fix(deps): update dependency @angular/core to v10 [security] #1041

renovate · 2024-08-06T10:13:29Z

This PR contains the following updates:

Package	Change	Age	Confidence
@angular/core (source)	`9.0.0` -> `10.2.5`

GitHub Vulnerability Alerts

CVE-2021-4231

A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.

Release Notes

angular/angular (@angular/core)

Commit	Type	Description
710759ddcc	fix	account for let declarations in control flow migration (#59861)
46f36a58bf	fix	count used dependencies inside existing control flow (#59861)

Commit	Type	Description
d7b5c597ffc	fix	gracefully fall back if const enum cannot be passed through (#59815)
53a4668b58b	fix	handle const enums used inside HMR data (#59815)
976125e0b4c	fix	handle enum members without initializers in partial evaluator (#59815)

Commit	Type	Description
544b9ee7ca0	fix	check whether application is destroyed before printing hydration stats (#59716)
d6e78c072dc	fix	ensure type is preserved during HMR (#59700)
c2436702df9	fix	fixes test timer-based test flakiness in CI (#59674)

Commit	Type	Description
1828a840620	fix	prepend `baseHref` to `sourceMappingURL` in CSS content (#59730)
1c84cbca30e	fix	Update pseudoevent created by createMouseSpecialEvent to populate `_originalEvent` property (#59690)
12256574626	fix	Update pseudoevent created by createMouseSpecialEvent to populate `_originalEvent` property (#59690)
3f4d5f636aa	fix	Update pseudoevent created by createMouseSpecialEvent to populate `_originalEvent` property (#59690)

Commit	Type	Description
53160e504d	fix	extract parenthesized dependencies during HMR (#59644)
39690969af	fix	handle conditional expressions when extracting dependencies (#59637)
78af7a5059	fix	handle new expressions when extracting dependencies (#59637)

Commit	Type	Description
408af24ff3	fix	capture self-referencing component during HMR (#59644)
d7575c201c	fix	replace metadata in place during HMR (#59644)
26f6d4c485	fix	skip component ID collision warning during SSR (#59625)

Commit	Type	Description
a4eb74c79c	fix	animation sometimes renderer not being destroyed during HMR (#59574)
906413aba3	fix	change `Resource` to use explicit `undefined` in its typings (#59024)
4eb541837c	fix	cleanup `_ejsa` when app is destroyed (#59492)
5497102769	fix	cleanup stash listener when app is destroyed (#59598)
266a8f2f2e	fix	handle shadow DOM encapsulated component with HMR (#59597)
6f7716268a	fix	HMR not matching component that injects ViewContainerRef (#59596)
d12a186d53	fix	treat exceptions in `equal` as part of computation (#55818)

Commit	Type	Description
ceadd28ea1	fix	allow $any in two-way bindings (#59362)
aed49ddaaa	fix	use chunk origin in template HMR request URL (#59459)

Commit	Type	Description
d010e11b73	feat	add event listener options to renderer (#59092)
57f3550219	feat	add utility for resolving defer block information to ng global (#59184)
22f191f763	feat	extend the set of profiler events (#59183)
e894a5daea	feat	set kind field on template and effect nodes (#58865)
bd1f1294ae	feat	support TypeScript 5.7 (#58609)
9870b643bf	fix	Defer afterRender until after first CD (#58250)
a5fc962094	fix	Don't run effects in check no changes pass (#58250)

Commit	Type	Description
d298d25426	feat	add schematic to clean up unused imports (#59353)
14fb8ce4c0	fix	resolve text replacement issue (#59452)

Commit	Type	Description
06a55e9817	fix	account for more expression types when determining HMR dependencies (#59323)
17fb20f85d	fix	preserve defer block dependencies during HMR when class metadata is disabled (#59313)

Commit	Type	Description
dbb8980d03	fix	avoid circular DI error in async renderer (#59271)
6d00efde95	fix	styles not replaced during HMR when using animations renderer (#59393)

Commit	Type	Description
3793218e77	fix	avoid triggering `on timer` and `on idle` on the server (#59177)
cfc96ed82c	fix	Fix nested timer serialization (#59173)

Commit	Type	Description
7e612171709	fix	consider pre-release versions when detecting feature support (#59061)
cd764a31152	fix	error in unused standalone imports diagnostic (#59064)

Commit	Type	Description
7b5bacc228	fix	class content being deleted in some edge cases (#58959)
d1cbdd6acb	fix	correctly strip away parameters surrounded by comments in inject migration (#58959)
e17ff71c31	fix	don't migrate classes with parameters that can't be injected (#58959)
7c5f990001	fix	inject migration aggressively removing imports (#58959)
4392ccedf9	fix	inject migration dropping code if everything except super is removed (#58959)
9cbebc6dda	fix	preserve type literals and tuples in inject migrations (#58959)

Commit	Type	Description
502ee0e722	fix	correctly clear template HMR internal renderer cache (#58724)
99715104a1	fix	correctly perform lazy routes migration for components with additional decorators (#58796)
118803035f	fix	Ensure _tick is always run within the TracingSnapshot. (#58881)
08b9452f01	fix	Ensure resource sets an error (#58855)
84f45ea3ff	fix	make component id generation more stable between client and server builds (#58813)
d3491c7cee	fix	Prevents race condition of cleanup for incremental hydration (#58722)

Commit	Type	Description
a983865bff	fix	add fix for individual unused imports (#58719)
e6e7a4e22b	fix	allow fixes to run without template info (#58719)

Commit	Type	Description
5ce10264a4	fix	fix provide-initializer migration when using useFactory (#58518)
d4f5c85f60	fix	handle parameters with initializers in inject migration (#58769)
a6d2d2dc10	fix	Mark hoisted properties as removed in inject migration (#58804)

fix(deps): update dependency @angular/core to v10 [security] #1041

Are you sure you want to change the base?

fix(deps): update dependency @angular/core to v10 [security] #1041

Uh oh!

Conversation

renovate bot commented Aug 6, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

GitHub Vulnerability Alerts

Release Notes

benchpress

common

core

language-service

common

compiler-cli

forms

compiler

compiler-cli

core

migrations

compiler-cli

core

elements

platform-browser

router

service-worker

compiler

compiler-cli

core

migrations

platform-browser

compiler

compiler-cli

core

core

platform-browser

common

compiler

compiler-cli

core

migrations

platform-browser

router

compiler-cli

core

migrations

compiler-cli

core

platform-browser

router

core

platform-server

compiler-cli

core

platform-browser

compiler-cli

core

migrations

platform-server

compiler-cli

core

forms

language-service

migrations

Configuration

Uh oh!

Uh oh!

renovate bot commented Aug 6, 2024 •

edited

Loading