chore(deps): bump the npm-version-updates group across 1 directory with 28 updates by dependabot[bot] · Pull Request #70 · zitadel/example-auth-angular

dependabot · 2026-05-29T15:07:06Z

Bumps the npm-version-updates group with 27 updates in the / directory:

Package	From	To
@angular/common	`21.2.6`	`21.2.15`
@angular/compiler	`21.2.6`	`21.2.15`
@angular/core	`21.2.6`	`21.2.15`
@angular/platform-browser	`21.2.6`	`21.2.15`
@angular/router	`21.2.6`	`21.2.15`
@zitadel/angular-auth	`0.0.1`	`1.0.0`
zone.js	`0.15.1`	`0.16.2`
@angular-eslint/builder	`21.3.1`	`21.4.0`
@angular/build	`21.2.6`	`21.2.13`
@angular/cli	`21.2.6`	`21.2.13`
@angular/compiler-cli	`21.2.6`	`21.2.15`
@commitlint/config-conventional	`20.5.0`	`21.0.2`
@eslint/js	`9.39.4`	`10.0.1`
@playwright/test	`1.58.2`	`1.60.0`
@tailwindcss/postcss	`4.2.2`	`4.3.0`
@types/jasmine	`5.1.15`	`6.0.0`
@types/node	`22.19.15`	`25.9.1`
angular-eslint	`21.0.0`	`21.4.0`
autoprefixer	`10.4.27`	`10.5.0`
eslint	`9.39.4`	`10.4.0`
jasmine-core	`5.9.0`	`6.2.0`
karma-jasmine-html-reporter	`2.1.0`	`2.2.0`
knip	`5.88.1`	`6.14.2`
postcss	`8.5.14`	`8.5.15`
prettier	`3.8.1`	`3.8.3`
typescript	`5.9.3`	`6.0.3`
typescript-eslint	`8.46.0`	`8.60.0`

Updates @angular/common from 21.2.6 to 21.2.15

Release notes

Sourced from @angular/common's releases.

21.2.15

common

Commit Description

add upper bounds for digitsInfo

sanitize placeholder

compiler

Commit Description

normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

prevent namespaced SVG elements from being stripped

sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

strip namespaced SVG script elements during template compilation (#68925)

core

Commit Description

normalize tag names in runtime i18n attribute security context lookup (#68925)

sanitize meta selectors

support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)

synchronize core sanitization schema with compiler (#68925)

http

Commit Description

exclude withCredentials requests from transfer cache

skip TransferCache for cookie-bearing requests by default

platform-server

Commit Description

prevent SSRF bypasses via backslash URLs in HttpClient

secure location and document initialization against SSRF and path hijack

service-worker

Commit Description

Preserves explicit 'credentials: omit' in asset requests

Preserves HTTP cache mode in asset group requests

21.2.14

compiler

Commit Description

strip namespaced SVG script elements during template compilation

core

Commit Description

do not insert todo when migrating void @Output

makes resource URL sanitizer lookup case-insensitive

reject script element as a dynamic component host

visit ICU expressions in signal migration schematics

router

| Commit | Description |

... (truncated)

Changelog

Sourced from @angular/common's changelog.

21.2.15 (2026-05-28)

common

Commit Type Description

7f4ac78994 fix add upper bounds for digitsInfo

300f61feb3 fix sanitize placeholder

compiler

Commit Type Description

0b07f47bd6 fix normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

eb1cbbf2eb fix prevent namespaced SVG elements from being stripped

cc1378d54b fix sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

782e01594e fix strip namespaced SVG script elements during template compilation (#68925)

core

Commit Type Description

ff12fe55ac fix normalize tag names in runtime i18n attribute security context lookup (#68925)

e6fe77cc97 fix sanitize meta selectors

daaf32937f fix support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)

dada86e43d fix synchronize core sanitization schema with compiler (#68925)

http

Commit Type Description

582a417bd2 fix exclude withCredentials requests from transfer cache

5c6d6df34b fix skip TransferCache for cookie-bearing requests by default

platform-server

Commit Type Description

37e8aadf87 fix prevent SSRF bypasses via backslash URLs in HttpClient

72696e244e fix secure location and document initialization against SSRF and path hijack

service-worker

Commit Type Description

b8bd49341d fix Preserves explicit 'credentials: omit' in asset requests

ca32fc1000 fix Preserves HTTP cache mode in asset group requests

19.2.24 (2026-05-28)

compiler

Commit Type Description

6ea6379123 fix prevent namespaced SVG elements from being stripped

20.3.23 (2026-05-28)

compiler

... (truncated)

Commits

582a417 fix(http): exclude withCredentials requests from transfer cache
5c6d6df fix(http): skip TransferCache for cookie-bearing requests by default
300f61f fix(common): sanitize placeholder
7f4ac78 fix(common): add upper bounds for digitsInfo
30cf85f refactor(common): update deprecation message
42d57c3 refactor(common): fix viewport tests
10ad3c0 fix(common): prevent focus from scrollToAnchor
540536c fix(http): add CSP nonce support to JsonpClientBackend
8102331 test(http): disable XSRF and mock location in HttpClient tests to avoid Domin...
13f050d test: construct local Date objects to fix timezone flakiness
Additional commits viewable in compare view

Updates @angular/compiler from 21.2.6 to 21.2.15

Release notes

Sourced from @angular/compiler's releases.

21.2.15

common

Commit Description

add upper bounds for digitsInfo

sanitize placeholder

compiler

Commit Description

normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

prevent namespaced SVG elements from being stripped

sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

strip namespaced SVG script elements during template compilation (#68925)

core

Commit Description

normalize tag names in runtime i18n attribute security context lookup (#68925)

sanitize meta selectors

support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)

synchronize core sanitization schema with compiler (#68925)

http

Commit Description

exclude withCredentials requests from transfer cache

skip TransferCache for cookie-bearing requests by default

platform-server

Commit Description

prevent SSRF bypasses via backslash URLs in HttpClient

secure location and document initialization against SSRF and path hijack

service-worker

Commit Description

Preserves explicit 'credentials: omit' in asset requests

Preserves HTTP cache mode in asset group requests

21.2.14

compiler

Commit Description

strip namespaced SVG script elements during template compilation

core

Commit Description

do not insert todo when migrating void @Output

makes resource URL sanitizer lookup case-insensitive

reject script element as a dynamic component host

visit ICU expressions in signal migration schematics

router

| Commit | Description |

... (truncated)

Changelog

Sourced from @angular/compiler's changelog.

21.2.15 (2026-05-28)

common

Commit Type Description

7f4ac78994 fix add upper bounds for digitsInfo

300f61feb3 fix sanitize placeholder

compiler

Commit Type Description

0b07f47bd6 fix normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

eb1cbbf2eb fix prevent namespaced SVG elements from being stripped

cc1378d54b fix sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

782e01594e fix strip namespaced SVG script elements during template compilation (#68925)

core

Commit Type Description

ff12fe55ac fix normalize tag names in runtime i18n attribute security context lookup (#68925)

e6fe77cc97 fix sanitize meta selectors

daaf32937f fix support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)

dada86e43d fix synchronize core sanitization schema with compiler (#68925)

http

Commit Type Description

582a417bd2 fix exclude withCredentials requests from transfer cache

5c6d6df34b fix skip TransferCache for cookie-bearing requests by default

platform-server

Commit Type Description

37e8aadf87 fix prevent SSRF bypasses via backslash URLs in HttpClient

72696e244e fix secure location and document initialization against SSRF and path hijack

service-worker

Commit Type Description

b8bd49341d fix Preserves explicit 'credentials: omit' in asset requests

ca32fc1000 fix Preserves HTTP cache mode in asset group requests

19.2.24 (2026-05-28)

compiler

Commit Type Description

6ea6379123 fix prevent namespaced SVG elements from being stripped

20.3.23 (2026-05-28)

compiler

... (truncated)

Commits

eb1cbbf fix(compiler): prevent namespaced SVG <style> elements from being stripped
29ceeff docs: fix typos in source code comments
782e015 fix(compiler): strip namespaced SVG script elements during template compilati...
ff12fe5 fix(core): normalize tag names in runtime i18n attribute security context loo...
0b07f47 fix(compiler): normalize tag names with custom namespaces in DomElementSchema...
cc1378d fix(compiler): sanitize dynamic href and xlink:href bindings on SVG a element...
daaf329 fix(core): support prefix-insensitive DOM schema lookups and compile-time i18...
68282df fix(compiler): strip namespaced SVG script elements during template compilation
6652ec0 refactor(core): align namespaced attribute validation and security schema con...
baf92da test: remove invalid css that was causing issues with the postcss parser
Additional commits viewable in compare view

Updates @angular/core from 21.2.6 to 21.2.15

Release notes

Sourced from @angular/core's releases.

21.2.15

common

Commit Description

add upper bounds for digitsInfo

sanitize placeholder

compiler

Commit Description

normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

prevent namespaced SVG elements from being stripped

sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

strip namespaced SVG script elements during template compilation (#68925)

core

Commit Description

normalize tag names in runtime i18n attribute security context lookup (#68925)

sanitize meta selectors

support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)

synchronize core sanitization schema with compiler (#68925)

http

Commit Description

exclude withCredentials requests from transfer cache

skip TransferCache for cookie-bearing requests by default

platform-server

Commit Description

prevent SSRF bypasses via backslash URLs in HttpClient

secure location and document initialization against SSRF and path hijack

service-worker

Commit Description

Preserves explicit 'credentials: omit' in asset requests

Preserves HTTP cache mode in asset group requests

21.2.14

compiler

Commit Description

strip namespaced SVG script elements during template compilation

core

Commit Description

do not insert todo when migrating void @Output

makes resource URL sanitizer lookup case-insensitive

reject script element as a dynamic component host

visit ICU expressions in signal migration schematics

router

| Commit | Description |

... (truncated)

Changelog

Sourced from @angular/core's changelog.

21.2.15 (2026-05-28)

common

Commit Type Description

7f4ac78994 fix add upper bounds for digitsInfo

300f61feb3 fix sanitize placeholder

compiler

Commit Type Description

0b07f47bd6 fix normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

eb1cbbf2eb fix prevent namespaced SVG elements from being stripped

cc1378d54b fix sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

782e01594e fix strip namespaced SVG script elements during template compilation (#68925)

core

Commit Type Description

ff12fe55ac fix normalize tag names in runtime i18n attribute security context lookup (#68925)

e6fe77cc97 fix sanitize meta selectors

daaf32937f fix support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)

dada86e43d fix synchronize core sanitization schema with compiler (#68925)

http

Commit Type Description

582a417bd2 fix exclude withCredentials requests from transfer cache

5c6d6df34b fix skip TransferCache for cookie-bearing requests by default

platform-server

Commit Type Description

37e8aadf87 fix prevent SSRF bypasses via backslash URLs in HttpClient

72696e244e fix secure location and document initialization against SSRF and path hijack

service-worker

Commit Type Description

b8bd49341d fix Preserves explicit 'credentials: omit' in asset requests

ca32fc1000 fix Preserves HTTP cache mode in asset group requests

19.2.24 (2026-05-28)

compiler

Commit Type Description

6ea6379123 fix prevent namespaced SVG elements from being stripped

20.3.23 (2026-05-28)

compiler

... (truncated)

Commits

29ceeff docs: fix typos in source code comments
251c8f2 test(core): remove obsolete SVG script sanitization translation test (#68925)
dada86e fix(core): synchronize core sanitization schema with compiler (#68925)
782e015 fix(compiler): strip namespaced SVG script elements during template compilati...
ff12fe5 fix(core): normalize tag names in runtime i18n attribute security context loo...
0b07f47 fix(compiler): normalize tag names with custom namespaces in DomElementSchema...
cc1378d fix(compiler): sanitize dynamic href and xlink:href bindings on SVG a element...
daaf329 fix(core): support prefix-insensitive DOM schema lookups and compile-time i18...
1d6e71d docs: clarify ngDoCheck invocation behavior with OnPush strategy
49113ac fix(core): visit ICU expressions in signal migration schematics
Additional commits viewable in compare view

Updates @angular/platform-browser from 21.2.6 to 21.2.15

Release notes

Sourced from @angular/platform-browser's releases.

21.2.15

common

Commit Description

add upper bounds for digitsInfo

sanitize placeholder

compiler

Commit Description

normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

prevent namespaced SVG elements from being stripped

sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

strip namespaced SVG script elements during template compilation (#68925)

core

Commit Description

normalize tag names in runtime i18n attribute security context lookup (#68925)

sanitize meta selectors

support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)

synchronize core sanitization schema with compiler (#68925)

http

Commit Description

exclude withCredentials requests from transfer cache

skip TransferCache for cookie-bearing requests by default

platform-server

Commit Description

prevent SSRF bypasses via backslash URLs in HttpClient

secure location and document initialization against SSRF and path hijack

service-worker

Commit Description

Preserves explicit 'credentials: omit' in asset requests

Preserves HTTP cache mode in asset group requests

21.2.14

compiler

Commit Description

strip namespaced SVG script elements during template compilation

core

Commit Description

do not insert todo when migrating void @Output

makes resource URL sanitizer lookup case-insensitive

reject script element as a dynamic component host

visit ICU expressions in signal migration schematics

router

| Commit | Description |

... (truncated)

Changelog

Sourced from @angular/platform-browser's changelog.

21.2.15 (2026-05-28)

common

Commit Type Description

7f4ac78994 fix add upper bounds for digitsInfo

300f61feb3 fix sanitize placeholder

compiler

Commit Type Description

0b07f47bd6 fix normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

eb1cbbf2eb fix prevent namespaced SVG elements from being stripped

cc1378d54b fix sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

782e01594e fix strip namespaced SVG script elements during template compilation (#68925)

core

Commit Type Description

ff12fe55ac fix normalize tag names in runtime i18n attribute security context lookup (#68925)

e6fe77cc97 fix sanitize meta selectors

daaf32937f fix support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)

dada86e43d fix synchronize core sanitization schema with compiler (#68925)

http

Commit Type Description

582a417bd2 fix exclude withCredentials requests from transfer cache

5c6d6df34b fix skip TransferCache for cookie-bearing requests by default

platform-server

Commit Type Description

37e8aadf87 fix prevent SSRF bypasses via backslash URLs in HttpClient

72696e244e fix secure location and document initialization against SSRF and path hijack

service-worker

Commit Type Description

b8bd49341d fix Preserves explicit 'credentials: omit' in asset requests

ca32fc1000 fix Preserves HTTP cache mode in asset group requests

19.2.24 (2026-05-28)

compiler

Commit Type Description

6ea6379123 fix prevent namespaced SVG elements from being stripped

20.3.23 (2026-05-28)

compiler

... (truncated)

Commits

29ceeff docs: fix typos in source code comments
e6fe77c fix(core): sanitize meta selectors
See full diff in compare view

Updates @angular/router from 21.2.6 to 21.2.15

Release notes

Sourced from @angular/router's releases.

21.2.15

common

Commit Description

add upper bounds for digitsInfo

sanitize placeholder

compiler

Commit Description

normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)

prevent namespaced SVG elements from being stripped

sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)

strip namespaced SVG script elements during template compilation (#68925)

core

Commit Description

normalize tag names in runtime i18n attribute security context lookup (#68925)

sanitize meta selectors

…th 28 updates Bumps the npm-version-updates group with 27 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `21.2.6` | `21.2.15` | | [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `21.2.6` | `21.2.15` | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `21.2.6` | `21.2.15` | | [@angular/platform-browser](https://github.com/angular/angular/tree/HEAD/packages/platform-browser) | `21.2.6` | `21.2.15` | | [@angular/router](https://github.com/angular/angular/tree/HEAD/packages/router) | `21.2.6` | `21.2.15` | | [@zitadel/angular-auth](https://github.com/zitadel/angular-auth) | `0.0.1` | `1.0.0` | | [zone.js](https://github.com/angular/angular/tree/HEAD/packages/zone.js) | `0.15.1` | `0.16.2` | | [@angular-eslint/builder](https://github.com/angular-eslint/angular-eslint/tree/HEAD/packages/builder) | `21.3.1` | `21.4.0` | | [@angular/build](https://github.com/angular/angular-cli) | `21.2.6` | `21.2.13` | | [@angular/cli](https://github.com/angular/angular-cli) | `21.2.6` | `21.2.13` | | [@angular/compiler-cli](https://github.com/angular/angular/tree/HEAD/packages/compiler-cli) | `21.2.6` | `21.2.15` | | [@commitlint/config-conventional](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/config-conventional) | `20.5.0` | `21.0.2` | | [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.39.4` | `10.0.1` | | [@playwright/test](https://github.com/microsoft/playwright) | `1.58.2` | `1.60.0` | | [@tailwindcss/postcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-postcss) | `4.2.2` | `4.3.0` | | [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) | `5.1.15` | `6.0.0` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.19.15` | `25.9.1` | | [angular-eslint](https://github.com/angular-eslint/angular-eslint/tree/HEAD/packages/angular-eslint) | `21.0.0` | `21.4.0` | | [autoprefixer](https://github.com/postcss/autoprefixer) | `10.4.27` | `10.5.0` | | [eslint](https://github.com/eslint/eslint) | `9.39.4` | `10.4.0` | | [jasmine-core](https://github.com/jasmine/jasmine) | `5.9.0` | `6.2.0` | | [karma-jasmine-html-reporter](https://github.com/dfederm/karma-jasmine-html-reporter) | `2.1.0` | `2.2.0` | | [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) | `5.88.1` | `6.14.2` | | [postcss](https://github.com/postcss/postcss) | `8.5.14` | `8.5.15` | | [prettier](https://github.com/prettier/prettier) | `3.8.1` | `3.8.3` | | [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.46.0` | `8.60.0` | Updates `@angular/common` from 21.2.6 to 21.2.15 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.15/packages/common) Updates `@angular/compiler` from 21.2.6 to 21.2.15 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.15/packages/compiler) Updates `@angular/core` from 21.2.6 to 21.2.15 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.15/packages/core) Updates `@angular/platform-browser` from 21.2.6 to 21.2.15 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.15/packages/platform-browser) Updates `@angular/router` from 21.2.6 to 21.2.15 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.15/packages/router) Updates `@zitadel/angular-auth` from 0.0.1 to 1.0.0 - [Release notes](https://github.com/zitadel/angular-auth/releases) - [Changelog](https://github.com/zitadel/angular-auth/blob/main/release.config.mjs) - [Commits](https://github.com/zitadel/angular-auth/commits/v1.0.0) Updates `zone.js` from 0.15.1 to 0.16.2 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/packages/zone.js/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/zone.js-0.16.2/packages/zone.js) Updates `@angular-eslint/builder` from 21.3.1 to 21.4.0 - [Release notes](https://github.com/angular-eslint/angular-eslint/releases) - [Changelog](https://github.com/angular-eslint/angular-eslint/blob/main/packages/builder/CHANGELOG.md) - [Commits](https://github.com/angular-eslint/angular-eslint/commits/v21.4.0/packages/builder) Updates `@angular/build` from 21.2.6 to 21.2.13 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@v21.2.6...v21.2.13) Updates `@angular/cli` from 21.2.6 to 21.2.13 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@v21.2.6...v21.2.13) Updates `@angular/compiler-cli` from 21.2.6 to 21.2.15 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.15/packages/compiler-cli) Updates `@commitlint/config-conventional` from 20.5.0 to 21.0.2 - [Release notes](https://github.com/conventional-changelog/commitlint/releases) - [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/config-conventional/CHANGELOG.md) - [Commits](https://github.com/conventional-changelog/commitlint/commits/v21.0.2/@commitlint/config-conventional) Updates `@eslint/js` from 9.39.4 to 10.0.1 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v10.0.1/packages/js) Updates `@playwright/test` from 1.58.2 to 1.60.0 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](microsoft/playwright@v1.58.2...v1.60.0) Updates `@tailwindcss/postcss` from 4.2.2 to 4.3.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/@tailwindcss-postcss) Updates `@types/jasmine` from 5.1.15 to 6.0.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine) Updates `@types/node` from 22.19.15 to 25.9.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `angular-eslint` from 21.0.0 to 21.4.0 - [Release notes](https://github.com/angular-eslint/angular-eslint/releases) - [Changelog](https://github.com/angular-eslint/angular-eslint/blob/main/packages/angular-eslint/CHANGELOG.md) - [Commits](https://github.com/angular-eslint/angular-eslint/commits/v21.4.0/packages/angular-eslint) Updates `autoprefixer` from 10.4.27 to 10.5.0 - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](postcss/autoprefixer@10.4.27...10.5.0) Updates `eslint` from 9.39.4 to 10.4.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.4...v10.4.0) Updates `jasmine-core` from 5.9.0 to 6.2.0 - [Release notes](https://github.com/jasmine/jasmine/releases) - [Changelog](https://github.com/jasmine/jasmine/blob/main/RELEASE.md) - [Commits](jasmine/jasmine@v5.9.0...v6.2.0) Updates `karma-jasmine-html-reporter` from 2.1.0 to 2.2.0 - [Release notes](https://github.com/dfederm/karma-jasmine-html-reporter/releases) - [Commits](dfederm/karma-jasmine-html-reporter@v2.1.0...v2.2.0) Updates `knip` from 5.88.1 to 6.14.2 - [Release notes](https://github.com/webpro-nl/knip/releases) - [Commits](https://github.com/webpro-nl/knip/commits/knip@6.14.2/packages/knip) Updates `postcss` from 8.5.14 to 8.5.15 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.14...8.5.15) Updates `prettier` from 3.8.1 to 3.8.3 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.8.1...3.8.3) Updates `tailwindcss` from 4.2.2 to 4.3.0 - [Release notes](https://github.com/tailwindlabs/tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.0/packages/tailwindcss) Updates `typescript` from 5.9.3 to 6.0.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.9.3...v6.0.3) Updates `typescript-eslint` from 8.46.0 to 8.60.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.0/packages/typescript-eslint) --- updated-dependencies: - dependency-name: "@angular/common" dependency-version: 21.2.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@angular/compiler" dependency-version: 21.2.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@angular/core" dependency-version: 21.2.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@angular/platform-browser" dependency-version: 21.2.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@angular/router" dependency-version: 21.2.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@zitadel/angular-auth" dependency-version: 1.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: zone.js dependency-version: 0.16.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: "@angular-eslint/builder" dependency-version: 21.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: "@angular/build" dependency-version: 21.2.13 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@angular/cli" dependency-version: 21.2.13 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@angular/compiler-cli" dependency-version: 21.2.15 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: "@commitlint/config-conventional" dependency-version: 21.0.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: "@eslint/js" dependency-version: 10.0.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: "@playwright/test" dependency-version: 1.60.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: "@tailwindcss/postcss" dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: "@types/jasmine" dependency-version: 6.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: "@types/node" dependency-version: 25.9.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: angular-eslint dependency-version: 21.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: autoprefixer dependency-version: 10.5.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: eslint dependency-version: 10.4.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: jasmine-core dependency-version: 6.2.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: karma-jasmine-html-reporter dependency-version: 2.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: knip dependency-version: 6.14.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: postcss dependency-version: 8.5.15 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: prettier dependency-version: 3.8.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-version-updates - dependency-name: tailwindcss dependency-version: 4.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-version-updates - dependency-name: typescript dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-version-updates - dependency-name: typescript-eslint dependency-version: 8.60.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-version-updates ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 29, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm-version-updates group across 1 directory with 28 updates#70

chore(deps): bump the npm-version-updates group across 1 directory with 28 updates#70
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-version-updates-29f79b7e5f

dependabot Bot commented on behalf of github May 29, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Commit	Description
	normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)
	prevent namespaced SVG elements from being stripped
	sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)
	strip namespaced SVG script elements during template compilation (#68925)

Commit	Description
	normalize tag names in runtime i18n attribute security context lookup (#68925)
	sanitize meta selectors
	support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)
	synchronize core sanitization schema with compiler (#68925)

Commit	Description
	exclude withCredentials requests from transfer cache
	skip TransferCache for cookie-bearing requests by default

Commit	Description
	prevent SSRF bypasses via backslash URLs in HttpClient
	secure location and document initialization against SSRF and path hijack

Commit	Description
	Preserves explicit 'credentials: omit' in asset requests
	Preserves HTTP cache mode in asset group requests

Commit	Description
	do not insert todo when migrating void `@Output`
	makes resource URL sanitizer lookup case-insensitive
	reject script element as a dynamic component host
	visit ICU expressions in signal migration schematics

Commit	Type	Description
7f4ac78994	fix	add upper bounds for digitsInfo
300f61feb3	fix	sanitize placeholder

Commit	Type	Description
0b07f47bd6	fix	normalize tag names with custom namespaces in DomElementSchemaRegistry (#68925)
eb1cbbf2eb	fix	prevent namespaced SVG elements from being stripped
cc1378d54b	fix	sanitize dynamic href and xlink:href bindings on SVG a elements (#68925)
782e01594e	fix	strip namespaced SVG script elements during template compilation (#68925)

Commit	Type	Description
ff12fe55ac	fix	normalize tag names in runtime i18n attribute security context lookup (#68925)
e6fe77cc97	fix	sanitize meta selectors
daaf32937f	fix	support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68925)
dada86e43d	fix	synchronize core sanitization schema with compiler (#68925)

Commit	Type	Description
582a417bd2	fix	exclude withCredentials requests from transfer cache
5c6d6df34b	fix	skip TransferCache for cookie-bearing requests by default

Commit	Type	Description
37e8aadf87	fix	prevent SSRF bypasses via backslash URLs in HttpClient
72696e244e	fix	secure location and document initialization against SSRF and path hijack

Commit	Type	Description
b8bd49341d	fix	Preserves explicit 'credentials: omit' in asset requests
ca32fc1000	fix	Preserves HTTP cache mode in asset group requests

Conversation

dependabot Bot commented on behalf of github May 29, 2026

21.2.15

common

compiler

core

http

platform-server

service-worker

21.2.14

compiler

core

router

21.2.15 (2026-05-28)

common

compiler

core

http

platform-server

service-worker

19.2.24 (2026-05-28)

compiler

20.3.23 (2026-05-28)

compiler

21.2.15

common

compiler

core

http

platform-server

service-worker

21.2.14

compiler

core

router

21.2.15 (2026-05-28)

common

compiler

core

http

platform-server

service-worker

19.2.24 (2026-05-28)

compiler

20.3.23 (2026-05-28)

compiler

21.2.15

common

compiler

core

http

platform-server

service-worker

21.2.14

compiler

core

router

21.2.15 (2026-05-28)

common

compiler

core

http

platform-server

service-worker

19.2.24 (2026-05-28)

compiler

20.3.23 (2026-05-28)

compiler

21.2.15

common

compiler

core

http

platform-server

service-worker

21.2.14

compiler

core

router

21.2.15 (2026-05-28)