Skip to content

Comments

Bump @angular/platform-browser-dynamic from 19.2.17 to 19.2.18#821

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/angular/platform-browser-dynamic-19.2.18
Closed

Bump @angular/platform-browser-dynamic from 19.2.17 to 19.2.18#821
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/angular/platform-browser-dynamic-19.2.18

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2026

Bumps @angular/platform-browser-dynamic from 19.2.17 to 19.2.18.

Release notes

Sourced from @​angular/platform-browser-dynamic's releases.

19.2.18

core

Commit Description
fix - 26cdc53d9c sanitize sensitive attributes on SVG script elements
Changelog

Sourced from @​angular/platform-browser-dynamic's changelog.

19.2.18 (2026-01-07)

core

Commit Type Description
26cdc53d9c fix sanitize sensitive attributes on SVG script elements

21.0.7 (2026-01-07)

compiler

Commit Type Description
8e808740c9 fix better types for a few expression AST nodes
63b1cdcf70 fix produce accurate span for typeof and void expressions
3c3ae0cb64 fix provide location information for literal map keys
523dbaf1c3 fix stop ThisReceiver inheritance from ImplicitReceiver

compiler-cli

Commit Type Description
4d9c4567ed fix ensure component import diagnostics are reported within the imports expression
cd405685af fix fix up spelling of diagnostic
778460fcca fix support qualified names in typeof type references

core

Commit Type Description
7c74674eb0 fix avoid leaking view data in animations
0edbee4550 fix explicitly cast signal node value to String
f9c29572d2 fix sanitize sensitive attributes on SVG script elements

forms

Commit Type Description
e3fba182f9 feat add [formField] directive
561772b152 fix allow custom controls to require dirty input
f0fb1d8581 fix allow custom controls to require hidden input
ec110f170b fix allow custom controls to require pending input
ae1dc16bb0 fix clean up abort listener after timeout
9748b0d5da fix support custom controls with non signal-based models
6bd22df987 fix Support readonly arrays in signal forms

router

Commit Type Description
41cd4a6af8 fix Fix RouterLink href not updating with queryParamsHandling
5e9e09aee0 fix handle errors from view transition updateCallbackDone promise

21.0.6 (2025-12-17)

Breaking Changes (affecting only experimental features)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump @angular/platform-browser-dynamic from 19.2.17 to 19.2.18
1f043d4 
Bumps [@angular/platform-browser-dynamic](https://github.com/angular/angular/tree/HEAD/packages/platform-browser-dynamic) from 19.2.17 to 19.2.18.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v19.2.18/packages/platform-browser-dynamic)

---
updated-dependencies:
- dependency-name: "@angular/platform-browser-dynamic"
  dependency-version: 19.2.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Change requested in dependencies label Feb 1, 2026
@dependabot dependabot bot requested a review from a team as a code owner February 1, 2026 12:22
@dependabot dependabot bot added javascript Pull requests that update Javascript code dependencies Change requested in dependencies labels Feb 1, 2026
@github-actions
Copy link

github-actions bot commented Feb 1, 2026

🤖 Claude Code Review

Automated Code Review

Summary

This PR contains a minor dependency update for @angular/platform-browser-dynamic from version 19.2.16 to 19.2.18. This is a patch-level update that appears to be part of routine dependency maintenance.

Detailed Review

Code Quality ✅

  • Code follows style guide: Not applicable - this is a dependency update with no code changes
  • No commented-out code: Not applicable - no code changes
  • Meaningful variable names: Not applicable - no code changes
  • DRY principle followed: Not applicable - no code changes
  • Identify Defects: No defects identified. The dependency update is correctly applied to both package.json:67 and package-lock.json:772, with corresponding peer dependency updates in the lockfile

Testing ⚠️

  • ⚠️ Unit tests for new functions: Not applicable - no new functions
  • ⚠️ Integration tests for new endpoints: Not applicable - no new endpoints
  • ⚠️ Edge cases covered: Not applicable - dependency update only
  • ⚠️ Test coverage > 80%: Cannot verify from diff - recommend running existing test suite to ensure compatibility with the updated dependency

Recommendation: Verify that all existing tests pass with the updated dependency version.

Documentation ✅

  • Readme updated if needed: Not required for minor patch updates
  • API docs updated: Not applicable - no API changes
  • Inline comments for complex logic: Not applicable - no code changes
  • ⚠️ CHANGELOG.md updated: Not visible in this diff. For dependency updates, this is typically optional unless the update fixes a critical bug or security issue
  • Markdown formatting: Not applicable - no markdown changes

Security ✅

  • No hardcoded credentials: Not applicable - no code changes
  • Input validation implemented: Not applicable - no code changes
  • Proper error handling: Not applicable - no code changes
  • No sensitive data in logs: Not applicable - no code changes
  • No license files (.lic) or AQAAAD strings: None detected in the diff

Additional Observations

  1. Consistency: The update is properly reflected in both package.json and package-lock.json
  2. Peer Dependencies: The lockfile correctly updates peer dependency versions from 19.2.17 to 19.2.18 for related Angular packages
  3. Version Alignment: Note that other Angular dependencies remain at 19.2.16. Consider whether a coordinated update of all Angular packages to 19.2.18 would be beneficial for consistency

Recommendations

  1. Approve - This is a clean dependency update with no code changes
  2. Action Items:
    • Run the full test suite to verify compatibility
    • Consider updating other Angular dependencies to 19.2.18 for version consistency
    • Review the Angular changelog for 19.2.18 to understand what fixes/improvements are included

Final Verdict: ✅ APPROVED

This is a straightforward dependency update with no code changes. The changes are correctly implemented and pose minimal risk. Recommend merging after confirming test suite passes.

Automated code review analyzing defects and coding standards

arawinters added a commit that referenced this pull request Feb 4, 2026
@arawinters @claude
chore: combine dependency updates and align Angular packages to 19.2.18
c145eff 
Updates all Angular packages to 19.2.18 for stability:
- @angular/animations: 19.2.16 → 19.2.18
- @angular/cdk: 19.2.16 → 19.2.18
- @angular/common: 19.2.16 → 19.2.18
- @angular/compiler: 19.2.16 → 19.2.18
- @angular/compiler-cli: 19.2.16 → 19.2.18
- @angular/core: 19.2.16 → 19.2.18
- @angular/elements: 19.2.16 → 19.2.18
- @angular/forms: 19.2.16 → 19.2.18
- @angular/language-service: 19.2.16 → 19.2.18
- @angular/material: 19.2.16 → 19.2.18
- @angular/platform-browser: 19.2.16 → 19.2.18
- @angular/platform-browser-dynamic: 19.2.16 → 19.2.18
- @angular/router: 19.2.16 → 19.2.18

Regenerates lockfile to incorporate transitive dependency updates from
PRs #821, #822, #823, #824, #825.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@arawinters arawinters mentioned this pull request Feb 4, 2026
Merged
3 tasks
@arawinters
Copy link
Contributor

arawinters commented Feb 4, 2026

Superseded by #826 which combines all dependency updates with a regenerated lockfile.

@arawinters arawinters closed this Feb 4, 2026
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 4, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/angular/platform-browser-dynamic-19.2.18 branch February 4, 2026 22:13
arawinters added a commit that referenced this pull request Feb 4, 2026
@arawinters @claude
chore: combine dependency updates and align Angular packages to 19.2.…
ab496c1 
…18 (#826)

Updates all Angular packages to 19.2.18 for stability:
- @angular/animations: 19.2.16 → 19.2.18
- @angular/cdk: 19.2.16 → 19.2.18
- @angular/common: 19.2.16 → 19.2.18
- @angular/compiler: 19.2.16 → 19.2.18
- @angular/compiler-cli: 19.2.16 → 19.2.18
- @angular/core: 19.2.16 → 19.2.18
- @angular/elements: 19.2.16 → 19.2.18
- @angular/forms: 19.2.16 → 19.2.18
- @angular/language-service: 19.2.16 → 19.2.18
- @angular/material: 19.2.16 → 19.2.18
- @angular/platform-browser: 19.2.16 → 19.2.18
- @angular/platform-browser-dynamic: 19.2.16 → 19.2.18
- @angular/router: 19.2.16 → 19.2.18

Regenerates lockfile to incorporate transitive dependency updates from
PRs #821, #822, #823, #824, #825.

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@arawinters arawinters

Labels

dependencies Change requested in dependencies javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@arawinters