[jira] [Commented] (ATLAS-5213) ATLASUI: Upgrade xlsx (SheetJS) package version

Thu, 19 Feb 2026 04:37:38 -0800 


    [ 
https://issues.apache.org/jira/browse/ATLAS-5213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18059652#comment-18059652
 ] 

Prasad P. Pawar commented on ATLAS-5213:
----------------------------------------

Hi,
Code audit confirmed that XLSX is not used in dashboard or dashboardv2. The 
import flow uploads files to the backend; Java with Apache POI parses Excel. 
xlsx dependency removed from dashboard/package.json.

> ATLASUI: Upgrade xlsx (SheetJS) package version
> -----------------------------------------------
>
>                 Key: ATLAS-5213
>                 URL: https://issues.apache.org/jira/browse/ATLAS-5213
>             Project: Atlas
>          Issue Type: Task
>    Affects Versions: 3.0.0
>            Reporter: Prasad P. Pawar
>            Assignee: Prasad P. Pawar
>            Priority: Major
>              Labels: Atlas-UI
>
> Upgrade xlsx (SheetJS) from 0.18.5 to a newer version. The npm registry may 
> not have a patched 0.18.x; the fix may require CDN install or upgrade to 
> 0.19+/0.20+.
> Upgrade xlsx (SheetJS) from 0.18.5 to a newer version. The npm registry may 
> not have a patched 0.18.x; the fix may require CDN install or upgrade to 
> 0.19+/0.20+.
> Dependabot links:
> - [342](https://github.com/apache/atlas/security/dependabot/342)
> - [343](https://github.com/apache/atlas/security/dependabot/343)
> Version Details:
> - Current: 0.18.5
> - Target: 0.20.3 (via CDN) or latest 0.18.x patch if available
> - Changes in 0.19+: Possible API changes in XLSX.read, XLSX.utils; workbook 
> structure may differ
> Files Affected:
> - dashboard/package.json
> - dashboard/src/views/ImportLayout/ (or equivalent – wherever xlsx is used 
> for Excel import)
> Plan:
> 1. Try CDN install: `npm install 
> "https://cdn.sheetjs.com/xlsx-0.20.3/xlsx-0.20.3.tgz"`
> 2. If CDN fails, evaluate alternative: sheetjs-ce or exceljs
> 3. Update imports if API changed
> 4. Test ImportLayout with sample Excel files (.xlsx, .xls)
> Impact:
> - ImportLayout file import; Excel parsing
> - Any code using XLSX.read, XLSX.utils.sheet_to_json, etc.
> Verification:
> - [ ] `npm run build` passes
> - [ ] Import Excel file via UI; verify data parsing
> - [ ] npm audit shows no high/critical for xlsx



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to