search

encode / django-rest-framework

Web APIs for Django. 🎸
https://www.django-rest-framework.org
Other
28.51k stars 6.85k forks source link

Update to Bootstrap 4.5.0 #7327

Open tomchristie opened 4 years ago

tomchristie commented 4 years ago

https://blog.getbootstrap.com/2020/05/12/bootstrap-4-5-0/ Related: https://github.com/encode/django-rest-framework/pull/7313

auvipy commented 4 years ago

mainly the browsable API/ admin stuffs?

carltongibson commented 4 years ago

Issue here is that we're still on Bootstrap v3.x, and the upgrade to v4.x isn't just a swap it in. There's HTML changes throughout, which make it a good mini-project for a willing contributor.

tomchristie commented 4 years ago

@carltongibson Something that’s not 100% clear to me. Are we okay with the jQuery update we’ve made?

tomchristie commented 4 years ago

I guess so, since it oughta be backwards compatible

carltongibson commented 4 years ago

Yeah... I believe so. Bar some dropping of browsers we don't support jQuery hasn't broken anything for a long while.

smithdc1 commented 4 years ago

@carltongibson -- I'd be willing to have a go at this if you think I have the skills (It is 'just' template layouts and bootstrap right...).

auvipy commented 4 years ago

@carltongibson -- I'd be willing to have a go at this if you think I have the skills (It is 'just' template layouts and bootstrap right...).

kind of yes.

carltongibson commented 4 years ago

@smithdc1: yes, it’s exactly that. Updating the Browsable API templates to use the newer version. (I didn’t look into it but I see v5 is on the way — don’t know if it’s worth skipping straight to that?)

smithdc1 commented 4 years ago

Yes v5 in alpha and a few alpha releases expected over the coming months weeks/months, my guess is v5 will be out in Q4. The main thing with v5 is it no longer depends upon jQuery. The upgrade from v4-v5 should be much easier than v3-v4.

I'll go investigate.

auvipy commented 4 years ago

Yes v5 in alpha and a few alpha releases expected over the coming months weeks/months, my guess is v5 will be out in Q4. The main thing with v5 is it no longer depends upon jQuery. The upgrade from v4-v5 should be much easier than v3-v4.

I'll go investigate.

agree

carltongibson commented 4 years ago

Super. Thanks. 🥇

smithdc1 commented 4 years ago

On the topic of updating themes... What about the docs, they seem to be on bootstrap 2?

carltongibson commented 4 years ago

@smithdc1 The docs are a mkdocs theme. In docs_theme. Maybe if you have energy, but one thing at a time I'd say... 😬

joshjung commented 4 years ago

Any updates on this? Our team needs this for a security audit for medical industry. I'm not sure why Bootstrap 3.x is considered a security hole, but the hospitals are going to get the security audit report and they probably will not be able to be convinced that Bootstrap 3 javascript for dropdowns and form elements is not a security hole. We are kindof stuck :(

jscaux commented 3 years ago

Suggestion: bypass this and go straight for Bootstrap v5, see #7411.

jeffersonataide commented 3 years ago

@carltongibson If possible, I would like to work on updating MkDocs theme in docs_theme to BS5. I checked #7411, and it's about the version for the templates. Although it does have some file changes inside docs_theme.

carltongibson commented 3 years ago

@jefferson2z — I'm sure @tomchristie would be happy to see input on updating the docs theme. #7411 is about bringing the Browseable API up to the latest bootstrap. I'm sure input would be welcome there too! 😀

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

sww314 commented 11 months ago

As others have mentioned, the old version of bootstrap comes up in security audits. Moving to v5 would be great.

https://github.com/encode/django-rest-framework/discussions/9028

metal3d commented 2 months ago

Sadly, I don't have time to look at the whole code, but I'm still wondering: how can it take so long to switch to bootstrap v5?

I mean, we're talking about CSS classes and I don't think there are that many templates to modify. We're stuck on a version 3 of bootstrap that's a bit “old-fashioned” and that makes the presentation not very attractive.

I'm trying to introduce Django RestFramework to my company, and I have to be honest about the fact that the design isn't very convincing. I understand that views aren't the most important part of converting, but you know how it is... project managers... customers... they like “wow” effects.

Translated with DeepL.com (free version)

DeanElliott96 commented 2 weeks ago

@joshjung @sww314

For anyone with issues raised by security audits, you may be able to fix this using one of the packages shown in the docs. I used drf-redesign.

Or if you want/need you could write your own templates for the browsable API as shown in the docs: https://www.django-rest-framework.org/topics/browsable-api/#third-party-packages-for-customization