Compare commits
42 Commits
v6-rm-dist
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| c82919e897 | |||
| 4449c7465e | |||
| 93920fe842 | |||
| 02d8ed85e4 | |||
| e170268b3c | |||
| e9cd061528 | |||
| f29a71b1cf | |||
| 481bf7ece2 | |||
| c577685708 | |||
| 61b0bab5c2 | |||
| 05fc0c7f37 | |||
| c9e83a12b5 | |||
| 6f4d51f6ea | |||
| 35858ff363 | |||
| b4a1d28dc9 | |||
| 25b6ac90ee | |||
| 1ce39817bd | |||
| c38c6cb6c2 | |||
| b7122f155f | |||
| 14672e570c | |||
| 90baf94dac | |||
| 9214b595a7 | |||
| fe76cb3ccb | |||
| 8bbe4018ba | |||
| 6ad25a7102 | |||
| 12b3f76cc4 | |||
| 815af314f3 | |||
| 26badb2f6b | |||
| a79f4911ba | |||
| cfe66330e8 | |||
| ecee5a7765 | |||
| 8f3d0580a3 | |||
| 19a4bab36d | |||
| 88a78a6958 | |||
| 8afa30c52b | |||
| ddf5853c7b | |||
| 4189b3075c | |||
| 8cd02aabd1 | |||
| 380a1d738b | |||
| 0458e76ec1 | |||
| 21d19a9a6a | |||
| 6772c8ccbe |
@@ -0,0 +1,162 @@
|
||||
# Incident response plan
|
||||
|
||||
This document describes how the Bootstrap maintainers respond to and manage security or operational incidents affecting the project, its website, or its distributed releases. This plan is public to promote transparency and community trust. Operational details (e.g., private contacts, credentials, or internal coordination tools) are maintained separately in the maintainers’ private documentation.
|
||||
|
||||
---
|
||||
|
||||
## 1. Purpose & Scope
|
||||
|
||||
This plan defines how Bootstrap maintainers will:
|
||||
|
||||
- Identify, triage, and manage security or integrity incidents affecting project code, releases, or infrastructure.
|
||||
- Communicate with the community and downstream consumers during and after an incident.
|
||||
- Record lessons learned and update processes to reduce future risk.
|
||||
|
||||
It applies to:
|
||||
|
||||
- The Bootstrap source code, documentation, and build pipelines.
|
||||
- Release artifacts (npm, CDN, GitHub releases).
|
||||
- The main website ([https://getbootstrap.com](https://getbootstrap.com)).
|
||||
- Any official Bootstrap GitHub organization infrastructure.
|
||||
|
||||
It does **not** cover unrelated third-party forks or integrations.
|
||||
|
||||
---
|
||||
|
||||
## 2. Definitions
|
||||
|
||||
- **Incident**: Any event that could compromise the confidentiality, integrity, or availability of Bootstrap code, releases, or users. Examples include:
|
||||
- A discovered security vulnerability.
|
||||
- A compromised GitHub account or CI/CD token.
|
||||
- A malicious dependency or injected code in a release.
|
||||
- Website defacement or unauthorized modification of documentation.
|
||||
- Leaked secrets related to the project infrastructure.
|
||||
|
||||
- **Incident Commander (IC)**: The maintainer responsible for coordinating the overall response.
|
||||
|
||||
---
|
||||
|
||||
## 3. Roles & Responsibilities
|
||||
|
||||
| Role | Responsibilities |
|
||||
|------|-------------------|
|
||||
| **Incident Commander (IC)** | Coordinate the response, assign tasks, ensure timely communication. |
|
||||
| **Security Maintainers** | Triage reported vulnerabilities, assess impact, create fixes, handle embargoes. |
|
||||
| **Infrastructure Lead** | Manage CI/CD, website, and release infrastructure. |
|
||||
| **Communications Lead** | Manage public announcements, blog posts, and social updates. |
|
||||
| **Contributors & Community** | Promptly report suspected security issues and follow responsible disclosure guidelines. |
|
||||
|
||||
In practice, Bootstrap’s core team fulfills these roles collectively, assigning an IC on a per-incident basis.
|
||||
|
||||
---
|
||||
|
||||
## 4. Incident workflow
|
||||
|
||||
### 4.1 Detection & Reporting
|
||||
|
||||
- All security issues should be **privately reported** via the contact method in [`SECURITY.md`](../SECURITY.md) or through GitHub’s Security Advisory mechanism.
|
||||
- Maintainers also monitor:
|
||||
- Automated dependency scanners (e.g., Dependabot, npm audit).
|
||||
- GitHub notifications and vulnerability alerts.
|
||||
- Community channels for suspicious activity.
|
||||
|
||||
### 4.2 Initial triage
|
||||
|
||||
Upon receiving a report:
|
||||
|
||||
1. A maintainer acknowledges receipt within 3 business days (or sooner, when possible).
|
||||
Bootstrap is maintained by a small volunteer team; response times may vary slightly outside normal working hours.
|
||||
2. The IC assesses severity and impact:
|
||||
- **Critical:** immediate compromise of release infrastructure or code integrity.
|
||||
- **High:** exploitable vulnerability in distributed assets.
|
||||
- **Medium:** minor vulnerability or low-likelihood attack vector.
|
||||
- **Low:** informational, no direct risk.
|
||||
3. If confirmed as an incident, the IC opens a private coordination channel for maintainers and begins containment.
|
||||
|
||||
### 4.3 Containment & Eradication
|
||||
|
||||
- Revoke or rotate any affected credentials.
|
||||
- Disable compromised infrastructure or build pipelines if necessary.
|
||||
- Patch affected branches or dependencies.
|
||||
- Verify integrity of artifacts and releases.
|
||||
|
||||
### 4.4 Communication
|
||||
|
||||
- Keep the reporting party informed (when applicable).
|
||||
- For major incidents, the Communications Lead drafts a public advisory describing:
|
||||
- What happened
|
||||
- What was impacted
|
||||
- How users can verify or mitigate
|
||||
- What actions were taken
|
||||
- Communications occur after containment to avoid amplifying risk.
|
||||
|
||||
Public disclosures are posted via:
|
||||
|
||||
- GitHub Security Advisory if appropriate
|
||||
- [blog.getbootstrap.com/](https://blog.getbootstrap.com/)
|
||||
- [Bootstrap GitHub discussions](https://github.com/orgs/twbs/discussions)
|
||||
- [@getbootstrap](https://x.com/getbootstrap) on X (formerly Twitter) for critical security notices.
|
||||
|
||||
### 4.5 Recovery
|
||||
|
||||
- Validate all systems and releases are secure.
|
||||
- Resume normal operations.
|
||||
- Tag patched releases and notify affected users.
|
||||
|
||||
### 4.6 Post-incident review
|
||||
|
||||
Within two weeks after resolution:
|
||||
|
||||
- Conduct an internal debrief.
|
||||
- Record:
|
||||
- Root cause
|
||||
- What worked / what didn’t
|
||||
- Remediation steps
|
||||
- Documentation or automation updates needed
|
||||
- Summarize lessons learned in the private maintainers’ wiki (with optional public summary if appropriate).
|
||||
|
||||
---
|
||||
|
||||
## 5. Severity levels & Response targets
|
||||
|
||||
| Severity | Example | Target response (volunteer team) |
|
||||
|-----------|----------|----------------------------------|
|
||||
| **Critical** | Compromised release, stolen signing keys | Acknowledge ≤ 24h (best effort), containment ≤ 48h, fix ideally ≤ 14d |
|
||||
| **High** | Vulnerability enabling arbitrary code execution | Acknowledge ≤ 3 business days, fix ideally ≤ 14–21d |
|
||||
| **Medium** | XSS or content injection on docs site | Acknowledge ≤ 5 business days, fix in next release cycle |
|
||||
| **Low** | Minor issue with limited risk | Acknowledge ≤ 7 business days, fix as scheduled |
|
||||
|
||||
**Note:** Timelines represent good-faith targets for a small volunteer core team, not hard SLAs. The maintainers will always prioritize public safety and transparency, even if timing varies.
|
||||
|
||||
---
|
||||
|
||||
## 6. Public disclosure principles
|
||||
|
||||
Bootstrap follows a responsible disclosure approach:
|
||||
|
||||
- Work privately with reporters and affected parties before publishing details.
|
||||
- Never name reporters without consent.
|
||||
- Coordinate embargo periods with downstream consumers when needed.
|
||||
- Publish advisories only after patches or mitigations are available.
|
||||
|
||||
---
|
||||
|
||||
## 7. Communication Channels
|
||||
|
||||
| Purpose | Channel |
|
||||
|----------|----------|
|
||||
| Private reporting | Email address in [`SECURITY.md`](./SECURITY.md) or GitHub advisory form |
|
||||
| General updates | [blog.getbootstrap.com/](https://blog.getbootstrap.com/) blog |
|
||||
| Security advisories | GitHub Security Advisory dashboard |
|
||||
| Social alerts | [@getbootstrap](https://x.com/getbootstrap) |
|
||||
| GitHub discussion alerts | [github.com/orgs/twbs/discussions](https://github.com/orgs/twbs/discussions) |
|
||||
|
||||
---
|
||||
|
||||
## 8. Plan Maintenance
|
||||
|
||||
This plan is reviewed at least annually or after any major incident. Changes are approved by the Core Team and recorded in Git history.
|
||||
|
||||
---
|
||||
|
||||
_The Bootstrap maintainers are committed to transparency, user trust, and continuous improvement in our security and response practices._
|
||||
@@ -22,12 +22,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
||||
with:
|
||||
node-version: "${{ env.NODE }}"
|
||||
cache: npm
|
||||
|
||||
@@ -20,12 +20,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
||||
with:
|
||||
node-version: "${{ env.NODE }}"
|
||||
cache: npm
|
||||
|
||||
@@ -22,7 +22,7 @@ jobs:
|
||||
pull-requests: write
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
||||
@@ -24,21 +24,21 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3
|
||||
uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
|
||||
with:
|
||||
config-file: ./.github/codeql/codeql-config.yml
|
||||
languages: "javascript"
|
||||
queries: +security-and-quality
|
||||
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3
|
||||
uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
|
||||
|
||||
- name: Perform CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3
|
||||
uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
|
||||
with:
|
||||
category: "/language:javascript"
|
||||
|
||||
@@ -23,12 +23,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Run cspell
|
||||
uses: streetsidesoftware/cspell-action@dcd03dc3e8a59ec2e360d0c62db517baa0b4bb6d # v7.2.0
|
||||
uses: streetsidesoftware/cspell-action@e5a858a18b7e0b56e0342b1dcad796308b7341a2 # v8.1.1
|
||||
with:
|
||||
config: ".cspell.json"
|
||||
files: "**/*.{md,mdx}"
|
||||
|
||||
@@ -20,12 +20,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
||||
with:
|
||||
node-version: "${{ env.NODE }}"
|
||||
cache: npm
|
||||
|
||||
@@ -20,12 +20,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
||||
with:
|
||||
node-version: "${{ env.NODE }}"
|
||||
cache: npm
|
||||
@@ -42,7 +42,7 @@ jobs:
|
||||
run: npm run docs-vnu
|
||||
|
||||
- name: Run linkinator
|
||||
uses: JustinBeckwith/linkinator-action@3d5ba091319fa7b0ac14703761eebb7d100e6f6d # v1.11.0
|
||||
uses: JustinBeckwith/linkinator-action@af984b9f30f63e796ae2ea5be5e07cb587f1bbd9 # v2.3
|
||||
with:
|
||||
paths: _site
|
||||
recurse: true
|
||||
|
||||
@@ -17,7 +17,7 @@ jobs:
|
||||
if: github.repository == 'twbs/bootstrap'
|
||||
steps:
|
||||
- name: awaiting reply
|
||||
uses: actions-cool/issues-helper@45d75b6cf72bf4f254be6230cb887ad002702491 # v3.6.3
|
||||
uses: actions-cool/issues-helper@d1d51fccf39469b5458203b1369060db0ff0c0db # v3.7.4
|
||||
with:
|
||||
actions: "close-issues"
|
||||
labels: "awaiting-reply"
|
||||
|
||||
@@ -18,7 +18,7 @@ jobs:
|
||||
steps:
|
||||
- name: awaiting reply
|
||||
if: github.event.label.name == 'needs-example'
|
||||
uses: actions-cool/issues-helper@45d75b6cf72bf4f254be6230cb887ad002702491 # v3.6.3
|
||||
uses: actions-cool/issues-helper@d1d51fccf39469b5458203b1369060db0ff0c0db # v3.7.4
|
||||
with:
|
||||
actions: "create-comment"
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
@@ -25,12 +25,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
||||
with:
|
||||
node-version: ${{ env.NODE }}
|
||||
cache: npm
|
||||
@@ -45,7 +45,7 @@ jobs:
|
||||
run: npm run js-test
|
||||
|
||||
- name: Run Coveralls
|
||||
uses: coverallsapp/github-action@648a8eb78e6d50909eff900e4ec85cab4524a45b # v2.3.6
|
||||
uses: coverallsapp/github-action@5cbfd81b66ca5d10c19b062c04de0199c215fb6e # v2.3.7
|
||||
if: ${{ !github.event.repository.fork }}
|
||||
with:
|
||||
github-token: "${{ secrets.GITHUB_TOKEN }}"
|
||||
|
||||
@@ -20,12 +20,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
||||
with:
|
||||
node-version: "${{ env.NODE }}"
|
||||
cache: npm
|
||||
|
||||
@@ -20,12 +20,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Clone repository
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
||||
with:
|
||||
node-version: "${{ env.NODE }}"
|
||||
|
||||
|
||||
@@ -14,7 +14,7 @@ jobs:
|
||||
env:
|
||||
GITHUB_REF_NAME: ${{ github.ref_name }}
|
||||
steps:
|
||||
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
|
||||
@@ -34,12 +34,12 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: "Checkout code"
|
||||
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: "Run analysis"
|
||||
uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
|
||||
uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
|
||||
with:
|
||||
results_file: results.sarif
|
||||
results_format: sarif
|
||||
@@ -64,7 +64,7 @@ jobs:
|
||||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||
# format to the repository Actions tab.
|
||||
- name: "Upload artifact"
|
||||
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
|
||||
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
@@ -73,6 +73,6 @@ jobs:
|
||||
# Upload the results to GitHub's code scanning dashboard (optional).
|
||||
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3
|
||||
uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
||||
Generated
+1440
-1304
File diff suppressed because it is too large
Load Diff
+26
-26
@@ -84,7 +84,7 @@
|
||||
"docs-serve": "npm run astro-dev",
|
||||
"docs-serve-only": "npx sirv-cli _site --port 9001",
|
||||
"lockfile-lint": "lockfile-lint --allowed-hosts npm --allowed-schemes https: --empty-hostname false --type npm --path package-lock.json",
|
||||
"update-deps": "ncu -u -x @docsearch/js,eslint,eslint-config-xo,eslint-plugin-unicorn,karma-browserstack-launcher,karma-rollup-preprocessor,sass",
|
||||
"update-deps": "ncu -u -x @docsearch/js,eslint,eslint-config-xo,eslint-plugin-unicorn,karma-browserstack-launcher,karma-rollup-preprocessor,sass,vnu-jar",
|
||||
"release": "npm-run-all dist release-sri docs-build release-zip*",
|
||||
"release-sri": "node build/generate-sri.mjs",
|
||||
"release-version": "node build/change-version.mjs",
|
||||
@@ -108,47 +108,47 @@
|
||||
"@popperjs/core": "^2.11.8"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@astrojs/check": "^0.9.4",
|
||||
"@astrojs/markdown-remark": "^6.3.6",
|
||||
"@astrojs/mdx": "^4.3.5",
|
||||
"@astrojs/check": "^0.9.6",
|
||||
"@astrojs/markdown-remark": "^6.3.10",
|
||||
"@astrojs/mdx": "^4.3.13",
|
||||
"@astrojs/prism": "^3.3.0",
|
||||
"@astrojs/sitemap": "^3.6.0",
|
||||
"@babel/cli": "^7.28.3",
|
||||
"@babel/core": "^7.28.4",
|
||||
"@babel/preset-env": "^7.28.3",
|
||||
"@babel/core": "^7.28.5",
|
||||
"@babel/preset-env": "^7.28.5",
|
||||
"@docsearch/js": "^3.9.0",
|
||||
"@popperjs/core": "^2.11.8",
|
||||
"@rollup/plugin-babel": "^6.0.4",
|
||||
"@rollup/plugin-commonjs": "^28.0.6",
|
||||
"@rollup/plugin-node-resolve": "^16.0.1",
|
||||
"@rollup/plugin-replace": "^6.0.2",
|
||||
"@rollup/plugin-babel": "^6.1.0",
|
||||
"@rollup/plugin-commonjs": "^29.0.0",
|
||||
"@rollup/plugin-node-resolve": "^16.0.3",
|
||||
"@rollup/plugin-replace": "^6.0.3",
|
||||
"@stackblitz/sdk": "^1.11.0",
|
||||
"@types/js-yaml": "^4.0.9",
|
||||
"@types/mime": "^4.0.0",
|
||||
"@types/prismjs": "^1.26.5",
|
||||
"astro": "^5.13.9",
|
||||
"astro-auto-import": "^0.4.4",
|
||||
"autoprefixer": "^10.4.21",
|
||||
"astro": "^5.16.6",
|
||||
"astro-auto-import": "^0.4.5",
|
||||
"autoprefixer": "^10.4.23",
|
||||
"bundlewatch": "^0.4.1",
|
||||
"clean-css-cli": "^5.6.3",
|
||||
"clipboard": "^2.0.11",
|
||||
"cross-env": "^10.0.0",
|
||||
"cross-env": "^10.1.0",
|
||||
"eslint": "8.57.1",
|
||||
"eslint-config-xo": "0.45.0",
|
||||
"eslint-plugin-html": "^8.1.3",
|
||||
"eslint-plugin-import": "^2.32.0",
|
||||
"eslint-plugin-markdown": "^5.1.0",
|
||||
"eslint-plugin-unicorn": "56.0.1",
|
||||
"find-unused-sass-variables": "^6.1.0",
|
||||
"find-unused-sass-variables": "^6.1.1",
|
||||
"github-slugger": "^2.0.0",
|
||||
"globby": "^14.1.0",
|
||||
"globby": "^16.0.0",
|
||||
"hammer-simulator": "0.0.1",
|
||||
"htmlparser2": "^10.0.0",
|
||||
"image-size": "^2.0.2",
|
||||
"ip": "^2.0.1",
|
||||
"jasmine": "^5.10.0",
|
||||
"jasmine": "^5.13.0",
|
||||
"jquery": "^3.7.1",
|
||||
"js-yaml": "^4.1.0",
|
||||
"js-yaml": "^4.1.1",
|
||||
"karma": "^6.4.4",
|
||||
"karma-browserstack-launcher": "1.4.0",
|
||||
"karma-chrome-launcher": "^3.2.0",
|
||||
@@ -160,27 +160,27 @@
|
||||
"karma-rollup-preprocessor": "7.0.7",
|
||||
"lockfile-lint": "^4.14.1",
|
||||
"mime": "^4.1.0",
|
||||
"nodemon": "^3.1.10",
|
||||
"nodemon": "^3.1.11",
|
||||
"npm-run-all2": "^8.0.4",
|
||||
"postcss": "^8.5.6",
|
||||
"postcss-cli": "^11.0.1",
|
||||
"prettier": "^3.6.2",
|
||||
"prettier": "^3.7.4",
|
||||
"prettier-plugin-astro": "^0.14.1",
|
||||
"rehype-autolink-headings": "^7.1.0",
|
||||
"remark": "^15.0.1",
|
||||
"remark-html": "^16.0.1",
|
||||
"rollup": "^4.52.0",
|
||||
"rollup": "^4.54.0",
|
||||
"rollup-plugin-istanbul": "^5.0.0",
|
||||
"rtlcss": "^4.3.0",
|
||||
"sass": "1.78.0",
|
||||
"sass-true": "^9.0.0",
|
||||
"sass-true": "^10.1.0",
|
||||
"shelljs": "^0.10.0",
|
||||
"stylelint": "^16.24.0",
|
||||
"stylelint": "^16.26.1",
|
||||
"stylelint-config-twbs-bootstrap": "^16.1.0",
|
||||
"terser": "^5.44.0",
|
||||
"terser": "^5.44.1",
|
||||
"unist-util-visit": "^5.0.0",
|
||||
"vnu-jar": "24.10.17",
|
||||
"zod": "^4.1.9"
|
||||
"vnu-jar": "25.11.25",
|
||||
"zod": "^4.2.1"
|
||||
},
|
||||
"files": [
|
||||
"dist/{css,js}/*.{css,js,map}",
|
||||
|
||||
@@ -11,11 +11,11 @@
|
||||
--#{$prefix}table-bg: #{$background};
|
||||
--#{$prefix}table-border-color: #{$table-border-color};
|
||||
--#{$prefix}table-striped-bg: #{$striped-bg};
|
||||
--#{$prefix}table-striped-color: #{color-contrast($striped-bg)};
|
||||
--#{$prefix}table-striped-color: #{color-contrast($striped-bg)}; // stylelint-disable-line scss/dollar-variable-no-missing-interpolation
|
||||
--#{$prefix}table-active-bg: #{$active-bg};
|
||||
--#{$prefix}table-active-color: #{color-contrast($active-bg)};
|
||||
--#{$prefix}table-active-color: #{color-contrast($active-bg)}; // stylelint-disable-line scss/dollar-variable-no-missing-interpolation
|
||||
--#{$prefix}table-hover-bg: #{$hover-bg};
|
||||
--#{$prefix}table-hover-color: #{color-contrast($hover-bg)};
|
||||
--#{$prefix}table-hover-color: #{color-contrast($hover-bg)}; // stylelint-disable-line scss/dollar-variable-no-missing-interpolation
|
||||
|
||||
color: var(--#{$prefix}table-color);
|
||||
border-color: var(--#{$prefix}table-border-color);
|
||||
|
||||
@@ -3,11 +3,6 @@
|
||||
description: Bootstrap 5 繁體中文手冊
|
||||
url: https://bootstrap5.hexschool.com/
|
||||
|
||||
- name: Simplified Chinese
|
||||
code: zh-CN
|
||||
description: Bootstrap 5 中文文档
|
||||
url: https://v5.bootcss.com/
|
||||
|
||||
- name: Japanese
|
||||
code: ja
|
||||
description: Bootstrap 5 日本語リファレンス
|
||||
|
||||
@@ -14,7 +14,7 @@ Get started by including Bootstrap’s production-ready CSS and JavaScript via C
|
||||
|
||||
<br/>
|
||||
|
||||
1. **Create a new `index.html` file in your project root.** Include the `<meta name="viewport">` tag as well for [proper responsive behavior](https://developer.mozilla.org/en-US/docs/Web/HTML/Viewport_meta_tag) in mobile devices.
|
||||
1. **Create a new `index.html` file in your project root.** Include the `<meta name="viewport">` tag as well for [proper responsive behavior](https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/meta/name/viewport) in mobile devices.
|
||||
|
||||
```html
|
||||
<!doctype html>
|
||||
|
||||
@@ -12,8 +12,8 @@ $bd-callout-variants: info, warning, danger !default;
|
||||
--bd-purple: #{$bd-purple};
|
||||
--bd-violet: #{$bd-violet};
|
||||
--bd-accent: #{$bd-accent};
|
||||
--bd-violet-rgb: #{to-rgb($bd-violet)};
|
||||
--bd-accent-rgb: #{to-rgb($bd-accent)};
|
||||
--bd-violet-rgb: #{to-rgb($bd-violet)}; // stylelint-disable-line scss/dollar-variable-no-missing-interpolation
|
||||
--bd-accent-rgb: #{to-rgb($bd-accent)}; // stylelint-disable-line scss/dollar-variable-no-missing-interpolation
|
||||
--bd-pink-rgb: #{to-rgb($pink-500)};
|
||||
--bd-teal-rgb: #{to-rgb($teal-500)};
|
||||
--bd-violet-bg: var(--bd-violet);
|
||||
@@ -25,10 +25,10 @@ $bd-callout-variants: info, warning, danger !default;
|
||||
}
|
||||
|
||||
@include color-mode(dark, true) {
|
||||
--bd-violet: #{mix($bd-violet, $white, 75%)};
|
||||
--bd-violet: #{mix($bd-violet, $white, 75%)}; // stylelint-disable-line scss/dollar-variable-no-missing-interpolation
|
||||
--bd-violet-bg: #{$bd-violet};
|
||||
--bd-toc-color: var(--#{$prefix}emphasis-color);
|
||||
--bd-sidebar-link-bg: rgba(#{to-rgb(mix($bd-violet, $black, 75%))}, .5);
|
||||
--bd-sidebar-link-bg: rgba(#{to-rgb(mix($bd-violet, $black, 75%))}, .5); // stylelint-disable-line scss/dollar-variable-no-missing-interpolation
|
||||
--bd-callout-link: #{to-rgb($blue-300)};
|
||||
--bd-callout-code-color: #{$pink-300};
|
||||
--bd-pre-bg: #{adjust-color($gray-900, $lightness: -2.5%)}; // stylelint-disable-line scss/at-function-named-arguments
|
||||
|
||||
Reference in New Issue
Block a user