Upgrade vendor libraries to avoid potential security issues

[nobodyiam]

Is your feature request related to a problem? Please describe.
The vendor libraries used in apollo are out-dated(Bootstrap v3.3.5, jQuery 2.2.4, AngularJS v1.5.1, etc), which means potential security issues, e.g. https://snyk.io/test/npm/bootstrap/3.3.5

Describe the solution you'd like
Upgrade the vendor libraries to recent versions

[DiegoKrupitza]

I know this might be a lot of work but why do not upgrade from AngularJs to Angular? According to this blog post (https://blog.angular.io/stable-angularjs-and-long-term-support-7e077635ee9c) LTS will end December 31, 2021.

I think it would be a great idea to move forward by changing to Angular since this will make Apollo more future proof.

[nobodyiam]

@DiegoKrupitza I think this is a good idea and we need someone to take a look and estimate the effort before doing the migration.

[DiegoKrupitza]

There are a few resources available at the official angular site (https://angular.io/guide/upgrade) but to really do this you need someone who knows the frontend by hard, since a lot can go wrong 😅

I'm not an angular expert but I would suggest to not mix AngularJs and Angular since this may be become way to complex over time.

When upgrading to Angular I would also think it will make sense to upgrade to Typescript as well.

[DiegoKrupitza]

I think the upgrade from AngularJs to Angular should be an issue by its own, since it looks like this will be a major upgrade.

Is there a reason why the frontend for the Apollo portal is inside the static content of the backend? Wouldn't it be more suitable to extract the frontend into a own folder. This would decouple the angular frontend from the java backend and make it more modular.
This may be helpful in case of scaling, since right now every time you deploy a Apollo portal you always have a angular frontend included, but this might not be useful and a waste of resources (if you deploy 2-3 portals to load balance/fault tolerance/... you may just need 1 angular frontend)

[nobodyiam]

The only reason to put the static contents inside apollo portal is to ease the deployment process, so that user doesn't need to start a standalone server to serve those static contents.
It does look like a major upgrade from AngularJs to Angular, so maybe we could first upgrade the AngularJs version to solve the potential security issues.

[NICEXAI]

Angular is getting less attention in China， would it be more appropriate to choose react + hook + ts or vue3 + ts for dashboard refactoring?

[NICEXAI]

Using a familiar technology stack also allows more people to participate in the development and maintenance of the dashboard.

[DiegoKrupitza]

Angular is getting less attention in China， would it be more appropriate to choose react + hook + ts or vue3 + ts for dashboard refactoring?

The major benefit of a transition from AngularJs to Angular is that you do not really have to rewrite everything.

If we switch from AngularJs to React/Vue we need to rewrite all the functionalities.

[NICEXAI]

Angular is getting less attention in China， would it be more appropriate to choose react + hook + ts or vue3 + ts for dashboard refactoring?

The major benefit of a transition from AngularJs to Angular is that you do not really have to rewrite everything.

If we switch from AngularJs to React/Vue we need to rewrite all the functionalities.

I am a front-end developer, and I have carefully checked all the features of dashboard, maybe there are not as many features as I thought.
Most of the time redevelopment is much faster than refactoring

[NICEXAI]

For front-end developers, writing pages is a very simple thing, far less work and much more efficient than refactoring.

[DiegoKrupitza]

Angular is getting less attention in China， would it be more appropriate to choose react + hook + ts or vue3 + ts for dashboard refactoring?

The major benefit of a transition from AngularJs to Angular is that you do not really have to rewrite everything.
If we switch from AngularJs to React/Vue we need to rewrite all the functionalities.

I am a front-end developer, and I have carefully checked all the features of dashboard, maybe there are not as many features as I thought. Most of the time redevelopment is much faster than refactoring

I created a new Issue that only focuses on Upgrading from AngularJs to X. Personally I am open to any framework that has at least a bit of popularity. But I think this should be a community decision so maybe the PMC can help out finding a good fit for everyone

PS: lets move the discussion to #4051