Index: openacs-4/packages/acs-tcl/acs-tcl.info
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/acs-tcl.info,v
diff -u -r1.95.2.69 -r1.95.2.70
--- openacs-4/packages/acs-tcl/acs-tcl.info	23 Jul 2024 13:33:04 -0000	1.95.2.69
+++ openacs-4/packages/acs-tcl/acs-tcl.info	24 Jul 2024 13:25:40 -0000	1.95.2.70
@@ -9,7 +9,7 @@
     <implements-subsite-p>f</implements-subsite-p>
     <inherit-templates-p>t</inherit-templates-p>
 
-    <version name="5.10.1b5" url="http://openacs.org/repository/download/apm/acs-tcl-5.10.1b5.apm">
+    <version name="5.10.1b6" url="http://openacs.org/repository/download/apm/acs-tcl-5.10.1b6.apm">
         <owner url="http://openacs.org">OpenACS</owner>
         <summary>The Kernel Tcl API library.</summary>
         <release-date>2023-05-15</release-date>
@@ -18,7 +18,7 @@
         <license>GPL version 2</license>
         <maturity>3</maturity>
 
-        <provides url="acs-tcl" version="5.10.1b5"/>
+        <provides url="acs-tcl" version="5.10.1b6"/>
         <requires url="acs-bootstrap-installer" version="5.10.1b1"/>
         <requires url="acs-kernel" version="5.10.1b4"/>
 
Index: openacs-4/packages/acs-tcl/lib/check-installed.adp
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/lib/check-installed.adp,v
diff -u -r1.1.2.3 -r1.1.2.4
--- openacs-4/packages/acs-tcl/lib/check-installed.adp	24 Nov 2022 14:10:34 -0000	1.1.2.3
+++ openacs-4/packages/acs-tcl/lib/check-installed.adp	24 Jul 2024 13:25:40 -0000	1.1.2.4
@@ -1,8 +1,9 @@
 <p>
-The configured version of @resource_name@ is @version@.
-<if @versionCheckURL@ not nil>You might check for the newest version <a href="@versionCheckURL@">available upstream</a>.</if>
+The configured version of @resource_name@ is @version@ (newest on cdnjs: @newest_version@).<br>
+<if @versionCheckURL@ not nil>You might check for various versions <a href="@versionCheckURL@">available upstream</a>. </if>
+<if @vulnerabilityCheckURL@ not nil>For this package Snyk provides a <a href="@vulnerabilityCheckURL@">vulnerability check</a>. </if>
 
-<if @resources@ not nil><p>This version of @resource_name@ is installed locally
+<if @resources@ not nil><p>The configured version of @resource_name@ is installed locally
 under <strong>@resources@</strong>.</if>
 <else><p>In the current installation the @resource_name@ is used via CDN <strong>@cdn@</strong>.
   <if @writable@ true>
Index: openacs-4/packages/acs-tcl/lib/check-installed.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/lib/check-installed.tcl,v
diff -u -r1.3.2.5 -r1.3.2.6
--- openacs-4/packages/acs-tcl/lib/check-installed.tcl	23 Jul 2024 12:50:32 -0000	1.3.2.5
+++ openacs-4/packages/acs-tcl/lib/check-installed.tcl	24 Jul 2024 13:25:40 -0000	1.3.2.6
@@ -11,18 +11,26 @@
 } {
     {resource_info}
     {version ""}
-    {download_url "download"}
+    {download_url ""}
 }
 
 set resource_dir  [dict get $resource_info resourceDir]
 set cdn           [dict get $resource_info cdn]
 set resource_name [dict get $resource_info resourceName]
+if {$download_url eq ""} {
+    set download_url [ad_conn url]/download
+}
+
 set version_dir [::util::resources::version_dir \
                      -resource_info $resource_info \
                      -version $version]
 
-if {[dict exists $resource_info versionCheckURL]} {
-    set versionCheckURL [dict get $resource_info versionCheckURL]
+set newest_version [::util::resources::cdnjs_get_newest_version -resource_info $resource_info]
+
+foreach url {versionCheckURL vulnerabilityCheckURL} {
+    if {[dict exists $resource_info $url]} {
+        set $url [dict get $resource_info $url]
+    }
 }
 
 #
@@ -42,8 +50,9 @@
     # Check, if we can install the resources locally.
     #
     set writable [util::resources::can_install_locally \
-              -resource_info $resource_info \
-              -version_dir $version_dir]
+                      -resource_info $resource_info \
+                      -version_dir $version_dir]
+    
     if {!$writable} {
         #
         # If we cannot install locally, tell the user were we want to
Index: openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl,v
diff -u -r1.189.2.181 -r1.189.2.182
--- openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl	23 Jul 2024 12:49:26 -0000	1.189.2.181
+++ openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl	24 Jul 2024 13:25:40 -0000	1.189.2.182
@@ -4127,10 +4127,6 @@
         @author Gustaf Neumann
     } {
         set can_install 1
-        set version_dir [version_dir \
-                             -version_dir $version_dir \
-                             -resource_info $resource_info]
-
         set resource_dir [dict get $resource_info resourceDir]
 
         if {![ad_file isdirectory $resource_dir]} {
@@ -4225,11 +4221,17 @@
 
         @author Gustaf Neumann
     } {
-        set resource_dir [dict get $resource_info resourceDir]
-        set version_dir [version_dir \
-                             -version_dir $version_dir \
-                             -resource_info $resource_info]
+        #
+        #   "resourceDir" is the absolute path in the filesystem
+        #   "resourceUrl" is the URL path provided to the request processor
+        #   "versionDir" is the version-specific element both in the
+        #                URL and in the filesystem.
 
+        if {$version_dir eq ""} {
+            set version_dir [dict get $resource_info versionDir]
+        }
+
+        set resource_dir [dict get $resource_info resourceDir]
         set can_install [::util::resources::can_install_locally \
                              -resource_info $resource_info \
                              -version_dir $version_dir]
@@ -4319,8 +4321,8 @@
     }
 
     ad_proc -public ::util::resources::version_dir {
-        -resource_info
-        -version
+        -resource_info:required
+        -version:required
     } {
         Return the partial directory, where a certain version is/will be installed.
     } {
@@ -4331,6 +4333,47 @@
                   }]
     }
 
+    ad_proc -public ::util::resources::cdnjs_get_newest_version {
+        {-resource_info:required}
+    } {
+
+        Return the newest version for the library denoted by
+        'resource_info' from cdnjs.
+
+    } {
+        set version unknown
+
+        if {![dict exists $resource_info versionCheckAPI]} {
+            return $version
+        }
+        set versionCheckAPI [dict get $resource_info versionCheckAPI]
+        dict with resource_info {
+            set library [dict get $versionCheckAPI library]
+            #ns_log notice ... versionCheckAPI $versionCheckAPI installedVersion $installedVersion
+            if {[dict get $versionCheckAPI cdn] eq "cdnjs"} {
+                set jsonDict [::acs::misc_cache eval -expires 3600 acs-tcl.version_from_cdnjs-$library {
+                    set apiURL [::util::resources::cdnjs_version_API \
+                                    -library $library \
+                                    -count [dict get $versionCheckAPI count]]
+                    ns_log notice "... $library get [dict get $versionCheckAPI count] entries from $apiURL"
+                    set d [ns_http run $apiURL]
+                    set jsonDict [util::json2dict [dict get $d body]]
+                }]
+                #ns_log notice "=== jsonDict $library: $jsonDict"
+                foreach entry [dict get $jsonDict results] {
+                    #ns_log notice "... $library compare with '[dict get $entry name]' -> [expr {[dict get $entry name] eq $library}]"
+                    if {[dict get $entry name] eq $library} {
+                        set version [dict get $entry version]
+                        break
+                    }
+                }
+            }
+        }
+        return $version
+    }
+
+
+
     ad_proc -public ::util::resources::cdnjs_version_API {
         {-library:required}
         {-count:int 1}