Skip to content

elsdoc-209, refactored javascript libraries #527

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
nadezhdafilina wants to merge 2 commits into
base: master
Choose a base branch
from
Open

elsdoc-209, refactored javascript libraries #527

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
eb135e2
elsdoc-209, refactored javascript libraries
Nadya2502 Apr 29, 2026
9aefb32
Merge branch 'master' into refactor-javascript-libs
nadezhdafilina Apr 29, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 10 additions & 14 deletions docs/.vuepress/config-client/sidebar.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -365,6 +365,10 @@ export default {
path: '/els-for-libraries/jsonwebtoken/',
icon: '/images/jsonwebtoken-logo.webp',
},
{
path: '/els-for-libraries/karma/',
icon: '/images/karma-logo.webp',
},
{
path: '/els-for-libraries/knockout/',
icon: '/images/knockout-logo.webp',
Expand All @@ -373,10 +377,6 @@ export default {
path: '/els-for-libraries/koa/',
icon: '/images/koa-logo.webp',
},
{
path: '/els-for-libraries/karma/',
icon: '/images/karma-logo.webp',
},
{
path: '/els-for-libraries/lodash/',
icon: '/images/lodash-logo.webp',
Expand Down Expand Up @@ -421,10 +421,6 @@ export default {
path: '/els-for-libraries/react/',
icon: '/images/react-logo.webp',
},
{
path: '/els-for-libraries/react-dom/',
icon: '/images/react-logo.webp',
},
{
path: '/els-for-libraries/react-pdf/',
icon: '/images/react-logo.webp',
Expand Down Expand Up @@ -453,22 +449,22 @@ export default {
path: '/els-for-libraries/vite/',
icon: '/images/vite-logo.webp',
},
{
path: '/els-for-libraries/vuetify/',
icon: '/images/vuetify-logo.webp',
},
{
path: '/els-for-libraries/vue/',
icon: '/images/vue-logo.webp',
},
{
path: '/els-for-libraries/webpack-dev-server/',
icon: '/images/webpack-dev-server.webp',
path: '/els-for-libraries/vuetify/',
icon: '/images/vuetify-logo.webp',
},
{
path: '/els-for-libraries/webpack/',
icon: '/images/webpack-logo.webp',
},
{
path: '/els-for-libraries/webpack-dev-server/',
icon: '/images/webpack-dev-server.webp',
},
{
path: '/els-for-libraries/yui/',
icon: '/images/yui-logo.webp',
Expand Down
439 changes: 37 additions & 402 deletions docs/els-for-libraries/angular/README.md
View file
Open in desktop

Large diffs are not rendered by default.

103 changes: 35 additions & 68 deletions docs/els-for-libraries/angularjs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,22 +6,21 @@ Endless Lifecycle Support (ELS) for AngularJS from TuxCare provides security fix

* AngularJS 1.4.4, 1.5.11, 1.6.10, 1.7.9, 1.8.2, 1.8.3

## Connection to ELS for AngularJS Repository
## Installation

This guide outlines the steps needed to integrate the TuxCare ELS for AngularJS repository.
<ELSPrerequisites>

## Step 1: Get Token
* **npm** package manager installed
* TuxCare registry token — contact [sales@tuxcare.com](mailto:sales@tuxcare.com)
* To browse available artifacts, visit TuxCare [Nexus](https://nexus.repo.tuxcare.com/#browse/browse:els_angularjs) and click Sign in in the top right corner. You may need to refresh the page after logging in.

You need a token in order to use TuxCare ELS AngularJS repository. Anonymous access is disabled. To receive the token, please contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
</ELSPrerequisites>

## Step 2: Set Up ELS for AngularJS
<ELSSteps>

TuxCare provides ELS for AngularJS as an NPM package, hosted on a secure internal registry. Follow the steps below to add it to your project and get started.
1. **Navigate to the project root directory**

1. Navigate to the root directory of your AngularJS project.
2. Create a `.npmrc` file or update it if it already exists.

**Example:**
Example structure:

```text
my-angularjs-project/
Expand All @@ -31,7 +30,9 @@ TuxCare provides ELS for AngularJS as an NPM package, hosted on a secure interna
└── package-lock.json
```

3. Use an editor of your choice (e.g., VS Code) to add the following registry address line:
2. **Configure the npm registry**

Create or update the `.npmrc` file in your project root:

```text
registry=https://registry.npmjs.org/
Expand All @@ -40,10 +41,12 @@ TuxCare provides ELS for AngularJS as an NPM package, hosted on a secure interna
```

:::warning
Replace ${TOKEN} with the token you received from [sales@tuxcare.com](mailto:sales@tuxcare.com).
Replace `${TOKEN}` with the token you received from [sales@tuxcare.com](mailto:sales@tuxcare.com).
:::

4. Manually update your `package.json` file by replacing your AngularJS dependencies with the TuxCare packages.
3. **Update dependencies**

Manually update your `package.json` file by replacing AngularJS dependencies with TuxCare-maintained packages.

<TableTabs label="Choose AngularJS version: " >

Expand Down Expand Up @@ -127,80 +130,44 @@ TuxCare provides ELS for AngularJS as an NPM package, hosted on a secure interna

</TableTabs>

5. You need to remove the `node_modules` directory and the `package-lock.json` file, and also clear the `npm cache` before installing the patched packages. Use the following commands:
4. **Clean and install**

Remove `node_modules`, `package-lock.json`, and clear the npm cache:

```text
rm -rf node_modules package-lock.json && npm cache clean --force
```

6. Run the following command to install ELS for AngularJS dependencies (token for the TuxCare repository will be automatically picked up from your `.npmrc` file):
Install dependencies:

```text
npm install
```

## Step 3: Verify Installation
The token for the TuxCare repository is automatically picked up from your `.npmrc` file.

1. To confirm the TuxCare AngularJS repository is set up correctly, use npm to list the project's dependencies:
5. **Verify the setup**

Use npm to list the project's dependencies and confirm TuxCare packages are resolved correctly:

```text
npm list
```

2. After reviewing the dependencies, run your application to ensure everything works correctly.

The `npm` tool should be able to identify and resolve dependencies from the TuxCare ELS for AngularJS repository.

## Vulnerability Exploitability eXchange (VEX)

VEX is a machine-readable format that tells you if a known vulnerability is actually exploitable in your product. It reduces false positives, helps prioritize real risks.

TuxCare provides VEX for AngularJS ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_javascript/angular/](https://security.tuxcare.com/vex/cyclonedx/els_lang_javascript/angular/).

## Software Bill of Materials (SBOM)

For each published ELS package and version, TuxCare generates SBOM files. Those artifacts are published to TuxCare Nexus.

You can browse SBOM files for AngularJS here:

[https://nexus.repo.tuxcare.com/#browse/browse:els-js-sbom:angularjs](https://nexus.repo.tuxcare.com/#browse/browse:els-js-sbom:angularjs)

Use the credentials you received for TuxCare ELS ([Step 1: Get Token](#step-1:-get-token)) to access Nexus.

## How to Upgrade to a Newer Version of TuxCare Packages

If you have already installed a package with a `tuxcare.1` suffix and want to upgrade to a newer release (for example, `tuxcare.3`), remove node_modules, clear the npm cache to avoid conflicts, and then run the installation command:
After reviewing the dependencies, run your application to ensure everything works correctly. The `npm` tool should be able to identify and resolve dependencies from the TuxCare ELS for AngularJS repository.

```text
rm -rf node_modules package-lock.json && npm cache clean --force
npm install
```
</ELSSteps>

## Resolved CVEs
## What's Next?

Fixes for the following vulnerabilities are available in ELS for AngularJS from TuxCare versions:
<WhatsNext hide-title>

| CVE ID | CVE Type | Severity | Affected Libraries | Vulnerable Versions |
| :------------: | :------: | :------: | :----------------: | :-----------------: |
| CVE-2019-10768 | Direct | Critical | AngularJS | <1.7.9 |
| CVE-2024-21490 | Direct | High | AngularJS | >=1.3.0 |
| CVE-2025-4690 | Direct | Medium | Angular Sanitize | >=0.0.0 |
| CVE-2025-4690 | Direct | Medium | AngularJS | >=0.0.0 |
| CVE-2025-2336 | Direct | Medium | AngularJS | >=1.3.1 |
| CVE-2025-2336 | Direct | Medium | Angular Sanitize | >=1.3.1 |
| CVE-2025-0716 | Direct | Medium | AngularJS | >=0.0.0 |
| CVE-2024-8373 | Direct | Medium | AngularJS | >=0.0.0 |
| CVE-2024-8372 | Direct | Medium | AngularJS | >=1.3.0-rc.4 |
| CVE-2024-33665 | Direct | Medium | Angular Translate | <2.19.1 |
| CVE-2023-26118 | Direct | Medium | AngularJS | >=1.4.9 |
| CVE-2023-26117 | Direct | Medium | AngularJS | >=1.0.0 |
| CVE-2023-26116 | Direct | Medium | AngularJS | >=1.2.21 |
| CVE-2022-25869 | Direct | Medium | AngularJS | >=0.0.0 |
| CVE-2022-25844 | Direct | Medium | AngularJS | >=1.7.0 |
| CVE-2020-7676 | Direct | Medium | AngularJS | <1.8.0 |
| GHSA-5cp4-xmrw-59wf | Direct | Medium | AngularJS | <1.8.0 |
| GHSA-28hp-fgcr-2r4h | Direct | Medium | AngularJS | <1.6.0 |
| CVE-2019-14863 | Direct | Medium | AngularJS | <=1.4.14 |
* ![](/images/eye.webp) [CVE tracker](https://tuxcare.com/cve-tracker/?product=AngularJS) — Track vulnerability fixes and updates
* ![](/images/shield.webp) [Available fixes](https://tuxcare.com/cve-tracker/fixes?product=AngularJS) — Patched versions and changelogs
* ![](/images/clipboard-notes.webp) [Supported components](https://tuxcare.com/cve-tracker/products?product=AngularJS) — Full list of product parts covered by ELS
* ![](/images/shield-alert.webp) [VEX feed](https://security.tuxcare.com/vex/cyclonedx/els_lang_javascript/angular/) — Vulnerability Exploitability eXchange feed
* ![](/images/unlock-alt.webp) [SBOM](https://nexus.repo.tuxcare.com/#browse/browse:els-js-sbom:angularjs) — Software Bill of Materials (Nexus, credentials required)
* ![](/images/wrench.webp) [Managing the ELS repository](/els-for-libraries/managing-els-repository/) — Update to newer versions

If you are interested in the TuxCare Endless Lifecycle Support, contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
</WhatsNext>

85 changes: 35 additions & 50 deletions docs/els-for-libraries/bootstrap-sass/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,22 +6,21 @@ Endless Lifecycle Support (ELS) for bootstrap-sass from TuxCare provides securit

* bootstrap-sass 3.4.0

## Connection to ELS for bootstrap-sass Library
## Installation

This guide outlines the steps needed to integrate the TuxCare ELS for the bootstrap-sass library.
<ELSPrerequisites>

## Step 1: Get Token
* **npm** package manager installed
* TuxCare registry token — contact [sales@tuxcare.com](mailto:sales@tuxcare.com)
* To browse available artifacts, visit TuxCare [Nexus](https://nexus.repo.tuxcare.com/#browse/browse:els_js) and click Sign in in the top right corner. You may need to refresh the page after logging in.

You need a token in order to use TuxCare ELS bootstrap-sass library. Anonymous access is disabled. To receive the token, please contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
</ELSPrerequisites>

## Step 2: Set Up ELS for bootstrap-sass
<ELSSteps>

TuxCare provides ELS for bootstrap-sass as an NPM package, hosted on a secure internal registry. Follow the steps below to add it to your project and get started.
1. **Navigate to the project root directory**

1. Navigate to the root directory of your bootstrap-sass project.
2. Create a `.npmrc` file or update it if it already exists.

**Example:**
Example structure:

```text
my-bootstrap-sass-project/
Expand All @@ -31,7 +30,9 @@ TuxCare provides ELS for bootstrap-sass as an NPM package, hosted on a secure in
└── package-lock.json
```

3. Use an editor of your choice (e.g., VS Code) to add the following registry address line:
2. **Configure the npm registry**

Create or update the `.npmrc` file in your project root:

```text
registry=https://registry.npmjs.org/
Expand All @@ -40,10 +41,12 @@ TuxCare provides ELS for bootstrap-sass as an NPM package, hosted on a secure in
```

:::warning
Replace ${TOKEN} with the token you received from [sales@tuxcare.com](mailto:sales@tuxcare.com).
Replace `${TOKEN}` with the token you received from [sales@tuxcare.com](mailto:sales@tuxcare.com).
:::

4. Update your `package.json` file to replace your bootstrap-sass dependencies with the TuxCare packages. You can do this in two ways:
3. **Update dependencies**

Update your `package.json` file to replace bootstrap-sass dependencies with TuxCare-maintained packages. You can do this in two ways:

* **Option 1: Manual update**

Expand Down Expand Up @@ -86,62 +89,44 @@ TuxCare provides ELS for bootstrap-sass as an NPM package, hosted on a secure in
}
```

5. You need to remove the `node_modules` directory and the `package-lock.json` file, and also clear the `npm cache` before installing the patched packages. Use the following commands:
4. **Clean and install**

Remove `node_modules`, `package-lock.json`, and clear the npm cache:

```text
rm -rf node_modules package-lock.json && npm cache clean --force
```

6. Run the following command to install the ELS version of the bootstrap-sass library (token for the TuxCare repository will be automatically picked up from your `.npmrc` file):
Install dependencies:

```text
npm install
```

## Step 3: Verify Installation
The token for the TuxCare repository is automatically picked up from your `.npmrc` file.

1. To confirm the TuxCare bootstrap-sass library is set up correctly, use npm to list the project's dependencies:
5. **Verify the setup**

Use npm to list the project's dependencies and confirm TuxCare packages are resolved correctly:

```text
npm list
```

2. After reviewing the dependencies, run your application to ensure everything works correctly.

The `npm` tool should be able to identify and resolve dependencies from the TuxCare ELS for bootstrap-sass repository.

## Vulnerability Exploitability eXchange (VEX)

VEX is a machine-readable format that tells you if a known vulnerability is actually exploitable in your product. It reduces false positives, helps prioritize real risks.

TuxCare provides VEX for bootstrap-sass ELS versions: [security.tuxcare.com/vex/cyclonedx/els_lang_javascript/bootstrap-sass/](https://security.tuxcare.com/vex/cyclonedx/els_lang_javascript/bootstrap-sass/).

## Software Bill of Materials (SBOM)

For each published ELS package and version, TuxCare generates SBOM files. Those artifacts are published to TuxCare Nexus.

You can browse SBOM files for bootstrap-sass here:

[https://nexus.repo.tuxcare.com/#browse/browse:els-js-sbom:bootstrap-sass](https://nexus.repo.tuxcare.com/#browse/browse:els-js-sbom:bootstrap-sass)

Use the credentials you received for TuxCare ELS ([Step 1: Get Token](#step-1:-get-token)) to access Nexus.

## How to Upgrade to a Newer Version of TuxCare Packages

If you have already installed a package with a `tuxcare.1` suffix and want to upgrade to a newer release (for example, `tuxcare.3`), remove node_modules, clear the npm cache to avoid conflicts, and then run the installation command:
After reviewing the dependencies, run your application to ensure everything works correctly. The `npm` tool should be able to identify and resolve dependencies from the TuxCare ELS for bootstrap-sass repository.

```text
rm -rf node_modules package-lock.json && npm cache clean --force
npm install
```
</ELSSteps>

## Resolved CVEs
## What's Next?

Fixes for the following vulnerabilities are available in ELS for bootstrap-sass from TuxCare versions:
<WhatsNext hide-title>

| CVE ID | CVE Type | Severity | Affected Libraries | Vulnerable Versions |
|:-------------:|:--------:|:--------:|:------------------:|:-------------------:|
| CVE-2019-8331 | Direct | Medium | bootstrap-sass | < 3.4.1, >= 4.3.0 < 4.3.1 |
* ![](/images/eye.webp) [CVE tracker](https://tuxcare.com/cve-tracker/?product=bootstrap-sass) — Track vulnerability fixes and updates
* ![](/images/shield.webp) [Available fixes](https://tuxcare.com/cve-tracker/fixes?product=bootstrap-sass) — Patched versions and changelogs
* ![](/images/clipboard-notes.webp) [Supported components](https://tuxcare.com/cve-tracker/products?q=bootstrap-sass) — Full list of product parts covered by ELS
* ![](/images/shield-alert.webp) [VEX feed](https://security.tuxcare.com/vex/cyclonedx/els_lang_javascript/bootstrap-sass/) — Vulnerability Exploitability eXchange feed
* ![](/images/unlock-alt.webp) [SBOM](https://nexus.repo.tuxcare.com/#browse/browse:els-js-sbom:bootstrap-sass) — Software Bill of Materials (Nexus, credentials required)
* ![](/images/wrench.webp) [Managing the ELS repository](/els-for-libraries/managing-els-repository/) — Update to newer versions

If you are interested in the TuxCare Endless Lifecycle Support, contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
</WhatsNext>

Loading