v22.0.1

🐛 Bug Fixes

• Escaped CSS string-terminating characters in escapeCssUrl.
• Limited date format string length.
• Prevented prototype pollution in formatDateTime.
• Used cryptographically secure SHA-256 for transfer cache key generation.
• Disallowed i18n event attributes in compiler.
• Implemented more robust logic to check if regex can be optimized.
• Sanitized href/xlink:href attributes of any element of the MathML namespace.
• Sanitized two-way properties.
• Bound switch exhaustive check expressions.
• Disabled WebMCP during SSR.
• Handled synchronous errors in PendingTasks.run function.
• Hardened TransferState restoration against DOM clobbering.
• Prevented dangling prevConsumer reference from leaking destroyed views (#68681).
• Required WebMCP tool descriptions.
• Updated comment for Default change detection.
• Used Object.hasOwn to handle null-prototype objects in toStylingKeyValueArray.
• Validated lowercase SVG animation attribute names.
• Delayed mcp reading the form model by a tick.
• Hardened FormGroup control lookups against prototype shadowing.
• Removed animationstart listener on component destroy to prevent memory leak.
• Set additionalProperties: false on generated WebMCP form.
• Ensured query parameters are inserted before URL fragments.
• Passed down the reportUploadProgress and reportDownloadProgress on post/patch requests.
• Preserved empty referrer option in HttpRequest.
• Rejected non-HTTP(S) URLs in JSONP requests.
• Prevented external template inlay hints from appearing in TS files.
• Hardened platform location origin validation during SSR.
• Used native URL object for navigation boundary and comparison.
• Strips sensitive headers on cross-origin redirects.