chore(deps): Bump the dependencies-angular group in /springwolf-ui with 12 updates

[dependabot]

Bumps the dependencies-angular group in /springwolf-ui with 12 updates:

Package	From	To
@angular/animations	22.0.0	22.0.1
@angular/cdk	22.0.0	22.0.1
@angular/common	22.0.0	22.0.1
@angular/compiler	22.0.0	22.0.1
@angular/core	22.0.0	22.0.1
@angular/material	22.0.0	22.0.1
@angular/platform-browser	22.0.0	22.0.1
@angular/platform-browser-dynamic	22.0.0	22.0.1
@angular/router	22.0.0	22.0.1
@angular/build	22.0.0	22.0.1
@angular/cli	22.0.0	22.0.1
@angular/compiler-cli	22.0.0	22.0.1

Updates @angular/animations from 22.0.0 to 22.0.1

Release notes

Sourced from @​angular/animations's releases.

22.0.1

common

Commit	Description
	escape CSS string-terminating characters in escapeCssUrl
	Limits date format string length
	prevent prototype pollution in formatDateTime
	use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit	Description
	disallow i18n event attributes
	more robust logic to check if regex can be optimized
	sanitize href/xlink:href attributes of any element of the MathML namespace
	sanitize two-way properties

compiler-cli

Commit	Description
	bind switch exhaustive check expressions

core

Commit	Description
	disable WebMCP during SSR
	Handle synchronous errors in PendingTasks.run function
	harden TransferState restoration against DOM clobbering
	prevent dangling prevConsumer reference from leaking destroyed views (#68681)
	require WebMCP tool descriptions
	update comment for Default change detection
	use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
	validate lowercase SVG animation attribute names

forms

Commit	Description
	delay mcp reading the form model by a tick
	harden FormGroup control lookups against prototype shadowing
	remove animationstart listener on component destroy to prevent memory leak
	set additionalProperties: false on generated WebMCP form

http

Commit	Description
	ensure query parameters are inserted before URL fragments
	pass down the reportUploadProgress and reportDownloadProgress on post/patch requests
	preserve empty referrer option in HttpRequest
	Rejects non-HTTP(S) URLs in JSONP requests

language-service

Commit	Description
	prevent external template inlay hints from appearing in TS files

platform-server

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular/animations's changelog.

22.0.1 (2026-06-10)

Deprecations

platform-server

• XHR support in @angular/platform-server is deprecated. Use standard fetch APIs instead. (cherry picked from commit 8446e46f8bc33bd4419fa7f6106b8d117ca2e099)

common

Commit	Type	Description
c4b5fa3c92	fix	escape CSS string-terminating characters in escapeCssUrl
dfff57ede9	fix	Limits date format string length
3c2892c8df	fix	prevent prototype pollution in formatDateTime
1d87c49f6e	fix	use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit	Type	Description
1ee224ca30	fix	disallow i18n event attributes
a56f1cdf8f	fix	more robust logic to check if regex can be optimized
5946c18275	fix	sanitize href/xlink:href attributes of any element of the MathML namespace
393b84caf8	fix	sanitize two-way properties

compiler-cli

Commit	Type	Description
3d9ca2f173	fix	bind switch exhaustive check expressions

core

Commit	Type	Description
669146b0e7	fix	disable WebMCP during SSR
562a566ead	fix	Handle synchronous errors in PendingTasks.run function
fa546f382d	fix	harden TransferState restoration against DOM clobbering
29fdb98684	fix	prevent dangling prevConsumer reference from leaking destroyed views (#68681)
cdcea80327	fix	require WebMCP tool descriptions
4289c4c840	fix	update comment for Default change detection
3dd433b39a	fix	use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
045bb736b3	fix	validate lowercase SVG animation attribute names

forms

Commit	Type	Description
11836a670a	fix	delay mcp reading the form model by a tick
85d2d100e3	fix	harden FormGroup control lookups against prototype shadowing
e51ad374ea	fix	remove animationstart listener on component destroy to prevent memory leak
55b7b5a6b6	fix	set additionalProperties: false on generated WebMCP form

http

Commit	Type	Description
ffb06c0514	fix	ensure query parameters are inserted before URL fragments
2dd65d21e6	fix	pass down the reportUploadProgress and reportDownloadProgress on post/patch requests
4254eb416c	fix	preserve empty referrer option in HttpRequest
167bd4c162	fix	Rejects non-HTTP(S) URLs in JSONP requests

language-service

| Commit | Type | Description |

... (truncated)

Commits

• See full diff in compare view

Updates @angular/cdk from 22.0.0 to 22.0.1

Release notes

Sourced from @​angular/cdk's releases.

22.0.1

youtube-player

Commit	Description
	avoid errors with clobbered variables
	validate ID before attaching them to placeholder

material

Commit	Description
	dialog: ignore clicks on aria-disabled close buttons (#33373)
	timepicker: do not allow intervals less than a second (#33354)

cdk

Commit	Description
	a11y: avoid prototype conflicts in id generator (#33356)
	clipboard: avoid infinite attempt loop (#33366)

aria

Commit	Description
	combobox: avoid error for synthetic events (#33360)
	combobox: prevent re-dispatching keyboard event on control target change (#33362)
	tree: recursive textDirection getter (#33337)

Changelog

Sourced from @​angular/cdk's changelog.

22.0.1 "argon-apple" (2026-06-10)

aria

Commit	Type	Description
7581b0592	fix	combobox: avoid error for synthetic events (#33360)
1c4706155	fix	combobox: prevent re-dispatching keyboard event on control target change (#33362)
96e9ce10c	fix	tree: recursive textDirection getter (#33337)

cdk

Commit	Type	Description
629aea403	fix	a11y: avoid prototype conflicts in id generator (#33356)
49aeb676c	fix	clipboard: avoid infinite attempt loop (#33366)

material

Commit	Type	Description
d7a8cb963	fix	dialog: ignore clicks on aria-disabled close buttons (#33373)
bde3c7621	fix	timepicker: do not allow intervals less than a second (#33354)

youtube-player

Commit	Type	Description
d75a22d69	fix	avoid errors with clobbered variables
fe0a96ce6	fix	validate ID before attaching them to placeholder

Commits

• 75f6542 release: cut the v22.0.1 release
• d7a8cb9 fix(material/dialog): ignore clicks on aria-disabled close buttons (#33373)
• 49aeb67 fix(cdk/clipboard): avoid infinite attempt loop (#33366)
• 5a5f6eb build: update cross-repo angular dependencies (#33326)
• ae48b2c docs(cdk/dialog): improve dialog example contrast (#33334)
• 1a68d18 build: update pnpm to v10.34.1 (#33316)
• c696e41 build: lock file maintenance (#33331)
• d84dca2 build: update all github actions (#33348)
• da17b4c build: update bazel dependencies to v3.2.1 (#33350)
• 7a8b3f7 docs(aria/menu): fix menubar example highlight styling (#33290)
• Additional commits viewable in compare view

Updates @angular/common from 22.0.0 to 22.0.1

Release notes

Sourced from @​angular/common's releases.

22.0.1

common

Commit	Description
	escape CSS string-terminating characters in escapeCssUrl
	Limits date format string length
	prevent prototype pollution in formatDateTime
	use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit	Description
	disallow i18n event attributes
	more robust logic to check if regex can be optimized
	sanitize href/xlink:href attributes of any element of the MathML namespace
	sanitize two-way properties

compiler-cli

Commit	Description
	bind switch exhaustive check expressions

core

Commit	Description
	disable WebMCP during SSR
	Handle synchronous errors in PendingTasks.run function
	harden TransferState restoration against DOM clobbering
	prevent dangling prevConsumer reference from leaking destroyed views (#68681)
	require WebMCP tool descriptions
	update comment for Default change detection
	use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
	validate lowercase SVG animation attribute names

forms

Commit	Description
	delay mcp reading the form model by a tick
	harden FormGroup control lookups against prototype shadowing
	remove animationstart listener on component destroy to prevent memory leak
	set additionalProperties: false on generated WebMCP form

http

Commit	Description
	ensure query parameters are inserted before URL fragments
	pass down the reportUploadProgress and reportDownloadProgress on post/patch requests
	preserve empty referrer option in HttpRequest
	Rejects non-HTTP(S) URLs in JSONP requests

language-service

Commit	Description
	prevent external template inlay hints from appearing in TS files

platform-server

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular/common's changelog.

22.0.1 (2026-06-10)

Deprecations

platform-server

• XHR support in @angular/platform-server is deprecated. Use standard fetch APIs instead. (cherry picked from commit 8446e46f8bc33bd4419fa7f6106b8d117ca2e099)

common

Commit	Type	Description
c4b5fa3c92	fix	escape CSS string-terminating characters in escapeCssUrl
dfff57ede9	fix	Limits date format string length
3c2892c8df	fix	prevent prototype pollution in formatDateTime
1d87c49f6e	fix	use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit	Type	Description
1ee224ca30	fix	disallow i18n event attributes
a56f1cdf8f	fix	more robust logic to check if regex can be optimized
5946c18275	fix	sanitize href/xlink:href attributes of any element of the MathML namespace
393b84caf8	fix	sanitize two-way properties

compiler-cli

Commit	Type	Description
3d9ca2f173	fix	bind switch exhaustive check expressions

core

Commit	Type	Description
669146b0e7	fix	disable WebMCP during SSR
562a566ead	fix	Handle synchronous errors in PendingTasks.run function
fa546f382d	fix	harden TransferState restoration against DOM clobbering
29fdb98684	fix	prevent dangling prevConsumer reference from leaking destroyed views (#68681)
cdcea80327	fix	require WebMCP tool descriptions
4289c4c840	fix	update comment for Default change detection
3dd433b39a	fix	use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
045bb736b3	fix	validate lowercase SVG animation attribute names

forms

Commit	Type	Description
11836a670a	fix	delay mcp reading the form model by a tick
85d2d100e3	fix	harden FormGroup control lookups against prototype shadowing
e51ad374ea	fix	remove animationstart listener on component destroy to prevent memory leak
55b7b5a6b6	fix	set additionalProperties: false on generated WebMCP form

http

Commit	Type	Description
ffb06c0514	fix	ensure query parameters are inserted before URL fragments
2dd65d21e6	fix	pass down the reportUploadProgress and reportDownloadProgress on post/patch requests
4254eb416c	fix	preserve empty referrer option in HttpRequest
167bd4c162	fix	Rejects non-HTTP(S) URLs in JSONP requests

language-service

| Commit | Type | Description |

... (truncated)

Commits

• 2dd65d2 fix(http): pass down the reportUploadProgress and reportDownloadProgress ...
• 1bd5a56 docs: deprecate XHR support for server-side rendering in HTTP docs and recomm...
• 3c2892c fix(common): prevent prototype pollution in formatDateTime
• c4b5fa3 fix(common): escape CSS string-terminating characters in escapeCssUrl
• 4254eb4 fix(http): preserve empty referrer option in HttpRequest
• 167bd4c fix(http): Rejects non-HTTP(S) URLs in JSONP requests
• dfff57e fix(common): Limits date format string length
• 1d87c49 fix(common): use cryptographically secure SHA-256 for transfer cache key gene...
• ffb06c0 fix(http): ensure query parameters are inserted before URL fragments
• See full diff in compare view

Updates @angular/compiler from 22.0.0 to 22.0.1

Release notes

Sourced from @​angular/compiler's releases.

22.0.1

common

Commit	Description
	escape CSS string-terminating characters in escapeCssUrl
	Limits date format string length
	prevent prototype pollution in formatDateTime
	use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit	Description
	disallow i18n event attributes
	more robust logic to check if regex can be optimized
	sanitize href/xlink:href attributes of any element of the MathML namespace
	sanitize two-way properties

compiler-cli

Commit	Description
	bind switch exhaustive check expressions

core

Commit	Description
	disable WebMCP during SSR
	Handle synchronous errors in PendingTasks.run function
	harden TransferState restoration against DOM clobbering
	prevent dangling prevConsumer reference from leaking destroyed views (#68681)
	require WebMCP tool descriptions
	update comment for Default change detection
	use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
	validate lowercase SVG animation attribute names

forms

Commit	Description
	delay mcp reading the form model by a tick
	harden FormGroup control lookups against prototype shadowing
	remove animationstart listener on component destroy to prevent memory leak
	set additionalProperties: false on generated WebMCP form

http

Commit	Description
	ensure query parameters are inserted before URL fragments
	pass down the reportUploadProgress and reportDownloadProgress on post/patch requests
	preserve empty referrer option in HttpRequest
	Rejects non-HTTP(S) URLs in JSONP requests

language-service

Commit	Description
	prevent external template inlay hints from appearing in TS files

platform-server

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular/compiler's changelog.

22.0.1 (2026-06-10)

Deprecations

platform-server

• XHR support in @angular/platform-server is deprecated. Use standard fetch APIs instead. (cherry picked from commit 8446e46f8bc33bd4419fa7f6106b8d117ca2e099)

common

Commit	Type	Description
c4b5fa3c92	fix	escape CSS string-terminating characters in escapeCssUrl
dfff57ede9	fix	Limits date format string length
3c2892c8df	fix	prevent prototype pollution in formatDateTime
1d87c49f6e	fix	use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit	Type	Description
1ee224ca30	fix	disallow i18n event attributes
a56f1cdf8f	fix	more robust logic to check if regex can be optimized
5946c18275	fix	sanitize href/xlink:href attributes of any element of the MathML namespace
393b84caf8	fix	sanitize two-way properties

compiler-cli

Commit	Type	Description
3d9ca2f173	fix	bind switch exhaustive check expressions

core

Commit	Type	Description
669146b0e7	fix	disable WebMCP during SSR
562a566ead	fix	Handle synchronous errors in PendingTasks.run function
fa546f382d	fix	harden TransferState restoration against DOM clobbering
29fdb98684	fix	prevent dangling prevConsumer reference from leaking destroyed views (#68681)
cdcea80327	fix	require WebMCP tool descriptions
4289c4c840	fix	update comment for Default change detection
3dd433b39a	fix	use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
045bb736b3	fix	validate lowercase SVG animation attribute names

forms

Commit	Type	Description
11836a670a	fix	delay mcp reading the form model by a tick
85d2d100e3	fix	harden FormGroup control lookups against prototype shadowing
e51ad374ea	fix	remove animationstart listener on component destroy to prevent memory leak
55b7b5a6b6	fix	set additionalProperties: false on generated WebMCP form

http

Commit	Type	Description
ffb06c0514	fix	ensure query parameters are inserted before URL fragments
2dd65d21e6	fix	pass down the reportUploadProgress and reportDownloadProgress on post/patch requests
4254eb416c	fix	preserve empty referrer option in HttpRequest
167bd4c162	fix	Rejects non-HTTP(S) URLs in JSONP requests

language-service

| Commit | Type | Description |

... (truncated)

Commits

• 4645850 refactor(compiler): Remove 80 char limit on AbstractEmitterVisitor
• 1ee224c fix(compiler): disallow i18n event attributes
• 5946c18 fix(compiler): sanitize href/xlink:href attributes of any element of the ...
• 393b84c fix(compiler): sanitize two-way properties
• 3d9ca2f fix(compiler-cli): bind switch exhaustive check expressions
• a56f1cd fix(compiler): more robust logic to check if regex can be optimized
• See full diff in compare view

Updates @angular/core from 22.0.0 to 22.0.1

Release notes

Sourced from @​angular/core's releases.

22.0.1

common

Commit	Description
	escape CSS string-terminating characters in escapeCssUrl
	Limits date format string length
	prevent prototype pollution in formatDateTime
	use cryptographically secure SHA-256 for transfer cache key generation

compiler

Commit	Description
	disallow i18n event attributes
	more robust logic to check if regex can be optimized
	sanitize href/xlink:href attributes of any element of the MathML namespace
	sanitize two-way properties

compiler-cli

Commit	Description
	bind switch exhaustive check expressions

core

Commit	Description
	disable WebMCP during SSR
	Handle synchronous errors in PendingTasks.run function
	harden TransferState restoration against DOM clobbering
	prevent dangling prevConsumer reference from leaking destroyed views (#68681)
	require WebMCP tool descriptions
	update comment for Default change detection
	use Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray
	validate lowercase SVG animation attribute names

forms

Commit	Description
	delay mcp reading the form model by a tick
	harden FormGroup control lookups against prototype shadowing
	remove animationstart listener on component destroy to prevent memory... Description has been truncated

[netlify]

✅ Deploy Preview for springwolf-ui ready!

Name	Link
🔨 Latest commit	38982c2
🔍 Latest deploy log	https://app.netlify.com/projects/springwolf-ui/deploys/6a307bde9a64f00008258c2b
😎 Deploy Preview	https://deploy-preview-1783--springwolf-ui.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
🤖 Make changes	Run an agent on this branch

---

To edit notification comments on pull requests, go to your Netlify project configuration.