René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Security Patches after EOL?","articleBody":"# AngularJS is in LTS mode\r\nWe are no longer accepting changes that are not critical bug fixes into this project.\r\nSee https://blog.angular.io/stable-angularjs-and-long-term-support-7e077635ee9c for more detail.\r\n\r\n\u003c!--\r\nIF YOU DON'T FILL OUT THE FOLLOWING INFORMATION WE MIGHT CLOSE YOUR ISSUE WITHOUT INVESTIGATION\r\n--\u003e\r\n\r\n\u003c!--\r\n- For *SUPPORT QUESTIONS*, use one of the\r\n[support channels](https://github.com/angular/angular.js/blob/master/CONTRIBUTING.md#question).\r\n- Before submitting, please **SEARCH GITHUB** for a similar issue or PR. --\u003e\r\n\r\n**I'm submitting a ...**\r\n\u003c!-- (check one with \"x\") --\u003e\r\n- [ ] regression from 1.7.0\r\n- [ ] security issue\r\n- [ ] issue caused by a new browser version\r\n- [x] other \u003c!--(Please do not submit support requests here - see above)--\u003e\r\n\r\n**Current behavior:**\r\n\u003c!-- Describe how the bug manifests / how the current features are insufficient. --\u003e\r\n\r\n**Expected / new behavior:**\r\n\u003c!-- Describe what the behavior would be without the bug / how the feature would improve AngularJS --\u003e\r\nN/A\r\n\r\n**Minimal reproduction of the problem with instructions:**\r\n\u003c!--\r\nIf the current behavior is a bug or you can illustrate your feature request better with an example,\r\nplease provide the *STEPS TO REPRODUCE* and if possible a *MINIMAL DEMO* of the problem via\r\nhttps://plnkr.co or similar (you can use this template as a starting point: http://plnkr.co/edit/tpl:yBpEi4).\r\n--\u003e\r\nN/A\r\n\r\n**AngularJS version:** 1.7.x\r\n\u003c!-- Check whether this is still an issue in the most recent stable or in the snapshot AngularJS\r\nversion (https://code.angularjs.org/snapshot/) --\u003e\r\nN/A\r\n\r\n**Browser:** [all | Chrome XX | Firefox XX | Edge XX | IE XX | Safari XX | Mobile Chrome XX | Android X.X Web Browser | iOS XX Safari | iOS XX UIWebView | iOS XX WKWebView | Opera XX ]\r\n\u003c!-- All browsers where this could be reproduced (and Operating System if relevant) --\u003e\r\nN/A\r\n\r\n**Anything else:**\r\n\u003c!-- e.g. stacktraces, related issues, suggestions how to fix --\u003e\r\nI know the guidelines say to submit questions to stack overflow but this is a direct question for the current maintainers of the AngularJS framework and the community. \r\n\r\nAs we all know, AngularJS is reaching EOL at the end of June 2021. With that, my understanding is that the AngularJS team won't support the framework anymore, including fixing security vulnerabilities. \r\n\r\nAs I work for a Large Corporation(™) I have the pleasure of being required to maintain various compliance standards. One of these states that we cannot use any library or framework that is no longer maintained. In our use case, it means that we only need to ensure that security patches are applied in order to maintain our compliance standing. \r\n\r\nWhat I wanted to know is whether or not there were any plans for this project to be handed over to another entity for security updates. I understand that this is open source and that folks can fork the project, but I wanted to understand my options (as we have about 200k lines of code leveraging AngularJS). \r\n\r\nI know that for other things, like Python 2, there are companies offering support contracts past the EOL date that can be purchased for enterprise usage. Is this something that is going to happen for AngularJS or will we be able to maintain the framework past EOL for free? \r\n\r\nThanks again, and apologies for filing this in the wrong place. ","author":{"url":"https://github.com/dambrosiomike","@type":"Person","name":"dambrosiomike"},"datePublished":"2019-08-12T19:20:59.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":22},"url":"https://github.com/16895/angular.js/issues/16895"}