Learn more about these different git repos.
Other Git URLs
fedora-bootstrap lower than 1.0.3 is using an upstream bootstrap 4.0 release that's less than alpha.6, which requires unsafe-eval in the CSP header, due to their use of "new Function": https://github.com/twbs/bootstrap/blob/v4.0.0-alpha.5/js/src/util.js#L124.
This was fixed in the commit (with awesome commit message "grunt") https://github.com/twbs/bootstrap/commit/d1171ac44ad05a1b7244900b690840093d3e5573#diff-2757cd21af75a7f198f845bbd0a1a748L152 which was introduced in alpha.6.
fedora-bootstrap version 1.0.3 uses bootstrap v4.0.0-alpha.6, which should allow us to get rid of that specific CSP option.
Metadata Update from @puiterwijk: - Issue assigned to ryanlerch
For the record: the part that didn't work were modal dialogs (specifically the token ACL viewing one).
Metadata Update from @puiterwijk: - Assignee reset
trunk currently uses the newer version of Fedora Bootstrap.
So I guess we can close this as Invalid?
Metadata Update from @pingou: - Issue close_status updated to: Invalid
Login to comment on this ticket.