AngularJS Vulnerabilities

ararat commented 2 years ago

Required Information

[ ] AEM Version, including Service Packs, Cumulative Fix Packs, etc: AEMaaCS latest build at the time
[ ] ACS AEM Commons Version: 5.1.2
[ ] Reproducible on Latest? yes

Expected Behavior

A customer has had issues rise up due to the version of Angular in similar manner to https://github.com/Adobe-Consulting-Services/acs-aem-commons/issues/2696

Actual Behavior

Scan to not show the vulnerabilities listed above OR Reason to not worry as these are only Author interface issues with low risk.

Steps to Reproduce

sonatype scan the code.

Links

N/A

kwin commented 2 years ago

Look at #2843 which is for all 3rd party libraries.

davidjgonzalez commented 2 years ago

I had a branch that upgraded AngularJS to 1.8.x .. i never did a full regression since the customer came back and said all versions of AngularJS had the security bug they were scanning for.

I would love to move all these Angular JS UI's over to React Spectrum TBH, just alot of work, and I dont have much time :(

Adobe-Consulting-Services / acs-aem-commons