We are using the Security, Vulnerability and Best Practice Analyzer Omnext to scan our Mendix code for those topics. It also points out, that there are old widget versions used and new versions available in the marketplace. that information was pretty helpful in the react migration.
Now is Omnext pointing us always to the outdated widget from RichText. After deeper analyzes from Mendix & Omnext, Mendix came to the conclusion.
Our R&D team has done some in-depth research into this. The main problem here is the inconsistency of data (old and even new data). Due to different standards used and historical data that we have, we do not have a solid solution to the problem at this time.
I would be good if all platform supported widgets would follow the same pattern how data are defined for them to be analyzed correctly from Security, Vulnerability and Best Practice Analyzer.