On Sat, Aug 11, 2018 at 10:12:03AM +0200, Markus Koschany wrote: > FTR: I have talked to Matthias Klose (doko) at DebConf18 about the > embedding of jquery into javadoc packages. He pointed me to a similar > discussion in doxygen which also embeds jquery while building doc packages. > > In short he doesn't consider it to be a worthwhile task because there is > a risk of breaking the documentation when Debian's system jquery version > is either too old or too new. The security risk of embedding jquery is > also rather low in this case because the documentation is static in > contrast to web applications and it is unlikely that users would be > affected by jquery vulnerabilities. > > README.jquery in doxygen explains the problem in more detail. > > https://sources.debian.org/src/doxygen/1.8.13-10/debian/README.jquery/ > > All in all there is no chance that a patch to change the current > situation would be accepted, hence I no longer intend to spend time on it.
Description: PGP signature