The use of deprecated or obsolete functions could indicate neglected code.
As programming languages evolve, functions occasionally become obsolete due to:
- Advances in the language
- Improved understanding of how operations should perform effectively and
securely
- Changes in the conventions that govern certain operations
Functions that are removed from a language are usually replaced by newer counterparts that perform the same task in some different and hopefully better way.
Example: The following code constructs a new SqlClientPermission
object, which regulates how users are allowed to connect to a database. In this example, the program passes false
as the second parameter to the constructor, which controls whether users are allowed to connect with blank passwords. Passing false to this parameter indicates that blank passwords should not be allowed.
...
SCP = new SqlClientPermission(pstate, false);
...
PermissionState
object passed as the first parameter supersedes any value passed to the second parameter, the constructor allows blank passwords for database connections, which contradicts the the second argument. To disallow blank passwords, the program should pass PermissionState.None
to the first parameter of the constructor. Because of the ambiguity in its functionality, the two-parameter version of the SqlClientPermission
constructor has been deprecated in favor of the single parameter version, which conveys the same degree of information without the risk of misinterpretation. [1] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 477