Blog

XLTS for AngularJS 1.5.12 Released

Michael Prentice
Aug 1, 2021

archaically-looming

This is the first XLTS for AngularJS 1.5.x release! 🚀

As such, there have been updates to the License and the Security Policy. New security issues should be sent to security@xlts.dev.

Bug Fixes

  • sanitizeUri: sanitize URIs that contain IDEOGRAPHIC SPACE chars
    • This is a Medium Severity Security fix for a XSS vulnerability in Chrome 62 and earlier.
    • This fix was cherry-picked from the v1.7.x branch.
  • jqlite: nosel error points to an invalid URL
  • $interpolate: fix docs URL in noconcat error
  • $sce: fix docs URL in iequirks error
  • misc:
    • update error reference links to use code.angularjs.xlts.dev
    • fix 28 security warnings in build, test, and release tooling
  • browserTrigger: support CompositionEvent
  • grunt-utils: insert the core CSS styles without using innerHTML
  • Angular:
    • add workaround for Safari / Webdriver problem
    • do not auto bootstrap if the src exists but is empty
    • do not auto bootstrap if the currentScript has been clobbered
    • do not auto bootstrap if the script source is bad and inside SVG
  • minErr: update url to https
  • docs:
    • linting cleanup of the web worker used for search
    • fix @media breakpoints for small/extra small devices
  • ngScenario: completely remove the angular scenario runner

Breaking Changes

ngScenario due to:

  • ngScenario: completely remove the angular scenario runner

The angular scenario runner end-to-end test framework has been removed from the project and will no longer be available on npm starting with 1.5.12.

It was deprecated and removed from the documentation in 2014. Applications that still use it should migrate to Protractor or another e2e testing framework.

Michael Prentice
Aug 1, 2021