fix(deps): update dependency @angular/core to v10 [security] - abandoned #226

renovate · 2022-06-18T18:45:50Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@angular/core (source)	`7.2.12` -> `10.2.5`

GitHub Vulnerability Alerts

CVE-2021-4231

A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.

Release Notes

angular/angular (@angular/core)

Breaking Changes

router

Providers available to the routed components always
come from the injector heirarchy of the routes and never inherit from
the RouterOutlet. This means that providers available only to the
component that defines the RouterOutlet will no longer be available to
route components in any circumstances. This was already the case
whenever routes defined providers, either through lazy loading an
NgModule or through explicit providers on the route config.

compiler

Commit	Type	Description
f824911510	fix	For `FatalDiagnosticError`, hide the `message` field without affecting the emit (#55160)

compiler-cli

Commit	Type	Description
c04ffb1fa6	fix	use switch statements to narrow Angular switch blocks (#55168)

core

Commit	Type	Description
666d646575	feat	Add event delegation library to queue up events and replay them when the application is ready (#55121)
146306a141	feat	add support for i18n hydration (#54823)
840c375255	fix	do not save point-in-time `setTimeout` and `rAF` references (#55124)
231e0a3528	fix	handle `ChainedInjector`s in injector debug utils (#55144)
a5fa279b6e	fix	prevent i18n hydration from cleaning projected nodes (#54823)
f44a5e4604	fix	support content projection and VCRs in i18n (#54823)
914e4530b0	fix	test cleanup should not throw if Zone is not present (#55096)
a99cb7ce5b	fix	zoneless scheduler should check if Zone is defined before accessing it (#55118)

forms

Commit	Type	Description
1c736dc3b2	feat	Unified Control State Change Events (#54579)

language-service

Commit	Type	Description
a48afe0d94	fix	avoid generating TS syntactic diagnostics for templates (#55091)

migrations

Commit	Type	Description
0c20c4075a	fix	avoid conflicts with some greek letters in control flow migration (#55113)

platform-browser

Commit	Type	Description
45ae7a6b60	feat	add withI18nSupport() in developer preview (#55130)

router

Commit	Type	Description
87f3f27f90	feat	Allow resolvers to return `RedirectCommand` (#54556)
3839cfbb18	fix	Routed components never inherit `RouterOutlet` `EnvironmentInjector` (#54265)

`v7.2.16`

Compare Source

`v7.2.15`

Compare Source

`v7.2.14`

Compare Source

`v7.2.13`

Compare Source

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate · 2023-10-12T04:21:12Z

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

npm WARN old lockfile 
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile 
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile 
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR! 
npm ERR! While resolving: angular-exemplify-demo@1.0.0
npm ERR! Found: rxjs@6.4.0
npm ERR! node_modules/rxjs
npm ERR!   rxjs@"6.4.0" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer rxjs@"^6.5.3" from @angular/core@10.2.5
npm ERR! node_modules/@angular/core
npm ERR!   @angular/core@"10.2.5" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR! 
npm ERR! 
npm ERR! For a full report see:
npm ERR! /tmp/worker/ec66fb/3d55fe/cache/others/npm/_logs/2023-10-12T04_20_35_441Z-eresolve-report.txt

npm ERR! A complete log of this run can be found in: /tmp/worker/ec66fb/3d55fe/cache/others/npm/_logs/2023-10-12T04_20_35_441Z-debug-0.log

renovate · 2024-08-06T10:01:46Z

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.

renovate bot changed the title ~~chore(deps): update dependency @angular/core to 11.0.5 [security]~~ fix(deps): update dependency @angular/core to v11 [security] Mar 24, 2023

renovate bot changed the title ~~fix(deps): update dependency @angular/core to v11 [security]~~ fix(deps): update dependency @angular/core to v11 [security] - autoclosed Oct 10, 2023

renovate bot closed this Oct 10, 2023

renovate bot deleted the renovate/npm-@angular/core-vulnerability branch October 10, 2023 21:30

renovate bot changed the title ~~fix(deps): update dependency @angular/core to v11 [security] - autoclosed~~ fix(deps): update dependency @angular/core to v11 [security] Oct 12, 2023

renovate bot reopened this Oct 12, 2023

renovate bot restored the renovate/npm-@angular/core-vulnerability branch October 12, 2023 04:20

fix(deps): update dependency @angular/core to v10 [security]

88e68a6

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from e20b4b8 to 88e68a6 Compare October 12, 2023 04:21

renovate bot changed the title ~~fix(deps): update dependency @angular/core to v11 [security]~~ fix(deps): update dependency @angular/core to v10 [security] Oct 12, 2023

renovate bot changed the title ~~fix(deps): update dependency @angular/core to v10 [security]~~ fix(deps): update dependency @angular/core to v10 [security] - abandoned Aug 6, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): update dependency @angular/core to v10 [security] - abandoned #226

fix(deps): update dependency @angular/core to v10 [security] - abandoned #226

Uh oh!

renovate bot commented Jun 18, 2022 •

edited

Loading

Uh oh!

renovate bot commented Oct 12, 2023

Uh oh!

renovate bot commented Aug 6, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

fix(deps): update dependency @angular/core to v10 [security] - abandoned #226

Are you sure you want to change the base?

fix(deps): update dependency @angular/core to v10 [security] - abandoned #226

Uh oh!

Conversation

renovate bot commented Jun 18, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

GitHub Vulnerability Alerts

Release Notes

Breaking Changes

router

compiler

compiler-cli

core

forms

language-service

migrations

platform-browser

router

Configuration

Uh oh!

renovate bot commented Oct 12, 2023

⚠ Artifact update problem

File name: package-lock.json

Uh oh!

renovate bot commented Aug 6, 2024

Autoclosing Skipped

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

renovate bot commented Jun 18, 2022 •

edited

Loading