Client JQuery Deprecated Symbols

[bsdeeksha25494]

Used version - 5.17.14
Category - Using components with known vulnerabilities
Description - The application references code elements that have been declared as deprecated. This could include classes, functions, methods, properties, modules, or obsolete library versions that are either out of date by version, or have been entirely deprecated. It is likely that the code that references the obsolete element was developed before it was declared as obsolete, and in the meantime the referenced code was updated.
impact-Referencing deprecated modules can cause an application to be exposed to known vulnerabilities, that have been publicly reported and already fixed. A common attack technique is to scan applications for these known vulnerabilities, and then exploit the application through these deprecated versions. However, even if deprecated code is used in a way that is completely secure, its very use and inclusion in the code base would encourage developers to re-use the deprecated element in the future, potentially leaving the application vulnerable to attack, which is why deprecated code should be eliminated from the code-base as a matter of practice.
impacted file - swagger-ui-standalone-preset.js

Do let us know when this planned to be addressed.

[asit2004]

Hi 👋,
I’m interested in contributing to Swagger UI and would like to help address the deprecated symbols mentioned in this issue. I’d like to work on removing or replacing these deprecated functions in swagger-ui-standalone-preset.js to improve security and maintainability.

Could you please confirm if it’s okay for me to work on this? Also, are there any specific guidelines, coding standards, or things I should be aware of before starting?

Thanks in advance!

[glowcloud]

Hi, @bsdeeksha25494,

Based on the snippet you provided, it looks to me like the code is using JavaScript's native .bind() method, not the deprecated jQuery .bind(). From a quick scan of the codebase, the occurrences of bind seem to be the JavaScript method. Could you clarify if you found any place in the codebase where jQuery's .bind() is being used, or point to a specific location or library?