# AngularJS

Endless Lifecycle Support (ELS) for AngularJS from TuxCare provides security fixes for AngularJS versions that have reached their end of life. This allows you to continue running AngularJS applications without vulnerability concerns, even after official support has ended.

# Supported AngularJS Versions

• AngularJS 1.5.11, 1.6.10, 1.7.9, 1.8.2, 1.8.3

# Connection to ELS for AngularJS Repository

This guide outlines the steps needed to integrate the TuxCare ELS for AngularJS repository.

# Step 1: Get Token

You need a token in order to use TuxCare ELS AngularJS repository. Anonymous access is disabled. To receive the token, please contact sales@tuxcare.com.

# Step 2: Set Up ELS for AngularJS

TuxCare provides ELS for AngularJS as an NPM package, hosted on a secure internal registry. Follow the steps below to add it to your project and get started.

1. Navigate to the root directory of your AngularJS project.

2. Create a .npmrc file or update it if it already exists.

   Example:

   my-angularjs-project/
   ├── node_modules/
   ├── package.json
   ├── .npmrc         ⚠️ ← Create it here
   └── package-lock.json
   

3. Use an editor of your choice (e.g., VS Code) to add the following registry address line:

   registry=https://registry.npmjs.org/
   @els-js:registry=https://nexus.repo.tuxcare.com/repository/els_js/
   //nexus.repo.tuxcare.com/repository/els_js/:_auth=${TOKEN}
   

   Replace ${TOKEN} with the token you received from sales@tuxcare.com.

4. Update your package.json file to replace your AngularJS dependencies with the TuxCare packages:

   Choose AngularJS version: AngularJS 1.5.11AngularJS 1.6.10AngularJS 1.7.9AngularJS 1.8.2AngularJS 1.8.3

   "dependencies": {
       "angular": "npm:@els-js/angular@1.5.11-tuxcare.4"
   }
   

5. You need to remove the node_modules directory and the package-lock.json file, and also clear the npm cache before installing the patched packages. Use the following commands:

   rm -rf node_modules package-lock.json && npm cache clean --force
   

6. Run the following command to install ELS for AngularJS dependencies (token for the TuxCare repository will be automatically picked up from your .npmrc file):

   npm install
   

   You will see an output like:

   added 1 package, and audited 2 packages in 796ms
   
   found 0 vulnerabilities
   

7. You've successfully integrated the TuxCare ELS for AngularJS repository into your project.

# Vulnerability Exploitability eXchange (VEX)

VEX is a machine-readable format that tells you if a known vulnerability and is actually exploitable in your product. It reduces false positives, helps prioritize real risks.

TuxCare provides VEX for AngularJS ELS versions: security.tuxcare.com/vex/cyclonedx/els_lang_javascript/angular/.

# How to Upgrade to a Newer Version of TuxCare Packages

If you have already installed a package with a tuxcare.1 suffix and want to upgrade to a newer release (for example, tuxcare.3), there are two options:

• Option 1. Run the npm install command with the specific version. This will automatically update both package.json and package-lock.json:

  npm install angular@npm:@els-js/angular@1.8.3-tuxcare.3
  

• Option 2. Update the version string in your package.json, remove installed files and clear npm cache to avoid conflicts:

  rm -rf node_modules package-lock.json && npm cache clean --force
  npm install
  

# Resolved CVEs

Fixes for the following vulnerabilities are available in ELS for AngularJS from TuxCare versions:

If you are interested in the TuxCare Endless Lifecycle Support, contact sales@tuxcare.com.