Skip to content

build(deps-dev): Bump @angular/core from 21.1.1 to 21.1.6 in the npm_and_yarn group across 1 directory#32

Merged
github-actions[bot] merged 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-b36768baba
Feb 28, 2026
Merged

build(deps-dev): Bump @angular/core from 21.1.1 to 21.1.6 in the npm_and_yarn group across 1 directory#32
github-actions[bot] merged 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-b36768baba

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 28, 2026

Bumps the npm_and_yarn group with 1 update in the / directory: @angular/core.

Updates @angular/core from 21.1.1 to 21.1.6

Release notes

Sourced from @​angular/core's releases.

21.1.6

common

Commit Description
fix - 31d3d56496 fix LCP image detection with duplicate URLs

compiler-cli

Commit Description
fix - 24b578ce90 detect uninvoked functions in defer trigger expressions

core

Commit Description
fix - b858309532 block creation of sensitive URI attributes from ICU messages

Breaking Changes

core

  • Angular now only applies known attributes from HTML in translated ICU content. Unknown attributes are dropped and not rendered.

    (cherry picked from commit 306f367899dfc2e04238fecd3455547b5d54075d)

21.1.5

No user facing changes in this release

21.1.4

compiler

Commit Description
fix - caab23dfe6 add geolocation element to schema

core

Commit Description
fix - 2b99eaa019 capture animation dependencies eagerly to avoid destroyed injector
fix - d6aeac504c Fix flakey test due to document injection

forms

Commit Description
feat - 0d1acd0165 support signal-based schemas in validateStandardSchema

http

Commit Description
fix - 3905015ccc correctly parse ArrayBuffer and Blob in transfer cache

21.1.3

core

Commit Description
fix - 2b254bc050 linkedSignal.update should propagate errors
fix - e5110b4fa1 export DirectiveWithBindings
fix - 2cf4da0ea1 hold constructors weakly in DepsTracker cache
fix - 70a5b651be prevent element duplication with dynamic components

forms

... (truncated)

Changelog

Sourced from @​angular/core's changelog.

21.1.6 (2026-02-25)

Breaking Changes

core

  • Angular now only applies known attributes from HTML in translated ICU content. Unknown attributes are dropped and not rendered.

    (cherry picked from commit 306f367899dfc2e04238fecd3455547b5d54075d)

common

Commit Type Description
31d3d56496 fix fix LCP image detection with duplicate URLs

compiler-cli

Commit Type Description
24b578ce90 fix detect uninvoked functions in defer trigger expressions

core

Commit Type Description
b858309532 fix block creation of sensitive URI attributes from ICU messages

21.1.5 (2026-02-18)

No user facing changes in this release

21.1.4 (2026-02-11)

compiler

Commit Type Description
caab23dfe6 fix add geolocation element to schema

core

Commit Type Description
2b99eaa019 fix capture animation dependencies eagerly to avoid destroyed injector
d6aeac504c fix Fix flakey test due to document injection

forms

Commit Type Description
0d1acd0165 feat support signal-based schemas in validateStandardSchema

http

Commit Type Description
3905015ccc fix correctly parse ArrayBuffer and Blob in transfer cache

... (truncated)

Commits
  • b858309 fix(core): block creation of sensitive URI attributes from ICU messages
  • a8dcb28 refactor(core): remove outdated TODO comments
  • 31d3d56 fix(common): fix LCP image detection with duplicate URLs
  • 866da08 docs: add new debugging and troubleshooting di guide
  • 58eba77 refactor(core): remove outdated TODO comments referencing TypeScript 2.1
  • 9c3022d refactor(platform-server): split zone/zoneless tests.
  • 7150df2 build: update cross-repo angular dependencies to v21.1.4
  • 2b99eaa fix(core): capture animation dependencies eagerly to avoid destroyed injector
  • d9ec23e test: add test about mapped attributes to input
  • 6c14e3a build: update Jasmine to 6.0.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps-dev): Bump @angular/core
70188e3 
Bumps the npm_and_yarn group with 1 update in the / directory: [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core).


Updates `@angular/core` from 21.1.1 to 21.1.6
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v21.1.6/packages/core)

---
updated-dependencies:
- dependency-name: "@angular/core"
  dependency-version: 21.1.6
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 28, 2026
@github-actions github-actions bot merged commit 16a7ee7 into master Feb 28, 2026
2 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-b36768baba branch February 28, 2026 07:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants