Replace CKEditor 4 - Githubissues

archesproject / arches

Arches is a web platform for creating, managing, & visualizing geospatial data. Arches was inspired by the needs of the Cultural Heritage community, particularly the widespread need of organizations to build & manage cultural heritage inventories

GNU Affero General Public License v3.0

210 stars 139 forks source link

Replace CKEditor 4 #10828

Open bferguso opened 2 months ago

bferguso commented 2 months ago

CKEditor 4 is end of life as of June 2023: https://ckeditor.com/ckeditor-4/. We should either upgrade to CKEditor 5 of look at alternatives.

apeters commented 3 weeks ago

The latest ckeditor (v 4.23 and greater) now requires a license (Arches is currently pegged to full/4.24.x). This is throwing an error in current implementations of Arches. They offer a free license to open source software projects. We should either get a license from them or find and alternative to ckeditor.

example error I'm seeing in the client

ckeditor.js:370 [CKEDITOR]: The license key is missing or invalid.

If you suddenly started to see this message, this may mean you accidentally updated CKEditor 4 
to the LTS version (4.23.0 and above). This version of the editor is under commercial terms 
and requires acquiring an "Extended Support Model" contract - https://ckeditor.com/ckeditor-4-support/

apeters commented 3 weeks ago

@chiatt and @chrabyrd ☝️ I notice that we just updated the version of ckeditor in package.json

chrabyrd commented 3 weeks ago

@chiatt and @chrabyrd ☝️ I notice that we just updated the version of ckeditor in package.json

@apeters Yep! It was part of the move to npm, and it was updated to the most recent version that doesn't require a license. This was to resolve a few security issues the previous version was throwing when npm audit was run.

I do not have a strong opinion about either obtaining a license from the CKEditor org or moving to a different package, though if we choose to move to a different package Quill looks like a good candidate.

chrabyrd commented 3 weeks ago

Doing some more thinking on this and I believe we can probably get away with keeping CKEditor4 past EOL, with the argument that essentially our KOJS components have entered maintenance-only mode. But we should definitely find a modern replacement for integrating into Vue

apeters commented 3 weeks ago

@apeters Yep! It was part of the move to npm, and it was updated to the most recent version that doesn't require a license.

@chrabyrd it does seem to require a license though, hence the error message I saw in the console.

chrabyrd commented 3 weeks ago

@apeters ahh you're right, it's been reverted in #11040