Closed connorshea closed 5 months ago
We also have jQuery 1.6.4 here for some reason: https://github.com/salesagility/SuiteCRM/blob/develop/jssource/src_files/include/javascript/jquery.js
Ok, so jssource/
is where we want to look for the source files, include/javascript
just has the minified versions that'll hopefully be removed soon. (#7340)
It's still weird to me that we have jQuery 1.6.4 AND jQuery 2.1.3, though.
Somehow I missed that Zend was vendored in the repository, so I've added that to the list. Looks like we're on 1.10.8? We have the Zend Gdata, Http, Oauth, Uri, and Validate packages. There's also Zend Search in the AOD_Index module, for some reason?: https://github.com/salesagility/SuiteCRM/tree/develop/modules/AOD_Index/Lib/Zend/Search
That one is going to be... fun. The 1.x docs seem to have mostly become 404 pages now, and Composer has 1.12.3 as the earliest version of the Zend packages.
Turns out there's also a copy of jQuery at modules/jjwg_Maps/javascript/jquery-1.8.0.min.js
AND two copies of jQuery at modules/jjwg_Areas/javascript/jquery-1.4.2.min.js
and modules/jjwg_Areas/javascript/jquery-1.8.0.min.js
.
😒
Oh, and also one at include/javascript/mozaik/colorpicker/js/jquery.js
.
So I think that brings us up to a grand total of 8 copies of jQuery in this repo. ಠ_ಠ
8 copies of Jquery.... ಠ_ಠ indeed.
It looks like we also vendor a library here: include/parsecsv.lib.php
It looks like we also vendor a library here:
include/parsecsv.lib.php
@connorshea Well spotted, removed here: #8006
Does anyone know where we can get XTemplate via Composer? Or can we remove it entirely?
EDIT: Opened an issue about removing XTemplate at #8016. It's going to take a decent bit of work to remove it, but it hopefully shouldn't be insurmountable. The library is unmaintained and hasn't been updated in over a decade, as far as I can tell. It's probably got security holes like swiss cheese.
From codecov.yml
, I noticed we also vendor php-sql-parser at include/php-sql-parser.php
.
Looks like it's on GitHub at https://github.com/greenlion/PHP-SQL-Parser, and we can get it from Packagist here: https://packagist.org/packages/greenlion/php-sql-parser
Edit: I looked into this a bit more, this could probably be removed relatively easily. It's only used in 3 places. I wasn't able to figure out what version of the library was vendored into our repo, but it's definitely quite an old version.
Found a new one: pChart is vendored in modules/AOR_Charts/lib/pChart
.
Looks like we're using v2.1.4, which was the last version released (in 2014).
It looks like we can it from Composer but it's not official: https://github.com/szymach/c-pchart / https://packagist.org/packages/szymach/c-pchart
The Composer package doesn't have v2.1.4 for whatever reason, not sure if that'd be a problem. 2.0.12 or 3.x would be our best options. 3.x has some backwards incompatibilities and I'm not really sure what the deal is with 2.0.12.
phpjs can probably be removed relatively easily. It just creates some PHP functions in JS, and we only use one as far as I can tell:
html_entity_decode
: AjaxUI.js
seems to be the only place where the html_entity_decode
JS function is actually used.get_html_translation_table
: Only used in other phpjs files.htmlentities
: Doesn't seem to be used anywhere.We also have a copy of moment.min.js
, well 2 copies. 1 is used by fullcalendar, not really sure what the other one is for.
The goal of this issue is to track a bunch of smaller issues that are dedicated to removing vendored libraries from the repository and replacing them with corresponding Composer packages. This serves a few purposes:
A lot of packages have already been moved in the last year or two, but there are still quite a few left to move.
This list isn't necessarily comprehensive, it's just all of the vendored libraries that I was able to find.
include/
for 'backwards compatibility'. I'd say we can probably remove it entirely pretty safely. It's already been removed in thedevelop
branch. There's also a file for HTMLPurifier atjssource/src_files/include/HTMLPurifier/standalone/HTMLPurifier/Printer
.develop
.include/ytree
, seems to be a PHP library with a bunch of JS files? I'm not entirely sure what this is/where it comes from, or if it's a third party library at all. It might be YAHOO.widget.TreeView? Some of the files are repeated atjssource/src_files/include/ytree
.modules/AOS_PDF_Templates/PDF_Lib/
, it was fixed by #7118 in develop.Zend/
, based on theVersion.php
file it's at v1.10.8. That's really old, 2.0.0 came out in September 2012, I'm not really sure when 1.10 came out. The oldest version on packagist is 2.0.0, but there is azf1/
namespace with older versions of Zend packages, e.g. https://packagist.org/packages/zf1/zend-uri has 1.12.3+. We also have some Zend files atmodules/AOD_Index/Lib/Zend/Search
include/php-sql-parser.php
, it's only used in a small handful of places. It's on a fairly old version of the library, but the github project is hereinclude/SugarXHprof/xhprof_lib
. It doesn't seem like the code has been touched in a long time, and I don't think it works on PHP 7. The project seems abandoned.modules/AOR_Charts/lib/pChart
.I've also got a list of JavaScript libraries. These are harder, since we don't use npm/yarn and most of these probably don't have corresponding Composer packages:
develop
, but tiny_mce is still available ininclude/javascript/tiny_mce/
ondevelop
?include/javascript/jquery
, it seems to be on v2.1.3. There's also jQuery UI, jQuery Cookie, and a variety of other extensions :/include/javascript/jstree
(PR: #7296)include/javascript/mozaik
include/javascript/yui3
, it seems to be at v3.3.0.include/javascript/yui
, which is seemingly at v2.6.0. I'm not sure why we're using both...jssource/src_files/include/javascript/yui3
, apparently.include/javascript/qtip
, v2.2.1include/javascript/c3
, I guess it's a chart library based on D3? It's minified (and only includes the CSS file?) so I have no idea what version it's on. It's only used inmodules/Spots/Dashlets/SpotsDashlet/SpotsDashlet.tpl
andmodules/Spots/tpl/ShowSpots.tpl
.include/javascript/touchPunch
, seems to be a plugin for jQuery UI. v0.2.3jssource/src_files/include/javascript/phpjs
license.js
says 3.25, but that doesn't seem right since php.js never made it that far?include/SuiteGraphs/rgraph