J-BusinessDirectory - Potentially Outdated Libraries in J-BusinessDirectory
Support Forum
A.
Potentially Outdated Libraries in J-BusinessDirectory
Hello everyone,
I’ve been reviewing some of the JavaScript and CSS libraries included in my J-BusinessDirectory installation (version 5.8.25 -0 released a few days ago), and I’m trying to understand whether the versions I have (version might present security, compatibility, or maintenance issues. I’ve compiled the table below, listing each library’s version (where known), the latest versions (to the best of my knowledge), and potential risks. However, I fully acknowledge I may have misread or misidentified some versions—and I’m open to corrections.
| Folder | Program | Version | Version Date | Latest Version | Latest Date | Security Risk | Compatibility Risk | Maintenance Risk |
| animate | Animate.css | Unknown | Unknown | v4.1.1 | 2020 | Low | Moderate | High (older versions often not updated or maintained) |
| babel | babel.min.js | 6.26.0 | 2017 | v7.21.0 (approx.) | ~2023 | High | High | Severe (major version jump from 6 to 7) |
| bootstrap | bootstrap-tagsinput | v0.6.1 | 2016 | v0.7.1 | 2016 | Moderate | Moderate | High (library is rarely updated now) |
| bootstrap-datepicker | bootstrap-datepicker.js | v1.9.0 | 2019 | v1.10.0 | 2023 | Moderate | Moderate | Moderate |
| calendar | FullCalendar.io | v2.3.1 | 2015 | v6.1.x (6.1.16 cited) | ~2023/2024 | High | High | High (very large gap from v2.x to v6.x) |
| cropper | Cropper.js | v1.5.6 | 2019 | v1.5.13+ (latest 1.x) | ~2022/2023 | Moderate | Moderate | Moderate (official v1.6.x not clearly verified) |
| date | daterangepicker.js | 3.0.3 | Unknown | Unknown | Unknown | Moderate (est.) | Moderate (est.) | Moderate (est.) – depends on usage and any known vulnerabilities |
| dropzone | dropzone.js | 5.5.1 | Unknown (~2018) | 6.0.x (latest major) | ~2022/2023 | Moderate | Moderate | Moderate |
| icon-picker | fontawesome-iconpicker.js | 1.12.1 | Unknown (~2017) | Possibly no recent updates | Unknown | Moderate | Moderate | High (project seems minimally maintained) |
| jquery | jquery-ui.js | v1.12.1 | 2016 | v1.13.2 (final jQuery UI) | 2022 | Moderate | High (jQuery version) | High (jQuery UI is only minimally maintained now) |
| jssor-slider-27.5.0 | Jssor Slider | 27.5.0 | Unknown | Possibly 28.x+ | Unknown | Unknown | Moderate | Moderate |
| leaflet | leaflet.js | 1.9.4 | ~2022/2023 | Possibly 1.9.x or 1.10.x | 2023 (ongoing) | Low | Low | Low/Moderate (Leaflet is still actively maintained) |
| magnific-popup | jquery.magnific-popup.min.js | v1.1.0 | ~2016 | 1.1.0 (no newer official) | 2016 | Moderate | Moderate | High (not updated in years) |
| map | markercluster.js | Unknown | Unknown | Depends on Leaflet version | Unknown | Unknown | Moderate | Moderate |
| modal | jquery.modal.js | 0.9.2 | ~2014/2015 | Possibly 0.9.2 is latest | ~2015 | Moderate | High | High (may not be maintained) |
| metis-menu | metisMenu.js | 2.0.3 | ~2015 | 3.x/possible 2.7.x | ~2020+ | Moderate | Moderate | Moderate |
| moment | moment.js | 2.24.0 | 2019 | 2.29.4 / 2.29.5 | ~2022 | Moderate | Moderate | High (Moment now in maintenance mode; newer alternatives exist) |
| morris | morris.js | 0.5.0 | ~2014 | Possibly no active updates | Unknown | Moderate | High | High (project is effectively in maintenance or unmaintained) |
| owl | owl.carousel.min.js | 2.3.4 | ~2018 | 2.3.4 (rare updates) | ~2018 | Moderate | Moderate | High (not frequently updated) |
| range-slider | ion.rangeSlider.js | 2.3.1 | ~2017/2018 | 2.3.1 or 2.3.2 | ~2018 | Low/Moderate | Moderate | High (seldom updated) |
| raphael | raphael-min.js | 2.1.4 | ~2014 | 2.3.0+ | 2020 | Moderate | High | High (older versions may have compatibility issues) |
| slick | slick.js | 1.8.0 | ~2017/2018 | 1.8.1 / 1.9.x (forks only) | ~2018/2019 | Moderate | Moderate | High (original Slick has limited updates) |
| star-rating | bootstrap-star-rating | 4.0.5 | ~2016 | 4.1.x or 4.2.x (forks) | Unknown | Moderate | Moderate | High (main repo has limited activity) |
| unitegallery | unitegallery.js | 1.7.45 | ~2017 | Possibly 1.7.50+ (forks) | Unknown | Moderate | Moderate | High (official project updates appear minimal) |
| validation-engine | jquery.validationEngine.js | 3.1.1 | ~2016 | Possibly 3.2.x | Unknown | Moderate | High | High (few official updates; jQuery version issues) |
2 replies
A.
posted: 1 day ago
- total posts 23
- joined 7 years ago
I’m hoping CMS Junkie staff (and other users) can confirm whether:
My version information and dates are accurate, or if there are errors.
These libraries are deliberately being used at these versions.
The stated Security, Compatibility, and Maintenance risks align with CMS Junkie’s own assessments.
Keeping these older libraries could potentially expose my site to security vulnerabilities or degrade performance under newer versions of PHP or Joomla.
I’m especially concerned about how each library’s status might affect overall stability and data security on my server. If these are known to be outdated or replaced, could you let me know if JBD intends to upgrade them or if you recommend that clients handle updates on their own?
I don’t mean to nit-pick or overstate the risks—my apologies if I’ve overlooked something obvious. I want to ensure my site remains secure and compatible. Any clarifications would be appreciated, especially if I’ve made mistakes in the table. If these items are indeed out of date, I would appreciate guidance on the best way to address them.
Thanks in advance for your help!
G.B.
posted: 52 minutes ago
- total posts 2245
- joined 11 years ago
Thank you for bringing to our attention the potential issues regarding outdated JavaScript and CSS libraries. We appreciate your detailed analysis and the comprehensive table you've provided.
Addressing Your Concerns:
Library Versions and Updates:
- We strive to maintain compatibility across Joomla 3, 4, and 5, which sometimes requires using legacy libraries to ensure stability. However, we recognize the importance of keeping dependencies up to date for security, performance.
Security and Compatibility Risks:
- Security is our top priority. While not all outdated libraries pose immediate threats, we understand the importance of proactive updates to mitigate potential vulnerabilities. Starting with JBD v5.0 we will review to identify and address any risks associated with these libraries.
CSS and JavaScript libraries themselves do not directly degrade performance under newer PHP versions or newer Joomla versions.