[Snyk] Security upgrade @angular/common from 14.3.0 to 19.2.16

[RayG-XD]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Insertion of Sensitive Information Into Sent Data SNYK-JS-ANGULARCOMMON-14135651	671

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

---

Summary by cubic

Upgraded @angular/common from 14.3.0 to 19.2.16 to fix a high-severity vulnerability (SNYK-JS-ANGULARCOMMON-14135651). This may require aligning Angular and Node versions.

• Dependencies

  • Bumped @angular/common to ^19.2.16.

• Migration

  • Upgrade @angular/core (and other Angular packages) to 19.2.16 to satisfy peer deps.
  • Use Node ^18.19.1, ^20.11.1, or 22+.
  • Rebuild and run tests to catch any Angular 19 breaking changes.

^{Written for commit 3dd5a0a. Summary will update automatically on new commits.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
clips	Error			Dec 1, 2025 9:28am

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Warning

.coderabbit.yaml has a parsing error

The CodeRabbit configuration file in this repository has a parsing error and default settings were used instead. Please fix the error(s) in the configuration file. You can initialize chat with CodeRabbit to get help with the configuration file.

💥 Parsing errors (1)

duplicated mapping key in ".coderabbit.yaml" (28:1)

 25 | 
 26 | knowledge_base:
 27 | code_guidelines:
 28 | enabled: true
------^
 29 | filePatterns:
 30 |   - "**/.cursorrules"

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-fix-7708e7372c748bf7e8b852aece1c1318

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

1 issue found across 2 files

Prompt for AI agents (all 1 issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="package.json">

<violation number="1" location="package.json:17">
P1: Only `@angular/common` was upgraded to v19 while the rest of the Angular framework remains on v14, creating an unmet peer dependency (`@angular/common@19` requires `@angular/core@19`). This will cause install/build failures until all Angular packages are upgraded together.</violation>
</file>

---

Since this is your first cubic review, here's how it works:

• cubic automatically reviews your code and comments on bugs and improvements
• Teach cubic by replying to its comments. cubic learns from your replies and gets better over time
• Ask questions if you need clarification on any suggestion

_{Reply to cubic to teach it or ask questions. Re-run a review with @cubic-dev-ai review this PR}

[cubic-dev-ai]

P1: Only @angular/common was upgraded to v19 while the rest of the Angular framework remains on v14, creating an unmet peer dependency (@angular/common@19 requires @angular/core@19). This will cause install/build failures until all Angular packages are upgraded together.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At package.json, line 17:

<comment>Only `@angular/common` was upgraded to v19 while the rest of the Angular framework remains on v14, creating an unmet peer dependency (`@angular/common@19` requires `@angular/core@19`). This will cause install/build failures until all Angular packages are upgraded together.</comment>

<file context>
@@ -14,7 +14,7 @@
   &quot;dependencies&quot;: {
     &quot;@angular/animations&quot;: &quot;^14.0.0&quot;,
-    &quot;@angular/common&quot;: &quot;^14.0.0&quot;,
+    &quot;@angular/common&quot;: &quot;^19.2.16&quot;,
     &quot;@angular/compiler&quot;: &quot;^14.0.0&quot;,
     &quot;@angular/core&quot;: &quot;^14.0.0&quot;,
</file context>