J-BusinessDirectory - Potentially Outdated Libraries in J-BusinessDirectory
Support Forum
A.
Potentially Outdated Libraries in J-BusinessDirectory
Hello everyone,
I’ve been reviewing some of the JavaScript and CSS libraries included in my J-BusinessDirectory installation (version 5.8.25 -0 released a few days ago), and I’m trying to understand whether the versions I have (version might present security, compatibility, or maintenance issues. I’ve compiled the table below, listing each library’s version (where known), the latest versions (to the best of my knowledge), and potential risks. However, I fully acknowledge I may have misread or misidentified some versions—and I’m open to corrections.
| Folder | Program | Version | Version Date | Latest Version | Latest Date | Security Risk | Compatibility Risk | Maintenance Risk |
| animate | Animate.css | Unknown | Unknown | v4.1.1 | 2020 | Low | Moderate | High (older versions often not updated or maintained) |
| babel | babel.min.js | 6.26.0 | 2017 | v7.21.0 (approx.) | ~2023 | High | High | Severe (major version jump from 6 to 7) |
| bootstrap | bootstrap-tagsinput | v0.6.1 | 2016 | v0.7.1 | 2016 | Moderate | Moderate | High (library is rarely updated now) |
| bootstrap-datepicker | bootstrap-datepicker.js | v1.9.0 | 2019 | v1.10.0 | 2023 | Moderate | Moderate | Moderate |
| calendar | FullCalendar.io | v2.3.1 | 2015 | v6.1.x (6.1.16 cited) | ~2023/2024 | High | High | High (very large gap from v2.x to v6.x) |
| cropper | Cropper.js | v1.5.6 | 2019 | v1.5.13+ (latest 1.x) | ~2022/2023 | Moderate | Moderate | Moderate (official v1.6.x not clearly verified) |
| date | daterangepicker.js | 3.0.3 | Unknown | Unknown | Unknown | Moderate (est.) | Moderate (est.) | Moderate (est.) – depends on usage and any known vulnerabilities |
| dropzone | dropzone.js | 5.5.1 | Unknown (~2018) | 6.0.x (latest major) | ~2022/2023 | Moderate | Moderate | Moderate |
| icon-picker | fontawesome-iconpicker.js | 1.12.1 | Unknown (~2017) | Possibly no recent updates | Unknown | Moderate | Moderate | High (project seems minimally maintained) |
| jquery | jquery-ui.js | v1.12.1 | 2016 | v1.13.2 (final jQuery UI) | 2022 | Moderate | High (jQuery version) | High (jQuery UI is only minimally maintained now) |
| jssor-slider-27.5.0 | Jssor Slider | 27.5.0 | Unknown | Possibly 28.x+ | Unknown | Unknown | Moderate | Moderate |
| leaflet | leaflet.js | 1.9.4 | ~2022/2023 | Possibly 1.9.x or 1.10.x | 2023 (ongoing) | Low | Low | Low/Moderate (Leaflet is still actively maintained) |
| magnific-popup | jquery.magnific-popup.min.js | v1.1.0 | ~2016 | 1.1.0 (no newer official) | 2016 | Moderate | Moderate | High (not updated in years) |
| map | markercluster.js | Unknown | Unknown | Depends on Leaflet version | Unknown | Unknown | Moderate | Moderate |
| modal | jquery.modal.js | 0.9.2 | ~2014/2015 | Possibly 0.9.2 is latest | ~2015 | Moderate | High | High (may not be maintained) |
| metis-menu | metisMenu.js | 2.0.3 | ~2015 | 3.x/possible 2.7.x | ~2020+ | Moderate | Moderate | Moderate |
| moment | moment.js | 2.24.0 | 2019 | 2.29.4 / 2.29.5 | ~2022 | Moderate | Moderate | High (Moment now in maintenance mode; newer alternatives exist) |
| morris | morris.js | 0.5.0 | ~2014 | Possibly no active updates | Unknown | Moderate | High | High (project is effectively in maintenance or unmaintained) |
| owl | owl.carousel.min.js | 2.3.4 | ~2018 | 2.3.4 (rare updates) | ~2018 | Moderate | Moderate | High (not frequently updated) |
| range-slider | ion.rangeSlider.js | 2.3.1 | ~2017/2018 | 2.3.1 or 2.3.2 | ~2018 | Low/Moderate | Moderate | High (seldom updated) |
| raphael | raphael-min.js | 2.1.4 | ~2014 | 2.3.0+ | 2020 | Moderate | High | High (older versions may have compatibility issues) |
| slick | slick.js | 1.8.0 | ~2017/2018 | 1.8.1 / 1.9.x (forks only) | ~2018/2019 | Moderate | Moderate | High (original Slick has limited updates) |
| star-rating | bootstrap-star-rating | 4.0.5 | ~2016 | 4.1.x or 4.2.x (forks) | Unknown | Moderate | Moderate | High (main repo has limited activity) |
| unitegallery | unitegallery.js | 1.7.45 | ~2017 | Possibly 1.7.50+ (forks) | Unknown | Moderate | Moderate | High (official project updates appear minimal) |
| validation-engine | jquery.validationEngine.js | 3.1.1 | ~2016 | Possibly 3.2.x | Unknown | Moderate | High | High (few official updates; jQuery version issues) |
5 replies
A.
posted: 1 month ago
- total posts 29
- joined 7 years ago
I’m hoping CMS Junkie staff (and other users) can confirm whether:
My version information and dates are accurate, or if there are errors.
These libraries are deliberately being used at these versions.
The stated Security, Compatibility, and Maintenance risks align with CMS Junkie’s own assessments.
Keeping these older libraries could potentially expose my site to security vulnerabilities or degrade performance under newer versions of PHP or Joomla.
I’m especially concerned about how each library’s status might affect overall stability and data security on my server. If these are known to be outdated or replaced, could you let me know if JBD intends to upgrade them or if you recommend that clients handle updates on their own?
I don’t mean to nit-pick or overstate the risks—my apologies if I’ve overlooked something obvious. I want to ensure my site remains secure and compatible. Any clarifications would be appreciated, especially if I’ve made mistakes in the table. If these items are indeed out of date, I would appreciate guidance on the best way to address them.
Thanks in advance for your help!
G.B.
posted: 1 month ago
- total posts 2261
- joined 11 years ago
Thank you for bringing to our attention the potential issues regarding outdated JavaScript and CSS libraries. We appreciate your detailed analysis and the comprehensive table you've provided.
Addressing Your Concerns:
Library Versions and Updates:
- We strive to maintain compatibility across Joomla 3, 4, and 5, which sometimes requires using legacy libraries to ensure stability. However, we recognize the importance of keeping dependencies up to date for security, performance.
Security and Compatibility Risks:
- Security is our top priority. While not all outdated libraries pose immediate threats, we understand the importance of proactive updates to mitigate potential vulnerabilities. Starting with JBD v5.0 we will review to identify and address any risks associated with these libraries.
CSS and JavaScript libraries themselves do not directly degrade performance under newer PHP versions or newer Joomla versions.
s.
posted: 1 month ago
- total posts 988
- joined 5 years ago
Thks Addington for your review and bring this up. Good work. "..JavaScript libraries themselves do not directly degrade performance under newer PHP versions or newer Joomla versions." this is wrong George.
A.
posted: 1 month ago
- total posts 29
- joined 7 years ago
George, thank you again for your prompt response—I appreciate the detailed explanation on balancing legacy library support with modern updates. I’m currently running J-BusinessDirectory v5.8.25 on Joomla v5, which is where I noticed these dependencies and performed my analysis.
I’d like to clarify a couple of points, especially around performance and security:
-
Security & Legacy Code
- While not all older libraries carry immediate threats, many have gone unmaintained or missed patches for years. Even if the vulnerabilities aren’t well known yet, older code remains at higher risk. Proactive updates are definitely reassuring.
-
Performance & Page Speed
- Though you noted that outdated CSS and JavaScript libraries may not directly degrade performance under newer PHP or Joomla versions, I’m seeing slow loading times on pages generated by J-BusinessDirectory. I’m frequently failing Google PageSpeed Insights’ LCP tests, even though my images are highly optimised. In many cases, older JS libraries can increase render blocking or add overhead, hurting page speed and user experience—particularly on mobile devices.
-
Roadmap Clarification
- You mentioned a review of these libraries starting with JBD v5.0 onward. Given the current v5.8.25 release, do you anticipate any shorter-term patches or direct updates to the scripts that we’ve identified? It would be great to know if there’s an interim plan or if we should expect all changes after the next major version.
-
Compatibility vs. Modern Code
- I understand the desire to keep older Joomla versions supported. However, given that I’m already on Joomla 5, having more up-to-date libraries would significantly help performance and compatibility. A compatibility roadmap or guidance on manually updating vulnerable libraries (where safe) would be a big help to site owners who need immediate improvements.
Overall, I truly appreciate your commitment to addressing these concerns.
Thank you for your time and attention.
s.
posted: 1 week ago
- total posts 988
- joined 5 years ago
Something that is important for directory and users is to have great pictures and slides etc that shows pictures in zoom view etc etc.
This is 8 years old stuff unite galleryt and would be good to have an update good gallery for business listings, offers and events using the same script there.
| unitegallery | unitegallery.js | 1.7.45 | ~2017 | Possibly 1.7.50+ (forks) | Unknown | Moderate | Moderate |
High (official project updates appear minimal) |
Example Joomla gallery with controllers: https://www.firecoders.com/demos/showtime-image-gallery-for-joomla