Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump vite and @angular-devkit/build-angular

Closed
Number: #41
Type: Pull Request
State: Closed
Author: dependabot[bot] dependabot[bot]
Association: Unknown
Comments: 1
Created: October 20, 2025 at 08:58 PM UTC
(7 months ago)
Updated: April 26, 2026 at 01:17 AM UTC
(about 1 month ago)
Closed: April 26, 2026 at 01:17 AM UTC
(about 1 month ago)
Time to Close: 6 months
Labels:
dependencies javascript
Description:

Removes vite. It's no longer used after updating ancestor dependency @angular-devkit/build-angular. These dependencies need to be updated together.

Removes vite

Updates @angular-devkit/build-angular from 20.1.3 to 20.3.6

Release notes

Sourced from @​angular-devkit/build-angular's releases.

20.3.6

@​angular/ssr

Commit Description
fix - 5271547c8 prevent malicious URL from overriding host

20.3.5

@​angular/build

Commit Description
fix - 7f7140680 cleanup karma temporary directory after process exit

20.3.4

@​schematics/angular

Commit Description
fix - c94bf7ff0 Out of the box support for PM2
fix - 465436c9f use bracket notation for process.env['pm_id']

@​angular-devkit/build-angular

Commit Description
fix - bc6b63114 mark InjectionToken as pure for improved tree-shaking

@​angular/build

Commit Description
fix - e510ff828 mark InjectionToken as pure for improved tree-shaking

20.3.3

@​schematics/angular

Commit Description
fix - b7f92da78 add __screenshots__/ to .gitignore

@​angular/ssr

Commit Description
fix - a4c9a2007 avoid retaining rendered HTML in memory post-request

20.3.2

No release notes provided.

20.3.1

@​angular/build

Commit Description
fix - be60be499 add timestamp to bundle generation log
fix - d60f4e53d update vite to version 7.1.5

20.3.0

@​angular/cli

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

20.3.6 (2025-10-15)

@​angular/ssr

Commit Type Description
5271547c8 fix prevent malicious URL from overriding host

19.2.18 (2025-10-15)

@​angular/ssr

Commit Type Description
9136a5d13 fix prevent malicious URL from overriding host

21.0.0-next.7 (2025-10-08)

@​angular/cli

Commit Type Description
1c06b16a9 feat add builder info to list_projects MCP tool
104c90768 feat enhance ng version output with more details

@​schematics/angular

Commit Type Description
afb4d3e37 fix remove extra space before async in spec templates

@​angular/build

Commit Type Description
1c2d49ec7 fix cleanup karma temporary directory after process exit
50e330d33 fix disable glob directory expansion when finding tests
73621998f fix normalize paths for Vitest runner output files

... (truncated)

Commits
  • f7bd567 release: cut the v20.3.6 release
  • 5271547 fix(@​angular/ssr): prevent malicious URL from overriding host
  • 16656a1 build: update github/codeql-action action to v3.30.8
  • 9e048ee build: update pnpm to v10.18.3
  • 6d365ac build: update cross-repo angular dependencies
  • 108501a docs(@​angular/ssr): update examples for withRoutes configuration
  • 03e3bfc docs(@​angular-devkit/build-angular): add descriptions for browser builder opt...
  • 2f4bc09 docs(@​angular/build): add descriptions for application builder options
  • 82f8900 build: update cross-repo angular dependencies
  • b45f97a build: update cross-repo angular dependencies
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Package Dependencies
Package:
vite
Ecosystem:
npm
Update Type:
Removal
Package:
@angular-devkit/build-angular
Ecosystem:
npm
Version Change:
20.1.3 → 20.3.6
Update Type:
Minor
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 15508237
UUID: 3533921346
Node ID: PR_kwDOCbB2D86utfvN
Host: GitHub
Repository: monsterbrain/angularhttptutorial