FTR: I have talked to Matthias Klose (doko) at DebConf18 about the embedding of jquery into javadoc packages. He pointed me to a similar discussion in doxygen which also embeds jquery while building doc packages.
In short he doesn't consider it to be a worthwhile task because there is a risk of breaking the documentation when Debian's system jquery version is either too old or too new. The security risk of embedding jquery is also rather low in this case because the documentation is static in contrast to web applications and it is unlikely that users would be affected by jquery vulnerabilities. README.jquery in doxygen explains the problem in more detail. https://sources.debian.org/src/doxygen/1.8.13-10/debian/README.jquery/ All in all there is no chance that a patch to change the current situation would be accepted, hence I no longer intend to spend time on it. Markus
signature.asc
Description: OpenPGP digital signature