[Snyk] Upgrade: @angular/animations, @angular/common, @angular/compiler, @angular/core, @angular/forms, @angular/platform-browser, @angular/platform-browser-dynamic, @angular/router

[snyk-bot]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on
@angular/animations from 14.2.6 to 14.2.12	6 versions ahead of your current version	23 days ago on 2022-11-21
@angular/common from 14.2.6 to 14.2.12	6 versions ahead of your current version	23 days ago on 2022-11-21
@angular/compiler from 14.2.6 to 14.2.12	6 versions ahead of your current version	23 days ago on 2022-11-21
@angular/core from 14.2.6 to 14.2.12	6 versions ahead of your current version	23 days ago on 2022-11-21
@angular/forms from 14.2.6 to 14.2.12	6 versions ahead of your current version	23 days ago on 2022-11-21
@angular/platform-browser from 14.2.6 to 14.2.12	6 versions ahead of your current version	23 days ago on 2022-11-21
@angular/platform-browser-dynamic from 14.2.6 to 14.2.12	6 versions ahead of your current version	23 days ago on 2022-11-21
@angular/router from 14.2.6 to 14.2.12	6 versions ahead of your current version	23 days ago on 2022-11-21

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	265/1000 Why? CVSS 5.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	265/1000 Why? CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @angular/animations

• 14.2.12 - 2022-11-21
  

  14.2.12 (2022-11-21)

  Breaking Changes

  core

  • Existing iframe usages may have security-sensitive attributes applied as an attribute or property binding in a template or via host bindings in a directive. Such usages would require an update to ensure compliance with the new stricter rules around iframe bindings.

  core

  Commit	Description
  	hardening attribute and property binding rules for <iframe> elements (#48028)

  Special Thanks

  Andrew Kushnir

• 14.2.11 - 2022-11-16
• 14.2.10 - 2022-11-09
• 14.2.9 - 2022-11-03
• 14.2.8 - 2022-10-26
• 14.2.7 - 2022-10-19
• 14.2.6 - 2022-10-12

from @angular/animations GitHub release notes

Package name: @angular/common

• 14.2.12 - 2022-11-21
  

  14.2.12 (2022-11-21)

  Breaking Changes

  core

  • Existing iframe usages may have security-sensitive attributes applied as an attribute or property binding in a template or via host bindings in a directive. Such usages would require an update to ensure compliance with the new stricter rules around iframe bindings.

  core

  Commit	Description
  	hardening attribute and property binding rules for <iframe> elements (#48028)

  Special Thanks

  Andrew Kushnir

• 14.2.11 - 2022-11-16
• 14.2.10 - 2022-11-09
• 14.2.9 - 2022-11-03
• 14.2.8 - 2022-10-26
• 14.2.7 - 2022-10-19
• 14.2.6 - 2022-10-12

from @angular/common GitHub release notes

Package name: @angular/compiler

• 14.2.12 - 2022-11-21
  

  14.2.12 (2022-11-21)

  Breaking Changes

  core

  • Existing iframe usages may have security-sensitive attributes applied as an attribute or property binding in a template or via host bindings in a directive. Such usages would require an update to ensure compliance with the new stricter rules around iframe bindings.

  core

  Commit	Description
  	hardening attribute and property binding rules for <iframe> elements (#48028)

  Special Thanks

  Andrew Kushnir

• 14.2.11 - 2022-11-16
• 14.2.10 - 2022-11-09
• 14.2.9 - 2022-11-03
• 14.2.8 - 2022-10-26
• 14.2.7 - 2022-10-19
• 14.2.6 - 2022-10-12

from @angular/compiler GitHub release notes

Package name: @angular/core

• 14.2.12 - 2022-11-21
  

  14.2.12 (2022-11-21)

  Breaking Changes

  core

  • Existing iframe usages may have security-sensitive attributes applied as an attribute or property binding in a template or via host bindings in a directive. Such usages would require an update to ensure compliance with the new stricter rules around iframe bindings.

  core

  Commit	Description
  	hardening attribute and property binding rules for <iframe> elements (#48028)

  Special Thanks

  Andrew Kushnir

• 14.2.11 - 2022-11-16
• 14.2.10 - 2022-11-09
• 14.2.9 - 2022-11-03
• 14.2.8 - 2022-10-26
• 14.2.7 - 2022-10-19
• 14.2.6 - 2022-10-12

from @angular/core GitHub release notes

Package name: @angular/forms

• 14.2.12 - 2022-11-21
  

  14.2.12 (2022-11-21)

  Breaking Changes

  core

  • Existing iframe usages may have security-sensitive attributes applied as an attribute or property binding in a template or via host bindings in a directive. Such usages would require an update to ensure compliance with the new stricter rules around iframe bindings.

  core

  Commit	Description
  	hardening attribute and property binding rules for <iframe> elements (#48028)

  Special Thanks

  Andrew Kushnir

• 14.2.11 - 2022-11-16
• 14.2.10 - 2022-11-09
• 14.2.9 - 2022-11-03
• 14.2.8 - 2022-10-26
• 14.2.7 - 2022-10-19
• 14.2.6 - 2022-10-12

from @angular/forms GitHub release notes

Package name: @angular/platform-browser

• 14.2.12 - 2022-11-21
  

  14.2.12 (2022-11-21)

  Breaking Changes

  core

  • Existing iframe usages may have security-sensitive attributes applied as an attribute or property binding in a template or via host bindings in a directive. Such usages would require an update to ensure compliance with the new stricter rules around iframe bindings.

  core

  Commit	Description
  	hardening attribute and property binding rules for <iframe> elements (#48028)

  Special Thanks

  Andrew Kushnir

• 14.2.11 - 2022-11-16
• 14.2.10 - 2022-11-09
• 14.2.9 - 2022-11-03
• 14.2.8 - 2022-10-26
• 14.2.7 - 2022-10-19
• 14.2.6 - 2022-10-12

from @angular/platform-browser GitHub release notes

Package name: @angular/platform-browser-dynamic

• 14.2.12 - 2022-11-21
  

  14.2.12 (2022-11-21)

  Breaking Changes

  core

  • Existing iframe usages may have security-sensitive attributes applied as an attribute or property binding in a template or via host bindings in a directive. Such usages would require an update to ensure compliance with the new stricter rules around iframe bindings.

  core

  Commit	Description
  	hardening attribute and property binding rules for <iframe> elements (#48028)

  Special Thanks

  Andrew Kushnir

• 14.2.11 - 2022-11-16
• 14.2.10 - 2022-11-09
• 14.2.9 - 2022-11-03
• 14.2.8 - 2022-10-26
• 14.2.7 - 2022-10-19
• 14.2.6 - 2022-10-12

from @angular/platform-browser-dynamic GitHub release notes

Package name: @angular/router

• 14.2.12 - 2022-11-21
  

  14.2.12 (2022-11-21)

  Breaking Changes

  core

  • Existing iframe usages may have security-sensitive attributes applied as an attribute or property binding in a template or via host bindings in a directive. Such usages would require an update to ensure compliance with the new stricter rules around iframe bindings.

  core

  Commit	Description
  	hardening attribute and property binding rules for <iframe> elements (#48028)

  Special Thanks

  Andrew Kushnir

• 14.2.11 - 2022-11-16
• 14.2.10 - 2022-11-09
• 14.2.9 - 2022-11-03
• 14.2.8 - 2022-10-26
• 14.2.7 - 2022-10-19
• 14.2.6 - 2022-10-12

from @angular/router GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs