SWI-3723 [Snyk] Fix for 2 vulnerabilities

[bwappsec]

Snyk has created this PR to fix 2 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• samples/client/others/typescript-angular/package.json
• samples/client/others/typescript-angular/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Cross-site Scripting (XSS) SNYK-JS-ANGULARCOMPILER-15610286	75
	Cross-site Scripting (XSS) SNYK-JS-ANGULARCORE-15610287	75

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

[bwappsec]

This is a major upgrade from Angular v17 to v19, introducing significant breaking changes and new architectural paradigms. Manual developer intervention and thorough testing are required.

Key Breaking Changes:

• Standalone by Default: In v19, components, directives, and pipes are now standalone by default. Projects that still rely on NgModules must be updated to explicitly declare standalone: false in their decorators. The ng update command will assist in migrating existing standalone: true components by removing the now-redundant flag, but projects using NgModules will require careful review.
• API Removals: The createNgModuleRef function has been removed. Developers should use createNgModule instead.
• effect() Function Update: The allowSignalWrites flag has been removed from the effect() function, which may alter the behavior of existing effects that relied on this flag.
• Node.js Requirement: This upgrade requires a compatible Node.js version. Angular versions 16 through 19 require Node.js v16 or newer.

Other Notable Changes:

• Zoneless Change Detection: Angular 18 introduced experimental support for running applications without zone.js, a major step towards a more modern and efficient change detection system.
• Stable Signals API: The Signals API for reactive state management is now stable in v19, marking a fundamental shift in Angular's reactivity model.

Recommendation: Use the official ng update @angular/cli@19 @angular/core@19 command to perform the upgrade, as it will handle many automatic migrations. However, due to the scale of the changes, a full regression test of the application is essential. Pay close attention to module-based architecture and any usage of the removed createNgModuleRef API.

Source: Angular Update Guide

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[bwappsec]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.