datatables.net* package bumps

[cneill]

Description

We have quite a few datatables.net* package updates pending from Dependabot, and the tests were failing due to changes in file names used by these packages. I've updated all of the packages in one go and updated the file names, but there may still be styling issues based on the latest versions.

Existing PRs:
#10148
#10147
#10146
#10001
#10000

I've also removed the drmonty-* packages that are very old forks of 2 datatables packages, and that appear to be unused.

Test results

There are some styling issues and at least 1 integration test failure. I'm trying to figure out the latter but can't successfully run integration tests locally for some reason.

Styling issues I've noticed so far:

Documentation

N/A

[dryrunsecurity]

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security	Status	Findings
Configured Codepaths Analyzer	✅	0 findings
Sensitive Files Analyzer	❕	1 finding
AppSec Analyzer	✅	0 findings
Authn/Authz Analyzer	✅	0 findings
Secrets Analyzer	✅	0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖.
Note that this summary is auto-generated and not meant to be a definitive list of security issues
but rather a helpful summary from a security perspective.

Summary:

The changes in this pull request primarily focus on updating the versions of several dependencies related to the DataTables JavaScript library, which is used for creating interactive tables in the DefectDojo application. The key changes include updating the versions of DataTables.net-related dependencies, such as datatables.net, datatables.net-buttons-bs, datatables.net-buttons-dt, and datatables.net-colreorder. Additionally, the drmonty-datatables-plugins and drmonty-datatables-responsive dependencies have been removed.

From an application security perspective, these changes do not immediately raise any major concerns. However, it's important to review the release notes and changelogs of the updated dependencies to ensure that there are no known security vulnerabilities or issues that need to be addressed. Additionally, it's a good practice to monitor the project's dependencies for any future updates and security advisories, and to keep the dependencies up-to-date to mitigate potential security risks.

Files Changed:

1. components/package.json: This file has been updated to reflect the changes in the project's dependencies, including the version updates for several DataTables.net-related dependencies and the removal of the drmonty-datatables-plugins and drmonty-datatables-responsive dependencies.

2. dojo/templates/base.html: This file has been updated to reflect the changes in the DataTables library version, with the jquery.dataTables.min.js file being updated to dataTables.min.js and the jquery.dataTables.min.css file being updated to dataTables.dataTables.min.css.

3. components/yarn.lock: This file has been updated to reflect the changes in the versions of the DataTables-related dependencies, including updates to the datatables.net-bs, datatables.net-buttons-bs, datatables.net-buttons-dt, datatables.net-buttons, datatables.net-colreorder, datatables.net-dt, and datatables.net dependencies.

Powered by DryRun Security