Skip to content

Bump @angular/platform-server and @angular/ssr in /web#7

Closed
dependabot[bot] wants to merge 1 commit into
v0.1.0from
dependabot/npm_and_yarn/web/multi-1b37fc7e0b
Closed

Bump @angular/platform-server and @angular/ssr in /web#7
dependabot[bot] wants to merge 1 commit into
v0.1.0from
dependabot/npm_and_yarn/web/multi-1b37fc7e0b

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps @angular/platform-server and @angular/ssr. These dependencies needed to be updated together.
Updates @angular/platform-server from 21.2.14 to 22.0.2

Release notes

Sourced from @​angular/platform-server's releases.

22.0.2

common

Commit Description
fix - 94ea403563 escape anchor fragment in shadow DOM name selector
fix - 6c1f3e9d49 skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Description
fix - 6f1171991a restrict possible event handler check to property names longer than 2 characters

core

Commit Description
fix - 528a34f766 avoid caching missing locale data
fix - e17e8d5422 escape overlapping comment delimiters in escapeCommentText
fix - 59dea13f80 guard against DOM clobbering in declareExperimentalWebMcpTool
fix - 3a48abc15c preserve leave animation for sibling instances sharing a TNode
fix - 93d0a5f95c prevent unsubscribe during emit from throwing off other listeners
fix - b32ee7ceb3 treat iframe credentialless as security-sensitive
perf - f902d1d35e detect existing signal dependency without checking all producer links

http

Commit Description
fix - 6867f77ec7 distinguish repeated transfer cache params
fix - 7ef1399068 skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Description
fix - 15314c1736 migration skip any target are not build or test

22.0.1

common

Commit Description
fix - c4b5fa3c92 escape CSS string-terminating characters in escapeCssUrl
fix - dfff57ede9 Limits date format string length
fix - 3c2892c8df prevent prototype pollution in formatDateTime
fix - 1d87c49f6e use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit Description
fix - 1ee224ca30 disallow i18n event attributes
fix - a56f1cdf8f more robust logic to check if regex can be optimized
fix - 5946c18275 sanitize href/xlink:href attributes of any element of the MathML namespace
fix - 393b84caf8 sanitize two-way properties

compiler-cli

Commit Description
fix - 3d9ca2f173 bind switch exhaustive check expressions

core

... (truncated)

Changelog

Sourced from @​angular/platform-server's changelog.

22.0.2 (2026-06-17)

common

Commit Type Description
94ea403563 fix escape anchor fragment in shadow DOM name selector
6c1f3e9d49 fix skip transfer cache for uncacheable HTTP traffic (#69316)

compiler

Commit Type Description
6f1171991a fix restrict possible event handler check to property names longer than 2 characters

core

Commit Type Description
528a34f766 fix avoid caching missing locale data
e17e8d5422 fix escape overlapping comment delimiters in escapeCommentText
59dea13f80 fix guard against DOM clobbering in declareExperimentalWebMcpTool
3a48abc15c fix preserve leave animation for sibling instances sharing a TNode
93d0a5f95c fix prevent unsubscribe during emit from throwing off other listeners
b32ee7ceb3 fix treat iframe credentialless as security-sensitive
f902d1d35e perf detect existing signal dependency without checking all producer links

http

Commit Type Description
6867f77ec7 fix distinguish repeated transfer cache params
7ef1399068 fix skip transfer cache for fetch credentialed requests (#69316)

migrations

Commit Type Description
15314c1736 fix migration skip any target are not build or test

22.1.0-next.0 (2026-06-10)

Deprecations

http

  • HttpClient.jsonp, HttpClientJsonpModule, and related JSONP classes/functions are deprecated. Use standard HTTP requests instead.

common

Commit Type Description
1ad6824d0d fix skip transfer cache for uncacheable HTTP traffic (#69017)

compiler

Commit Type Description
25c744c4d0 fix support foreign components defined outside top-level scope

compiler-cli

Commit Type Description
aeb55c8bc1 fix allow passing uninvoked signals as foreign component props
7c60a98b3c fix support import aliases in foreignImports (#68674)

... (truncated)

Commits
  • 1881ede refactor(platform-server): deprecate ServerXhr
  • ed48ca7 fix(platform-server): harden platform location origin validation during SSR
  • feb0400 refactor(platform-server): replace standard Error with RuntimeError
  • 7b91309 fix(platform-server): throw on suspicious URLs and restrict protocol-relative...
  • 6e71049 refactor(platform-server): clean up and simplify url resolution utility
  • f7b3ed8 fix(http): Introduce a max buffer size for fetch requests on SSR
  • a97d5ec build: update minimum supported Node.js versions
  • 28338a1 fix(platform-server): prevent SSRF bypasses via backslash URLs in HttpClient
  • 9552252 fix(platform-server): secure location and document initialization against SSR...
  • 119a19e fix(platform-server): forward BEFORE_APP_SERIALIZED errors to ErrorHandler
  • Additional commits viewable in compare view

Updates @angular/ssr from 21.2.12 to 22.0.3

Release notes

Sourced from @​angular/ssr's releases.

22.0.3

@​schematics/angular

Commit Description
fix - 0eddea898 remove default workspace vscode mcp.json configuration

22.0.2

@​angular/cli

Commit Description
fix - 136fc2714 support registry metadata fetching under bun package manager
perf - 2653dd5c7 implement semaphore backpressure throttling in PackageManager

@​angular/build

Commit Description
perf - 0b4a48add implement semaphore backpressure throttling in JavaScriptTransformer

@​angular/ssr

Commit Description
fix - d996a27e9 avoid caching non-SSG page lookups
fix - 285a34e42 correct grammar in console warning for redirected location headers
fix - c8088a536 prioritize options over environment variables in AngularNodeAppEngine

22.0.1

@​schematics/angular

Commit Description
fix - c80012294 fix browserMode option mapping in refactor-jasmine-vitest
fix - a9b6bd904 safely comment out multiline statements in refactor-jasmine-vitest
fix - 12199df00 use null objects and callbacks in karma-to-vitest migration

@​angular/cli

Commit Description
fix - b54e9a549 do not sort migrations of the same version alphabetically
fix - d33311612 fallback to local package.json for schematic detection on first run
fix - 918102a93 isolate temporary package installation from parent pnpm workspace
fix - b048b5f4a remove forceAuth and unscoped credential parsing
fix - 277934035 validate registry option is a valid URL in ng add
perf - 4510dae02 optimize update schematic registry query counts by fetching package metadata lazily

@​angular/build

Commit Description
fix - 89d1be979 allow disabling Vitest isolation from builder
fix - d45b84be9 exclude JSON imports from Vite dependency optimization
fix - e3cab4ddd prevent concurrent stylesheet bundling esbuild context leaks
fix - bd413b0eb restrict application builder output paths to output directory

22.0.0

@​schematics/angular

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular/ssr's changelog.

22.0.3 (2026-06-18)

@​schematics/angular

Commit Type Description
0eddea898 fix remove default workspace vscode mcp.json configuration

21.2.16 (2026-06-17)

@​angular/cli

Commit Type Description
77c9047ac fix update pacote to 21.5.1

@​angular/ssr

Commit Type Description
d052e97da fix prioritize options over environment variables in AngularNodeAppEngine

20.3.29 (2026-06-17)

@​angular/cli

Commit Type Description
5f7c0328c fix update pacote to 21.5.1

@​angular/ssr

Commit Type Description
a75d78e68 fix prioritize options over environment variables in AngularNodeAppEngine

22.0.2 (2026-06-17)

... (truncated)

Commits
  • b30b9d3 release: cut the v22.0.3 release
  • bc97bb3 build: update dependency vite to v7.3.5
  • 0eddea8 fix(@​schematics/angular): remove default workspace vscode mcp.json configuration
  • 08f9959 refactor(@​angular/cli): promote experimental MCP tools to stable
  • aab6c10 release: cut the v22.0.2 release
  • 376e4dc build: update cross-repo angular dependencies
  • d996a27 fix(@​angular/ssr): avoid caching non-SSG page lookups
  • 5714bfc build: update pnpm to v10.34.3
  • f26011a build: lock file maintenance
  • 2879ed9 build: update bazel dependencies
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [@angular/platform-server](https://github.com/angular/angular/tree/HEAD/packages/platform-server) and [@angular/ssr](https://github.com/angular/angular-cli). These dependencies needed to be updated together.

Updates `@angular/platform-server` from 21.2.14 to 22.0.2
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v22.0.2/packages/platform-server)

Updates `@angular/ssr` from 21.2.12 to 22.0.3
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](angular/angular-cli@v21.2.12...v22.0.3)

---
updated-dependencies:
- dependency-name: "@angular/platform-server"
  dependency-version: 22.0.2
  dependency-type: direct:production
- dependency-name: "@angular/ssr"
  dependency-version: 22.0.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 22, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #9.

@dependabot dependabot Bot closed this Jun 22, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/web/multi-1b37fc7e0b branch June 22, 2026 11:18
ChandruWritesCode added a commit that referenced this pull request Jul 5, 2026
…essages

made some pages theme ready and UI/UX improvs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants