This content is dedicated to our next version. It is work in progress: its content will evolve until the new version is released.

Before that time, it cannot be considered as official.

Bonitasoft-managed AngularJS fork and integrated CVEs fixes

This page describes the AngularJS fork managed by Bonitasoft, as well as the adapted CVE fixes from newer versions towards 1.3.x branch

AngularJS fork

As part of Bonitasoft’s initiative to provide a supported AngularJS version, fixing the high and critical CVEs in the page generated by the Bonita UI Designer in the first place.

Currently, AngularJS version 1.3 is used in this Bonita UI Designer part and a smooth migration to a newer version was impossible because of the breaking changes brought by AngularJS 1.4 version.

Thus, the solution chosen by Bonitasoft is to correct the high and critical CVEs by adapting the related fixes to AngularJS 1.3. Currently, all work for this can be found in the angular.js forked github project.
A release of this project has already been integrated in Bonita UI Designer Artifact builder with Bonita 2023.1.

In the future releases CVEs with medium criticity corrections will be delivered.