Issue here is that we're still on Bootstrap v3.x, and the upgrade to v4.x isn't just a swap it in. There's HTML changes throughout, which make it a good mini-project for a willing contributor.

@carltongibson Something that’s not 100% clear to me. Are we okay with the jQuery update we’ve made?

I guess so, since it oughta be backwards compatible

Yeah... I believe so. Bar some dropping of browsers we don't support jQuery hasn't broken anything for a long while.

@carltongibson -- I'd be willing to have a go at this if you think I have the skills (It is 'just' template layouts and bootstrap right...).

@carltongibson -- I'd be willing to have a go at this if you think I have the skills (It is 'just' template layouts and bootstrap right...).

kind of yes.

@smithdc1: yes, it’s exactly that. Updating the Browsable API templates to use the newer version. (I didn’t look into it but I see v5 is on the way — don’t know if it’s worth skipping straight to that?)

Yes v5 in alpha and a few alpha releases expected over the coming months weeks/months, my guess is v5 will be out in Q4. The main thing with v5 is it no longer depends upon jQuery. The upgrade from v4-v5 should be much easier than v3-v4.

I'll go investigate.

Yes v5 in alpha and a few alpha releases expected over the coming months weeks/months, my guess is v5 will be out in Q4. The main thing with v5 is it no longer depends upon jQuery. The upgrade from v4-v5 should be much easier than v3-v4.

I'll go investigate.

agree

Super. Thanks. 🥇

On the topic of updating themes... What about the docs, they seem to be on bootstrap 2?

@smithdc1 The docs are a mkdocs theme. In docs_theme. Maybe if you have energy, but one thing at a time I'd say... 😬

Any updates on this? Our team needs this for a security audit for medical industry. I'm not sure why Bootstrap 3.x is considered a security hole, but the hospitals are going to get the security audit report and they probably will not be able to be convinced that Bootstrap 3 javascript for dropdowns and form elements is not a security hole. We are kindof stuck :(

Suggestion: bypass this and go straight for Bootstrap v5, see #7411.

@carltongibson If possible, I would like to work on updating MkDocs theme in docs_theme to BS5. I checked #7411, and it's about the version for the templates. Although it does have some file changes inside docs_theme.

@jefferson2z — I'm sure @tomchristie would be happy to see input on updating the docs theme. #7411 is about bringing the Browseable API up to the latest bootstrap. I'm sure input would be welcome there too! 😀

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

As others have mentioned, the old version of bootstrap comes up in security audits. Moving to v5 would be great.

#9028

Sadly, I don't have time to look at the whole code, but I'm still wondering: how can it take so long to switch to bootstrap v5?

I mean, we're talking about CSS classes and I don't think there are that many templates to modify. We're stuck on a version 3 of bootstrap that's a bit “old-fashioned” and that makes the presentation not very attractive.

I'm trying to introduce Django RestFramework to my company, and I have to be honest about the fact that the design isn't very convincing. I understand that views aren't the most important part of converting, but you know how it is... project managers... customers... they like “wow” effects.

Translated with DeepL.com (free version)

@joshjung @sww314

For anyone with issues raised by security audits, you may be able to fix this using one of the packages shown in the docs. I used drf-redesign.

Or if you want/need you could write your own templates for the browsable API as shown in the docs: https://www.django-rest-framework.org/topics/browsable-api/#third-party-packages-for-customization

As others have mentioned, the old version of bootstrap comes up in security audits. Moving to v5 would be great.

Came up in our security audit as well. Took me a minute of thinking "Where the hell did we even use bootstrap?" to remember, that it was the self-documenting pages.

Re-iterating that this project is open to new maintainership.

We may be able to direct funding towards a role similar to the DSF's fellowship positions, and I'm open to genuine conversations around how we can facilitate that.

Re-iterating that this project is open to new maintainership

may I know what this actual mean? does that mean moving to a new org or just formalizing a new paid fellow maintainer?

@auvipy There is this discussion under https://github.com/orgs/django-commons/discussions/166 which I believe could help with the context.