Skip to content

Libraries and dependencies

Jump to bottom
Aaron Rudkin edited this page May 10, 2019 · 64 revisions

We should keep track of the versions we are running, the current versions, whether the framework is supported or deprecated by its developers, and what our upgrade path is.

VERSION NUMBERS AS OF 2018-08-28

OS

  • Ubuntu. We are running v14.04.5 LTS 2016-08-04. END OF LIFE APRIL 2019 IMPORTANT. Current release v16.04.1 2016-07-21.

To upgrade Ubuntu, use sudo do-release-upgrade. Joe Luk at SSC confirms that Ubuntu 16.04 runs fine on their virtualization setup, but says people should follow up with him to ensure that stuff like startup daemons are correctly configured post upgrade.

Services (As of 2019-05-10)

  • nginx (web server). We are running a custom version of v1.12.2. You can use apt to upgrade nginx normally. For notes on the custom version and how to deploy the custom version to new server installs, click here
  • uwsgi (how nginx runs Python scripts). We are running v1.9.17.1 2013-09-24, current v2.0.13.1 2016-05-12.
  • Bottle (templating system and web layer for python). We are running v0.12.13 2017-01-09, which is the current production version. There is some reasonable concern that Bottle is deprecated in favour of Flask, a Fork with more robust featureset. We're OK for now. If we do migrate, this will break some of our tpl files, as well as potentially some elements of app.py. Please ensure migration is safe before migrating.
  • Python (scripts and execution). We are running v2.7.6 2015-06-22, current v2.7.13 2016-12-17.
  • MongoDB (Database layer). We are running v3.2.22 2018-12-28, which is the current version of 3.2
  • Let's Encrypt (HTTPS certificate signing). This autoupdates when it runs.
  • git -> Github (code backup and deployment). We are running v2.21.0 of git (2019-02-24), which is current.
  • denyhosts (SSH security). We are running version v3.0, which is the current production version.

Most of these libraries should only be updated through sudo apt-get update && apt-get upgrade. It is OK for some of these to be older versions--we are using the production versions Ubuntu ships with, and that's fine.

Javascript Frameworks

  • bootstrap. We are running v3.2.0 2014-06-26, current v3.3.7 2016-07-25.
  • bootstrap-slider. We are running v7.1.1 2016-05-26, current v9.2.0 2016-08-25. Note: Upgrading will cause a breaking CSS change, do not upgrade without fixing CSS.
  • clipboard.js. We are running v2.0.1 2016-12-10, which is the current version.
  • crossfilter -- do not confuse with the deprecated square crossfilter. We are running v1.3.14 2016-06-09, v1.4 alpha releases going on now.
  • d3. We are running v3.5.17 2016-05-04, the last v3 patch, current v4.2.3 2016-09-13.
  • d3-queue. We are running v1.2.2 2016-01-25, the last v1 patch, current v3.0.3 2016-08-15.
  • d3-tip. We have no version information. This should probably be investigated. Current version is v0.6.7, 2015-05-16.
  • dc.js. We are runnning v2.00-beta.19 2015-09-128, current v2.00 (stable; after 33 betas) 2017-01-04
  • jquery. We are running v1.11.1 2014-05-01, current either v1.12.4 2016-05-20 or v3.1.0 2016-07-07 (look into this, I think there are probably backwards incompatible upgrades).
  • jquery.tablesort. We are running v2.27.8 2016-09-29, current is v2.28.4 2017-01-06. Note that this is Mottie's fork, not the original project.
  • js-cookie. We are running v2.1.3 2016-09-01, the current version.
  • saveSvgAsPng. We are running v1.4.5 2018-06-06, the current version.
  • sprintf.js. We are running v1.1.1 2017-05-29, the current version.
  • topojson. We are running v1.6.27 2016-09-07, current is v2.2.0 (2016-12-10).

Currently we just manually upgrade (use min versions) but we should investigate moving to NPM+Browserify. For manual upgrades please ensure that there are neither API changes nor breaking CSS changes.

Python Modules (Current as of 2017-05-23)

  • Bottle (as above). Running 0.12.13, current.
  • email_validator. Running 1.0.2, current.
  • fuzzywuzzy. Running 0.15, current.
  • pymongo. Running 3.4.0, current.
  • requests. Running 2.14.2, current.
  • titlecase. Running 0.10.0, current.
  • Unidecode. Running 0.4.20, current.
  • xlwt. Running 1.2.0, current.

This should be updated with sudo pip install <packagename> --upgrade.

You can generate a list of our python module requirements by running /usr/scripts/pythonDependencies/generateDependenciesSite which will update requirements.txt in /var/www/voteview/setup/requirements.txt. This will only include dependencies for the website, not other packages installed. It does this by itemizing every import on the website, and then comparing against all installed external dependencies.

Misc

We have legacy copies of modernizr and selectivizr and respond--not clear if/what these are currently being used with/for.

Clone this wiki locally