@angular/core - npm Package Compare versions

Comparing version 19.0.0-next.2 to 19.0.0-next.3

package.json

 {
   "name": "@angular/core",
-  "version": "19.0.0-next.2",
+  "version": "19.0.0-next.3",
   "description": "Angular - the core framework",
@@ -5,0 +5,0 @@ "author": "angular",

primitives/event-dispatch/index.d.ts

 /**
- * @license Angular v19.0.0-next.2
+ * @license Angular v19.0.0-next.3
  * (c) 2010-2024 Google LLC. https://angular.io/
@@ -4,0 +4,0 @@ * License: MIT

primitives/signals/index.d.ts

 /**
- * @license Angular v19.0.0-next.2
+ * @license Angular v19.0.0-next.3
  * (c) 2010-2024 Google LLC. https://angular.io/
@@ -4,0 +4,0 @@ * License: MIT

rxjs-interop/index.d.ts

 /**
- * @license Angular v19.0.0-next.2
+ * @license Angular v19.0.0-next.3
  * (c) 2010-2024 Google LLC. https://angular.io/
@@ -4,0 +4,0 @@ * License: MIT

schematics/collection.json

@@ -5,27 +5,21 @@ {
       "description": "Converts the entire application or a part of it to standalone",
-      "factory": "./ng-generate/standalone-migration/bundle",
+      "factory": "./bundles/standalone-migration#migrate",
       "schema": "./ng-generate/standalone-migration/schema.json",
-      "aliases": [
-        "standalone"
-      ]
+      "aliases": ["standalone"]
     },
     "control-flow-migration": {
       "description": "Converts the entire application to block control flow syntax",
-      "factory": "./ng-generate/control-flow-migration/bundle",
+      "factory": "./bundles/control-flow-migration#migrate",
       "schema": "./ng-generate/control-flow-migration/schema.json",
-      "aliases": [
-        "control-flow"
-      ]
+      "aliases": ["control-flow"]
     },
     "inject-migration": {
       "description": "Converts usages of constructor-based injection to the inject() function",
-      "factory": "./ng-generate/inject-migration/bundle",
+      "factory": "./bundles/inject-migration#migrate",
       "schema": "./ng-generate/inject-migration/schema.json",
-      "aliases": [
-        "inject"
-      ]
+      "aliases": ["inject"]
     },
     "route-lazy-loading-migration": {
       "description": "Updates route definitions to use lazy-loading of components instead of eagerly referencing them",
-      "factory": "./ng-generate/route-lazy-loading/bundle",
+      "factory": "./bundles/route-lazy-loading#migrate",
       "schema": "./ng-generate/route-lazy-loading/schema.json",
@@ -36,2 +30,1 @@ "aliases": ["route-lazy-loading"]
 }
-

schematics/migrations.json

 {
-  "schematics": {
-    "invalid-two-way-bindings": {
-      "version": "18.0.0",
-      "description": "Updates two-way bindings that have an invalid expression to use the longform expression instead.",
-      "factory": "./migrations/invalid-two-way-bindings/bundle"
-    },
-    "migration-http-providers": {
-      "version": "18.0.0",
-      "description": "Replace deprecated HTTP related modules with provider functions",
-      "factory": "./migrations/http-providers/bundle"
-    },
-    "migration-after-render-phase": {
-      "version": "18.1.0",
-      "description": "Updates calls to afterRender with an explicit phase to the new API",
-      "factory": "./migrations/after-render-phase/bundle"
-    }
-  }
+  "schematics": {}
 }

testing/index.d.ts

 /**
- * @license Angular v19.0.0-next.2
+ * @license Angular v19.0.0-next.3
  * (c) 2010-2024 Google LLC. https://angular.io/
@@ -4,0 +4,0 @@ * License: MIT

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Debug access

Supply chain risk

Uses debug, reflection and dynamic code execution features.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Mixed license

License

(Experimental) Package contains multiple licenses.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

11

decreased by-56%

Number of medium supply chain risk alerts

1

decreased by-91.67%

Worsened metrics

Total package byte prevSize

9117009

decreased by-35.06%

Number of low license alerts

1

increased byInfinity%

Lines of code

131847

decreased by-51.99%

Published versions last year

108

decreased by-0.92%

No dependency changes