Skip to content

chore(deps): bump @angular/compiler from 20.3.16 to 22.0.1#1348

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/angular/compiler-22.0.1
Open

chore(deps): bump @angular/compiler from 20.3.16 to 22.0.1#1348
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/angular/compiler-22.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 10, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps @angular/compiler from 20.3.16 to 22.0.1.

Release notes

Sourced from @​angular/compiler's releases.

22.0.1

common

Commit Description
fix - c4b5fa3c92 escape CSS string-terminating characters in escapeCssUrl
fix - dfff57ede9 Limits date format string length
fix - 3c2892c8df prevent prototype pollution in formatDateTime
fix - 1d87c49f6e use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit Description
fix - 1ee224ca30 disallow i18n event attributes
fix - a56f1cdf8f more robust logic to check if regex can be optimized
fix - 5946c18275 sanitize href/xlink:href attributes of any element of the MathML namespace
fix - 393b84caf8 sanitize two-way properties

compiler-cli

Commit Description
fix - 3d9ca2f173 bind switch exhaustive check expressions

core

Commit Description
fix - 669146b0e7 disable WebMCP during SSR
fix - 562a566ead Handle synchronous errors in PendingTasks.run function
fix - fa546f382d harden TransferState restoration against DOM clobbering
fix - 29fdb98684 prevent dangling prevConsumer reference from leaking destroyed views (#68681)
fix - cdcea80327 require WebMCP tool descriptions
fix - 4289c4c840 update comment for Default change detection
fix - 3dd433b39a use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
fix - 045bb736b3 validate lowercase SVG animation attribute names

forms

Commit Description
fix - 11836a670a delay mcp reading the form model by a tick
fix - 85d2d100e3 harden FormGroup control lookups against prototype shadowing
fix - e51ad374ea remove animationstart listener on component destroy to prevent memory leak
fix - 55b7b5a6b6 set additionalProperties: false on generated WebMCP form

http

Commit Description
fix - ffb06c0514 ensure query parameters are inserted before URL fragments
fix - 2dd65d21e6 pass down the reportUploadProgress and reportDownloadProgress on post/patch requests
fix - 4254eb416c preserve empty referrer option in HttpRequest
fix - 167bd4c162 Rejects non-HTTP(S) URLs in JSONP requests

language-service

Commit Description
fix - 43a0e28729 prevent external template inlay hints from appearing in TS files

platform-server

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular/compiler's changelog.

22.0.1 (2026-06-10)

Deprecations

platform-server

  • XHR support in @angular/platform-server is deprecated. Use standard fetch APIs instead. (cherry picked from commit 8446e46f8bc33bd4419fa7f6106b8d117ca2e099)

common

Commit Type Description
c4b5fa3c92 fix escape CSS string-terminating characters in escapeCssUrl
dfff57ede9 fix Limits date format string length
3c2892c8df fix prevent prototype pollution in formatDateTime
1d87c49f6e fix use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit Type Description
1ee224ca30 fix disallow i18n event attributes
a56f1cdf8f fix more robust logic to check if regex can be optimized
5946c18275 fix sanitize href/xlink:href attributes of any element of the MathML namespace
393b84caf8 fix sanitize two-way properties

compiler-cli

Commit Type Description
3d9ca2f173 fix bind switch exhaustive check expressions

core

Commit Type Description
669146b0e7 fix disable WebMCP during SSR
562a566ead fix Handle synchronous errors in PendingTasks.run function
fa546f382d fix harden TransferState restoration against DOM clobbering
29fdb98684 fix prevent dangling prevConsumer reference from leaking destroyed views (#68681)
cdcea80327 fix require WebMCP tool descriptions
4289c4c840 fix update comment for Default change detection
3dd433b39a fix use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
045bb736b3 fix validate lowercase SVG animation attribute names

forms

Commit Type Description
11836a670a fix delay mcp reading the form model by a tick
85d2d100e3 fix harden FormGroup control lookups against prototype shadowing
e51ad374ea fix remove animationstart listener on component destroy to prevent memory leak
55b7b5a6b6 fix set additionalProperties: false on generated WebMCP form

http

Commit Type Description
ffb06c0514 fix ensure query parameters are inserted before URL fragments
2dd65d21e6 fix pass down the reportUploadProgress and reportDownloadProgress on post/patch requests
4254eb416c fix preserve empty referrer option in HttpRequest
167bd4c162 fix Rejects non-HTTP(S) URLs in JSONP requests

language-service

| Commit | Type | Description |

... (truncated)

Commits
  • 4645850 refactor(compiler): Remove 80 char limit on AbstractEmitterVisitor
  • 1ee224c fix(compiler): disallow i18n event attributes
  • 5946c18 fix(compiler): sanitize href/xlink:href attributes of any element of the ...
  • 393b84c fix(compiler): sanitize two-way properties
  • 3d9ca2f fix(compiler-cli): bind switch exhaustive check expressions
  • a56f1cd fix(compiler): more robust logic to check if regex can be optimized
  • 2891f7e fix(compiler): move projection attributes into constants
  • 94d520f fix(compiler): prevent namespaced SVG <style> elements from being stripped
  • d9c38e5 docs: fix typos in source code comments
  • a08e4fb fix(core): normalize tag names in runtime i18n attribute security context loo...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump @angular/compiler from 20.3.16 to 22.0.1
47079b6 
Bumps [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) from 20.3.16 to 22.0.1.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v22.0.1/packages/compiler)

---
updated-dependencies:
- dependency-name: "@angular/compiler"
  dependency-version: 22.0.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 10, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 10, 2026 20:49
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 10, 2026
@dependabot dependabot Bot mentioned this pull request Jun 10, 2026
Closed
@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

4 similar comments
@dependabot @github

dependabot Bot commented on behalf of github Jun 16, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@dependabot @github

dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants