Splunk Dev

Suggestions on how we can upgrade the jquery version in this minified js file?


Hi Experts,

We performed "check_for_vulnerable_javascript_library_usage" check for our add-on app. As per report we need to upgrade jquery version.

We have one common.js file which is minified js and located in following directory - appserver/static/js/build/common.js 

Could you please suggest how can we upgrade the jquery version in this minified js file?

I went through article - https://dev.splunk.com/enterprise/docs/developapps/visualizedata/updatejquery/?_ga=2.112247757.87221... but the steps mentioned here aren't applicable in my case. I am add-on app's tgz file and need to update the jquery version.


Appreciate any inputs on this.


Best regards,


Labels (1)
0 Karma
1 Solution

Path Finder

Sometimes this is a false-positive from Add-on Builder because it does not prune legacy files on Export.  We found that by following this procedure, the Add-on Builder will essentially fix itself by pruning unrequired JS files:

- Export the app from Add-on Builder

- Delete the app from Add-on Builder

- Import the app to Add-on Builder

- Package and download the app from the "Validate & Package" dashboard


This should remove the common.js from the package if it is not relevant.

View solution in original post

Path Finder

Sometimes this is a false-positive from Add-on Builder because it does not prune legacy files on Export.  We found that by following this procedure, the Add-on Builder will essentially fix itself by pruning unrequired JS files:

- Export the app from Add-on Builder

- Delete the app from Add-on Builder

- Import the app to Add-on Builder

- Package and download the app from the "Validate & Package" dashboard


This should remove the common.js from the package if it is not relevant.

Splunk Employee
Splunk Employee

Nailed it! I tried to write a clear message about the collaboration we did at How to fix AppInspect check_for_vulnerable_javascript_library_usage from Add-on Builder content 

Path Finder

One thing I forgot to note.  This appears to be fixed in Add-on Builder version 4.1.0 but you will need to perform the export/import process if you upgrade the app in-place.

0 Karma


Upgrading the add-on builder and exporting the add-on from there fixed the issue.

0 Karma

Splunk Employee
Splunk Employee


XPOST from How do I address "check_for_vulnerable_javascript_library_usage" errors in AppInspect?

@teamdruva I talked to the cloud vetting folks. As it's a 'warning' go ahead and submit the app. They know it's coming and will give it a look as part of their manual review process. 

0 Karma

Splunk Employee
Splunk Employee

@teamdruva I talked to the cloud vetting folks. As it's a 'warning' go ahead and submit the app. They know it's coming and will give it a look as part of their manual review process. 

0 Karma


Is there any information on the results of the app inspect? I believe it should point to where should the problem be.

Hope I was able to help you. If so, some karma would be appreciated.
0 Karma


Thanks for your response. Initially I got following error:

                                    "result": "warning",
                                    "message": "3rd party CORS request may execute\nparseHTML() executes scripts in event handlers\njQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution\nRegex in its jQuery.htmlPrefilter sometimes may introduce XSS\nRegex in its jQuery.htmlPrefilter sometimes may introduce XSS\nreDOS - regular expression denial of service\n",
                                    "message_filename": "/opt/app7hugi7qy/TA-druva/appserver/static/js/build/common.js",
                                    "message_line": null

This is related to upgrade of JQuery version to 3.5.0.

Since I had minified javascript (path - appserver/static/js/build/common.js), I couldn't find jquery version import anywhere but I found "contrib/jquery-2.1.0" in this file and replaced it with "contrib/jquery-3.5.0".

After running AppInspect on the updated app, getting following warning:

                    "description": "Checks related to JavaScript usage.",
                    "name": "check_javascript_usage",
                    "checks": [
                            "description": "Detect usage of JavaScript libraries with known vulnerabilities.",
                            "name": "check_for_vulnerable_javascript_library_usage",
                            "tags": [
                            "result": "warning",
                            "messages": [
                                    "result": "warning",
                                    "message": "reDOS - regular expression denial of service\n",
                                    "message_filename": "/opt/appdlobc8sm/TA-druva/appserver/static/js/build/common.js",
                                    "message_line": null


Usually the error "reDOS - regular expression denial of service” in jQuery is related to jQuery-validation library but we aren’t using any such library. Is it fine to submit the app with this warning?
If not, kindly suggest how to fix this issue. 
0 Karma

Splunk Employee
Splunk Employee

If the common.js came from the Splunk Add-on Builder then you can ignore it for now. We're investigating false positives from that and we (Splunk) needs to provide a fix to either the check_for_vulnerable_javascript_library_usage or the code that Splunk Add-on Builder adds to your app.

Splunk Employee
Splunk Employee

As you can imagine, security related things are hard to get info on. Nonetheless, it was pointed out to me that this is a warning, not a failure, and as such it shouldn't be an impediment to building the app. I'll continue to see if I can get more info on this.

0 Karma

Splunk Employee
Splunk Employee

Cross posting with How do I address "check_for_vulnerable_javascript_library_usage" errors in AppInspect?which sounds like the same question. I'm also hunting for some SMEs who can help.

0 Karma


@diogofgm could you please help here. Appreciate your inputs.

0 Karma


@diogofgm Do you have a solution for this issue? Our add-on is created by the add-on builder and we get an issue with common.js and Splunk Cloud Support colleagues have rejected the add-on. What should be the next step?

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In June, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security ...

Index This | What gets bigger the more you remove?

June 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...