[MGNLUI-7427] Renovate for frontend libs bundled in UI Created: 15/Jun/22 Updated: 01/Sep/22 Resolved: 16/Aug/22 |
|
| Status: | Closed |
| Project: | Magnolia UI |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 6.3.0, 6.2.23 |
| Type: | Task | Priority: | Neutral |
| Reporter: | Maxime Michel | Assignee: | Roman Kovařík |
| Resolution: | Done | Votes: | 0 |
| Labels: | foundation_team | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Template: |
|
||||
| Acceptance criteria: |
Empty
|
||||
| Task DoR: |
Empty
|
||||
| Epic Link: | richTextField HTML validation | ||||
| Description |
|
We currently bundle the source to front-end libraries such as CKEditor directly in UI, see: https://git.magnolia-cms.com/projects/PLATFORM/repos/ui/browse/magnolia-ui-vaadin-common-widgets/src/main/resources/VAADIN/js/ckeditor If we depended via Maven or NPM on them, e.g. via Maven in the case of CKEditor: https://mvnrepository.com/artifact/org.webjars/ckeditor/4.19.0 Then Renovate (which we would need to enable for UI once this is done) would be able to pick up on new upgrades and prevent CVEs. |