Skip to content

Bump @angular/platform-server from 20.3.17 to 20.3.21#731

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/angular/platform-server-20.3.21
Open

Bump @angular/platform-server from 20.3.17 to 20.3.21#731
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/angular/platform-server-20.3.21

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 19, 2026
edited
Loading

Bumps @angular/platform-server from 20.3.17 to 20.3.21.

Release notes

Sourced from @​angular/platform-server's releases.

20.3.21

platform-server

Commit Description
fix - f584840e2e add allowedHosts option to renderModule and renderApplication

20.3.20

core

Commit Description
fix - a9bcffdbc7 disallow event attribute bindings in host bindings unconditionally (#68468)
fix - 97eeb45cfa validate security-sensitive attributes in i18n bindings (#68468)

platform-server

Commit Description
fix - 25e4e07238 ensure origin has a trailing slash when parsing url (#68468)

20.3.19

platform-server

Commit Description
fix - 303d4cd580 prevent SSRF bypasses via protocol-relative and backslash URLs

20.3.18

compiler

Commit Description
fix - 02fbf08890 disallow translations of iframe src

core

Commit Description
fix - 72126f9a08 sanitize translated attribute bindings with interpolations
fix - 626bc8bc20 sanitize translated form attributes
Changelog

Sourced from @​angular/platform-server's changelog.

20.3.21 (2026-05-12)

platform-server

Commit Type Description
f584840e2e fix add allowedHosts option to renderModule and renderApplication

22.0.0-next.12 (2026-05-08)

core

Commit Type Description
8ebae1de33 fix allow service with factory on abstract classes
6f525245cd fix disallow event attribute bindings in host bindings unconditionally

migrations

Commit Type Description
0f2160c410 fix remove compiler import from safe optional chaining migration

platform-server

Commit Type Description
a451a1d66e fix add allowedHosts option to renderModule and renderApplication

22.0.0-next.11 (2026-05-06)

Breaking Changes

forms

  • min and max validation rules no longer support string values. Bound values must be numbers or null.

Deprecations

http

  • The reportProgress option is deprecated please use reportUploadProgress & reportDownloadProgress instead.

compiler

Commit Type Description
b225a5d902 fix invalid type checking code if field name needs to be quoted

compiler-cli

Commit Type Description
b8d3f36ed9 feat add support for Node.js 26.0.0
2eae497a04 feat support external TCBs with copied content in specific mode

core

Commit Type Description
3b0ae5fef0 feat add provideWebMcpTools
5a7c1e62dc feat add ability to cache resources for SSR
ef1810197b feat export experimental declareWebMcpTool support

... (truncated)

Commits
  • f584840 fix(platform-server): add allowedHosts option to renderModule and `render...
  • 25e4e07 fix(platform-server): ensure origin has a trailing slash when parsing url (#6...
  • 303d4cd fix(platform-server): prevent SSRF bypasses via protocol-relative and backsla...
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 19, 2026
@dependabot dependabot Bot mentioned this pull request May 19, 2026
Closed
@dependabot
Bump @angular/platform-server from 20.3.17 to 20.3.21
82654d1 
Bumps [@angular/platform-server](https://github.com/angular/angular/tree/HEAD/packages/platform-server) from 20.3.17 to 20.3.21.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/v20.3.21/packages/platform-server)

---
updated-dependencies:
- dependency-name: "@angular/platform-server"
  dependency-version: 20.3.21
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/angular/platform-server-20.3.21 branch from 0d86585 to 82654d1 Compare May 20, 2026 16:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants