Hi,
I just noticed that angular.js is EOL'd by Google since 2022.
AFAICS none of the 9 CVEs reported since had a fix:
https://security-tracker.debian.org/tracker/source-package/angular.js
https://deb.freexian.com/extended-lts/tracker/source-package/angular.js
There's a successor, "angular.io", but it doesn't seem that helped with
any of our current vulnerabilities.
Discussion on the first Debian bug suggested attempting to drop the
package entirely in trixie (though that didn't seem to have happened):
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014779
It doesn't seem like we can support angular.js, this is similar to
bootstrap:
https://lists.debian.org/debian-lts/2025/04/msg00051.html
What do you think?
Cheers!
Sylvain Beucler
Debian LTS Team
