v1.10.2-20260305

Angular 21 Upgrade & Security Remediation

Security

• npm audit: 74 vulnerabilities → 0
• jQuery 3.7.1 → 4.0.0 (pen test XSS/Prototype Pollution CVEs)
• Replaced abandoned vulnerable packages:
  • ngx-quill-editor → ngx-quill (Quill XSS)
  • Removed ag-grid v18 (XSS via Angular Expression)
  • Removed ng2-quill-editor (Quill XSS)
• Added npm overrides for transitive dep vulnerabilities
• Updated http-proxy-middleware 2.0.7 → 2.0.9, ws 7.5.10 → 8.18.0

Framework Upgrade

• Angular 15.2.x → 21.2.1
• TypeScript 4.9.4 → 5.9.3
• Migrated to esbuild-based application builder (faster builds)
• Auto-migrations: HttpClientModule → provideHttpClient, ngIf/ngFor → @if/@for, standalone components

Cleanup

• Removed deprecated dev deps: protractor, webdriver-manager, phantomjs-prebuilt, codelyzer, tslint
• Replaced Node-only json2csv with inline CSV formatter
• Fixed runtime errors: broken modulepreload hints, uswds-init.js 404
• Synced USWDS SVG assets