Upgrade Bootstrap and jQuery to address Java script vulnerabilities

[jsjiang]

UCOP security scan using Bitsight found two insecure javascript libraries on EZID:

• Bootstrap 3.2.0 - Medium
• jQuery 2.1.4 - Medium

Detailed information can be found in this IAS ticket: https://github.com/cdlib/cdlsys/issues/363

EZID team needs to take actions and resolve this issue before next scan that may happen in 6 weeks. Marisa suggests to finish this upgrade in 4 weeks.

Bootstrap:

• current version: 5
• Version 3 obsolete July 24, 2019 (no more security updates) jQuery solution options:
• Update to current version: 3.7.1 / (August 28, 2023)
• Or replace with Javascript

[jsjiang]

From Joel Your team can update those two node packages yourselves. If you need help with that, I can guide you through the process; please let me know. After upgrading those packages, you'd then rebuild the UI, verify that it still looks the same and responds the same with mouse/pointer clicks. If not, then it's easy to roll back those package versions and rebuild the project again.