Skip to content

Build(deps): Bump @angular/animations from 19.2.22 to 20.3.23 in /frontend#26

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/main/angular/animations-20.3.23
Open

Build(deps): Bump @angular/animations from 19.2.22 to 20.3.23 in /frontend#26
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/main/angular/animations-20.3.23

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 31, 2026

Bumps @angular/animations from 19.2.22 to 20.3.23.

Release notes

Sourced from @​angular/animations's releases.

20.3.23

compiler

Commit Description
fix - d40acc6431 prevent namespaced SVG elements from being stripped

20.3.22

common

Commit Description
fix - 3d135ce59b add upper bounds for digitsInfo
fix - 39a4b4cc8e sanitize placeholder

compiler

Commit Description
fix - 8f35b182b1 normalize tag names with custom namespaces in DomElementSchemaRegistry (#68926)
fix - 64a89e917a sanitize dynamic href and xlink:href bindings on SVG a elements (#68926)
fix - 6404edfe0a strip namespaced SVG script elements during template compilation (#68926)

core

Commit Description
fix - e345a58069 normalize tag names in runtime i18n attribute security context lookup (#68926)
fix - d86e4e7b2a reject script element as a dynamic component host (#68926)
fix - af04936045 sanitize meta selectors
fix - dc631efa96 support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68926)
fix - 909ef047b3 synchronize core sanitization schema with compiler (#68926)

http

Commit Description
fix - de7b2a62e7 exclude withCredentials requests from transfer cache
fix - 4233188d8e skip TransferCache for cookie-bearing requests by default

platform-server

Commit Description
fix - 49a60f6045 secure location and document initialization against SSRF and path hijack

service-worker

Commit Description
fix - 5fdfd8a998 preserve redirect policy on reconstructed asset requests
fix - 83b022f2d0 Preserves explicit 'credentials: omit' in asset requests
fix - e617fa06eb Preserves HTTP cache mode in asset group requests

20.3.21

platform-server

Commit Description
fix - f584840e2e add allowedHosts option to renderModule and renderApplication

20.3.20

core

... (truncated)

Changelog

Sourced from @​angular/animations's changelog.

20.3.23 (2026-05-28)

compiler

Commit Type Description
d40acc6431 fix prevent namespaced SVG elements from being stripped

20.3.22 (2026-05-27)

common

Commit Type Description
3d135ce59b fix add upper bounds for digitsInfo
39a4b4cc8e fix sanitize placeholder

compiler

Commit Type Description
8f35b182b1 fix normalize tag names with custom namespaces in DomElementSchemaRegistry (#68926)
64a89e917a fix sanitize dynamic href and xlink:href bindings on SVG a elements (#68926)
6404edfe0a fix strip namespaced SVG script elements during template compilation (#68926)

core

Commit Type Description
e345a58069 fix normalize tag names in runtime i18n attribute security context lookup (#68926)
d86e4e7b2a fix reject script element as a dynamic component host (#68926)
af04936045 fix sanitize meta selectors
dc631efa96 fix support prefix-insensitive DOM schema lookups and compile-time i18n attribute validation (#68926)
909ef047b3 fix synchronize core sanitization schema with compiler (#68926)

http

Commit Type Description
de7b2a62e7 fix exclude withCredentials requests from transfer cache
4233188d8e fix skip TransferCache for cookie-bearing requests by default

platform-server

Commit Type Description
49a60f6045 fix secure location and document initialization against SSRF and path hijack

service-worker

Commit Type Description
5fdfd8a998 fix preserve redirect policy on reconstructed asset requests
83b022f2d0 fix Preserves explicit 'credentials: omit' in asset requests
e617fa06eb fix Preserves HTTP cache mode in asset group requests

19.2.23 (2026-05-27)

common

... (truncated)

Commits
  • ee578d3 build: format md files
  • 4c89a26 fix(core): pass element removal property through in all locations (#64565)
  • bd38cd4 fix(animations): account for Element.animate exceptions (#64506)
  • e78451c fix(core): prevent animations renderer from impacting animate.leave (#63921)
  • 7a7725e refactor(core): Update tests for zoneless by default (#63672)
  • ed50120 refactor(animations): remove dependency on @angular/common (#63248)
  • 9a27c5b build: rename defaults2.bzl to defaults.bzl (#63384)
  • ec8cd3e refactor(animations): optimize resolveTimeExpression (#62927)
  • fa8d8b8 build: migrate all npm packages to use new rules_js based npm_package rule (#...
  • cbc258e build: remove ts_project_interop infrastructure (#62908)
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
@angular/animations [>= 21.a, < 22]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Build(deps): Bump @angular/animations in /frontend
1e7801b 
Bumps [@angular/animations](https://github.com/angular/angular/tree/HEAD/packages/animations) from 19.2.22 to 20.3.23.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v20.3.23/packages/animations)

---
updated-dependencies:
- dependency-name: "@angular/animations"
  dependency-version: 20.3.23
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 31, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants