Skip to content

chore(deps): update dependency @angular/compiler-cli to v21.2.18#6

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/angular-monorepo
Open

chore(deps): update dependency @angular/compiler-cli to v21.2.18#6
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/angular-monorepo

Conversation

@renovate

@renovate renovate Bot commented Jul 18, 2026

Copy link
Copy Markdown

This PR contains the following updates:

Package Change Age Confidence
@angular/compiler-cli (source) 21.2.921.2.18 age confidence

Release Notes

angular/angular (@​angular/compiler-cli)

v21.2.18

Compare Source

compiler-cli
Commit Type Description
8d22cc953b fix update babel dependencies to latest v7
core
Commit Type Description
6bcce117fb fix avoid caching missing locale data
5a693bafcd fix reject dynamic script host elements
http
Commit Type Description
91df739b80 fix prevent caching of responses with Set-Cookie headers
service-worker
Commit Type Description
1804f73bec fix preserve referrer in asset requests
e86c31bf26 fix preserve referrer policy in asset requests

v21.2.17

Compare Source

Deprecations

platform-server
  • XHR support in @angular/platform-server is deprecated. Use standard fetch APIs instead.
common
Commit Type Description
86a56dc279 fix Limits date format string length
d846326b07 fix skip transfer cache for uncacheable HTTP traffic
bc55749698 fix use cryptographically secure SHA-256 for transfer cache key generation
compiler
Commit Type Description
dc9c99636d fix sanitize two-way properties
core
Commit Type Description
1523061137 fix harden TransferState restoration against DOM clobbering
88832c84f8 fix validate lowercase SVG animation attribute names (#​69269)
http
Commit Type Description
bcb1b7ea25 fix preserve empty referrer option in HttpRequest
a810a319d1 fix Rejects non-HTTP(S) URLs in JSONP requests
e245d40c4d fix skip transfer cache for fetch credentialed requests
platform-server
Commit Type Description
35510746b7 fix harden platform location origin validation during SSR
13fb0afe93 refactor deprecate ServerXhr (#​69255)
service-worker
Commit Type Description
b9d29381bb fix Strips sensitive headers on cross-origin redirects

v21.2.16

Compare Source

common
Commit Type Description
f6d8e642b0 fix only strip a literal /index.html suffix from URLs
compiler
Commit Type Description
ae1c8a1f7a fix move projection attributes into constants
core
Commit Type Description
3fd6897a67 fix harden inherit definition feature against polluted prototypes
7e38336dc7 fix use Object.create(null) for LOCALE_DATA as a hardening measure
platform-server
Commit Type Description
66821c4ed5 fix throw on suspicious URLs and restrict protocol-relative URLs
d3170031b6 fix update domino to latest version

v21.2.15

Compare Source

common
Commit Type Description
7f4ac78994 fix add upper bounds for digitsInfo
300f61feb3 fix sanitize placeholder
compiler
Commit Type Description
0b07f47bd6 fix normalize tag names with custom namespaces in DomElementSchemaRegistry (#​68925)
eb1cbbf2eb fix prevent namespaced SVG <style> elements from being stripped
cc1378d54b fix sanitize dynamic href and xlink:href bindings on SVG a elements (#​68925)
782e01594e fix strip namespaced SVG script elements during template compilation (#​68925)
core
Commit Type Description
ff12fe55ac fix normalize tag names in runtime i18n attribute security context lookup (#​68925)
e6fe77cc97 fix sanitize meta selectors
daaf32937f fix support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#​68925)
dada86e43d fix synchronize core sanitization schema with compiler (#​68925)
http
Commit Type Description
582a417bd2 fix exclude withCredentials requests from transfer cache
5c6d6df34b fix skip TransferCache for cookie-bearing requests by default
platform-server
Commit Type Description
37e8aadf87 fix prevent SSRF bypasses via backslash URLs in HttpClient
72696e244e fix secure location and document initialization against SSRF and path hijack
service-worker
Commit Type Description
b8bd49341d fix Preserves explicit 'credentials: omit' in asset requests
ca32fc1000 fix Preserves HTTP cache mode in asset group requests

v21.2.14

Compare Source

compiler
Commit Type Description
68282dff9f fix strip namespaced SVG script elements during template compilation
core
Commit Type Description
c0f52272ed fix do not insert todo when migrating void @​Output
938a7f3edd fix makes resource URL sanitizer lookup case-insensitive
0fb2724194 fix reject script element as a dynamic component host
49113ac0ef fix visit ICU expressions in signal migration schematics
router
Commit Type Description
099bf577ee fix skip scroll-to-top on initial navigation when hydrating

v21.2.13

Compare Source

core
Commit Type Description
1c6553e97d fix disallow event attribute bindings in host bindings unconditionally
platform-server
Commit Type Description
629905d537 fix add allowedHosts option to renderModule and renderApplication
0b7192f441 fix forward BEFORE_APP_SERIALIZED errors to ErrorHandler

v21.2.12

Compare Source

core
Commit Type Description
fe13bb669d fix allow explicit read generic with signal input transforms
3430251fef fix i18n flags leaking on errors
1aeebbe304 fix respect ngSkipHydration on components with projectable nodes in LContainers
9e38ed7d57 fix sanitizer typings
7a05a9a71a fix validate security-sensitive attributes in i18n bindings
c37f6ca42f fix visit ng-let expression value in signal migration schematics
forms
Commit Type Description
03ad53863b fix prohibit concurrent submits in signal forms

v21.2.11

Compare Source

common
Commit Type Description
10ad3c0692 fix prevent focus from scrollToAnchor
compiler
Commit Type Description
4f5d8a2c0b fix let declaration span not including end character
core
Commit Type Description
a40e2cebc8 fix fix ordering of view queries metadata in JIT mode
885a1a1d97 fix guard against non-object events and avoid listener wrapper identity mismatch
7a64aff9b5 fix prevent event replay double-invocation when element hydrates before app stability
platform-server
Commit Type Description
be1f80a253 fix ensure origin has a trailing slash when parsing url

v21.2.10

Compare Source

docs
Commit Type Description
0d5ee9ae1b fix link formatting in "Animating your Application with CSS"
migrations
Commit Type Description
5533ab4f56 fix fix NgClass leaving trailing comma after removal
router
Commit Type Description
580212c995 fix restore internal URL on popstate when browserUrl is used

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants