Skip to content

fix(packages): update dependency @angular/core to v10 [security] #2443

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: release
Choose a base branch
from
Open

fix(packages): update dependency @angular/core to v10 [security] #2443

wants to merge 1 commit into from

Conversation

@renovate
Copy link

@renovate renovate bot commented May 21, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@angular/core (source) 9.1.1 -> 10.2.5 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-4231

A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.

Release Notes

angular/angular (@​angular/core)

v10.2.5

Compare Source

v10.2.4

Compare Source

v10.2.3

Compare Source

v10.2.2

Compare Source

v10.2.1

Compare Source

v10.2.0

Compare Source

v10.1.6

Compare Source

v10.1.5

Compare Source

v10.1.4

Compare Source

v10.1.3

Compare Source

v10.1.2

Compare Source

v10.1.1

Compare Source

v10.1.0

Compare Source

v10.0.14

Compare Source

v10.0.13

Compare Source

v10.0.12

Compare Source

v10.0.11

Compare Source

v10.0.10

Compare Source

v10.0.9

Compare Source

v10.0.8

Compare Source

v10.0.7

Compare Source

v10.0.6

Compare Source

v10.0.5

Compare Source

v10.0.4

Compare Source

v10.0.3

Compare Source

v10.0.2

Compare Source

v10.0.1

Compare Source

v10.0.0

Compare Source

v9.1.13

Compare Source

v9.1.12

Compare Source

v9.1.11

Compare Source

v9.1.10

Compare Source

v9.1.9

Compare Source

v9.1.8

Compare Source

benchpress
Commit Type Description
f0990c67e6 fix Ensure future-proof correct initialization order (#​60025)
common
Commit Type Description
1fbaeab37d fix make types for HttpClient more readable (#​59901)
core
Commit Type Description
c611c8d212 fix capture stack for HMR errors (#​60067)
language-service
Commit Type Description
4c9d09c643 fix provide correct rename info for elements (#​60088)

v9.1.7

Compare Source

common
Commit Type Description
e9f10eb4c9 fix clean up urlChanges subscribers when root scope is destroyed (#​59703)
compiler-cli
Commit Type Description
16fc074689 fix avoid crash in isolated transform operations (#​59869)
forms
Commit Type Description
ec1e4c3d94 fix Fix typing on FormRecord. (#​59993)

v9.1.6

Compare Source

compiler
Commit Type Description
01f669a274 fix handle tracking expressions requiring temporary variables (#​58520)
compiler-cli
Commit Type Description
dcfb9f1959 fix handle deferred blocks with shared dependencies correctly (#​59926)
core
Commit Type Description
cab7a9b69c fix invalidate HMR component if replacement throws an error (#​59854)
migrations
Commit Type Description
710759ddcc fix account for let declarations in control flow migration (#​59861)
46f36a58bf fix count used dependencies inside existing control flow (#​59861)

v9.1.5

Compare Source

compiler-cli
Commit Type Description
d7b5c597ffc fix gracefully fall back if const enum cannot be passed through (#​59815)
53a4668b58b fix handle const enums used inside HMR data (#​59815)
976125e0b4c fix handle enum members without initializers in partial evaluator (#​59815)

v9.1.4

Compare Source

core
Commit Type Description
544b9ee7ca0 fix check whether application is destroyed before printing hydration stats (#​59716)
d6e78c072dc fix ensure type is preserved during HMR (#​59700)
c2436702df9 fix fixes test timer-based test flakiness in CI (#​59674)
elements
Commit Type Description
44180645992 fix not setting initial value on signal-based input (#​59773)
platform-browser
Commit Type Description
1828a840620 fix prepend baseHref to sourceMappingURL in CSS content (#​59730)
1c84cbca30e fix Update pseudoevent created by createMouseSpecialEvent to populate _originalEvent property (#​59690)
12256574626 fix Update pseudoevent created by createMouseSpecialEvent to populate _originalEvent property (#​59690)
3f4d5f636aa fix Update pseudoevent created by createMouseSpecialEvent to populate _originalEvent property (#​59690)
router
Commit Type Description
e3da35ec749 fix prevent error handling when injector is destroyed (#​59457)
service-worker
Commit Type Description
522acbf3d7e fix add missing rxjs peer dependency (#​59747)

v9.1.3

Compare Source

compiler
Commit Type Description
ecfb74d287 fix handle :host-context with comma-separated child selector (#​59276)
compiler-cli
Commit Type Description
53160e504d fix extract parenthesized dependencies during HMR (#​59644)
39690969af fix handle conditional expressions when extracting dependencies (#​59637)
78af7a5059 fix handle new expressions when extracting dependencies (#​59637)
core
Commit Type Description
408af24ff3 fix capture self-referencing component during HMR (#​59644)
d7575c201c fix replace metadata in place during HMR (#​59644)
26f6d4c485 fix skip component ID collision warning during SSR (#​59625)
migrations
Commit Type Description
a62c84bc18 fix avoid applying the same replacements twice when cleaning up unused imports (#​59656)
platform-browser
Commit Type Description
b2b3816cb1 fix clear renderer cache during HMR when using async animations (#​59644)

v9.1.2

Compare Source

compiler
Commit Type Description
8dcd889987 fix update @ng/component URL to be relative (#​59620)
compiler-cli
Commit Type Description
95a05bb202 fix disable tree shaking during HMR (#​59595)
core
Commit Type Description
a4eb74c79c fix animation sometimes renderer not being destroyed during HMR (#​59574)
906413aba3 fix change Resource to use explicit undefined in its typings (#​59024)
4eb541837c fix cleanup _ejsa when app is destroyed (#​59492)
5497102769 fix cleanup stash listener when app is destroyed (#​59598)
266a8f2f2e fix handle shadow DOM encapsulated component with HMR (#​59597)
6f7716268a fix HMR not matching component that injects ViewContainerRef (#​59596)
d12a186d53 fix treat exceptions in equal as part of computation (#​55818)

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the Focus: security Issues concerning security within the library or it's dependencies label May 21, 2025
@renovate renovate bot requested a review from a team as a code owner May 21, 2025 12:35
@renovate renovate bot added the Focus: security Issues concerning security within the library or it's dependencies label May 21, 2025
@github-actions github-actions bot added PR: awaiting review PRs that need to be reviewed Size: XS labels May 21, 2025
@github-actions
Copy link

github-actions bot commented May 21, 2025

Trivy Scan Report:

13 vulnerabilities(HIGH/CRITICAL) found!
View report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Focus: security Issues concerning security within the library or it's dependencies PR: awaiting review PRs that need to be reviewed Size: XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant