20273: Research if Limesurvey is using bootstrap-switch library so it can be removed from the code base

This bug affects 2 person(s).

ID	Project	Category	View Status	Date Submitted	Last Update

20273	Bug reports	Other	public	2025-09-19 15:31	2025-10-06 14:27

Reporter	tibor.pacalat	Assigned To	tibor.pacalat
Priority	none	Severity	minor
Status	resolved	Resolution	fixed
Product Version	6.6.x

Summary	20273: Research if Limesurvey is using bootstrap-switch library so it can be removed from the code base
Description	Tasks: Research if Limesurvey is using bootstrap-switch library since it has vulnerability issues There are some parts of the code where I found the references of it, but there is a comment that these functions can be removed - please check this If there are some plugins that use this library, what is the impact if we remove it and how to remedy this
Steps To Reproduce	Steps to reproduce (Replace this text with detailed step-by-step instructions on how to reproduce the issue) Expected result (Write here what you expected to happen) Actual result (Write here what happened instead)
Tags	No tags attached.

Bug heat	12
Complete LimeSurvey version number (& build)	6.15.12+250916
I will donate to the project if issue is resolved	No
Browser
Database type & version	.
Server OS (if known)
Webserver software & version (if known)
PHP Version	.

User List	There are no users monitoring this issue.

gabrieljenik 2025-09-26 16:36 manager ~83493	Went over and removed it from the code base directly. All code removed is supposedly not being used. The package was not removed as it is being used by WhSwitch, which is not used in LS, but could be used by a plugin. Maybe, we can have the WhSwitch to be replaced by a different control or just have it shown a dropdown, raido or a checkbox. Look forward for confirmations on that.

DenisChenu 2025-09-26 17:32 developer ~83496	The package was not removed as it is being used by WhSwitch, which is not used in LS, but could be used by a plugin. The idea of @Mazi was to remove it from file for automatic tracker too.

Mazi 2025-09-27 14:02 updater ~83501	@DenisChenu, do you use this for any plugin? Because we are not using this at all. So if there is no real usage at Limesurvey, I am fine to simply remove this. It would solve the increasing amount of pentests returning such issues.

Date Modified	Username	Field	Change
2025-09-19 15:31	tibor.pacalat	New Issue
2025-09-19 15:31	tibor.pacalat	Assigned To	=> gabrieljenik
2025-09-19 15:31	tibor.pacalat	Status	new => assigned
2025-09-21 14:07	guest	Bug heat	0 => 6
2025-09-26 16:36	gabrieljenik	Assigned To	gabrieljenik => DenisChenu
2025-09-26 16:36	gabrieljenik	Status	assigned => ready for code review
2025-09-26 16:36	gabrieljenik	Note Added: 83493
2025-09-26 16:36	gabrieljenik	Bug heat	6 => 8
2025-09-26 17:32	DenisChenu	Note Added: 83496
2025-09-26 17:32	DenisChenu	Bug heat	8 => 10
2025-09-26 17:32	DenisChenu	Assigned To	DenisChenu => tibor.pacalat
2025-09-26 17:32	DenisChenu	Status	ready for code review => ready for testing
2025-09-27 14:02	Mazi	Note Added: 83501
2025-09-27 14:02	Mazi	Bug heat	10 => 12
2025-09-29 09:48	Mazi	Relationship added	parent of 20269
2025-10-06 14:27	tibor.pacalat	Status	ready for testing => resolved
2025-10-06 14:27	tibor.pacalat	Resolution	open => fixed