v21.2.7
📦 angularView on GitHub →
🐛 7 fixes🔧 5 symbols
Summary
This release focuses on security improvements by registering SVG animation attributes and preventing unsafe attribute binding, alongside various bug fixes across compiler, core, localize, and router modules.
🐛 Bug Fixes
- Registered SVG animation attributes in the URL security context.
- Prevented binding unsafe attributes on SVG animation elements.
- Treated `object[data]` as a resource URL context.
- Prevented recursive scope checks for invalid NgModule imports.
- Resolved component import by exact specifier in route lazy-loading schematic.
- Validated locale in getOutputPathFn to prevent path traversal.
- Passed outlet context to split to fix empty path named outlets.