Skip to content

chore(deps): bump vite and @angular-devkit/build-angular in /packages/angular-workspace#1489

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/packages/angular-workspace/multi-d647188791
Closed

chore(deps): bump vite and @angular-devkit/build-angular in /packages/angular-workspace#1489
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/packages/angular-workspace/multi-d647188791

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 7, 2026

Removes vite. It's no longer used after updating ancestor dependency @angular-devkit/build-angular. These dependencies need to be updated together.

Removes vite

Updates @angular-devkit/build-angular from 20.0.6 to 20.3.22

Release notes

Sourced from @​angular-devkit/build-angular's releases.

20.3.22

@​angular-devkit/build-angular

Commit Description
fix - 5978eeeff update picomatch to 4.0.4

@​angular-devkit/core

Commit Description
fix - 6e9b92612 update picomatch to 4.0.4

@​angular/build

Commit Description
fix - 6f209c26d update picomatch to 4.0.4

20.3.21

@​angular/ssr

Commit Description
fix - 1dc6992a5 disallow x-forwarded-prefix starting with a backslash
fix - 0a2ff0b2b ensure unique values in redirect response Vary header
fix - cdbac82a8 support custom headers in redirect responses

20.3.20

@​angular/build

Commit Description
fix - 0fd6823af pass process environment variables to prerender workers

20.3.19

@​angular-devkit/build-angular

Commit Description
fix - 0299b4d1a update copy-webpack-plugin to v14.0.0

20.3.18

@​angular-devkit/core

Commit Description
fix - 39596d529 update ajv to 8.18.0

@​angular/build

Commit Description
fix - f668e2778 update rollup to 4.59.0

20.3.17

@​angular/ssr

Commit Description
fix - 8700e18d7 prevent open redirect via X-Forwarded-Prefix header
fix - 67582a946 validate host headers to prevent header-based SSRF

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

20.3.22 (2026-03-27)

@​angular-devkit/build-angular

Commit Type Description
5978eeeff fix update picomatch to 4.0.4

@​angular-devkit/core

Commit Type Description
6e9b92612 fix update picomatch to 4.0.4

@​angular/build

Commit Type Description
6f209c26d fix update picomatch to 4.0.4

19.2.23 (2026-03-27)

@​angular/cli

Commit Type Description
67cfbe32f fix update picomatch to 4.0.4

@​angular-devkit/build-angular

Commit Type Description
771b979e7 fix update picomatch to 4.0.4

@​angular-devkit/core

Commit Type Description
de2da4874 fix update picomatch to 4.0.4

@​angular/build

Commit Type Description
27a9ce4a7 fix update picomatch to 4.0.4

... (truncated)

Commits
  • e18c125 release: cut the v20.3.22 release
  • 6e9b926 fix(@​angular-devkit/core): update picomatch to 4.0.4
  • 5978eee fix(@​angular-devkit/build-angular): update picomatch to 4.0.4
  • 6f209c2 fix(@​angular/build): update picomatch to 4.0.4
  • 34d5245 release: cut the v20.3.21 release
  • 0a2ff0b fix(@​angular/ssr): ensure unique values in redirect response Vary header
  • cdbac82 fix(@​angular/ssr): support custom headers in redirect responses
  • 1dc6992 fix(@​angular/ssr): disallow x-forwarded-prefix starting with a backslash
  • 1e7d877 release: cut the v20.3.20 release
  • 0fd6823 fix(@​angular/build): pass process environment variables to prerender workers
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump vite and @angular-devkit/build-angular
c6cd7da 
Removes [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). It's no longer used after updating ancestor dependency [@angular-devkit/build-angular](https://github.com/angular/angular-cli). These dependencies need to be updated together.


Removes `vite`

Updates `@angular-devkit/build-angular` from 20.0.6 to 20.3.22
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](angular/angular-cli@20.0.6...v20.3.22)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 
  dependency-type: indirect
- dependency-name: "@angular-devkit/build-angular"
  dependency-version: 20.3.22
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 7, 2026
@dependabot dependabot Bot mentioned this pull request Apr 7, 2026
Closed
@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented Apr 7, 2026

⚠️ No Changeset found

Latest commit: c6cd7da

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@netlify
Copy link
Copy Markdown

netlify Bot commented Apr 7, 2026
edited
Loading

Deploy Preview for astro-stencil failed. Why did it fail? →

Name Link
🔨 Latest commit c6cd7da
🔍 Latest deploy log https://app.netlify.com/projects/astro-stencil/deploys/69d46fad605a2b0008b28bb6

@netlify
Copy link
Copy Markdown

netlify Bot commented Apr 7, 2026
edited
Loading

Deploy Preview for astro-preview failed. Why did it fail? →

Name Link
🔨 Latest commit c6cd7da
🔍 Latest deploy log https://app.netlify.com/projects/astro-preview/deploys/69d46fadea88f70008b81c1e

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 9, 2026

Superseded by #1492.

@dependabot dependabot Bot closed this Apr 9, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/packages/angular-workspace/multi-d647188791 branch April 9, 2026 23:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants