build(deps): Bump the angular-stack group across 1 directory with 5 updates by dependabot[bot] · Pull Request #3284 · device-management-toolkit/sample-web-ui

dependabot · 2026-04-30T03:43:35Z

Bumps the angular-stack group with 5 updates in the / directory:

Package	From	To
@angular/common	`21.2.10`	`21.2.12`
@angular/compiler	`21.2.10`	`21.2.12`
@angular/core	`21.2.10`	`21.2.12`
@angular-devkit/build-angular	`21.2.8`	`21.2.10`
@angular/cli	`21.2.8`	`21.2.10`

Updates @angular/common from 21.2.10 to 21.2.12

Release notes

Sourced from @angular/common's releases.

21.2.12

core

Commit Description

allow explicit read generic with signal input transforms

i18n flags leaking on errors

respect ngSkipHydration on components with projectable nodes in LContainers

sanitizer typings

validate security-sensitive attributes in i18n bindings

visit ng-let expression value in signal migration schematics

forms

Commit Description

prohibit concurrent submits in signal forms

21.2.11

common

Commit Description

prevent focus from scrollToAnchor

compiler

Commit Description

let declaration span not including end character

core

Commit Description

fix ordering of view queries metadata in JIT mode

guard against non-object events and avoid listener wrapper identity mismatch

prevent event replay double-invocation when element hydrates before app stability

platform-server

Commit Description

ensure origin has a trailing slash when parsing url

Changelog

Sourced from @angular/common's changelog.

21.2.12 (2026-05-06)

core

Commit Type Description

fe13bb669d fix allow explicit read generic with signal input transforms

3430251fef fix i18n flags leaking on errors

1aeebbe304 fix respect ngSkipHydration on components with projectable nodes in LContainers

9e38ed7d57 fix sanitizer typings

7a05a9a71a fix validate security-sensitive attributes in i18n bindings

c37f6ca42f fix visit ng-let expression value in signal migration schematics

forms

Commit Type Description

03ad53863b fix prohibit concurrent submits in signal forms

20.3.20 (2026-05-06)

core

Commit Type Description

a9bcffdbc7 fix disallow event attribute bindings in host bindings unconditionally (#68468)

97eeb45cfa fix validate security-sensitive attributes in i18n bindings (#68468)

platform-server

Commit Type Description

25e4e07238 fix ensure origin has a trailing slash when parsing url (#68468)

22.0.0-next.10 (2026-04-29)

common

Commit Type Description

97cac1cf4d fix prevent focus from scrollToAnchor

compiler

Commit Type Description

2896c93cc1 feat Angular expressions with optional chaining returns undefined

6bd1721662 fix let declaration span not including end character

core

Commit Type Description

444b024d49 feat Add a injectAsync helper function

8c11816490 fix fix ordering of view queries metadata in JIT mode

3583c01bf9 fix guard against non-object events and avoid listener wrapper identity mismatch

d5fd51e956 fix prevent event replay double-invocation when element hydrates before app stability

migrations

... (truncated)

Commits

30cf85f refactor(common): update deprecation message
42d57c3 refactor(common): fix viewport tests
10ad3c0 fix(common): prevent focus from scrollToAnchor
See full diff in compare view

Updates @angular/compiler from 21.2.10 to 21.2.12

Release notes

Sourced from @angular/compiler's releases.

21.2.12

core

Commit Description

allow explicit read generic with signal input transforms

i18n flags leaking on errors

respect ngSkipHydration on components with projectable nodes in LContainers

sanitizer typings

validate security-sensitive attributes in i18n bindings

visit ng-let expression value in signal migration schematics

forms

Commit Description

prohibit concurrent submits in signal forms

21.2.11

common

Commit Description

prevent focus from scrollToAnchor

compiler

Commit Description

let declaration span not including end character

core

Commit Description

fix ordering of view queries metadata in JIT mode

guard against non-object events and avoid listener wrapper identity mismatch

prevent event replay double-invocation when element hydrates before app stability

platform-server

Commit Description

ensure origin has a trailing slash when parsing url

Changelog

Sourced from @angular/compiler's changelog.

21.2.12 (2026-05-06)

core

Commit Type Description

fe13bb669d fix allow explicit read generic with signal input transforms

3430251fef fix i18n flags leaking on errors

1aeebbe304 fix respect ngSkipHydration on components with projectable nodes in LContainers

9e38ed7d57 fix sanitizer typings

7a05a9a71a fix validate security-sensitive attributes in i18n bindings

c37f6ca42f fix visit ng-let expression value in signal migration schematics

forms

Commit Type Description

03ad53863b fix prohibit concurrent submits in signal forms

20.3.20 (2026-05-06)

core

Commit Type Description

a9bcffdbc7 fix disallow event attribute bindings in host bindings unconditionally (#68468)

97eeb45cfa fix validate security-sensitive attributes in i18n bindings (#68468)

platform-server

Commit Type Description

25e4e07238 fix ensure origin has a trailing slash when parsing url (#68468)

22.0.0-next.10 (2026-04-29)

common

Commit Type Description

97cac1cf4d fix prevent focus from scrollToAnchor

compiler

Commit Type Description

2896c93cc1 feat Angular expressions with optional chaining returns undefined

6bd1721662 fix let declaration span not including end character

core

Commit Type Description

444b024d49 feat Add a injectAsync helper function

8c11816490 fix fix ordering of view queries metadata in JIT mode

3583c01bf9 fix guard against non-object events and avoid listener wrapper identity mismatch

d5fd51e956 fix prevent event replay double-invocation when element hydrates before app stability

migrations

... (truncated)

Commits

4f5d8a2 fix(compiler): let declaration span not including end character
See full diff in compare view

Updates @angular/core from 21.2.10 to 21.2.12

Release notes

Sourced from @angular/core's releases.

21.2.12

core

Commit Description

allow explicit read generic with signal input transforms

i18n flags leaking on errors

respect ngSkipHydration on components with projectable nodes in LContainers

sanitizer typings

validate security-sensitive attributes in i18n bindings

visit ng-let expression value in signal migration schematics

forms

Commit Description

prohibit concurrent submits in signal forms

21.2.11

common

Commit Description

prevent focus from scrollToAnchor

compiler

Commit Description

let declaration span not including end character

core

Commit Description

fix ordering of view queries metadata in JIT mode

guard against non-object events and avoid listener wrapper identity mismatch

prevent event replay double-invocation when element hydrates before app stability

platform-server

Commit Description

ensure origin has a trailing slash when parsing url

Changelog

Sourced from @angular/core's changelog.

21.2.12 (2026-05-06)

core

Commit Type Description

fe13bb669d fix allow explicit read generic with signal input transforms

3430251fef fix i18n flags leaking on errors

1aeebbe304 fix respect ngSkipHydration on components with projectable nodes in LContainers

9e38ed7d57 fix sanitizer typings

7a05a9a71a fix validate security-sensitive attributes in i18n bindings

c37f6ca42f fix visit ng-let expression value in signal migration schematics

forms

Commit Type Description

03ad53863b fix prohibit concurrent submits in signal forms

20.3.20 (2026-05-06)

core

Commit Type Description

a9bcffdbc7 fix disallow event attribute bindings in host bindings unconditionally (#68468)

97eeb45cfa fix validate security-sensitive attributes in i18n bindings (#68468)

platform-server

Commit Type Description

25e4e07238 fix ensure origin has a trailing slash when parsing url (#68468)

22.0.0-next.10 (2026-04-29)

common

Commit Type Description

97cac1cf4d fix prevent focus from scrollToAnchor

compiler

Commit Type Description

2896c93cc1 feat Angular expressions with optional chaining returns undefined

6bd1721662 fix let declaration span not including end character

core

Commit Type Description

444b024d49 feat Add a injectAsync helper function

8c11816490 fix fix ordering of view queries metadata in JIT mode

3583c01bf9 fix guard against non-object events and avoid listener wrapper identity mismatch

d5fd51e956 fix prevent event replay double-invocation when element hydrates before app stability

migrations

... (truncated)

Commits

9e38ed7 fix(core): sanitizer typings
3430251 fix(core): i18n flags leaking on errors
c37f6ca fix(core): visit ng-let expression value in signal migration schematics
fe13bb6 fix(core): allow explicit read generic with signal input transforms
7a05a9a fix(core): validate security-sensitive attributes in i18n bindings
1aeebbe fix(core): respect ngSkipHydration on components with projectable nodes in LC...
4900e45 build: update cross-repo angular dependencies
a40e2ce fix(core): fix ordering of view queries metadata in JIT mode
9bcbf37 refactor(core): fix bundling symbol test
885a1a1 fix(core): guard against non-object events and avoid listener wrapper identit...
Additional commits viewable in compare view

Updates @angular-devkit/build-angular from 21.2.8 to 21.2.10

Release notes

Sourced from @angular-devkit/build-angular's releases.

21.2.10

@angular/cli

Commit Description

restrict MCP workspace access to allowed client roots during resolution

21.2.9

@schematics/angular

Commit Description

add missing imports for focus and skip APIs in refactor-jasmine-vitest

@angular/cli

Commit Description

fix broken img ref in ai-tutor

introduce initial package manager workspace awareness

remove standalone true ref in ai tutor

@angular/ssr

Commit Description

introduce trustProxyHeaders option to safely validate and sanitize proxy headers

add support for configuring trusted proxy headers via environment variable

decode route segments when building and matching route tree

use router to normalize URLs for comparison

Changelog

Sourced from @angular-devkit/build-angular's changelog.

21.2.10 (2026-05-06)

@angular/cli

Commit Type Description

bb8611913 fix restrict MCP workspace access to allowed client roots during resolution

19.2.25 (2026-04-30)

@angular-devkit/build-angular

Commit Type Description

49ae0ad2d fix upgrade postcss to 8.5.12

@angular/build

Commit Type Description

2d53feca5 fix update esbuild to 0.28.0

@angular/ssr

Commit Type Description

02ce8bf26 fix introduce trustProxyHeaders option to safely validate and sanitize proxy headers

22.0.0-next.7 (2026-04-29)

@angular/cli

Commit Type Description

0572df064 fix fix broken img ref in ai-tutor

d6121b5e8 fix introduce initial package manager workspace awareness

48eab1fc0 fix remove standalone true ref in ai tutor

@schematics/angular

Commit Type Description

... (truncated)

Commits

64cbd62 release: cut the v21.2.10 release
6f26f4f build: lock file maintenance
111dcc3 refactor(@angular/cli): re-add resolveModule for find examples tool
5418ebb build: update cross-repo angular dependencies
a2c8029 refactor: configure Gemini reviewer to ignore lockfile and changelog
7130c92 refactor(@angular/cli): integrate MCP roots into Host abstraction
bb86119 fix(@angular/cli): restrict MCP workspace access to allowed client roots duri...
564b108 release: cut the v21.2.9 release
dbda92b build: update cross-repo angular dependencies
828c175 build: update pnpm to v10.33.2
Additional commits viewable in compare view

Updates @angular/cli from 21.2.8 to 21.2.10

Release notes

Sourced from @angular/cli's releases.

21.2.10

@angular/cli

Commit Description

restrict MCP workspace access to allowed client roots during resolution

21.2.9

@schematics/angular

Commit Description

add missing imports for focus and skip APIs in refactor-jasmine-vitest

@angular/cli

Commit Description

fix broken img ref in ai-tutor

introduce initial package manager workspace awareness

remove standalone true ref in ai tutor

@angular/ssr

Commit Description

introduce trustProxyHeaders option to safely validate and sanitize proxy headers

add support for configuring trusted proxy headers via environment variable

decode route segments when building and matching route tree

use router to normalize URLs for comparison

Changelog

Sourced from @angular/cli's changelog.

21.2.10 (2026-05-06)

@angular/cli

Commit Type Description

bb8611913 fix restrict MCP workspace access to allowed client roots during resolution

19.2.25 (2026-04-30)

@angular-devkit/build-angular

Commit Type Description

49ae0ad2d fix upgrade postcss to 8.5.12

@angular/build

Commit Type Description

2d53feca5 fix update esbuild to 0.28.0

@angular/ssr

Commit Type Description

02ce8bf26 fix introduce trustProxyHeaders option to safely validate and sanitize proxy headers

22.0.0-next.7 (2026-04-29)

@angular/cli

Commit Type Description

0572df064 fix fix broken img ref in ai-tutor

d6121b5e8 fix introduce initial package manager workspace awareness

48eab1fc0 fix remove standalone true ref in ai tutor

@schematics/angular

Commit Type Description

... (truncated)

Commits

64cbd62 release: cut the v21.2.10 release
6f26f4f build: lock file maintenance
111dcc3 refactor(@angular/cli): re-add resolveModule for find examples tool
5418ebb build: update cross-repo angular dependencies
a2c8029 refactor: configure Gemini reviewer to ignore lockfile and changelog
7130c92 refactor(@angular/cli): integrate MCP roots into Host abstraction
bb86119 fix(@angular/cli): restrict MCP workspace access to allowed client roots duri...
564b108 release: cut the v21.2.9 release
dbda92b build: update cross-repo angular dependencies
828c175 build: update pnpm to v10.33.2
Additional commits viewable in compare view

…pdates Bumps the angular-stack group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `21.2.10` | `21.2.12` | | [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `21.2.10` | `21.2.12` | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `21.2.10` | `21.2.12` | | [@angular-devkit/build-angular](https://github.com/angular/angular-cli) | `21.2.8` | `21.2.10` | | [@angular/cli](https://github.com/angular/angular-cli) | `21.2.8` | `21.2.10` | Updates `@angular/common` from 21.2.10 to 21.2.12 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.12/packages/common) Updates `@angular/compiler` from 21.2.10 to 21.2.12 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.12/packages/compiler) Updates `@angular/core` from 21.2.10 to 21.2.12 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.12/packages/core) Updates `@angular-devkit/build-angular` from 21.2.8 to 21.2.10 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@v21.2.8...v21.2.10) Updates `@angular/cli` from 21.2.8 to 21.2.10 - [Release notes](https://github.com/angular/angular-cli/releases) - [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md) - [Commits](angular/angular-cli@v21.2.8...v21.2.10) --- updated-dependencies: - dependency-name: "@angular-devkit/build-angular" dependency-version: 21.2.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: angular-stack - dependency-name: "@angular/cli" dependency-version: 21.2.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: angular-stack - dependency-name: "@angular/common" dependency-version: 21.2.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: angular-stack - dependency-name: "@angular/compiler" dependency-version: 21.2.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: angular-stack - dependency-name: "@angular/core" dependency-version: 21.2.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: angular-stack ... Signed-off-by: dependabot[bot] <support@github.com>

…18eb

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 30, 2026

dependabot Bot changed the title ~~build(deps): Bump the angular-stack group with 5 updates~~ build(deps): Bump the angular-stack group across 1 directory with 5 updates May 1, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-stack-5eda1d18eb branch 4 times, most recently from 35902b2 to 0d7a993 Compare May 6, 2026 03:43

dependabot Bot force-pushed the dependabot/npm_and_yarn/angular-stack-5eda1d18eb branch from 0d7a993 to f40ef4b Compare May 11, 2026 03:48

madhavilosetty-intel force-pushed the dependabot/npm_and_yarn/angular-stack-5eda1d18eb branch from f40ef4b to f55e002 Compare May 11, 2026 17:09

madhavilosetty-intel force-pushed the dependabot/npm_and_yarn/angular-stack-5eda1d18eb branch from 38730d6 to e140c5a Compare May 11, 2026 17:14

Merge branch 'main' into dependabot/npm_and_yarn/angular-stack-5eda1d…

09653ad

…18eb

madhavilosetty-intel enabled auto-merge (squash) May 11, 2026 17:19

madhavilosetty-intel approved these changes May 11, 2026

View reviewed changes

madhavilosetty-intel merged commit e2ec997 into main May 11, 2026
8 checks passed

madhavilosetty-intel deleted the dependabot/npm_and_yarn/angular-stack-5eda1d18eb branch May 11, 2026 17:22

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): Bump the angular-stack group across 1 directory with 5 updates#3284

build(deps): Bump the angular-stack group across 1 directory with 5 updates#3284
madhavilosetty-intel merged 2 commits into
mainfrom
dependabot/npm_and_yarn/angular-stack-5eda1d18eb

dependabot Bot commented on behalf of github Apr 30, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Commit	Description
	allow explicit read generic with signal input transforms
	i18n flags leaking on errors
	respect ngSkipHydration on components with projectable nodes in LContainers
	sanitizer typings
	validate security-sensitive attributes in i18n bindings
	visit ng-let expression value in signal migration schematics

Commit	Description
	fix ordering of view queries metadata in JIT mode
	guard against non-object events and avoid listener wrapper identity mismatch
	prevent event replay double-invocation when element hydrates before app stability

Commit	Type	Description
fe13bb669d	fix	allow explicit read generic with signal input transforms
3430251fef	fix	i18n flags leaking on errors
1aeebbe304	fix	respect ngSkipHydration on components with projectable nodes in LContainers
9e38ed7d57	fix	sanitizer typings
7a05a9a71a	fix	validate security-sensitive attributes in i18n bindings
c37f6ca42f	fix	visit ng-let expression value in signal migration schematics

Commit	Type	Description
a9bcffdbc7	fix	disallow event attribute bindings in host bindings unconditionally (#68468)
97eeb45cfa	fix	validate security-sensitive attributes in i18n bindings (#68468)

Commit	Type	Description
2896c93cc1	feat	Angular expressions with optional chaining returns `undefined`
6bd1721662	fix	let declaration span not including end character

Commit	Type	Description
444b024d49	feat	Add a `injectAsync` helper function
8c11816490	fix	fix ordering of view queries metadata in JIT mode
3583c01bf9	fix	guard against non-object events and avoid listener wrapper identity mismatch
d5fd51e956	fix	prevent event replay double-invocation when element hydrates before app stability

Commit	Description
	fix broken img ref in ai-tutor
	introduce initial package manager workspace awareness
	remove standalone true ref in ai tutor

Commit	Description
	introduce trustProxyHeaders option to safely validate and sanitize proxy headers
	add support for configuring trusted proxy headers via environment variable
	decode route segments when building and matching route tree
	use router to normalize URLs for comparison

Commit	Type	Description
0572df064	fix	fix broken img ref in ai-tutor
d6121b5e8	fix	introduce initial package manager workspace awareness
48eab1fc0	fix	remove standalone true ref in ai tutor

Conversation

dependabot Bot commented on behalf of github Apr 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

21.2.12

core

forms

21.2.11

common

compiler

core

platform-server

21.2.12 (2026-05-06)

core

forms

20.3.20 (2026-05-06)

core

platform-server

22.0.0-next.10 (2026-04-29)

common

compiler

core

migrations

21.2.12

core

forms

21.2.11

common

compiler

core

platform-server

21.2.12 (2026-05-06)

core

forms

20.3.20 (2026-05-06)

core

platform-server

22.0.0-next.10 (2026-04-29)

common

compiler

core

migrations

21.2.12

core

forms

21.2.11

common

compiler

core

platform-server

21.2.12 (2026-05-06)

core

forms

20.3.20 (2026-05-06)

core

platform-server

22.0.0-next.10 (2026-04-29)

common

compiler

core

migrations

21.2.10

@​angular/cli

21.2.9

@​schematics/angular

@​angular/cli

@​angular/ssr

21.2.10 (2026-05-06)

@​angular/cli

19.2.25 (2026-04-30)

@​angular-devkit/build-angular

@​angular/build

@​angular/ssr

22.0.0-next.7 (2026-04-29)

@​angular/cli

@​schematics/angular

21.2.10

@​angular/cli

21.2.9

@​schematics/angular

@​angular/cli

dependabot Bot commented on behalf of github Apr 30, 2026 •

edited

Loading

`@angular/cli`

`@schematics/angular`

`@angular/cli`

`@angular/ssr`

`@angular/cli`

`@angular-devkit/build-angular`

`@angular/build`

`@angular/ssr`

`@angular/cli`

`@schematics/angular`

`@angular/cli`

`@schematics/angular`

`@angular/cli`

`@angular/ssr`

`@angular/cli`

`@angular-devkit/build-angular`

`@angular/build`

`@angular/ssr`

`@angular/cli`

`@schematics/angular`