Update external Javascript libraries

[EerikSaksi]

Update external Javascript libraries

Fixes #1031

What?

Update the external Javascript libraries linked to by CDNs

Why?

Avoid security issues and get newest features

How?

Check newest version, test the libraries, look at release notes for breaking changes. Detailed testing in the manual testing section below.

Fixes #1031

Testing

Remember to add or update unit tests for new features and changes.

• How to test your changes in A-plus
• How to test accessibility

What type of test did you run?

• Accessibility test using the WAVE extension.
• Django unit tests.
• Selenium tests.
• Other test. (Add a description below)
• Manual testing.

highlight.js upgrade to 11.7.0

Tested submitting functions.py in Hello Python 6.2 and reviewed my submission which calls the highlightCode jQuery plugin. Also ensured that code with the highlight tag is highlighted normally.

The highlightBlock function is being deprecated and therefore replaced with highlightElement

clipboard.js

The upgrade to v2 seems to cause the breaking change that Clipboard needs to be initialized with ClipboardJS instead. I searched all places where Clipboard is initialized and replaced this with ClipboardJS. I also tested all places where I made this replacement (copy user token, copy submission code in the inspect page, deadline deviations which uses search select form). The API for event handling seems to be the same (clipboard.on('success') clipboard.on('error'))

Bootstrap multiselect

We shouldn't upgrade to 1.x because this might be incompatible with Bootstrap 3, so I didn't change this.

Bootstrap 4 support.
Note that this release might be incompatible with Bootstrap 3 or older. Also note that this was originally release/tag v0.9.16. To >indicate the change from Bootstrap 3 to Bootstrap 4, I decided to directly go to v1.0.0. So the stable release for Boostrap 3 is >v0.9.15.

https://github.com/davidstutz/bootstrap-multiselect/releases/tag/v1.0.0

Datatables

Made sure that the datatables didn't change behavior in the /teachers/results page,

JQuery

The upgrade from 3.6.0 to 3.6.1 seemed to introduce no breaking changes. I still made sure pages which use JQuery plugins had no issues.
https://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/

Did you test the changes in

• Chrome
• Firefox
• This pull request cannot be tested in the browser.

Translation

• Did you modify or add new strings in the user interface? (Read about how to create translation)

Programming style

• Did you follow our style guides?
• Did you use Python type hinting in all functions that you added or edited? (type hints for function parameters and return values)

Have you updated the README or other relevant documentation?

• documents inside the doc directory.
• README.md.
• Aplus Manual.
• Other documentation (mention below which documentation).

Is it Done?

• Reviewer has finished the code review
• After the review, the developer has made changes accordingly
• Customer/Teacher has accepted the implementation of the feature

Clean up your git commit history before submitting the pull request!

[markkuriekkinen]

Thanks! I think I will add the integrity attribute to script and link elements before merging this (as well as crossorigin="anonymous" and referrerpolicy="no-referrer" attributes).

At least jQuery has also had newer releases during the spring so I can update it further.

[markkuriekkinen]

No reason to remove the ending semicolon ;?

[markkuriekkinen]

I updated the libraries further to the current latest versions and added the subresource integrity hashes to the link and script tags.