[Snyk] Security upgrade @angular/core from 14.3.0 to 19.2.19

[patzeltj]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Cross-site Scripting (XSS) SNYK-JS-ANGULARCORE-15353393	666

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

[patzeltj]

This is a major upgrade spanning five versions of Angular (v14 to v19), which introduces a significant number of breaking changes, new features, and fundamental shifts in the framework's architecture. A manual upgrade is not recommended; you must use the official Angular Update Guide and the ng update command.

Key Breaking Changes & Paradigm Shifts:

• Standalone APIs: Starting in v15, Standalone components, directives, and pipes became stable and are the default in v17+ and v19+. This is a major shift away from NgModule and will require significant code restructuring. The ng update command provides schematics to help with this migration.
• Build System: v17 replaces the Webpack-based builder with a faster Vite and esbuild-based system by default.
• Control Flow Syntax: v17 introduced a new, built-in syntax for control flow (@if, @for) that replaces the old *ngIf and *ngFor directives.
• Reactivity Model: Angular 16 introduced a developer preview of Signals, a new reactivity model, which is a core part of the future direction for zoneless applications.
• Dependency Requirements: Each major version has strict requirements for Node.js and TypeScript versions. For example, v16 requires Node.js 16 or 18, and v19 requires Node.js 18.19.2 or higher.
• Angular Material: v15 refactored components to use Material Design Components (MDC), which may break existing styling. Legacy components were removed in v17.
• View Engine Removal: The Angular Compatibility Compiler (ngcc) was removed in v16. Libraries that were not updated from the legacy View Engine are no longer compatible.

Recommendation: Do not attempt to jump from v14 to v19 in a single step. Follow the official Angular Update Guide to upgrade one major version at a time (e.g., 14 → 15, then 15 → 16, and so on). Run all tests and fix deprecations at each step before proceeding to the next version. The ng update @angular/core@<version> @angular/cli@<version> command will be essential for this process.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.