Bump the angular group across 1 directory with 12 updates by dependabot[bot] · Pull Request #875 · okta-samples/okta-angular-sample

dependabot · 2025-09-22T16:18:10Z

Bumps the angular group with 12 updates in the / directory:

Package	From	To
@angular/animations	`19.0.5`	`22.0.2`
@angular/common	`19.0.5`	`22.0.2`
@angular/compiler	`19.0.5`	`22.0.2`
@angular/core	`19.0.5`	`22.0.2`
@angular/forms	`19.0.5`	`22.0.2`
@angular/platform-browser	`19.0.5`	`22.0.2`
@angular/platform-browser-dynamic	`19.0.5`	`22.0.2`
@angular/router	`19.0.5`	`22.0.2`
@angular-devkit/build-angular	`19.0.6`	`22.0.3`
@angular/cli	`19.0.6`	`22.0.3`
@angular/compiler-cli	`19.0.5`	`22.0.2`
typescript	`5.6.3`	`6.0.3`

Updates @angular/animations from 19.0.5 to 22.0.2

Release notes

Sourced from @angular/animations's releases.

22.0.2

common

Commit Description

escape anchor fragment in shadow DOM name selector

skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Description

restrict possible event handler check to property names longer than 2 characters

core

Commit Description

avoid caching missing locale data

escape overlapping comment delimiters in escapeCommentText

guard against DOM clobbering in declareExperimentalWebMcpTool

preserve leave animation for sibling instances sharing a TNode

prevent unsubscribe during emit from throwing off other listeners

treat iframe credentialless as security-sensitive

detect existing signal dependency without checking all producer links

http

Commit Description

distinguish repeated transfer cache params

skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Description

migration skip any target are not build or test

22.0.1

common

Commit Description

escape CSS string-terminating characters in escapeCssUrl

Limits date format string length

prevent prototype pollution in formatDateTime

use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit Description

disallow i18n event attributes

more robust logic to check if regex can be optimized

sanitize href/xlink:href attributes of any element of the MathML namespace

sanitize two-way properties

compiler-cli

Commit Description

bind switch exhaustive check expressions

core

... (truncated)

Changelog

Sourced from @angular/animations's changelog.

22.0.2 (2026-06-17)

common

Commit Type Description

94ea403563 fix escape anchor fragment in shadow DOM name selector

6c1f3e9d49 fix skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Type Description

6f1171991a fix restrict possible event handler check to property names longer than 2 characters

core

Commit Type Description

528a34f766 fix avoid caching missing locale data

e17e8d5422 fix escape overlapping comment delimiters in escapeCommentText

59dea13f80 fix guard against DOM clobbering in declareExperimentalWebMcpTool

3a48abc15c fix preserve leave animation for sibling instances sharing a TNode

93d0a5f95c fix prevent unsubscribe during emit from throwing off other listeners

b32ee7ceb3 fix treat iframe credentialless as security-sensitive

f902d1d35e perf detect existing signal dependency without checking all producer links

http

Commit Type Description

6867f77ec7 fix distinguish repeated transfer cache params

7ef1399068 fix skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Type Description

15314c1736 fix migration skip any target are not build or test

22.1.0-next.0 (2026-06-10)

Deprecations

http

HttpClient.jsonp, HttpClientJsonpModule, and related JSONP classes/functions are deprecated. Use standard HTTP requests instead.

common

Commit Type Description

1ad6824d0d fix skip transfer cache for uncacheable HTTP traffic (#69017)

compiler

Commit Type Description

25c744c4d0 fix support foreign components defined outside top-level scope

compiler-cli

Commit Type Description

aeb55c8bc1 fix allow passing uninvoked signals as foreign component props

7c60a98b3c fix support import aliases in foreignImports (#68674)

... (truncated)

Commits

a97d5ec build: update minimum supported Node.js versions
ad717df refactor(core): use the @Service decorator where possible.
b8d3f36 feat(compiler-cli): add support for Node.js 26.0.0
6672192 test: remove duplicate tests (#67518)
d550bf7 build: update minimum supported Node.js versions
81cabc1 feat(core): add support for TypeScript 6
abb1794 refactor(core): mark VERSION exports as pure for better tree-shaking
26fed34 build: format md files
b9e2ccd refactor(common): remove unused import (#64699)
70332b0 fix(core): pass element removal property through in all locations (#64565)
Additional commits viewable in compare view

Updates @angular/common from 19.0.5 to 22.0.2

Release notes

Sourced from @angular/common's releases.

22.0.2

common

Commit Description

escape anchor fragment in shadow DOM name selector

skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Description

restrict possible event handler check to property names longer than 2 characters

core

Commit Description

avoid caching missing locale data

escape overlapping comment delimiters in escapeCommentText

guard against DOM clobbering in declareExperimentalWebMcpTool

preserve leave animation for sibling instances sharing a TNode

prevent unsubscribe during emit from throwing off other listeners

treat iframe credentialless as security-sensitive

detect existing signal dependency without checking all producer links

http

Commit Description

distinguish repeated transfer cache params

skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Description

migration skip any target are not build or test

22.0.1

common

Commit Description

escape CSS string-terminating characters in escapeCssUrl

Limits date format string length

prevent prototype pollution in formatDateTime

use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit Description

disallow i18n event attributes

more robust logic to check if regex can be optimized

sanitize href/xlink:href attributes of any element of the MathML namespace

sanitize two-way properties

compiler-cli

Commit Description

bind switch exhaustive check expressions

core

... (truncated)

Changelog

Sourced from @angular/common's changelog.

22.0.2 (2026-06-17)

common

Commit Type Description

94ea403563 fix escape anchor fragment in shadow DOM name selector

6c1f3e9d49 fix skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Type Description

6f1171991a fix restrict possible event handler check to property names longer than 2 characters

core

Commit Type Description

528a34f766 fix avoid caching missing locale data

e17e8d5422 fix escape overlapping comment delimiters in escapeCommentText

59dea13f80 fix guard against DOM clobbering in declareExperimentalWebMcpTool

3a48abc15c fix preserve leave animation for sibling instances sharing a TNode

93d0a5f95c fix prevent unsubscribe during emit from throwing off other listeners

b32ee7ceb3 fix treat iframe credentialless as security-sensitive

f902d1d35e perf detect existing signal dependency without checking all producer links

http

Commit Type Description

6867f77ec7 fix distinguish repeated transfer cache params

7ef1399068 fix skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Type Description

15314c1736 fix migration skip any target are not build or test

22.1.0-next.0 (2026-06-10)

Deprecations

http

HttpClient.jsonp, HttpClientJsonpModule, and related JSONP classes/functions are deprecated. Use standard HTTP requests instead.

common

Commit Type Description

1ad6824d0d fix skip transfer cache for uncacheable HTTP traffic (#69017)

compiler

Commit Type Description

25c744c4d0 fix support foreign components defined outside top-level scope

compiler-cli

Commit Type Description

aeb55c8bc1 fix allow passing uninvoked signals as foreign component props

7c60a98b3c fix support import aliases in foreignImports (#68674)

... (truncated)

Commits

6867f77 fix(http): distinguish repeated transfer cache params
6c1f3e9 fix(common): skip transfer cache for uncacheable HTTP traffic (#69316)
7ef1399 fix(http): skip transfer cache for fetch credentialed requests (#69316)
94ea403 fix(common): escape anchor fragment in shadow DOM name selector
2dd65d2 fix(http): pass down the reportUploadProgress and reportDownloadProgress ...
1bd5a56 docs: deprecate XHR support for server-side rendering in HTTP docs and recomm...
3c2892c fix(common): prevent prototype pollution in formatDateTime
c4b5fa3 fix(common): escape CSS string-terminating characters in escapeCssUrl
4254eb4 fix(http): preserve empty referrer option in HttpRequest
167bd4c fix(http): Rejects non-HTTP(S) URLs in JSONP requests
Additional commits viewable in compare view

Updates @angular/compiler from 19.0.5 to 22.0.2

Release notes

Sourced from @angular/compiler's releases.

22.0.2

common

Commit Description

escape anchor fragment in shadow DOM name selector

skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Description

restrict possible event handler check to property names longer than 2 characters

core

Commit Description

avoid caching missing locale data

escape overlapping comment delimiters in escapeCommentText

guard against DOM clobbering in declareExperimentalWebMcpTool

preserve leave animation for sibling instances sharing a TNode

prevent unsubscribe during emit from throwing off other listeners

treat iframe credentialless as security-sensitive

detect existing signal dependency without checking all producer links

http

Commit Description

distinguish repeated transfer cache params

skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Description

migration skip any target are not build or test

22.0.1

common

Commit Description

escape CSS string-terminating characters in escapeCssUrl

Limits date format string length

prevent prototype pollution in formatDateTime

use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit Description

disallow i18n event attributes

more robust logic to check if regex can be optimized

sanitize href/xlink:href attributes of any element of the MathML namespace

sanitize two-way properties

compiler-cli

Commit Description

bind switch exhaustive check expressions

core

... (truncated)

Changelog

Sourced from @angular/compiler's changelog.

22.0.2 (2026-06-17)

common

Commit Type Description

94ea403563 fix escape anchor fragment in shadow DOM name selector

6c1f3e9d49 fix skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Type Description

6f1171991a fix restrict possible event handler check to property names longer than 2 characters

core

Commit Type Description

528a34f766 fix avoid caching missing locale data

e17e8d5422 fix escape overlapping comment delimiters in escapeCommentText

59dea13f80 fix guard against DOM clobbering in declareExperimentalWebMcpTool

3a48abc15c fix preserve leave animation for sibling instances sharing a TNode

93d0a5f95c fix prevent unsubscribe during emit from throwing off other listeners

b32ee7ceb3 fix treat iframe credentialless as security-sensitive

f902d1d35e perf detect existing signal dependency without checking all producer links

http

Commit Type Description

6867f77ec7 fix distinguish repeated transfer cache params

7ef1399068 fix skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Type Description

15314c1736 fix migration skip any target are not build or test

22.1.0-next.0 (2026-06-10)

Deprecations

http

HttpClient.jsonp, HttpClientJsonpModule, and related JSONP classes/functions are deprecated. Use standard HTTP requests instead.

common

Commit Type Description

1ad6824d0d fix skip transfer cache for uncacheable HTTP traffic (#69017)

compiler

Commit Type Description

25c744c4d0 fix support foreign components defined outside top-level scope

compiler-cli

Commit Type Description

aeb55c8bc1 fix allow passing uninvoked signals as foreign component props

7c60a98b3c fix support import aliases in foreignImports (#68674)

... (truncated)

Commits

74f2b91 refactor(compiler): correct TcbInvalidReferenceOp initializer
b32ee7c fix(core): treat iframe credentialless as security-sensitive
f309727 refactor(compiler): Collect in-element comments
6f11719 fix(compiler): restrict possible event handler check to property names longer...
8bb3947 refactor: optimize dom security schema lookups
4645850 refactor(compiler): Remove 80 char limit on AbstractEmitterVisitor
1ee224c fix(compiler): disallow i18n event attributes
5946c18 fix(compiler): sanitize href/xlink:href attributes of any element of the ...
393b84c fix(compiler): sanitize two-way properties
3d9ca2f fix(compiler-cli): bind switch exhaustive check expressions
Additional commits viewable in compare view

Updates @angular/core from 19.0.5 to 22.0.2

Release notes

Sourced from @angular/core's releases.

22.0.2

common

Commit Description

escape anchor fragment in shadow DOM name selector

skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Description

restrict possible event handler check to property names longer than 2 characters

core

Commit Description

avoid caching missing locale data

escape overlapping comment delimiters in escapeCommentText

guard against DOM clobbering in declareExperimentalWebMcpTool

preserve leave animation for sibling instances sharing a TNode

prevent unsubscribe during emit from throwing off other listeners

treat iframe credentialless as security-sensitive

detect existing signal dependency without checking all producer links

http

Commit Description

distinguish repeated transfer cache params

skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Description

migration skip any target are not build or test

22.0.1

common

Commit Description

escape CSS string-terminating characters in escapeCssUrl

Limits date format string length

prevent prototype pollution in formatDateTime

use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit Description

disallow i18n event attributes

more robust logic to check if regex can be optimized

sanitize href/xlink:href attributes of any element of the MathML namespace

sanitize two-way properties

compiler-cli

Commit Description

bind switch exhaustive check expressions

core

... (truncated)

Changelog

Sourced from @angular/core's changelog.

22.0.2 (2026-06-17)

common

Commit Type Description

94ea403563 fix escape anchor fragment in shadow DOM name selector

6c1f3e9d49 fix skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Type Description

6f1171991a fix restrict possible event handler check to property names longer than 2 characters

core

Commit Type Description

528a34f766 fix avoid caching missing locale data

e17e8d5422 fix escape overlapping comment delimiters in escapeCommentText

59dea13f80 fix guard against DOM clobbering in declareExperimentalWebMcpTool

3a48abc15c fix preserve leave animation for sibling instances sharing a TNode

93d0a5f95c fix prevent unsubscribe during emit from throwing off other listeners

b32ee7ceb3 fix treat iframe credentialless as security-sensitive

f902d1d35e perf detect existing signal dependency without checking all producer links

http

Commit Type Description

6867f77ec7 fix distinguish repeated transfer cache params

7ef1399068 fix skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Type Description

15314c1736 fix migration skip any target are not build or test

22.1.0-next.0 (2026-06-10)

Deprecations

http

HttpClient.jsonp, HttpClientJsonpModule, and related JSONP classes/functions are deprecated. Use standard HTTP requests instead.

common

Commit Type Description

1ad6824d0d fix skip transfer cache for uncacheable HTTP traffic (#69017)

compiler

Commit Type Description

25c744c4d0 fix support foreign components defined outside top-level scope

compiler-cli

Commit Type Description

aeb55c8bc1 fix allow passing uninvoked signals as foreign component props

7c60a98b3c fix support import aliases in foreignImports (#68674)

... (truncated)

Commits

152601e refactor(core): add childSignalProp to ReactiveNodeKind
59dea13 fix(core): guard against DOM clobbering in declareExperimentalWebMcpTool
81cb457 refactor(router): Add handling for ActivatedRoute-scoped injector
f902d1d perf(core): detect existing signal dependency without checking all producer l...
e17e8d5 fix(core): escape overlapping comment delimiters in escapeCommentText
0f1cfe3 build: update cross-repo angular dependencies to v22.0.2
b32ee7c fix(core): treat iframe credentialless as security-sensitive
93d0a5f fix(core): prevent unsubscribe during emit from throwing off other listeners
528a34f fix(core): avoid caching missing locale data
6f11719 fix(compiler): restrict possible event handler check to property names longer...
Additional commits viewable in compare view

Updates @angular/forms from 19.0.5 to 22.0.2

Release notes

Sourced from @angular/forms's releases.

22.0.2

common

Commit Description

escape anchor fragment in shadow DOM name selector

skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Description

restrict possible event handler check to property names longer than 2 characters

core

Commit Description

avoid caching missing locale data

escape overlapping comment delimiters in escapeCommentText

guard against DOM clobbering in declareExperimentalWebMcpTool

preserve leave animation for sibling instances sharing a TNode

prevent unsubscribe during emit from throwing off other listeners

treat iframe credentialless as security-sensitive

detect existing signal dependency without checking all producer links

http

Commit Description

distinguish repeated transfer cache params

skip transfer cache for fetch credentialed requests (

dependabot · 2026-02-02T23:23:19Z

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

dependabot · 2026-03-23T18:19:51Z

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

Bumps the angular group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@angular/animations](https://github.com/angular/angular/tree/HEAD/packages/animations) | `19.0.5` | `22.0.2` | | [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `19.0.5` | `22.0.2` | | [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `19.0.5` | `22.0.2` | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `19.0.5` | `22.0.2` | | [@angular/forms](https://github.com/angular/angular/tree/HEAD/packages/forms) | `19.0.5` | `22.0.2` | | [@angular/platform-browser](https://github.com/angular/angular/tree/HEAD/packages/platform-browser) | `19.0.5` | `22.0.2` | | [@angular/platform-browser-dynamic](https://github.com/angular/angular/tree/HEAD/packages/platform-browser-dynamic) | `19.0.5` | `22.0.2` | | [@angular/router](https://github.com/angular/angular/tree/HEAD/packages/router) | `19.0.5` | `22.0.2` | | [@angular-devkit/build-angular](https://github.com/angular/angular-cli) | `19.0.6` | `22.0.3` | | [@angular/cli](https://github.com/angular/angular-cli) | `19.0.6` | `22.0.3` | | [@angular/compiler-cli](https://github.com/angular/angular/tree/HEAD/packages/compiler-cli) | `19.0.5` | `22.0.2` | | [typescript](https://github.com/microsoft/TypeScript) | `5.6.3` | `6.0.3` | Updates `@angular/animations` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/animations) Updates `@angular/common` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/common) Updates `@angular/compiler` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/compiler) Updates `@angular/core` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/core) Updates `@angular/forms` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/forms) Updates `@angular/platform-browser` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/platform-browser) Updates `@angular/platform-browser-dynamic` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/platform-browser-dynamic) Updates `@angular/router` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/router) Updates `@angular-devkit/build-angular` from 19.0.6 to 22.0.3 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@19.0.6...v22.0.3) Updates `@angular/cli` from 19.0.6 to 22.0.3 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@19.0.6...v22.0.3) Updates `@angular/compiler-cli` from 19.0.5 to 22.0.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/compiler-cli) Updates `typescript` from 5.6.3 to 6.0.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.6.3...v6.0.3) --- updated-dependencies: - dependency-name: "@angular-devkit/build-angular" dependency-version: 20.3.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/animations" dependency-version: 20.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/cli" dependency-version: 20.3.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/common" dependency-version: 20.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/compiler" dependency-version: 20.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/compiler-cli" dependency-version: 20.3.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/core" dependency-version: 20.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/forms" dependency-version: 20.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/platform-browser" dependency-version: 20.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/platform-browser-dynamic" dependency-version: 20.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: angular - dependency-name: "@angular/router" dependency-version: 20.3.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: angular - dependency-name: typescript dependency-version: 5.9.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: angular ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Sep 22, 2025

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from f43f53a to 49d31d0 Compare November 17, 2025 16:03

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from 49d31d0 to b06f4ba Compare December 1, 2025 18:47

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from b06f4ba to aaa606d Compare January 5, 2026 16:03

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch 2 times, most recently from dd14cc2 to dc22fae Compare January 12, 2026 20:47

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from dc22fae to 9e4a4ed Compare January 26, 2026 18:28

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from 9e4a4ed to 2437295 Compare February 16, 2026 17:44

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch 2 times, most recently from e8d04a2 to a002cae Compare March 9, 2026 18:25

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from a002cae to 5ae0439 Compare March 30, 2026 18:12

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from 5ae0439 to 577e136 Compare April 13, 2026 17:59

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from 577e136 to b6ccdaa Compare April 20, 2026 19:11

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from b6ccdaa to a436626 Compare May 12, 2026 00:11

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from a436626 to b587b5b Compare May 25, 2026 22:44

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from b587b5b to 14aa7d4 Compare June 3, 2026 00:06

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch 2 times, most recently from 5a19ec6 to 5c39c40 Compare June 15, 2026 16:49

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-83a0c13492 branch from 5c39c40 to ef6e8f3 Compare June 22, 2026 16:44

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the angular group across 1 directory with 12 updates#875

Bump the angular group across 1 directory with 12 updates#875
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/angular-83a0c13492

dependabot Bot commented on behalf of github Sep 22, 2025 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Feb 2, 2026

Uh oh!

dependabot Bot commented on behalf of github Mar 23, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Commit	Description
	escape anchor fragment in shadow DOM name selector
	skip transfer cache for uncacheable HTTP traffic (#69316)

Commit	Description
	avoid caching missing locale data
	escape overlapping comment delimiters in escapeCommentText
	guard against DOM clobbering in declareExperimentalWebMcpTool
	preserve leave animation for sibling instances sharing a TNode
	prevent unsubscribe during emit from throwing off other listeners
	treat iframe credentialless as security-sensitive
	detect existing signal dependency without checking all producer links

Commit	Description
	distinguish repeated transfer cache params
	skip transfer cache for fetch credentialed requests (#69316)

Commit	Description
	escape CSS string-terminating characters in escapeCssUrl
	Limits date format string length
	prevent prototype pollution in formatDateTime
	use cryptographically secure SHA-256 for transfer cache key generation

Commit	Description
	disallow i18n event attributes
	more robust logic to check if regex can be optimized
	sanitize `href`/`xlink:href` attributes of any element of the MathML namespace
	sanitize two-way properties

Commit	Type	Description
94ea403563	fix	escape anchor fragment in shadow DOM name selector
6c1f3e9d49	fix	skip transfer cache for uncacheable HTTP traffic (#69316)

Commit	Type	Description
528a34f766	fix	avoid caching missing locale data
e17e8d5422	fix	escape overlapping comment delimiters in escapeCommentText
59dea13f80	fix	guard against DOM clobbering in declareExperimentalWebMcpTool
3a48abc15c	fix	preserve leave animation for sibling instances sharing a TNode
93d0a5f95c	fix	prevent unsubscribe during emit from throwing off other listeners
b32ee7ceb3	fix	treat iframe credentialless as security-sensitive
f902d1d35e	perf	detect existing signal dependency without checking all producer links

Commit	Type	Description
6867f77ec7	fix	distinguish repeated transfer cache params
7ef1399068	fix	skip transfer cache for fetch credentialed requests (#69316)

Commit	Type	Description
aeb55c8bc1	fix	allow passing uninvoked signals as foreign component props
7c60a98b3c	fix	support import aliases in foreignImports (#68674)

Conversation

dependabot Bot commented on behalf of github Sep 22, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

22.0.2

common

compiler

core

http

migrations

22.0.1

common

compiler

compiler-cli

core

22.0.2 (2026-06-17)

common

compiler

core

http

migrations

22.1.0-next.0 (2026-06-10)

Deprecations

http

common

compiler

compiler-cli

22.0.2

common

compiler

core

http

migrations

22.0.1

common

compiler

compiler-cli

core

22.0.2 (2026-06-17)

common

compiler

core

http

migrations

22.1.0-next.0 (2026-06-10)

Deprecations

http

common

compiler

compiler-cli

22.0.2

common

compiler

core

http

migrations

22.0.1

common

compiler

compiler-cli

core

22.0.2 (2026-06-17)

common

compiler

core

http

migrations

22.1.0-next.0 (2026-06-10)

Deprecations

http

common

compiler

compiler-cli

22.0.2

common

compiler

core

http

migrations

22.0.1

common

dependabot Bot commented on behalf of github Sep 22, 2025 •

edited

Loading