@angular/core 20.3.19 → 20.3.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/api.d.d.ts +1 -1
- package/chrome_dev_tools_performance.d.d.ts +1 -1
- package/discovery.d.d.ts +1 -1
- package/effect.d.d.ts +1 -1
- package/event_dispatcher.d.d.ts +1 -1
- package/fesm2022/attribute.mjs +1 -1
- package/fesm2022/core.mjs +1 -1
- package/fesm2022/debug_node.mjs +28 -13
- package/fesm2022/debug_node.mjs.map +1 -1
- package/fesm2022/effect.mjs +1 -1
- package/fesm2022/not_found.mjs +1 -1
- package/fesm2022/primitives/di.mjs +1 -1
- package/fesm2022/primitives/event-dispatch.mjs +1 -1
- package/fesm2022/primitives/signals.mjs +1 -1
- package/fesm2022/resource.mjs +1 -1
- package/fesm2022/root_effect_scheduler.mjs +2 -2
- package/fesm2022/root_effect_scheduler.mjs.map +1 -1
- package/fesm2022/rxjs-interop.mjs +1 -1
- package/fesm2022/signal.mjs +1 -1
- package/fesm2022/testing.mjs +1 -1
- package/fesm2022/weak_ref.mjs +1 -1
- package/formatter.d.d.ts +1 -1
- package/index.d.ts +2 -2
- package/package.json +2 -2
- package/primitives/di/index.d.ts +1 -1
- package/primitives/event-dispatch/index.d.ts +1 -1
- package/primitives/signals/index.d.ts +1 -1
- package/rxjs-interop/index.d.ts +1 -1
- package/schematics/bundles/add-bootstrap-context-to-server-main.cjs +5 -5
- package/schematics/bundles/{apply_import_manager-CTzEuFJw.cjs → apply_import_manager-Clb1Y0Nb.cjs} +3 -3
- package/schematics/bundles/cleanup-unused-imports.cjs +5 -5
- package/schematics/bundles/{compiler_host-Ber_JSyo.cjs → compiler_host-AFZotBLM.cjs} +2 -2
- package/schematics/bundles/control-flow-migration.cjs +3 -3
- package/schematics/bundles/document-core.cjs +5 -5
- package/schematics/bundles/imports-CIX-JgAN.cjs +1 -1
- package/schematics/bundles/{index-B8IUVpRW.cjs → index-CD4aCRVu.cjs} +4 -4
- package/schematics/bundles/{index-DUHSh_FI.cjs → index-kR-YjYku.cjs} +12 -12
- package/schematics/bundles/inject-flags.cjs +5 -5
- package/schematics/bundles/inject-migration.cjs +3 -3
- package/schematics/bundles/leading_space-D9nQ8UQC.cjs +1 -1
- package/schematics/bundles/{migrate_ts_type_references-DLcyIMjy.cjs → migrate_ts_type_references-BgYfSnnL.cjs} +5 -5
- package/schematics/bundles/ng_decorators-B5HCqr20.cjs +1 -1
- package/schematics/bundles/nodes-B16H9JUd.cjs +1 -1
- package/schematics/bundles/output-migration.cjs +6 -6
- package/schematics/bundles/{project_paths-D9GYMpqK.cjs → project_paths-Bq_k0pof.cjs} +3 -3
- package/schematics/bundles/{project_tsconfig_paths-MdN5DRlX.cjs → project_tsconfig_paths-D2eb40pS.cjs} +46 -9
- package/schematics/bundles/property_name-BBwFuqMe.cjs +1 -1
- package/schematics/bundles/route-lazy-loading.cjs +3 -3
- package/schematics/bundles/router-current-navigation.cjs +4 -4
- package/schematics/bundles/self-closing-tags-migration.cjs +4 -4
- package/schematics/bundles/signal-input-migration.cjs +7 -7
- package/schematics/bundles/signal-queries-migration.cjs +7 -7
- package/schematics/bundles/signals.cjs +7 -7
- package/schematics/bundles/standalone-migration.cjs +4 -4
- package/schematics/bundles/symbol-VPWguRxr.cjs +1 -1
- package/schematics/bundles/test-bed-get.cjs +4 -4
- package/testing/index.d.ts +1 -1
- package/weak_ref.d.d.ts +1 -1
package/api.d.d.ts
CHANGED
package/discovery.d.d.ts
CHANGED
package/effect.d.d.ts
CHANGED
package/event_dispatcher.d.d.ts
CHANGED
package/fesm2022/attribute.mjs
CHANGED
package/fesm2022/core.mjs
CHANGED
package/fesm2022/debug_node.mjs
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* @license Angular v20.3.
|
|
2
|
+
* @license Angular v20.3.20
|
|
3
3
|
* (c) 2010-2025 Google LLC. https://angular.dev/
|
|
4
4
|
* License: MIT
|
|
5
5
|
*/
|
|
@@ -6242,13 +6242,6 @@ function validateAgainstEventProperties(name) {
|
|
|
6242
6242
|
throw new RuntimeError(306 /* RuntimeErrorCode.INVALID_EVENT_BINDING */, errorMessage);
|
|
6243
6243
|
}
|
|
6244
6244
|
}
|
|
6245
|
-
function validateAgainstEventAttributes(name) {
|
|
6246
|
-
if (name.toLowerCase().startsWith('on')) {
|
|
6247
|
-
const errorMessage = `Binding to event attribute '${name}' is disallowed for security reasons, ` +
|
|
6248
|
-
`please use (${name.slice(2)})=...`;
|
|
6249
|
-
throw new RuntimeError(306 /* RuntimeErrorCode.INVALID_EVENT_BINDING */, errorMessage);
|
|
6250
|
-
}
|
|
6251
|
-
}
|
|
6252
6245
|
function getSanitizer() {
|
|
6253
6246
|
const lView = getLView();
|
|
6254
6247
|
return lView && lView[ENVIRONMENT].sanitizer;
|
|
@@ -9281,7 +9274,9 @@ function setDomProperty(tNode, lView, propName, value, renderer, sanitizer) {
|
|
|
9281
9274
|
if (tNode.type & 3 /* TNodeType.AnyRNode */) {
|
|
9282
9275
|
const element = getNativeByTNode(tNode, lView);
|
|
9283
9276
|
if (ngDevMode) {
|
|
9284
|
-
|
|
9277
|
+
if (lView[TVIEW].firstUpdatePass) {
|
|
9278
|
+
validateAgainstEventProperties(propName);
|
|
9279
|
+
}
|
|
9285
9280
|
if (!isPropertyValid(element, propName, tNode.value, lView[TVIEW].schemas)) {
|
|
9286
9281
|
handleUnknownPropertyError(propName, tNode.value, tNode.type, lView);
|
|
9287
9282
|
}
|
|
@@ -9448,7 +9443,6 @@ function findDirectiveDefMatches(tView, tNode) {
|
|
|
9448
9443
|
function elementAttributeInternal(tNode, lView, name, value, sanitizer, namespace) {
|
|
9449
9444
|
if (ngDevMode) {
|
|
9450
9445
|
assertNotSame(value, NO_CHANGE, 'Incoming value should never be NO_CHANGE.');
|
|
9451
|
-
validateAgainstEventAttributes(name);
|
|
9452
9446
|
assertTNodeType(tNode, 2 /* TNodeType.Element */, `Attempted to set attribute \`${name}\` on a container node. ` +
|
|
9453
9447
|
`Host bindings are not valid on ng-container or ng-template.`);
|
|
9454
9448
|
}
|
|
@@ -14727,7 +14721,7 @@ class ComponentFactory extends ComponentFactory$1 {
|
|
|
14727
14721
|
}
|
|
14728
14722
|
function createRootTView(rootSelectorOrNode, componentDef, componentBindings, directives) {
|
|
14729
14723
|
const tAttributes = rootSelectorOrNode
|
|
14730
|
-
? ['ng-version', '20.3.
|
|
14724
|
+
? ['ng-version', '20.3.20']
|
|
14731
14725
|
: // Extract attributes and classes from the first selector only to match VE behavior.
|
|
14732
14726
|
extractAttrsAndClassesFromSelector(componentDef.selectors[0]);
|
|
14733
14727
|
let creationBindings = null;
|
|
@@ -24924,7 +24918,7 @@ function i18nAttributesFirstPass(tView, index, values) {
|
|
|
24924
24918
|
// the compiler treats static i18n attributes as regular attribute bindings.
|
|
24925
24919
|
// Since this may not be the first i18n attribute on this element we need to pass in how
|
|
24926
24920
|
// many previous bindings there have already been.
|
|
24927
|
-
generateBindingUpdateOpCodes(updateOpCodes, message, previousElementIndex, attrName, countBindings(updateOpCodes),
|
|
24921
|
+
generateBindingUpdateOpCodes(updateOpCodes, message, previousElementIndex, attrName, countBindings(updateOpCodes), i18nSanitizeAttribute(attrName));
|
|
24928
24922
|
}
|
|
24929
24923
|
}
|
|
24930
24924
|
tView.data[index] = updateOpCodes;
|
|
@@ -25252,7 +25246,7 @@ function walkIcuTree(ast, tView, tIcu, lView, sharedUpdateOpCodes, create, remov
|
|
|
25252
25246
|
const hasBinding = !!attr.value.match(BINDING_REGEXP);
|
|
25253
25247
|
if (hasBinding) {
|
|
25254
25248
|
if (VALID_ATTRS.hasOwnProperty(lowerAttrName)) {
|
|
25255
|
-
generateBindingUpdateOpCodes(update, attr.value, newIndex, attr.name, 0,
|
|
25249
|
+
generateBindingUpdateOpCodes(update, attr.value, newIndex, attr.name, 0, i18nSanitizeAttribute(lowerAttrName));
|
|
25256
25250
|
}
|
|
25257
25251
|
else {
|
|
25258
25252
|
ngDevMode &&
|
|
@@ -25353,6 +25347,27 @@ function addCreateNodeAndAppend(create, marker, text, appendToParentIdx, createA
|
|
|
25353
25347
|
function addCreateAttribute(create, newIndex, attrName, attrValue) {
|
|
25354
25348
|
create.push((newIndex << 1 /* IcuCreateOpCode.SHIFT_REF */) | 1 /* IcuCreateOpCode.Attr */, attrName, attrValue);
|
|
25355
25349
|
}
|
|
25350
|
+
/**
|
|
25351
|
+
* Caches all keys of `SECURITY_SENSITIVE_ELEMENTS` in a Set to avoid recomputing
|
|
25352
|
+
* or scanning them on every invocation.
|
|
25353
|
+
*/
|
|
25354
|
+
const SECURITY_SENSITIVE_ATTRS = /* @__PURE__ */ (() => new Set(Object.values(SECURITY_SENSITIVE_ELEMENTS).flatMap((attrs) => (attrs ? [...attrs.keys()] : []))))();
|
|
25355
|
+
/**
|
|
25356
|
+
* Returns a sanitizer for the given attribute name or null if the attribute is not security sensitive.
|
|
25357
|
+
*
|
|
25358
|
+
* @param attrName The name of the attribute to sanitize.
|
|
25359
|
+
* @returns The sanitizer for the given attribute name.
|
|
25360
|
+
*/
|
|
25361
|
+
function i18nSanitizeAttribute(attrName) {
|
|
25362
|
+
const lowerAttrName = attrName.toLowerCase();
|
|
25363
|
+
if (SENSITIVE_ATTRS[lowerAttrName]) {
|
|
25364
|
+
return _sanitizeUrl;
|
|
25365
|
+
}
|
|
25366
|
+
if (SECURITY_SENSITIVE_ATTRS.has(lowerAttrName)) {
|
|
25367
|
+
return ɵɵvalidateAttribute;
|
|
25368
|
+
}
|
|
25369
|
+
return null;
|
|
25370
|
+
}
|
|
25356
25371
|
|
|
25357
25372
|
// i18nPostprocess consts
|
|
25358
25373
|
const ROOT_TEMPLATE_ID = 0;
|