build(deps): bump the npm_and_yarn group across 2 directories with 2 updates

[dependabot[bot]]

Bumps the npm_and_yarn group with 1 update in the / directory: micromatch. Bumps the npm_and_yarn group with 2 updates in the /frontend directory: micromatch and @angular/core.

Updates micromatch from 4.0.7 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

• backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

Commits

• 8bd704e 4.0.8
• a0e6841 run verb to generate README documentation
• 4ec2884 Merge branch 'v4' into hauserkristof-feature/v4.0.8
• 03aa805 Merge pull request #266 from hauserkristof/feature/v4.0.8
• 814f5f7 lint
• 67fcce6 fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
• 113f2e3 fix: CVE numbers in CHANGELOG
• d9dbd9a feat: updated CHANGELOG
• 2ab1315 fix: use actions/setup-node@v4
• 1406ea3 feat: rework test to work on macos with node 10,12 and 14
• Additional commits viewable in compare view

Updates micromatch from 4.0.5 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

• backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

Commits

• 8bd704e 4.0.8
• a0e6841 run verb to generate README documentation
• 4ec2884 Merge branch 'v4' into hauserkristof-feature/v4.0.8
• 03aa805 Merge pull request #266 from hauserkristof/feature/v4.0.8
• 814f5f7 lint
• 67fcce6 fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
• 113f2e3 fix: CVE numbers in CHANGELOG
• d9dbd9a feat: updated CHANGELOG
• 2ab1315 fix: use actions/setup-node@v4
• 1406ea3 feat: rework test to work on macos with node 10,12 and 14
• Additional commits viewable in compare view

Updates @angular/core from 17.3.12 to 18.0.0

Release notes

Sourced from @​angular/core's releases.

v18.0.0

18.0.0 (2024-05-22)

animations

Commit	Description
	remove deprecated matchesElement from AnimationDriver (#55479)

common

Commit	Description
	Deprecate Local Data API functions (#54483)
	remove deprecated isPlatformWorkerApp and isPlatformWorkerUi API (#55302)

compiler

Commit	Description
	add math elements to schema (#55631)
	allow comments between connected blocks (#55966)
	capture all control flow branches for content projection in if blocks (#54921)
	capture switch block cases for content projection (#54921)
	declare for loop aliases in addition to new name (#54942)
	For FatalDiagnosticError, hide the message field without affecting the emit (#55160)
	maintain multiline CSS selectors during CSS scoping (#55509)
	output input flags as a literal (#55215)
	prevent usage of reserved control flow symbol in custom interpolation context. (#55809)
	remove container index from conditional instruction (#55190)
	remove support for unassignable expressions in two-way bindings (#55342)
	throw error if item name and context variables conflict (#55045)

compiler-cli

Commit	Description
	add partial compilation support for deferred blocks (#54908)
	drop support for TypeScript older than 5.4 (#54961)
	add diagnostic if initializer API is used outside of an initializer (#54993)
	do not throw when retrieving TCB symbol for signal input with restricted access (#55774)
	dom property binding check in signal extended diagnostic (#54324)
	don't type check the bodies of control flow nodes in basic mode (#55360)
	fix type narrowing of @if with aliases (#55835)
	preserve original reference to non-deferrable dependency (#54759)
	report cases where initializer APIs are used in a non-directive class (#54993)
	report errors when initializer APIs are used on private fields (#54981)
	use switch statements to narrow Angular switch blocks (#55168)

core

Commit	Description
	Add a public API to establish events to be replayed and an attribute to mark an element with an event handler. (#55356)
	Add ability to configure zone change detection to use zoneless scheduler (#55252)
	Add build target for jsaction contract binary. (#55319)
	Add event delegation library to queue up events and replay them when the application is ready (#55121)
	add HOST_TAG_NAME token (#54751)
	add support for fallback content in ng-content (#54854)

... (truncated)

Changelog

Sourced from @​angular/core's changelog.

17.3.12 (2024-07-17)

compiler

Commit	Type	Description
327bae473b	fix	JIT mode incorrectly interpreting host directive configuration in partial compilation (#57002) (#57003)

18.1.0 (2024-07-10)

common

Commit	Type	Description
f25653e231	fix	typo in NgOptimizedImage warning (#56756)
9b35726e42	fix	typo in warning for NgOptimizedDirective (#56817)

compiler

Commit	Type	Description
fd6cd0422d	feat	Add extended diagnostic to warn when there are uncalled functions in event bindings (#56295)
341a116d61	fix	allow more characters in let declaration name (#56764)
2a1291e942	fix	give precedence to local let declarations over parent ones (#56752)

compiler-cli

Commit	Type	Description
66e582551e	fix	avoid duplicate diagnostics for let declarations read before definition (#56843)
4d18c5bfd5	fix	flag all conflicts between let declarations and local symbols (#56752)
9e21582456	fix	Show template syntax errors in local compilation modified (#55855)
5996502921	fix	type check let declarations nested inside nodes (#56752)
cdebf751e4	fix	used before declared diagnostic not firing for control flow blocks (#56843)

core

Commit	Type	Description
ea3c802056	feat	Add a schematic to migrate afterRender phase flag (#55648)
5df3e78c99	feat	add equality function to rxjs-interop toSignal (#56447)
0a48d584f2	feat	add support for let syntax (#56715)
352e0782ec	feat	expose signal input metadata in ComponentMirror (#56402)
a655e46447	feat	Redesign the afterRender & afterNextRender phases API (#55648)
e5a6f91722	feat	support TypeScript 5.5 (#56096)
38effcc63e	fix	Add back phase flag option as a deprecated API (#55648)
86bcfd3e49	fix	improve docs on afterRender hooks (#56522)
b2445a0953	fix	link errors to ADEV (#55554) (#56038)
03a2acd2a3	fix	properly remove imports in the afterRender phase migration (#56524)
4d87b9e899	fix	rename the equality function option in toSignal (#56769) (#56922)
8bd4c074af	fix	toSignal equal option should be passed to inner computed (#56903)

forms

Commit	Type	Description
00bde8b1c2	fix	Make NgControlStatus host bindings OnPush compatible (#55720)

http

| Commit | Type | Description |

... (truncated)

Commits

• b79b6c1 refactor(core): Add a bit to EventInfo to mark resolution. (#55864)
• c881c3e refactor(core): Add additional cleanups to PR- Simplify event handler extract...
• 0cbd73c fix(core): add warning when using zoneless but zone.js is still loaded (#55769)
• e923a76 refactor(core): Remove legacy_dispatcher.ts which is no longer needed. (#55784)
• 239d4f0 refactor(core): Cleanup dead jsnamespace code (#55795)
• 0147e0b fix(core): exhaustive checkNoChanges should only do a single pass (#55839)
• 0e16654 refactor(forms): remove deprecated symbols (#55723)
• 69085ea fix(core): error about provideExperimentalCheckNoChangesForDebug uses wrong n...
• e76bebd refactor(core): Update error for both zone and zoneless to be only for apps (...
• eda86d5 refactor(core): calling autoDetectChanges without params works for zoneless (...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rocket-admin/rocketadmin/network/alerts).

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}