HTML/CSS/JS Code Quality — 2026-04-03
Run ID: run-2026-04-03-106a15f111 · Status: partial · ← Back to full report
About Code Quality
This page surfaces HTML, CSS, and JavaScript code quality signals from Google Lighthouse's Best Practices category. These audits help identify technical debt, browser compatibility risks, and security vulnerabilities across the most-visited U.S. government websites.
- Deprecated APIs — Use of browser features (HTML/CSS/JS) that have been removed or scheduled for removal. These can break in current or future browsers and may indicate outdated code that relies on legacy browser behaviour.
- Console Errors — JavaScript runtime errors logged to the browser console during page load. These often indicate broken functionality or incompatible scripts.
- document.write — Use of the synchronous
document.write()API. This API blocks HTML parsing, harms performance, and is blocked in certain browser contexts (e.g. HTTP/2 push, cross-origin scripts). - Vulnerable Libraries — Front-end JavaScript libraries (e.g. jQuery, Bootstrap) with known CVE security vulnerabilities. Outdated libraries are a common vector for web security issues.
- JS Library Inventory — All client-side JavaScript libraries detected. Useful for understanding browser compatibility requirements: libraries with wide browser support indicate polyfills may be in use; newer APIs without polyfills may exclude users on older browsers.
All audits come from Lighthouse scanning 39 successfully scanned URLs on 2026-04-03.
Summary
Detected JavaScript Libraries
JavaScript libraries detected from network requests during Lighthouse scans. Library version data helps identify whether sites depend on libraries that require polyfills for older browsers, or conversely, rely on browser features that are not yet widely supported.
| Library | URLs | Share |
|---|---|---|
| jQuery | 17 | 44% |
| Bootstrap | 11 | 28% |
| jQuery UI | 4 | 10% |
| Underscore | 3 | 8% |
| Drupal | 3 | 8% |
| Modernizr | 3 | 8% |
| yepnope | 3 | 8% |
| Create React App | 3 | 8% |
| core-js | 2 | 5% |
| jQuery Mobile | 2 | 5% |
| Moment.js | 2 | 5% |
| Angular | 2 | 5% |
| React | 2 | 5% |
| Hammer.js | 1 | 3% |
| Dojo | 1 | 3% |
| WordPress | 1 | 3% |
| boomerang.js | 1 | 3% |
| Next.js | 1 | 3% |
Vulnerable Libraries
Libraries with known security vulnerabilities as reported by Lighthouse's no-vulnerable-libraries audit (powered by Snyk). Upgrading these libraries reduces security risk and may also improve browser compatibility and access to modern APIs.
No libraries with known vulnerabilities were detected.
Per-URL Code Quality Results
Code quality audit results for each scanned URL. Columns show the Lighthouse Best Practices score and pass ✓ / fail ✗ for each audit. Click any URL to open the live page.
Browser Compatibility Context
U.S. government websites should support the broadest possible range of users. This means:
- Avoid too-new APIs without polyfills — features only available in recent browser versions exclude users on older hardware or enterprise environments with locked browser versions.
- Avoid too-old APIs — deprecated or removed browser features may fail silently or cause errors in modern browsers.
- Use polyfills strategically — polyfills allow use of modern features with graceful fallback for older browsers, but unused polyfills add unnecessary page weight. Can I Use provides browser support data to determine when a polyfill can be removed.
- Keep libraries updated — updated libraries often include browser compatibility improvements and security patches.
The Deprecated APIs and Vulnerable Libraries audits above are the most actionable signals for improving browser compatibility and security on government websites.