SWI-3723 [Snyk] Security upgrade @angular/core from 17.1.0 to 19.2.19

[bwappsec]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• samples/client/others/typescript-angular/package.json
• samples/client/others/typescript-angular/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Cross-site Scripting (XSS) SNYK-JS-ANGULARCORE-15353393	164

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

[bwappsec]

This is a major upgrade across two full versions, from Angular 17 to 19. It introduces significant breaking changes and new architectural defaults that require developer action and thorough testing.

Key Breaking Changes & Required Actions:

• Standalone by Default: The most significant change in v19 is that components, directives, and pipes are now standalone by default. The ng update process will run a migration to remove the standalone: true property from your components. If your application still uses NgModules, you must explicitly mark those components with standalone: false. [2, 12, 13]
• Node.js Version Requirement: Angular 19 requires Node.js version 18.19.2 or higher. You must update your development and deployment environments. [4]
• Stabilization of Reactivity APIs: Signal-based APIs for input, output, and view queries have graduated from developer preview to stable in v19. [2] While schematics are provided to assist with migration, you should verify that your application's behavior is consistent.

Other Notable Changes:

• New Migration Schematics: Angular 19 provides several new schematics to help modernize your codebase, including migrations to convert constructor-based dependency injection to the inject() function and to convert eagerly loaded routes to lazy-loaded ones. [2, 12]
• Server-Side Rendering (SSR) Enhancements: v19 introduces a developer preview of Incremental Hydration, which allows for lazily hydrating parts of a template using @defer syntax. [2, 12]
• New Experimental APIs: v19 introduces new experimental reactive primitives like resource() for managing asynchronous operations. [2, 5]

Recommendation:

This is a high-impact upgrade. Developers must:

1. Follow the official Angular Update Guide to upgrade sequentially from v17 to v18, and then to v19.
2. Ensure the Node.js environment is updated before starting.
3. Run all recommended ng update schematics, paying close attention to the standalone migration.
4. Thoroughly test the application, focusing on component instantiation, dependency injection, and routing behavior.

Source: Angular 19 Release Announcement, Angular 18 Release Announcement

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[bwappsec]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.