />- session: add 'httponly' flag to cookie<br /><br />Minor<br />- Deprecation<br />  - mysqli: Deprecate $optionFlags property in favor<br />    of standard setConnectionParameter() method<br />
| Yes
| - Compatible with all PHP versions
|
| ADOB release all news on current releases + important bug fixes on https://twitter.com/ADOdb_announce first.
|-
|-
| Bootstrap
| style="font-weight:bold;" |'''CSS Tidy'''
| htdocs/lib/bootstrap/assets/javascripts/<br />
|2.1.0
| - https://getbootstrap.com/<br />- https://github.com/twbs/release
|Up to date
| MIT License
|Active
| 4.6.0
|LGPL
| 5.1.0
|[https://github.com/Cerdic/CSSTidy GitHub]
| 4.x (LTS) - 01 Nov 2022
|
| Major
|  
|  
|  
| <br />
|-
|-
| Bootstrap <br />Datetimepicker
| style="font-weight:bold;" |'''Elasticsearch PHP'''
| ./htdocs/js/bootstrap-datetimepicker/
| style="color:#333;" |7.17.2
| - https://getdatepicker.com/<br />- https://github.com/tempusdominus/bootstrap-4<br />
|Major, 8.10.0
| MIT License
|Active
| 4.17.47
|Apache v2.0  LGPL v2.1
| 5.39.0
|[https://github.com/elastic/elasticsearch-php GitHub]<nowiki> | </nowiki>[https://github.com/elastic/elasticsearch-php/blob/master/CHANGELOG.md Changelog]
| Developer has stopped<br />working on the project.<br />
Move to OpenSearch
| None
 
|
|
| runs using bootstrap and moment.js  <br />Version 4 is not maintained anymore.<br />There is a version 5 but not finished.<br /><br />
|
|  
|-
|-
| Chart.js
| style="font-weight:bold;" |'''HTML Purifier'''
| ./htdocs/js/chartjs/
|4.16.0
| http://www.chartjs.org
|Up to date
| MIT License
|2022
| 2.9.3
|LGPL v2.1+
| 3.5.1
|[http://www.htmlpurifier.org/ HTML Purifier]<nowiki> | </nowiki>[https://github.com/ezyang/htmlpurifier/ GitHub]
| 2.x - 2.9.4<br />3.x - 3.0.0 rel Apr 21<br />
|
| Minor - 2.9.4: bug fixes<br /><br />Major - 3.0.0 breaking changes<br />- https://www.chartjs.org/docs/next/getting-started/v3-migration<br />- https://www.npmjs.com/package/chart.js  <br />- https://www.chartjs.org/docs/next/typedoc/<br />- https://www.chartjs.org/samples/next/ <br />- https://www.chartjs.org/docs/next/<br /><br />Minor - 3.0.1 bug fixes
|
|
|
|  
|-
|-
| Clipboard js
| style="font-weight:bold;" |'''PHPMailer'''
| ./htdocs/js/clipboard/
|6.8.1
| https://clipboardjs.com/
|Up to date
| MIT License
|Active
| 2.0.6
|LGPL
| 2.0.8
|[https://github.com/PHPMailer/PHPMailer GitHub]
|  
|
| Patch fix
|
|  
|  
|  
|-
|-
| Cookie consent
| style="font-weight:bold;" |'''ReCaptcha'''
| ./htdocs/js/cookieconsent/
|1.2.4
| - https://www.osano.com/cookieconsent<br />- https://github.com/osano/cookieconsent<br />
|Minor, 1.3.0
| MIT License
|Active
| 3.1.1
|BSD-3
| 3.1.1
|[https://github.com/google/recaptcha GitHub]
| New updates are<br />proprietary.
|
| None
|  
| Looks like the opensource version is not maintained - last update two years ago.<br />The site talks about new versions 2021.6 and 2021.2.3 which are not available. on GitHub.<br />
|
|  
|-
|-
| CSS Tidy
| style="font-weight:bold;" |'''simplesamlphp'''
| ./htdocs/lib/csstidy/
|2.0.4
| https://github.com/Cerdic/CSSTidy
|Minor, 2.0.6
| LGPL
|Active
| 1.7.1
|GPL 2.1
| 1.7.3
|[https://github.com/simplesamlphp/simplesamlphp GitHub]
| Not maintained, 2020
Optional library - called in Makefile
| None
|
| -
|}
|
 
|
=== JavaScript and jQuery libraries ===
|
🟡 '''Check that our Node version is still in support''' https://endoflife.date/nodejs  node| https://nodejs.org/en/download/releases/ ➡ Update the <code>.nvmrc</code> file with the supported version.
 
Run <code>npm list</code> to get a quick list of the versions and libraries managed by NPM
 
Goal: to move libraries to be managed by NPM
 
==== NPM-managed JS libraries ====
{| class="wikitable sortable" style="vertical-align:middle;"
|- style="font-weight:bold; text-align:center;"
!'''Name'''
!'''Mahara <br />version'''
!'''Update type'''
!'''Support'''
!'''License'''
!'''Notes'''
|-
|-
| Dragon-drop
| style="font-weight:bold;" |'''yargs'''
| ./htdocs/js/dragondrop/
|5.0.2
| https://github.com/schne324/dragon-drop
|Minor, 5.3.2
| MIT License
|Active
| 3.2.1
|MIT
| 3.6.1
|
|  
| Minor - changelog not available.
|
| Current as of 2021-02-18 <br /> last updated August 2019
|
|  
|-
|-
| Datatables
| style="font-weight:bold;" |'''Chart.js'''
|  
|3.9.1
| https://datatables.net/<br />https://datatables.net/download/index<br />
|Major, 4.4.0
| MIT License
|Active
| 1.10.20
|MIT
| 1.10.25
|[https://www.chartjs.org/docs/latest/migration/v4-migration.html Migration to v4]
|
| Patch
|
|  
|  
|  
|-
|-
| Dropzone
| style="font-weight:bold;" |'''Clipboard js'''
| ./htdocs/js/dropzone/
|2.0.11
| https://github.com/dropzone/dropzone/release<br /><br /><br />
|Up to date
| MIT License
|Active
| 5.7.6
|MIT
| 5.9.2
|version # is tagged
|  
| Minor<br />- switched to yarn<br />- moved the ./src/options.js previewTemplate in its own<br />  preview-template.html file<br />- Dropzone triggers custom events on DOM using dropzone:<br />
|  
| Released 2021-02-09 <br /> last updated July 2020
|
|  
|-
|-
| Dwoo
| style="font-weight:bold;" |'''Dragon-drop'''
| ./htdocs/lib/dwoo/
|3.6.1
| http://dwoo.org/,  https://github.com/dwoo-project/dwoo
|Up to date
| GNU Lesser General Public License
|2020
| 1.3.7
|MIT
| 1.3.7
|
| Needs replacing.<br />
| None
|  
| PHP 5.3+
| NB: This library is no longer maintained
| We will soon look at replacing this library
|-
|-
| Elastic Search
| style="font-weight:bold;" |'''Dropzone'''
| ./htdocs/lib/elasticsearch/
|5.9.3
| https://github.com/elastic/elasticsearch-php
|Patch, 5.9.3
| Apache v2.0 <br />LGPL v2.1
|2021
| 6.1.0
|MIT
| 7.11.0
|
|
| WIP - Gold
|
| https://github.com/elastic/elasticsearch-php/blob/master/CHANGELOG.md <br /> Patch in review to upgrade to 7.5, (Bug 1840101: update elasticsearch-php to 7.5) <br />  -  currently works with ES server 6.8, but not 7.<br />Note that our code needs to be upgraded so we can connect to ES server 7.6, which is a separate issue.
| Investigation in process to upgrade our code.<br />---<br /> Elastic Search PHP 7.8.0 is compatible with Elastic Search 7.8.0
| signed up to mailing list
|-
|-
| fancybox3
| style="font-weight:bold;" |'''jQuery'''
| ./htdocs/js/fancybox/
|3.7.1
| https://fancyapps.com/fancybox/3/ - discont.<br />https://fancyapps.com/docs/ui/fancybox - final v4<br /><br />https://github.com/fancyapps/ui - in BETA stage<br />https://fancyapps.com/docs/ui/installation<br />
|Up to date
| Creative Commons: CC BY-SA 4.0 license
|Active
| 3.5.6
|MIT
| 3.5.7
|[https://forum.jquery.com/ Forum]
|  
| None - wait until v4 is not in Beta.<br />
|
|  
| https://fancyapps.com/next/
| https://twitter.com/thefancyapps
|-
|-
| gridstack
| style="font-weight:bold;" |'''jQuery UI'''
| ./htdocs/js/gridstack/
|1.13.2
| https://github.com/gridstack/gridstack.js
|Up to date
| MIT License
|Active
| 0.6.4
|MIT
| 3.3.0
|
|  
| WIP<br />
|
| A lot of activity in the past few months - looks to be significant structural changes, including removing jquery.
| Investigation needed, but looks like a large change (Cecilia?) <br />Change log: https://github.com/gridstack/gridstack.js/blob/develop/doc/CHANGES.md
| questions can be posted in their slack channel <br />[https://join.slack.com/t/gridstackjs/shared_invite/enQtODE1NzkxMTUzNTIzLTA1NTEzZGE2NzliMGY5M2IwN2UzNWUzYmY2YTA0OTFlMTlmMDA3MTg3MGViZTRhZjM0N2QyODMyMjc1NzY4ZWQ slack channel]
|-
|-
| HTML Purifier
| style="font-weight:bold;" |'''JS Color'''
| ./htdocs/lib/htmlpurifier/
|2.5.1
| http://www.htmlpurifier.org/
|Up to date
| LGPL v2.1+
|Inactive,2022
| 4.13.0
|GPL 3
| 4.13.0
|
|
| None
|  
| No releases since June 2020
|  
| updates via the 'NEWS' section on github README <br />https://github.com/ezyang/htmlpurifier/blob/v4.13.0/NEWS
|-
|-
| Javascript templates
| style="font-weight:bold;" |'''Marked'''
| ./htdocs/js/javascript-templates/
|4.3.0
| https://github.com/blueimp/JavaScript-Templates
|Minor, 4.3.0
| MIT License
Major 9.1.0
| 3.19.0
|Active
| 3.19.0
|MIT
|  
|
| None
|
| No releases since Sept 2020
| n/a
|  
|-
|-
| jQuery
| style="font-weight:bold;" |'''Moment.js'''
| ./htdocs/js/jquery/
|2.29.4
| http://jquery.com/<br />https://github.com/jquery/jquery<br />
|Up to date
| MIT License
|Active
| 3.5.1
|MIT
| 3.6.0
|[http://momentjs.com/ Moment JS] 🆕 [https://moment.github.io/luxon/#/ Luxon GitHub]
|  
| Minor
|  
| https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/
|
| Twitter: https://twitter.com/jquery <br /> QA: https://forum.jquery.com/<br /> IRC https://irc.jquery.org/Looks like Bug #1840101 has started looking into this.
|-
|-
| jQuery mobile
| style="font-weight:bold;" |'''Popper'''
| ./htdocs/js/jquery/jquery-mobile/
|2.11.8
| http://jquerymobile.com
|Up to date
| MIT License
|Active
| 1.5.0-alpha.1
|MIT
| 1.5.0-rc1
|[https://github.com/twbs/bootstrap/issues/31451 GitHub issue]<nowiki> | </nowiki>[https://dev.to/fezvrasta/smarter-tooltips-and&#x20;-popovers-with-popper-2-44bh tooltips]
|  
'''Floating UI'''
| None
|
| released Sept 2018<br />touch.js last updated June 2016 (https://github.com/jquery/jquery-mobile/blob/master/js/events/touch.js)
| No significant changes
| QA: https://forum.jquery.com/jquery-mobile/
|-
|-
| jQuery UI
| style="font-weight:bold;" |'''Fontawesome'''
| ./htdocs/js/jquery/jquery-ui/
|6.4.2
| http://jqueryui.com/
|Up to date
| MIT License
|Active
| 1.12.1
|SIL OFL 1.1
| 1.12.1
|[https://fontawesome.com/docs/web/setup/upgrade/ Upgrade steps]<nowiki> | </nowiki>[https://fontawesome.com/docs/changelog/ Changelog]
|  
| None
|
|
| n/a
| jQuery Accessibility [https://groups.google.com/forum/#!forum/jquery-a11y jquery a11y forum] <br />
|-
|-
| jQuery UI plugin <br />touch-punch
| style="font-weight:bold;" |'''TinyMCE'''
| ./htdocs/js/jquery/jquery-ui/<br />jquery-ui-touch-punch.min.js
|5.10.7
| http://touchpunch.furf.com/<br />https://github.com/furf/jquery-ui-touch-punch
|Major, 6.7.0
| MIT or GPL Version 2 licenses
|Active
| 0.2.3
|LGPL 2.1
| 0.2.3
|[https://www.tiny.cloud/get-tiny/self-hosted Downloads]<nowiki> | </nowiki>[https://www.tiny.cloud/docs/changelog/ Changelog]
|
📲 Test mobile
| None
|
| Doesn't exist anymore.<br /><br />jquery, jquery-ui<br />
| n/a
|
|-
|-
| JS Color
| style="font-weight:bold;" |'''Video.js'''
| ./htdocs/js/jscolor/README.Mahara
|7.21.5
| http://jscolor.com/
|Major, 8.5.2
| GPL 3
|Active
| 2.4.5
|Apache License 2.0
| 2.4.5
|[http://videojs.com/ Video JS]
|
|}
| None
 
|
==== Manually managed JS libraries ====
|
{| class="wikitable sortable" style="vertical-align:middle;"
| we have no customisations, hopefull straight forward upgrade
|- style="font-weight:bold; text-align:center;"
|
!'''Name'''
!'''Mahara <br />version'''
!'''Update type'''
!'''Support'''
!'''Location<br />'''<code><small>(./htdocs/...)</small></code>
!'''License'''
!'''Notes'''
!'''NPM'''
|-
|-
| Json editor
| style="font-weight:bold;" |'''Date time'''
| ./htdocs/js/jsoneditor/README.Mahara
'''picker'''
| https://github.com/json-editor/json-editor
|4.17.47
| MIT License
|Major 6.17.16
| 1.3.5
|Active - v6
| 2.5.4
|<small>.../js/bootstrap-datetimepicker/</small>
|  
|MIT
| Major 2.x
|[https://getdatepicker.com/6/change-log.html Changelog]
|  
 
| https://github.com/json-editor/json-editor/blob/2.0.0/CHANGELOG.md
Latest release: rewrite (beta)
| Investigation needed
|
|  
|-
|-
| jTLine
| style="font-weight:bold;" |'''Datatables'''
| .htdocs/js/jTLine/README.Mahara
|1.11.4
| https://naadydev.github.io/jTLine/
|Minor
| MIT License
|Active
| 1.0
|<small>.../js/DataTables/</small>
| 1.0
|MIT
| Not maintained, 2018<br />
|[https://datatables.net/download/index Download]
|  
[https://cdn.datatables.net/ Release notes CDN]
|  
|❌ Need to use web builder
|
| n/a
| Twitter: https://twitter.com/naadydev
|-
|-
| Lodash
| style="font-weight:bold;" |'''Gridstack'''
| ./htdocs/js/lodash/README.Mahara
|4.4.1
| https://github.com/lodash/lodash
|Major
| MIT License
|Active
| style="color:#333333;" | 4.17.15
|<small>.../js/gridstack/</small>
| 4.17.21
|MIT
|  
|[Demos](<nowiki>https://gridstackjs.com/demo/</nowiki>)
| Patch fix<br />
 
|
 
|
https://github.com/gridstack/gridstack.js/tree/master/doc
| n/a?? Lodash was brought in with gridstack- gridstack v0.5.0 no longer have it as a requirement, <br />if we upgrade gridstack we can probably let lodash go?
|🚧
| n/a - after we upgrade gridstack Lodash will be gone
|-
|-
| Marked
| style="font-weight:bold;" |'''Json editor'''
| ./htdocs/js/marked/README.Mahara
|2.6.1
| https://github.com/markedjs/marked
|Minor
| MIT License
|Active
| 2.0.0
|<small>.../js/jsoneditor/</small>
| 3.0.0
|MIT
|  
|[https://github.com/json-editor/json-editor/blob/master/CHANGELOG.md Changelog]
| Major 3.x<br />- breaking changes<br /><br /><br />Minor 2.1.(1,2,3)<br />
|🚧
|  
|  
| What we use is a min.js file, so it's hard to diff. Probably small effort to upgrade, but allow for medium due to unknown
|  
|-
|-
| Masonry
| style="font-weight:bold;" |'''PDFjs'''
| ./htdocs/js/masonry/README.Mahara
|3.10.111
| https://masonry.desandro.com/
|Minor 🚧
| MIT License
|Active
| 4.2.2
|<small>.../artefact/file/blocktype/pdf/js/pdfjs/</small>
| 4.2.2
|Apache License 2
|
|[http://mozilla.github.io/pdf.js/getting_started/#download Getting started]
|
The Firefox dist version different to NPM package
|  
|
| Current as of 2021-02-18. Last updated Jul 2018
|}
| n/a
 
|
=== Forked/stale/deprecated libraries ===
{| class="wikitable sortable mw-collapsible mw-collapsed" style="vertical-align:middle;"
|- style="font-weight:bold; text-align:center;"
!'''Name'''
!'''Mahara <br />version'''
!'''Latest<br />version'''
!'''Support'''
!'''Location<br />'''<code><small>(./htdocs/...)</small></code>
!'''License'''
!'''URL'''
!'''Next action'''
|-
|-
| Mobile detect
| style="font-weight:bold;" |'''Dwoo'''
| ./htdocs/lib/mobile_detect/
|1.3.7
| http://mobiledetect.net/
|1.3.7
| MIT License
|'''Archived, 2020'''
| 2.8.34
|<small>.../lib/dwoo/</small>
| 2.8.36
|LGPL
|  
|[http://dwoo.org/ Dead site?]
|  
[https://github.com/dwoo-project/dwoo GitHub]
|  
|
| Supported devices have been updated
| Updating effort looks small
|  
|-
|-
| Moment.js
| style="font-weight:bold;" |'''Javascript <br />templates'''
| ./htdocs/js/momentjs/
|3.20.0
| http://momentjs.com/
|3.20.0
| MIT License
|'''Archived, 2021'''
| 2.24.0
|<small>.../js/javascript-templates/</small>
| 2.29.1
|MIT
|  
|[https://github.com/blueimp/JavaScript-Templates GitHub]
|  
|
|  
| used in conjunction with the bootstrap datetimepicker.
| 2 releases have come out, looks like bug fixes <br />change log: https://gist.github.com/marwahaha <br /> probably a small upgrade effort
|  
|-
|-
| Oauth PHP
| style="font-weight:bold;" |'''jQuery mobile'''
| ./htdocs/webservice/libs/oauth-php/
|1.5.0-alpha.1
| http://code.google.com/p/oauth-php/
|1.5.0-rc1
| MIT License
|'''Deprecated'''
| 175
|<small>.../js/jquery/jquery-mobile/</small>
| 175
|MIT
|
|[http://jquerymobile.com Website] <br /><small>🚨 ''"transition(ed) ...''</small> <small>''under the jQuery project umbrella, jQuery UI"''</small>
|
|Remove and test
|
| This package is not maintained and was last updated in 2010
| We should replace with an oauth2 php library https://oauth.net/code/php/ and / or checkout what Moodle do
|  
|-
|-
| PDFjs
| style="font-weight:bold;" |'''jQuery UI plugin <br />touch-punch'''
| ./htdocs/artefact/file/blocktype/pdf/js/pdfjs/
|0.2.3
| http://mozilla.github.io/pdf.js/getting_started/#download
|0.2.3
| Apache License 2
|'''Deprecated'''
| 2.2.228
|<small>.../js/jquery/jquery-ui/<br />jquery-ui-touch-punch.min.js</small>
| 2.6.347
|MIT or GPL <br />Version 2
|
|[https://github.com/furf/jquery-ui-touch-punch GitHub]
|
 
|
<small>🚨 external to JQuery UI</small>
| change log:https://github.com/mozilla/pdf.js/releases
|[https://github.com/RWAP/jquery-ui-touch-punch Use a fork?]
| Medium to large upgrade, depending on if structure changes. Investigation needed
|
|-
|-
| PHPMailer
| style="font-weight:bold;" |'''jTLine'''
| ./htdocs/lib/phpmailer/
|1.0
| https://github.com/PHPMailer/PHPMailer
|1.0
| LGPL
|'''Inactive, 2018'''
| 6.1.5
|<small>.../js/jTLine/</small>
| 6.2.0
|MIT
|
|[https://naadydev.github.io/jTLine/ GitHub]
|
[https://twitter.com/naadydev Twitter]
|
 
| Security update as well as compatibility for PHP 8 in latest version.
[https://codyhouse.co/gem/horizontal-timeline Ref]
| In progress <-- is there a patch for this? The latest version is now 6.1.7 (maintenance release)
|
|  
|-
|-
| Popper
| style="font-weight:bold;" |'''Masonry'''
| ./htdocs/lib/popper/
|4.2.2
| https://popper.js.org/
|4.2.2
| MIT License
|'''Inactive, 2018'''
| 1.16.0
|<small>.../js/masonry/</small>
| 2.7.0
|MIT
|  
|[https://masonry.desandro.com/ Masonry]
|  
[https://github.com/desandro/masonry GitHub]
|
|
| Very active project with a lot of releases.
| Used by Bootstrap. When Bootstrap updates to use popper V2x we will be able to upgrade popper.<br />https://github.com/twbs/bootstrap/pull/31178
|  
|-
|-
| ReCaptcha
| style="font-weight:bold;" |'''TinyMCE<br />Mathslate'''
| ./htdocs/lib/recaptcha/
|1.1
| https://github.com/google/recaptcha
|1.1
| BSD-3
|'''Forked, 2015'''
| 1.2.1
|<small>.../js/tinymce/plugins/mathslate/</small>
| 1.2.4
|GPL 3
|  
|<small>Our version is [[GitHub|forked]].<br />to work with Tinymce 5</small>
|  
|
|  
| 5.5+
| n/a
|  
|-
|-
| Select2
| style="font-weight:bold;" |'''Oauth PHP'''
| ./htdocs/js/select2/
|175
| https://select2.org/
|175
| MIT License
|'''Archived, 2010'''
| 4.0.9
|<small>.../webservice/libs/oauth-php/</small>
| 4.0.13
|MIT
|
|[https://code.google.com/archive/p/oauth-php/ Code]
|
|<small>Replace with an</small> <small>[https://oauth.net/code/php oauth2 php library] see what Moodle does (old comment)</small>
|
| Bug fixes and improvements, no major changes or security fixes
| At least medium effort to upgrade, as there are several changes in Mahara and quite a bit of testing
|
|-
|-
| simplesamlphp
| style="font-weight:bold;" |'''zxcvbn'''
| /htdocs/auth/saml/extlib/simplesamlphp/
|4.4.2
| https://github.com/simplesamlphp/simplesamlphp
|4.4.2
| GPL 2.1
|'''Inactive, 2017'''
| 1.18.7
|<small>.../js/zxcvbn/</small>
| 1.18.8
|MIT
|  
|[https://github.com/dropbox/zxcvbn GitHub]
|  
|
|  
|  
|
| We have joined the mailing list<br />https://simplesamlphp.org/lists
|-
|-
| Skin fonts
|'''Cookie consent'''
| /htdocs/lib/fonts/README.Mahara
|3.1.1
| - http://www.fontsquirrel.com/fonts/Aurulent-Sans<br />- http://www.fontsquirrel.com/fonts/DejaVu-Sans<br />- http://scripts.sil.org/cms/scripts/page.php?item_id=CharisSIL<br />- http://sourceforge.net/projects/gs-fonts/
|4.0
| Multiple licenses
|'''No open source updates'''
| - n/a<br />- 2.29<br />- 5.000<br />- 8.11
|<small>.../js/cookieconsent/</small>
|
|MIT
|
|[https://www.osano.com/cookieconsent Download] [https://github.com/osano/cookieconsent GitHub]
|
 
|
<small>Open source version is not updated. 🚨</small>
| no changes
|
| n/a
|  
|-
|-
| System fonts
|'''Select2'''
| - ./htdocs/theme/raw/fonts/<br />- ./htdocs/theme/raw/sass/lib/font-awesome/
|4.0.13
| - http://fontawesome.io<br />- https://www.google.com/fonts/specimen/Open+Sans<br />- https://www.google.com/fonts/specimen/Roboto+Slab
|4.0.13
| - http://fontawesome.io/license<br />- MIT License<br />- Apache License version 2.0
|'''Inactive, 2020'''
| - 5.8.1<br />- 1<br />- 1<br />- 1.9
|<small>.../js/select2/</small>
| - 5.14.0<br />- 1<br />- 1<br />- 1.9
|MIT
|
|[https://select2.org/ Select2]<nowiki> | </nowiki>[https://github.com/select2/select2/releases Releases]
|
RC 4.1
|
|
| changes to unicode for fontawesome <br />- https://github.com/FortAwesome/Font-Awesome/blob/master/UPGRADING.md
|}
| medium effort to upgrade due to needing to check for issues.
 
|
=== Fonts ===
{| class="wikitable sortable" style="vertical-align:middle;"
!'''Name'''
!'''Mahara <br />version'''
!'''Latest<br />version'''
!'''Status'''
!'''README location<br />'''<code>(./htdocs/...)</code>
!'''License'''
!'''URL/Notes'''
|-
|-
| TinyMCE
| style="font-weight:bold;" |'''Aurulent Sans <br />(font)'''
| ./htdocs/js/tinymce/README.Mahara
|2007.05.04
| https://www.tiny.cloud/
|2007.05.04
| LGPL
|n/a
| 5.0.13
|<small>.../lib/fonts/</small>
| 5.7.0
|SIL OFL v1.10
|
|[https://www.fontsquirrel.com/fonts/aurulent-sans Font Squirrel Aurulent Sans]
|
|  
| A number of bug fixes and improvements<br />https://www.tiny.cloud/docs/changelog/<br />Test on mobile when updating
| probably only worth updating if we are affected by any of the bugs they are fixing. <br />Need to investigate that and how long it would take.
| Blog: https://www.tiny.cloud/blog/category/news-and-updates/
|-
|-
| TinyMCE - Mathslate
| style="font-weight:bold;" |'''Deja Vu Sans <br />(font)'''
| ./htdocs/js/tinymce/plugins/mathslate/
|2.37
| https://github.com/dthies/tinymce4-mathslate
|2.37
| GPL 3
|n/a
| 1.1
|<small>.../lib/fonts/</small>
| 1.1
|DejaVu Fonts
|
|[http://www.fontsquirrel.com/fonts/DejaVu-Sans Font Squirrel Deja Vu Sans]
|
|
| no changes<br />Our version is now forked to keep make it work with Tinymce 5
| n/a
|  
|-
|-
| Video.js
| style="font-weight:bold;" |'''Open Sans <br />(font)'''
| ./htdocs/artefact/file/blocktype/internalmedia/<br />videojs/
|1.10
| http://videojs.com/
|1.10
| Apache License 2.0
|Unknown
| 7.6.5
|<small>.../theme/raw/fonts/</small>
| 7.11.4
|Apache License
|
|[https://www.google.com/fonts/specimen/Open+Sans Google Fonts Open Sans]
|
|  
| Some bug fixes. Looks mostly minor changes<br />https://github.com/videojs/video.js/releases
| Needs investigation. Probably small to medium
| we have signed up to their mailing list
|-
|-
| zxcvbn
| style="font-weight:bold;" |'''Roboto Slab <br />(font)'''
| ./htdocs/js/zxcvbn/
|1.100263
| https://github.com/dropbox/zxcvbn
|1.100263
| MIT License
|Unknown
| 4.4.2
|<small>.../theme/raw/fonts/</small>
| 4.4.2
|MIT
|
|[https://www.google.com/fonts/specimen/Roboto+Slab Google Fonts Roboto]
|
|
| Current as of 2021-02-18<br />Last updated Feb 2017
| Should we change to a maintained library, eg https://github.com/bjeavons/zxcvCurrent at July 2020bn-php? <br />Yes we should but is that one just a port of the js version or is it an updated / more robust system?<br />
|
|-
|-
| composer.json
|'''Charis SIL <br />(fonts)'''
| https://git.mahara.org/mahara/mahara/<br />-/blob/master/external/composer.json
|6.001
|
|6.001
|
|Active
|
|<small>.././lib/fonts/</small>
|
|SIL OFL
|
|[http://scripts.sil.org/cms/scripts/page.php?item_id=CharisSIL About font]<nowiki> | </nowiki>[https://software.sil.org/charis/download/ Download]
|
|
| There is a list of libraries that Mahara uses sitting in this file which also need updating too
|
|
|}
|}
=== Composer.json dependencies ===
'''Resources:''' https://git.mahara.org | <code>/mahara/mahara/-/blob/</code> | <code>mahara/external/composer.json</code>
'''Run''' <code>composer outdated</code> to check for updates.

Latest revision as of 16:18, 4 Ocak 2024

A list of the third-party plugins within Mahara.

Composer commands

For available versions, e.g. composer show phpro/grumphp-shim 1.14.* --all

For our composer dependencies: composer show --tree

For checking the dependencies of a library version, e.g. composer show elasticsearch/elasticsearch 7.17.* --tree

Check if there are any outdated libraries (according to the version syntax in composer.json) composer outdated

Checking the .Mahara files

To check the versions in the .Mahara files, a helpful way to update this list is to go:

 find ./htdocs -type f -iname "README.Mahara" -exec grep 'Version' -B1 {} \; -print

... on the current codebase.

Syncing the list in 'Country' dropdowns

To keep in sync is the country names we use for 'Country' dropdowns. To check what the current state of play is

perl -MLocale::Country -le 'print join("\n", sort map { country2code($_) . " => " . country2code($_, LOCALE_CODE_ALPHA_3) . ", // " . $_ } all_country_names())'

and check the results against htdocs/lib/country.php and htdocs/lang/en.utf8/mahara.php files

For any confusion you can also check against https://www.iso.org

Third-party libraries (PHP and JS)

Legend

  • Mahara version = the README.Mahara file for the library | SemVer Info - explaining the symbols in the Mahara version column
  • Latest version = the most recent available version
  • Update type = what upgrades are available for this plugin, i.e. major, minor, patch, or security?
  • Support = Is there a community supporting this library? When was the last release year if not in active support
    • Active: There is ongoing work being put into the library
    • Inactive: Maintained but not actively making releases
    • Archived: Not being maintained
    • Deprecated (officially): All maintainers have left, and site may not exist in extreme cases.
  • License = software license for the library
  • Notes = extra information, e.g. resources, notes, and new
  • Composer = check if the library is managed by Composer
  • NPM = check if the library is managed by NPM

PHP versions in support https://www.php.net/supported-versions.php⁣ – 14 LTS - Ends security support in 30 Apr 2023, go to 16 LTS soon

💡 A new idea is being proposed to better handle customisations on updating third party libraries lives here → https://reviews.mahara.org/c/mahara/+/13780

PHP libraries (excluding external)

https://eusonlito.github.io/php-changes-cheatsheet/deprecated.html

Libraries are managed by Composer. See composer.json

Run composer show to get a quick summary of library versions managed by Composer.

Run composer outdated to get a list of outdated libraries.

🟡 Libraries yet to be moved to Composer: SimpleSAMLPHP - currently lives in htdocs/auth/saml/extlib and the version is managed in Makefile by curl.

Name Mahara
version
Update type Support License URL/Notes Composer
ADODB 5.22.6 Up to date Active BSD 3-Clause
LGPL
Official site | GitHub | Twitter
Wish-list: extract $SESSION
CSS Tidy 2.1.0 Up to date Active LGPL GitHub
Elasticsearch PHP 7.17.2 Major, 8.10.0 Active Apache v2.0 LGPL v2.1 GitHub | Changelog

Move to OpenSearch

HTML Purifier 4.16.0 Up to date 2022 LGPL v2.1+ HTML Purifier | GitHub
PHPMailer 6.8.1 Up to date Active LGPL GitHub
ReCaptcha 1.2.4 Minor, 1.3.0 Active BSD-3 GitHub
simplesamlphp 2.0.4 Minor, 2.0.6 Active GPL 2.1 GitHub

Optional library - called in Makefile

JavaScript and jQuery libraries

🟡 Check that our Node version is still in support https://endoflife.date/nodejs node| https://nodejs.org/en/download/releases/ ➡ Update the .nvmrc file with the supported version.

Run npm list to get a quick list of the versions and libraries managed by NPM

Goal: to move libraries to be managed by NPM

NPM-managed JS libraries

Name Mahara
version
Update type Support License Notes
yargs 5.0.2 Minor, 5.3.2 Active MIT
Chart.js 3.9.1 Major, 4.4.0 Active MIT Migration to v4
Clipboard js 2.0.11 Up to date Active MIT version # is tagged
Dragon-drop 3.6.1 Up to date 2020 MIT
Dropzone 5.9.3 Patch, 5.9.3 2021 MIT
jQuery 3.7.1 Up to date Active MIT Forum
jQuery UI 1.13.2 Up to date Active MIT
JS Color 2.5.1 Up to date Inactive,2022 GPL 3
Marked 4.3.0 Minor, 4.3.0

Major 9.1.0

Active MIT
Moment.js 2.29.4 Up to date Active MIT Moment JS 🆕 Luxon GitHub
Popper 2.11.8 Up to date Active MIT GitHub issue | tooltips

Floating UI

Fontawesome 6.4.2 Up to date Active SIL OFL 1.1 Upgrade steps | Changelog
TinyMCE 5.10.7 Major, 6.7.0 Active LGPL 2.1 Downloads | Changelog

📲 Test mobile

Video.js 7.21.5 Major, 8.5.2 Active Apache License 2.0 Video JS

Manually managed JS libraries

Name Mahara
version
Update type Support Location
(./htdocs/...)
License Notes NPM
Date time

picker

4.17.47 Major 6.17.16 Active - v6 .../js/bootstrap-datetimepicker/ MIT Changelog

Latest release: rewrite (beta)

Datatables 1.11.4 Minor Active .../js/DataTables/ MIT Download

Release notes CDN

❌ Need to use web builder
Gridstack 4.4.1 Major Active .../js/gridstack/ MIT [Demos](https://gridstackjs.com/demo/)


https://github.com/gridstack/gridstack.js/tree/master/doc

🚧
Json editor 2.6.1 Minor Active .../js/jsoneditor/ MIT Changelog 🚧
PDFjs 3.10.111 Minor 🚧 Active .../artefact/file/blocktype/pdf/js/pdfjs/ Apache License 2 Getting started

The Firefox dist version different to NPM package

Forked/stale/deprecated libraries

Name Mahara
version
Latest
version
Support Location
(./htdocs/...)
License URL Next action
Dwoo 1.3.7 1.3.7 Archived, 2020 .../lib/dwoo/ LGPL Dead site?

GitHub

Javascript
templates
3.20.0 3.20.0 Archived, 2021 .../js/javascript-templates/ MIT GitHub
jQuery mobile 1.5.0-alpha.1 1.5.0-rc1 Deprecated .../js/jquery/jquery-mobile/ MIT Website
🚨 "transition(ed) ... under the jQuery project umbrella, jQuery UI"
Remove and test
jQuery UI plugin
touch-punch
0.2.3 0.2.3 Deprecated .../js/jquery/jquery-ui/
jquery-ui-touch-punch.min.js
MIT or GPL
Version 2
GitHub

🚨 external to JQuery UI

Use a fork?
jTLine 1.0 1.0 Inactive, 2018 .../js/jTLine/ MIT GitHub

Twitter

Ref

Masonry 4.2.2 4.2.2 Inactive, 2018 .../js/masonry/ MIT Masonry

GitHub

TinyMCE
Mathslate
1.1 1.1 Forked, 2015 .../js/tinymce/plugins/mathslate/ GPL 3 Our version is forked.
to work with Tinymce 5
Oauth PHP 175 175 Archived, 2010 .../webservice/libs/oauth-php/ MIT Code Replace with an oauth2 php library see what Moodle does (old comment)
zxcvbn 4.4.2 4.4.2 Inactive, 2017 .../js/zxcvbn/ MIT GitHub
Cookie consent 3.1.1 4.0 No open source updates .../js/cookieconsent/ MIT Download GitHub

Open source version is not updated. 🚨

Select2 4.0.13 4.0.13 Inactive, 2020 .../js/select2/ MIT Select2 | Releases

RC 4.1

Fonts

Name Mahara
version
Latest
version
Status README location
(./htdocs/...)
License URL/Notes
Aurulent Sans
(font)
2007.05.04 2007.05.04 n/a .../lib/fonts/ SIL OFL v1.10 Font Squirrel Aurulent Sans
Deja Vu Sans
(font)
2.37 2.37 n/a .../lib/fonts/ DejaVu Fonts Font Squirrel Deja Vu Sans
Open Sans
(font)
1.10 1.10 Unknown .../theme/raw/fonts/ Apache License Google Fonts Open Sans
Roboto Slab
(font)
1.100263 1.100263 Unknown .../theme/raw/fonts/ MIT Google Fonts Roboto
Charis SIL
(fonts)
6.001 6.001 Active .././lib/fonts/ SIL OFL About font | Download

Composer.json dependencies

Resources: https://git.mahara.org | /mahara/mahara/-/blob/ | mahara/external/composer.json

Run composer outdated to check for updates.