Skip to content

Bump the production-patch group across 1 directory with 8 updates#367

Merged
Jym77 merged 2 commits into
mainfrom
dependabot/npm_and_yarn/production-patch-e63a0d02ee
May 11, 2026
Merged

Bump the production-patch group across 1 directory with 8 updates#367
Jym77 merged 2 commits into
mainfrom
dependabot/npm_and_yarn/production-patch-e63a0d02ee

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 10, 2026
edited
Loading

Bumps the production-patch group with 8 updates in the / directory:

Package From To
@angular/core 21.2.11 21.2.12
zone.js 0.16.1 0.16.2
@angular/common 21.2.11 21.2.12
@angular/compiler 21.2.11 21.2.12
@angular/platform-browser 21.2.11 21.2.12
react 19.2.5 19.2.6
react-dom 19.2.5 19.2.6
vue 3.5.33 3.5.34

Updates @angular/core from 21.2.11 to 21.2.12

Release notes

Sourced from @​angular/core's releases.

21.2.12

core

Commit Description
fix - fe13bb669d allow explicit read generic with signal input transforms
fix - 3430251fef i18n flags leaking on errors
fix - 1aeebbe304 respect ngSkipHydration on components with projectable nodes in LContainers
fix - 9e38ed7d57 sanitizer typings
fix - 7a05a9a71a validate security-sensitive attributes in i18n bindings
fix - c37f6ca42f visit ng-let expression value in signal migration schematics

forms

Commit Description
fix - 03ad53863b prohibit concurrent submits in signal forms
Changelog

Sourced from @​angular/core's changelog.

21.2.12 (2026-05-06)

core

Commit Type Description
fe13bb669d fix allow explicit read generic with signal input transforms
3430251fef fix i18n flags leaking on errors
1aeebbe304 fix respect ngSkipHydration on components with projectable nodes in LContainers
9e38ed7d57 fix sanitizer typings
7a05a9a71a fix validate security-sensitive attributes in i18n bindings
c37f6ca42f fix visit ng-let expression value in signal migration schematics

forms

Commit Type Description
03ad53863b fix prohibit concurrent submits in signal forms

20.3.20 (2026-05-06)

core

Commit Type Description
a9bcffdbc7 fix disallow event attribute bindings in host bindings unconditionally (#68468)
97eeb45cfa fix validate security-sensitive attributes in i18n bindings (#68468)

platform-server

Commit Type Description
25e4e07238 fix ensure origin has a trailing slash when parsing url (#68468)

22.0.0-next.10 (2026-04-29)

common

Commit Type Description
97cac1cf4d fix prevent focus from scrollToAnchor

compiler

Commit Type Description
2896c93cc1 feat Angular expressions with optional chaining returns undefined
6bd1721662 fix let declaration span not including end character

core

Commit Type Description
444b024d49 feat Add a injectAsync helper function
8c11816490 fix fix ordering of view queries metadata in JIT mode
3583c01bf9 fix guard against non-object events and avoid listener wrapper identity mismatch
d5fd51e956 fix prevent event replay double-invocation when element hydrates before app stability

migrations

... (truncated)

Commits
  • 9e38ed7 fix(core): sanitizer typings
  • 3430251 fix(core): i18n flags leaking on errors
  • c37f6ca fix(core): visit ng-let expression value in signal migration schematics
  • fe13bb6 fix(core): allow explicit read generic with signal input transforms
  • 7a05a9a fix(core): validate security-sensitive attributes in i18n bindings
  • 1aeebbe fix(core): respect ngSkipHydration on components with projectable nodes in LC...
  • See full diff in compare view

Updates zone.js from 0.16.1 to 0.16.2

Changelog

Sourced from zone.js's changelog.

0.16.2 (2026-05-06)

Commits
  • e3dc87c release: cut the zone.js-0.16.2 release
  • 4f048e7 build: update dependency typescript to v6.0.3
  • 9fa4be9 test(zone.js): vitest patch for testing (#68395)
  • 62c6e3b feat(zone.js): support vitest patching in zone.js/testing (#68395)
  • 7f3f3d7 ci: remove remainings of saucelabs tests
  • 56ff89c build: update all non-major dependencies
  • fc6a7ee fix(zone.js): allow draining microtasks in Promise.then (through flag)
  • 0007723 build: update cross-repo angular dependencies
  • 9ee4f83 build: update to TypeScript 6 stable
  • 621c908 build: update cross-repo angular dependencies
  • Additional commits viewable in compare view

Updates @angular/common from 21.2.11 to 21.2.12

Release notes

Sourced from @​angular/common's releases.

21.2.12

core

Commit Description
fix - fe13bb669d allow explicit read generic with signal input transforms
fix - 3430251fef i18n flags leaking on errors
fix - 1aeebbe304 respect ngSkipHydration on components with projectable nodes in LContainers
fix - 9e38ed7d57 sanitizer typings
fix - 7a05a9a71a validate security-sensitive attributes in i18n bindings
fix - c37f6ca42f visit ng-let expression value in signal migration schematics

forms

Commit Description
fix - 03ad53863b prohibit concurrent submits in signal forms
Changelog

Sourced from @​angular/common's changelog.

21.2.12 (2026-05-06)

core

Commit Type Description
fe13bb669d fix allow explicit read generic with signal input transforms
3430251fef fix i18n flags leaking on errors
1aeebbe304 fix respect ngSkipHydration on components with projectable nodes in LContainers
9e38ed7d57 fix sanitizer typings
7a05a9a71a fix validate security-sensitive attributes in i18n bindings
c37f6ca42f fix visit ng-let expression value in signal migration schematics

forms

Commit Type Description
03ad53863b fix prohibit concurrent submits in signal forms

20.3.20 (2026-05-06)

core

Commit Type Description
a9bcffdbc7 fix disallow event attribute bindings in host bindings unconditionally (#68468)
97eeb45cfa fix validate security-sensitive attributes in i18n bindings (#68468)

platform-server

Commit Type Description
25e4e07238 fix ensure origin has a trailing slash when parsing url (#68468)

22.0.0-next.10 (2026-04-29)

common

Commit Type Description
97cac1cf4d fix prevent focus from scrollToAnchor

compiler

Commit Type Description
2896c93cc1 feat Angular expressions with optional chaining returns undefined
6bd1721662 fix let declaration span not including end character

core

Commit Type Description
444b024d49 feat Add a injectAsync helper function
8c11816490 fix fix ordering of view queries metadata in JIT mode
3583c01bf9 fix guard against non-object events and avoid listener wrapper identity mismatch
d5fd51e956 fix prevent event replay double-invocation when element hydrates before app stability

migrations

... (truncated)

Commits

Updates @angular/compiler from 21.2.11 to 21.2.12

Release notes

Sourced from @​angular/compiler's releases.

21.2.12

core

Commit Description
fix - fe13bb669d allow explicit read generic with signal input transforms
fix - 3430251fef i18n flags leaking on errors
fix - 1aeebbe304 respect ngSkipHydration on components with projectable nodes in LContainers
fix - 9e38ed7d57 sanitizer typings
fix - 7a05a9a71a validate security-sensitive attributes in i18n bindings
fix - c37f6ca42f visit ng-let expression value in signal migration schematics

forms

Commit Description
fix - 03ad53863b prohibit concurrent submits in signal forms
Changelog

Sourced from @​angular/compiler's changelog.

21.2.12 (2026-05-06)

core

Commit Type Description
fe13bb669d fix allow explicit read generic with signal input transforms
3430251fef fix i18n flags leaking on errors
1aeebbe304 fix respect ngSkipHydration on components with projectable nodes in LContainers
9e38ed7d57 fix sanitizer typings
7a05a9a71a fix validate security-sensitive attributes in i18n bindings
c37f6ca42f fix visit ng-let expression value in signal migration schematics

forms

Commit Type Description
03ad53863b fix prohibit concurrent submits in signal forms

20.3.20 (2026-05-06)

core

Commit Type Description
a9bcffdbc7 fix disallow event attribute bindings in host bindings unconditionally (#68468)
97eeb45cfa fix validate security-sensitive attributes in i18n bindings (#68468)

platform-server

Commit Type Description
25e4e07238 fix ensure origin has a trailing slash when parsing url (#68468)

22.0.0-next.10 (2026-04-29)

common

Commit Type Description
97cac1cf4d fix prevent focus from scrollToAnchor

compiler

Commit Type Description
2896c93cc1 feat Angular expressions with optional chaining returns undefined
6bd1721662 fix let declaration span not including end character

core

Commit Type Description
444b024d49 feat Add a injectAsync helper function
8c11816490 fix fix ordering of view queries metadata in JIT mode
3583c01bf9 fix guard against non-object events and avoid listener wrapper identity mismatch
d5fd51e956 fix prevent event replay double-invocation when element hydrates before app stability

migrations

... (truncated)

Commits

Updates @angular/platform-browser from 21.2.11 to 21.2.12

Release notes

Sourced from @​angular/platform-browser's releases.

21.2.12

core

Commit Description
fix - fe13bb669d allow explicit read generic with signal input transforms
fix - 3430251fef i18n flags leaking on errors
fix - 1aeebbe304 respect ngSkipHydration on components with projectable nodes in LContainers
fix - 9e38ed7d57 sanitizer typings
fix - 7a05a9a71a validate security-sensitive attributes in i18n bindings
fix - c37f6ca42f visit ng-let expression value in signal migration schematics

forms

Commit Description
fix - 03ad53863b prohibit concurrent submits in signal forms
Changelog

Sourced from @​angular/platform-browser's changelog.

21.2.12 (2026-05-06)

core

Commit Type Description
fe13bb669d fix allow explicit read generic with signal input transforms
3430251fef fix i18n flags leaking on errors
1aeebbe304 fix respect ngSkipHydration on components with projectable nodes in LContainers
9e38ed7d57 fix sanitizer typings
7a05a9a71a fix validate security-sensitive attributes in i18n bindings
c37f6ca42f fix visit ng-let expression value in signal migration schematics

forms

Commit Type Description
03ad53863b fix prohibit concurrent submits in signal forms

20.3.20 (2026-05-06)

core

Commit Type Description
a9bcffdbc7 fix disallow event attribute bindings in host bindings unconditionally (#68468)
97eeb45cfa fix validate security-sensitive attributes in i18n bindings (#68468)

platform-server

Commit Type Description
25e4e07238 fix ensure origin has a trailing slash when parsing url (#68468)

22.0.0-next.10 (2026-04-29)

common

Commit Type Description
97cac1cf4d fix prevent focus from scrollToAnchor

compiler

Commit Type Description
2896c93cc1 feat Angular expressions with optional chaining returns undefined
6bd1721662 fix let declaration span not including end character

core

Commit Type Description
444b024d49 feat Add a injectAsync helper function
8c11816490 fix fix ordering of view queries metadata in JIT mode
3583c01bf9 fix guard against non-object events and avoid listener wrapper identity mismatch
d5fd51e956 fix prevent event replay double-invocation when element hydrates before app stability

migrations

... (truncated)

Commits

Updates react from 19.2.5 to 19.2.6

Release notes

Sourced from react's releases.

19.2.6 (May 6th, 2026)

React Server Components

Commits

Updates react-dom from 19.2.5 to 19.2.6

Release notes

Sourced from react-dom's releases.

19.2.6 (May 6th, 2026)

React Server Components

Commits

Updates vue from 3.5.33 to 3.5.34

Release notes

Sourced from vue's releases.

v3.5.34

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.34 (2026-05-06)

Bug Fixes

  • compiler-sfc: infer Vue ref wrapper types when source is unresolvable (#14758) (7f46fd4), closes #14729
  • compiler-sfc: preserve hash hrefs on <image> elements (#14756) (090b2e3)
  • compiler-sfc: resolve type re-exports inside declare global (#14766) (acfffe3)
  • reactivity: prevent orphan effect when created in a stopped scope (#14778) (c8e2d4a), closes #14777
  • runtime-core: avoid symbol coercion during props validation (#8539) (23d4fb5), closes #8487
  • suspense: avoid DOM leak with out-in transition in v-if fragment (#14762) (9667e0d), closes #14761
Commits
  • 57545e9 release: v3.5.34
  • a3b2617 chore(deps): update dependency jsdom to ^29.1.1 (#14775)
  • 23d4fb5 fix(runtime-core): avoid symbol coercion during props validation (#8539)
  • 090b2e3 fix(compiler-sfc): preserve hash hrefs on \<image> elements (#14756)
  • 9667e0d fix(suspense): avoid DOM leak with out-in transition in v-if fragment (#14762)
  • c8e2d4a fix(reactivity): prevent orphan effect when created in a stopped scope (#14778)
  • 7f46fd4 fix(compiler-sfc): infer Vue ref wrapper types when source is unresolvable (#...
  • acfffe3 fix(compiler-sfc): resolve type re-exports inside declare global (#14766)
  • a037385 chore(deps): update build (#14759)
  • 0bc56ff chore(deps): update pnpm to v10.33.3 (#14760)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Related to dependencies npm Related to npm dependencies patch Backwards-compatible change that doesn't touch public API labels May 10, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 10, 2026 23:12
@dependabot dependabot Bot added npm Related to npm dependencies dependencies Related to dependencies patch Backwards-compatible change that doesn't touch public API labels May 10, 2026
@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented May 10, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: 339c696

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@dependabot dependabot Bot changed the title Bump the production-patch group with 8 updates Bump the production-patch group across 1 directory with 8 updates May 11, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/production-patch-e63a0d02ee branch 2 times, most recently from de6dabb to 3e9face Compare May 11, 2026 08:48
@dependabot
Bump the production-patch group across 1 directory with 8 updates
60104f3 
Bumps the production-patch group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `21.2.11` | `21.2.12` |
| [zone.js](https://github.com/angular/angular/tree/HEAD/packages/zone.js) | `0.16.1` | `0.16.2` |
| [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `21.2.11` | `21.2.12` |
| [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `21.2.11` | `21.2.12` |
| [@angular/platform-browser](https://github.com/angular/angular/tree/HEAD/packages/platform-browser) | `21.2.11` | `21.2.12` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.5` | `19.2.6` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.5` | `19.2.6` |
| [vue](https://github.com/vuejs/core) | `3.5.33` | `3.5.34` |



Updates `@angular/core` from 21.2.11 to 21.2.12
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v21.2.12/packages/core)

Updates `zone.js` from 0.16.1 to 0.16.2
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/packages/zone.js/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/zone.js-0.16.2/packages/zone.js)

Updates `@angular/common` from 21.2.11 to 21.2.12
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v21.2.12/packages/common)

Updates `@angular/compiler` from 21.2.11 to 21.2.12
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v21.2.12/packages/compiler)

Updates `@angular/platform-browser` from 21.2.11 to 21.2.12
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v21.2.12/packages/platform-browser)

Updates `react` from 19.2.5 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react)

Updates `react-dom` from 19.2.5 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-dom)

Updates `vue` from 3.5.33 to 3.5.34
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.33...v3.5.34)

---
updated-dependencies:
- dependency-name: "@angular/common"
  dependency-version: 21.2.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-patch
- dependency-name: "@angular/compiler"
  dependency-version: 21.2.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-patch
- dependency-name: "@angular/core"
  dependency-version: 21.2.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-patch
- dependency-name: "@angular/platform-browser"
  dependency-version: 21.2.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-patch
- dependency-name: react
  dependency-version: 19.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-patch
- dependency-name: react-dom
  dependency-version: 19.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-patch
- dependency-name: vue
  dependency-version: 3.5.34
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-patch
- dependency-name: zone.js
  dependency-version: 0.16.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/production-patch-e63a0d02ee branch from 3e9face to 60104f3 Compare May 11, 2026 09:10
@Jym77 Jym77 merged commit c6b4823 into main May 11, 2026
9 checks passed
@Jym77 Jym77 deleted the dependabot/npm_and_yarn/production-patch-e63a0d02ee branch May 11, 2026 10:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Jym77 Jym77 Jym77 approved these changes

Assignees

No one assigned

Labels

dependencies Related to dependencies npm Related to npm dependencies patch Backwards-compatible change that doesn't touch public API

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Jym77