Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web

@article{Lauinger2017ThouSN,
  title={Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web},
  author={Tobias Lauinger and Abdelberi Chaabane and Sajjad Arshad and William Robertson and Christo Wilson and Engin Kirda},
  journal={ArXiv},
  year={2017},
  volume={abs/1811.00918}
}
Highlight Information
Web developers routinely rely on third-party Java-Script libraries such as jQuery to enhance the functionality of their sites. [...] Key Result This demonstrates that not only website administrators, but also the dynamic architecture and developers of third-party services are to blame for the Web's poor state of library management. The results of our work underline the need for more thorough approaches to dependency management, code maintenance and third-party code inclusion on the Web.Expand Abstract

Citations

Publications citing this paper.
SHOWING 1-10 OF 41 CITATIONS

Time Present and Time Past: Analyzing the Evolution of JavaScript Code in the Wild

VIEW 7 EXCERPTS
CITES METHODS, RESULTS & BACKGROUND
HIGHLY INFLUENCED

The Chain of Implicit Trust: An Analysis of the Web Third-party Resources Loading

VIEW 5 EXCERPTS
CITES BACKGROUND
HIGHLY INFLUENCED

Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android

VIEW 4 EXCERPTS
CITES METHODS, RESULTS & BACKGROUND
HIGHLY INFLUENCED

References

Publications referenced by this paper.
SHOWING 1-10 OF 30 REFERENCES

Sites using JavaScript Frameworks

  • Wappalyzer
  • https://wappalyzer. com/categories/javascript-frameworks.
VIEW 6 EXCERPTS
HIGHLY INFLUENTIAL

The Attack of the Clones: A Study of the Impact of Shared Code on Vulnerability Patching

VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Semantic Versioning 2.0.0

  • T. Preston-Werner
  • http://semver.org/.
VIEW 2 EXCERPTS
HIGHLY INFLUENTIAL

Library Detector for Chrome

  • J. Michel
  • GitHub, April 2016, https: //github.com/johnmichel/Library-Detector-for-Chrome.
  • 2016
VIEW 3 EXCERPTS

Retire.js

  • E. Oftedal
  • GitHub, April 2016, https://github.com/RetireJS/ retire.js.
  • 2016
VIEW 2 EXCERPTS

Subresource Integrity

  • W3C
  • https://www.w3.org/TR/SRI/, May 2016.
  • 2016
VIEW 1 EXCERPT