What the Angularjs End-Of-Life Means for You

AngularJS is the first major version of Google’s popular Angular family of open source JavaScript web application frameworks. Released in 2010, AngularJS is now scheduled to reach the end of its life on December 31st, 2021. After this date, Google will no longer make patches or updates for the AngularJS framework.

Why is this important?

A web application framework must receive regular and ongoing updates to fix security vulnerabilities and other flaws in the software. Websites and web applications built using AngularJS will become less secure over time as more weaknesses are found in the AngularJS framework and go unfixed. Hackers and other malicious actors use these weaknesses to gain access to the web applications’ user data and inject their own code into the web applications. Keeping software updated is one of the most important parts of securely using the web.

Can’t they just update to a newer version of AngularJS?

While a major version update is normally the solution to the end-of-life of a particular version of software, AngularJS cannot simply be updated to a newer version of the framework (now called just Angular). Google completely re-engineered the Angular framework between major version 1 and major version 2. Thanks to these differences, upgrading from AngularJS to a modern version of Angular would essentially be the same as moving to an entirely different JavaScript framework. Websites and web applications built with AngularJS will have to be entirely rebuilt before December 31st, 2021 if they want to continue to provide a secure web experience for their users.

Applications built using Angular do not have this problem. The modern Angular framework descends from major version 2 and has maintained more or less the same architecture and design as major version 2. Web applications using Angular can be updated without a total rewrite; however, there are always tweaks or changes that have to be made to guarantee compatibility between the existing codebase and the new version of the framework.

How does this affect me?

You may be surprised to find out that there is a good chance your favorite website or web application was built using AngularJS. AngularJS was one of the earliest JavaScript web application frameworks for building single-page web applications. It has significant support and investment despite its long age.

If you use OpenStack and its web interface Horizon, you are using an AngularJS application. Many of the interface panels in Horizon are implemented using AngularJS. The Horizon project will have to find a path to update these interface panels to a newer framework.

cPanel, the popular control panel for web hosting, uses AngularJS for its interface. The cPanel team will have to update their application to use a different framework, which may result in a different appearance or experience for cPanel users. Failure to make this update by December 31st, 2021 will expose cPanel users to increasing levels of risk as AngularJS becomes more and more out of date.

OpenStack and cPanel are two major examples of AngularJS applications that need to be updated. Several other popular websites and organizations also use AngularJS right now, like the Federal Trade Commission’s Identify Theft website, Zagat’s website, and several of Google’s own smaller web pages.

Sounds serious! What do I do?

If your web application or website has a way to send feedback, though, you can send your concerns to them. You may also be able to find a changelog or list of updates that are planned or were made to the web application and see if they mention moving from AngularJS.

Unfortunately, there is not much more you can do. It is on the developers for your web applications and websites to make this update. It is important to note that even though this is a serious issue, there likely will not be any serious risks for some time after December 31st, 2021. Discovering vulnerabilities in frameworks can take large amounts of time and effort, and AngularJS will present a less attractive target as more web applications and websites move to other frameworks.

5 Comments

  • Since the time this article was written, there are a few companies that are continuing to support AngularJS, but it is not a free version. So if your team still needs support for AngularJS you can contact them. You can read more about those options on the AngularJS website: https://docs.angularjs.org/misc/version-support-status

  • My application is build in Angular JS v1.5.10 as per above information end of life for Angular JS was December 31st, 2021, and now it is ended. How the application is still working.

    • Hi Neha, great question. The application will still work as long as all of the necessary files are available and on your server. The main issue is that AngularJS will no longer be updated. As browsers change, as vulnerabilities are discovered, and as other programmers stop designing around AngularJS, you’re likely to run into issues.

      Think of something like Windows 95: if you find an old computer with Windows 95 installed as the primary operating system and boot it up, the computer will still run. But, most new programs won’t have installation files configured for Windows 95, any security problems discovered after Windows 95 support ended won’t have a way to to fix them. Most developers won’t bother including Windows 95 compatibility as a configuration feature. You might keep a computer like this around to run old games, or because you like retro computing, but probably not as your primary business computer.

      So, if keeping your application secure and accessible to the rest of the internet is important to you, you’ll likely want to look into rebuilding it or upgrading it to something else. If it’s purely a personal project and no important personal or financial data is at risk, feel free to keep it up and running. Just be aware that issues may arise in the future. Hope that helps clarify things!

  • what about many web software built by angularJS ? will they continue to work or need to migrate to new versions or angular ?

Was this article helpful? Let us know!