New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency @angular/core to v10 [SECURITY] #315

Open

renovate wants to merge 1 commit into master from renovate/npm-@angular/core-vulnerability

Contributor

renovate bot commented Jun 18, 2022 •

edited

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@angular/core (source)	`~7.2.0` -> `~10.2.5`

GitHub Vulnerability Alerts

CVE-2021-4231

A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.

Release Notes

angular/angular (@angular/core)

`v10.2.5`

`v10.2.4`

`v10.2.3`

`v10.2.2`

`v10.2.1`

`v10.2.0`

`v10.1.6`

`v10.1.5`

`v10.1.4`

`v10.1.3`

`v10.1.2`

`v10.1.1`

`v10.1.0`

`v10.0.14`

`v10.0.13`

`v10.0.12`

`v10.0.11`

`v10.0.10`

`v10.0.9`

`v10.0.8`

`v10.0.7`

`v10.0.6`

`v10.0.5`

`v10.0.4`

`v10.0.3`

`v10.0.2`

`v10.0.1`

`v10.0.0`

`v9.1.13`

`v9.1.12`

`v9.1.11`

`v9.1.10`

`v9.1.9`

`v9.1.8`

`v9.1.7`

`v9.1.6`

`v9.1.5`

`v9.1.4`

`v9.1.3`

`v9.1.2`

`v9.1.1`

`v9.1.0`

`v9.0.7`

`v9.0.6`

`v9.0.5`

`v9.0.4`

`v9.0.3`

`v9.0.2`

`v9.0.1`

`v9.0.0`

`v8.2.14`

`v8.2.13`

`v8.2.12`

`v8.2.11`

`v8.2.10`

`v8.2.9`

`v8.2.8`

`v8.2.7`

`v8.2.6`

`v8.2.5`

`v8.2.4`

`v8.2.3`

`v8.2.2`

`v8.2.1`

`v8.2.0`

`v8.1.3`

`v8.1.2`

`v8.1.1`

`v8.1.0`

`v8.0.3`

`v8.0.2`

`v8.0.1`

`v8.0.0`

Breaking Changes

router

Providers available to the routed components always
come from the injector heirarchy of the routes and never inherit from
the RouterOutlet. This means that providers available only to the
component that defines the RouterOutlet will no longer be available to
route components in any circumstances. This was already the case
whenever routes defined providers, either through lazy loading an
NgModule or through explicit providers on the route config.

compiler

Commit	Type	Description
f824911510	fix	For `FatalDiagnosticError`, hide the `message` field without affecting the emit (#55160)

compiler-cli

Commit	Type	Description
c04ffb1fa6	fix	use switch statements to narrow Angular switch blocks (#55168)

core

Commit	Type	Description
666d646575	feat	Add event delegation library to queue up events and replay them when the application is ready (#55121)
146306a141	feat	add support for i18n hydration (#54823)
840c375255	fix	do not save point-in-time `setTimeout` and `rAF` references (#55124)
231e0a3528	fix	handle `ChainedInjector`s in injector debug utils (#55144)
a5fa279b6e	fix	prevent i18n hydration from cleaning projected nodes (#54823)
f44a5e4604	fix	support content projection and VCRs in i18n (#54823)
914e4530b0	fix	test cleanup should not throw if Zone is not present (#55096)
a99cb7ce5b	fix	zoneless scheduler should check if Zone is defined before accessing it (#55118)

forms

Commit	Type	Description
1c736dc3b2	feat	Unified Control State Change Events (#54579)

language-service

Commit	Type	Description
a48afe0d94	fix	avoid generating TS syntactic diagnostics for templates (#55091)

migrations

Commit	Type	Description
0c20c4075a	fix	avoid conflicts with some greek letters in control flow migration (#55113)

platform-browser

Commit	Type	Description
45ae7a6b60	feat	add withI18nSupport() in developer preview (#55130)

router

Commit	Type	Description
87f3f27f90	feat	Allow resolvers to return `RedirectCommand` (#54556)
3839cfbb18	fix	Routed components never inherit `RouterOutlet` `EnvironmentInjector` (#54265)

`v7.2.16`

`v7.2.15`

`v7.2.14`

`v7.2.13`

`v7.2.12`

`v7.2.11`

`v7.2.10`

`v7.2.9`

`v7.2.8`

`v7.2.7`

`v7.2.6`

`v7.2.5`

`v7.2.4`

`v7.2.3`

common

Commit	Type	Description
1a526f2881	perf	`AsyncPipe` should not call `markForCheck` on subscription (#54554)

compiler-cli

Commit	Type	Description
2aefed8763	fix	catch function instance properties in interpolated signal diagnostic (#54325)
48aec63ee4	fix	identify aliased initializer functions (#54480)
daf7c611b2	fix	identify aliased initializer functions (#54609)

core

Commit	Type	Description
57123524a2	fix	collect providers from NgModules while rendering `@defer` block (#52881)
79a32816dc	fix	fix typo in injectors.svg file (#54596)

migrations

Commit	Type	Description
dbe673b027	fix	resolve infinite loop for a single line element with a long tag name and angle bracket on a new line (#54588)

`v7.2.2`

common

Commit	Type	Description
d34e3298db	fix	image placeholder not removed in OnPush component (#54515)

compiler

Commit	Type	Description
6447c0eecc	fix	adding the inert property to the "SCHEMA" array (#53148)

compiler-cli

Commit	Type	Description
0a3edfb543	fix	correctly detect deferred dependencies across scoped nodes (#54499)
790f4f7c26	fix	use correct symbol name for default imported symbols in defer blocks (#54495)

core

Commit	Type	Description
3bd5860c74	fix	properly execute content queries for root components (#54457)

migrations

Commit	Type	Description
bb57d34110	fix	Fix cf migration regular expression to include underscores (#54533)

router

Commit	Type	Description
3e31f1a34e	fix	Clear internal transition when navigation finalizes (#54261)

`v7.2.1`

compiler-cli

Commit	Type	Description
7234824228	fix	fix broken version detection condition (#54443)

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 05b10a4 to 6e283c2 Compare

September 25, 2022 20:56

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 6e283c2 to 7b9519b Compare

November 20, 2022 13:59

renovate bot changed the title ~~Update dependency @angular/core to v14 [SECURITY]~~ Update dependency @angular/core to v15 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch 2 times, most recently from b313e7c to 75679ac Compare

March 25, 2023 03:14

renovate bot changed the title ~~Update dependency @angular/core to v15 [SECURITY]~~ Update dependency @angular/core to v11 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 75679ac to a036d5f Compare

April 3, 2023 10:33

renovate bot changed the title ~~Update dependency @angular/core to v11 [SECURITY]~~ Update dependency @angular/core to v15 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from a036d5f to 36e7b88 Compare

April 3, 2023 12:54

renovate bot changed the title ~~Update dependency @angular/core to v15 [SECURITY]~~ Update dependency @angular/core to v11 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 36e7b88 to b6240f1 Compare

April 17, 2023 09:36

renovate bot changed the title ~~Update dependency @angular/core to v11 [SECURITY]~~ Update dependency @angular/core to v15 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from b6240f1 to b740ae5 Compare

April 17, 2023 14:25

renovate bot changed the title ~~Update dependency @angular/core to v15 [SECURITY]~~ Update dependency @angular/core to v11 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from b740ae5 to 0b5cacd Compare

May 28, 2023 11:01

renovate bot changed the title ~~Update dependency @angular/core to v11 [SECURITY]~~ Update dependency @angular/core to v16 [SECURITY]

renovate bot changed the title ~~Update dependency @angular/core to v16 [SECURITY]~~ Update dependency @angular/core to v11 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch 2 times, most recently from 649fb94 to 550666a Compare

June 4, 2023 08:00

renovate bot changed the title ~~Update dependency @angular/core to v11 [SECURITY]~~ Update dependency @angular/core to v16 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 550666a to a6d221c Compare

June 4, 2023 11:57

renovate bot changed the title ~~Update dependency @angular/core to v16 [SECURITY]~~ Update dependency @angular/core to v11 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from a6d221c to 428c5c0 Compare

June 13, 2023 15:07

renovate bot changed the title ~~Update dependency @angular/core to v11 [SECURITY]~~ Update dependency @angular/core to v16 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 428c5c0 to e23aab0 Compare

June 13, 2023 18:39

renovate bot changed the title ~~Update dependency @angular/core to v16 [SECURITY]~~ Update dependency @angular/core to v11 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from e23aab0 to 4182a09 Compare

June 18, 2023 09:21

renovate bot changed the title ~~Update dependency @angular/core to v11 [SECURITY]~~ Update dependency @angular/core to v16 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 4182a09 to 4c211e6 Compare

June 18, 2023 13:53

renovate bot changed the title ~~Update dependency @angular/core to v16 [SECURITY]~~ Update dependency @angular/core to v11 [SECURITY]

renovate bot changed the title ~~Update dependency @angular/core to v17 [SECURITY]~~ Update dependency @angular/core to v10 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 0db92bb to 93743fa Compare

April 14, 2024 11:11

renovate bot changed the title ~~Update dependency @angular/core to v10 [SECURITY]~~ Update dependency @angular/core to v17 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 93743fa to f7709db Compare

April 14, 2024 13:49

renovate bot changed the title ~~Update dependency @angular/core to v17 [SECURITY]~~ Update dependency @angular/core to v10 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from f7709db to 0667e66 Compare

April 21, 2024 07:37

renovate bot changed the title ~~Update dependency @angular/core to v10 [SECURITY]~~ Update dependency @angular/core to v17 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 0667e66 to 5858597 Compare

April 21, 2024 09:41

renovate bot changed the title ~~Update dependency @angular/core to v17 [SECURITY]~~ Update dependency @angular/core to v10 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 5858597 to 8114509 Compare

April 25, 2024 10:40

renovate bot changed the title ~~Update dependency @angular/core to v10 [SECURITY]~~ Update dependency @angular/core to v17 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 8114509 to 30d03d2 Compare

April 25, 2024 14:44

renovate bot changed the title ~~Update dependency @angular/core to v17 [SECURITY]~~ Update dependency @angular/core to v10 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 30d03d2 to edbaff3 Compare

April 28, 2024 00:29

renovate bot changed the title ~~Update dependency @angular/core to v10 [SECURITY]~~ Update dependency @angular/core to v17 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from edbaff3 to 0072bbb Compare

April 28, 2024 04:09

renovate bot changed the title ~~Update dependency @angular/core to v17 [SECURITY]~~ Update dependency @angular/core to v10 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 0072bbb to 71dd410 Compare

May 1, 2024 09:34

renovate bot changed the title ~~Update dependency @angular/core to v10 [SECURITY]~~ Update dependency @angular/core to v17 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 71dd410 to 4006192 Compare

May 1, 2024 13:12

renovate bot changed the title ~~Update dependency @angular/core to v17 [SECURITY]~~ Update dependency @angular/core to v10 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 4006192 to 2e63a99 Compare

May 9, 2024 11:48

renovate bot changed the title ~~Update dependency @angular/core to v10 [SECURITY]~~ Update dependency @angular/core to v17 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 2e63a99 to 809deb4 Compare

May 9, 2024 17:15

renovate bot changed the title ~~Update dependency @angular/core to v17 [SECURITY]~~ Update dependency @angular/core to v10 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 809deb4 to 0e84f7b Compare

May 15, 2024 10:15

renovate bot changed the title ~~Update dependency @angular/core to v10 [SECURITY]~~ Update dependency @angular/core to v17 [SECURITY]


          Update dependency @angular/core to v10 [SECURITY]

renovate bot force-pushed the renovate/npm-@angular/core-vulnerability branch from 0e84f7b to 2138960 Compare

May 15, 2024 20:33

renovate bot changed the title ~~Update dependency @angular/core to v17 [SECURITY]~~ Update dependency @angular/core to v10 [SECURITY]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment