mirror of
https://github.com/grafana/grafana.git
synced 2026-02-03 20:49:50 -05:00
c78c2d7231
Removes Bootstrap v2.3.2 files that are not used in the codebase but are flagged by security vulnerability scanners. Changes: - Removed public/vendor/bootstrap/ directory - Removed public/vendor/tagsinput/bootstrap-tagsinput.js - Removed .bootstrap-tagsinput CSS block from public/sass/_angular.scss These files were replaced by modern React components during the Angular to React migration. The TagsInput functionality is now provided by packages/grafana-ui/src/components/TagsInput/TagsInput.tsx. Bootstrap v2.3.2 (from 2013) has known CVEs but poses no actual risk since the files are not loaded or executed. This change eliminates false-positive security scan alerts. Evidence: - No import statements found for these files - No script tags loading bootstrap.js - No webpack bundling of vendor files - Modern React TagsInput component in use - Last modified: June 2022 (security patch only) |
||
|---|---|---|
| .. | ||
| base | ||
| _angular.scss | ||
| _grafana.scss | ||
| _variables.dark.generated.scss | ||
| _variables.generated.scss | ||
| _variables.light.generated.scss | ||
| grafana.dark.scss | ||
| grafana.light.scss | ||
| icons.json | ||