Bump the libs group across 1 directory with 20 updates

[dependabot]

Bumps the libs group with 20 updates in the / directory:

Package	From	To
@angular/cdk	19.1.1	19.2.10
@angular/material	19.1.1	19.2.10
jsonpath-plus	9.0.0	10.3.0
jwt-decode	3.1.2	4.0.0
nofilter	4.0.2	5.0.0
ngx-toastr	16.2.0	19.0.0
@angular/cli	19.1.9	19.2.8
@types/jasmine	4.3.6	5.1.7
@typescript-eslint/eslint-plugin	5.48.2	8.31.0
@typescript-eslint/parser	5.48.2	8.31.0
cypress	12.17.4	14.3.1
eslint	8.57.1	9.25.1
jasmine-core	4.5.0	5.6.0
karma-chrome-launcher	3.1.1	3.2.0
karma-jasmine-html-reporter	2.0.0	2.1.0
stylelint	15.11.0	16.18.0
stylelint-config-standard	33.0.0	38.0.0
stylelint-config-standard-scss	8.0.0	14.0.0
stylelint-order	6.0.4	7.0.0
typescript	5.5.4	5.8.3

Updates @angular/cdk from 19.1.1 to 19.2.10

Release notes

Sourced from @​angular/cdk's releases.

19.2.10

material

Commit	Description
	bottom-sheet: page jumping if backdrop-filter is applied (#30840)

cdk

Commit	Description
	overlay: disable overlay animation with prefers-reduced-motion (#30858)

v19.2.9

19.2.9 "abellaite-apron" (2025-04-09)

cdk

Commit	Description
	table: error if data is accessed too early (#30817)

v19.2.8

19.2.8 "sapphire-kraken" (2025-04-02)

cdk-experimental

Commit	Description
	column-resize: improve hover responsiveness of… (#30708)

material

Commit	Description
	form-field: move error aria-live to parent container (#30678)
	tabs: allow ID to be set on tab (#30768)

cdk

Commit	Description
	drag-drop: fix performance regression when destroying items (#30751)

v19.2.7

19.2.7 "bohrium-banana" (2025-03-26)

material

Commit	Description
	sort: set cursor on entire clickable area (#30696)

cdk

Commit	Description
	menu: not clearing aria-controls on context menu (#30680)

v19.2.6

19.2.6 "tellurium-transponder" (2025-03-21)

... (truncated)

Changelog

Sourced from @​angular/cdk's changelog.

19.2.10 "plastic-monkey" (2025-04-16)

cdk

Commit	Type	Description
604e4d6c98	fix	overlay: disable overlay animation with prefers-reduced-motion (#30858)

material

Commit	Type	Description
ef723db2e0	fix	bottom-sheet: page jumping if backdrop-filter is applied (#30840)

20.0.0-next.6 "abelsonite-avocado" (2025-04-09)

cdk

Commit	Type	Description
b1cc0501e	fix	table: error if data is accessed too early (#30817)

material

Commit	Type	Description
82f0fa6fa	feat	core: handle prefers-reduced-motion automatically (#30796)

cdk-experimental

Commit	Type	Description
6ac4c1ae2	feat	listbox: readonly mode (#30803)
2e34b20cb	fix	ui-patterns: add missing event handlers (#30786)

material-angular-io

Commit	Type	Description
3a1a0b368	fix	streamline directive and component metadata handling in dgeni (#30661)

multiple

Commit	Type	Description
5229fe0a0	fix	rename hardcoded tokens that were renamed (#30807)
9bf4be9e2	fix	rename token prefixes to match components (#30802)

19.2.9 "abellaite-apron" (2025-04-09)

cdk

Commit	Type	Description
111b0c65a	fix	table: error if data is accessed too early (#30817)

20.0.0-next.5 "chitin-enigma" (2025-04-02)

... (truncated)

Commits

• 652dd33 release: cut the v19.2.10 release
• edc7d84 build: fix docs site styling token loading (#30884)
• 3785613 build: update sass rules
• 1d98e66 build: remove unused sass compiler binary
• 9b25bce build: remove linker tests that are superseded by integration test
• 51ecf29 build: enable proper source maps in dev-app
• c557678 build: move styling token extraction out of dev workflows
• dcb1d8a build: cleanup more deps
• 8e4b62b build: move web test defaults into dedicated file
• a8e62d4 build: switch sass compilations to Dart Sass
• Additional commits viewable in compare view

Updates @angular/material from 19.1.1 to 19.2.10

Release notes

Sourced from @​angular/material's releases.

19.2.10

material

Commit	Description
	bottom-sheet: page jumping if backdrop-filter is applied (#30840)

cdk

Commit	Description
	overlay: disable overlay animation with prefers-reduced-motion (#30858)

v19.2.9

19.2.9 "abellaite-apron" (2025-04-09)

cdk

Commit	Description
	table: error if data is accessed too early (#30817)

v19.2.8

19.2.8 "sapphire-kraken" (2025-04-02)

cdk-experimental

Commit	Description
	column-resize: improve hover responsiveness of… (#30708)

material

Commit	Description
	form-field: move error aria-live to parent container (#30678)
	tabs: allow ID to be set on tab (#30768)

cdk

Commit	Description
	drag-drop: fix performance regression when destroying items (#30751)

v19.2.7

19.2.7 "bohrium-banana" (2025-03-26)

material

Commit	Description
	sort: set cursor on entire clickable area (#30696)

cdk

Commit	Description
	menu: not clearing aria-controls on context menu (#30680)

v19.2.6

19.2.6 "tellurium-transponder" (2025-03-21)

... (truncated)

Changelog

Sourced from @​angular/material's changelog.

19.2.10 "plastic-monkey" (2025-04-16)

cdk

Commit	Type	Description
604e4d6c98	fix	overlay: disable overlay animation with prefers-reduced-motion (#30858)

material

Commit	Type	Description
ef723db2e0	fix	bottom-sheet: page jumping if backdrop-filter is applied (#30840)

20.0.0-next.6 "abelsonite-avocado" (2025-04-09)

cdk

Commit	Type	Description
b1cc0501e	fix	table: error if data is accessed too early (#30817)

material

Commit	Type	Description
82f0fa6fa	feat	core: handle prefers-reduced-motion automatically (#30796)

cdk-experimental

Commit	Type	Description
6ac4c1ae2	feat	listbox: readonly mode (#30803)
2e34b20cb	fix	ui-patterns: add missing event handlers (#30786)

material-angular-io

Commit	Type	Description
3a1a0b368	fix	streamline directive and component metadata handling in dgeni (#30661)

multiple

Commit	Type	Description
5229fe0a0	fix	rename hardcoded tokens that were renamed (#30807)
9bf4be9e2	fix	rename token prefixes to match components (#30802)

19.2.9 "abellaite-apron" (2025-04-09)

cdk

Commit	Type	Description
111b0c65a	fix	table: error if data is accessed too early (#30817)

20.0.0-next.5 "chitin-enigma" (2025-04-02)

... (truncated)

Commits

• 652dd33 release: cut the v19.2.10 release
• edc7d84 build: fix docs site styling token loading (#30884)
• 3785613 build: update sass rules
• 1d98e66 build: remove unused sass compiler binary
• 9b25bce build: remove linker tests that are superseded by integration test
• 51ecf29 build: enable proper source maps in dev-app
• c557678 build: move styling token extraction out of dev workflows
• dcb1d8a build: cleanup more deps
• 8e4b62b build: move web test defaults into dedicated file
• a8e62d4 build: switch sass compilations to Dart Sass
• Additional commits viewable in compare view

Updates jsonpath-plus from 9.0.0 to 10.3.0

Release notes

Sourced from jsonpath-plus's releases.

v10.3.0

What's Changed

• fix(eval): rce using non-string prop names by @​80avin in JSONPath-Plus/JSONPath#237
• feat(demo): make demo link shareable by @​80avin in JSONPath-Plus/JSONPath#238

Full Changelog: JSONPath-Plus/JSONPath@v10.2.0...v10.3.0

Changelog

Sourced from jsonpath-plus's changelog.

10.3.0

• fix(eval): rce using non-string prop names (#237)
• feat(demo): make demo link shareable (#238)
• chore: update deps. and devDeps.

10.2.0

• fix(eval): improve security of safe-eval (#233)
• chore: update deps. and devDeps.

10.1.0

• feat: add typeof operator to safe script

10.0.7

• fix(security): prevent constructor access
• docs: add security policy file

10.0.6

• fix(security): prevent call/apply invocation of Function

10.0.5

• fix: remove overly aggressive disabling of native functions but disallow __proto__

10.0.4

• fix(security): further prevent binding of Function calls which may evade detection

10.0.3

• fix(security): prevent binding of Function calls which may evade detection

10.0.2

• fix(security): prevent Function calls outside of member expressions

10.0.1

• fix(security): prohibit Function in "safe" vm

10.0.0

BREAKING CHANGES:

• Require Node 18+

... (truncated)

Commits

• 9754e4b chore: bump version
• f690da1 chore: update deps and devDeps
• 313a9b4 Merge pull request #238 from 80avin/shareable-demo
• 39a0d03 Merge pull request #237 from 80avin/fix-10.2.0-rce
• 1c532fc feat(demo): make demo link shareable
• 3094289 fix(eval): rce using non-string prop names
• 8e4acf8 chore: bump version
• f0708a4 chore: update deps. and devDeps.
• 0bfda55 build(deps): bump @​eslint/plugin-kit from 0.2.0 to 0.2.3 (#234)
• 73ad72e fix(eval): improve security of safe-eval (#233)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by 80avin, a new releaser for jsonpath-plus since your current version.

Updates jwt-decode from 3.1.2 to 4.0.0

Release notes

Sourced from jwt-decode's releases.

v4.0.0

A new version of the library, including a couple of improvements:

• No longer include a polyfill for atob, as this is supported in all major browsers (and node environments > 14).
• Compile to ES2017, dropping support for anything that does not support ES2017 (which should be very limited according to caniuse)
• Use Node's atob when running on node.
• Drop support for Node 14 and 16, add support for Node 20.
• Add support for package.json's exports field, for better CJS/ESM support
• Reorganize build artifacts for better CJS/ESM support (cjs and esm needs to be their own directory with a cjs specific package.json file)
• Drop manual UMD bundle creation in index.standalone.ts, but rely on rollup instead.
• Infer JwtPayload and JwtHeader default types from the header argument by using overloads.

Even though some users might experience breaking changes, mostly because of the exports field, the majority should be able to update without making any changes, assuming the SDK is used in environments with support for atob.

Migration to v4.0.0

The jwtDecode function is now no longer the default export, and is instead provided as a named export. Make sure to update your code in places where you are importing this function:

-import jwtDecodefrom "jwt-decode";
+import { jwtDecode } from "jwt-decode";

v4.0.0-beta.4

Breaking changes

• Raise minimum Node.js version to 18 #209 (jonkoops)

Fixed

• fix default condition should be the last one #199 (frederikprijck)

v4.0.0-beta.3

Breaking changes

• Drop UMD bundle #193 (frederikprijck)

Changed

• Use modern JavaScript syntax #187 (jonkoops)
• Use ESNext as default module system #188 (jonkoops)
• Avoid using any bundlers but use tsc instead #192 (frederikprijck)

v4.0.0-beta.2

Changed

• Avoid using default exports #175 (frederikprijck)
• Make options optional no default function parameter initializer #179 (cristobal)

Fixed

• Ensure types are bundled and correctly linked #174 (jonkoops)

v4.0.0-beta.1

Fixed

• Ensure build is run on prepack #167 (frederikprijck)

... (truncated)

Changelog

Sourced from jwt-decode's changelog.

Version 4.0.0

Full Changelog

A new version of the library, including a couple of improvements:

• No longer include a polyfill for atob, as this is supported in all major browsers (and node environments > 14).
• Compile to ES2017, dropping support for anything that does not support ES2017 (which should be very limited according to caniuse)
• Use Node's atob when running on node.
• Drop support for Node 14 and 16, add support for Node 20.
• Add support for package.json's exports field, for better CJS/ESM support
• Reorganize build artifacts for better CJS/ESM support (cjs and esm needs to be their own directory with a cjs specific package.json file)
• Drop manual UMD bundle creation in index.standalone.ts, but rely on rollup instead.
• Infer JwtPayload and JwtHeader default types from the header argument by using overloads.

Even though some users might experience breaking changes, mostly because of the exports field, the majority should be able to update without making any changes, assuming the SDK is used in environments with support for atob.

Migration to v4.0.0

The jwtDecode function is now no longer the default export, and is instead provided as a named export. Make sure to update your code in places where you are importing this function:

-import jwtDecode from "jwt-decode";
+import { jwtDecode } from "jwt-decode";

Version 4.0.0-beta.4

Full Changelog

Breaking changes

• Raise minimum Node.js version to 18 #209 (jonkoops)

Fixed

• fix default condition should be the last one #199 (frederikprijck)

Version 4.0.0-beta.3

Full Changelog

Breaking changes

• Drop UMD bundle #193 (frederikprijck)

Changed

• Use modern JavaScript syntax #187 (jonkoops)
• Use ESNext as default module system #188 (jonkoops)
• Avoid using any bundlers but use tsc instead #192 (frederikprijck)

Version 4.0.0-beta.2

... (truncated)

Commits

• 3b2d105 Update CHANGELOG.md
• bd50db0 Release v4.0.0 (#232)
• bcfd7da Bump actions/checkout from 3 to 4 (#228)
• 6ec1cba Bump concurrently from 8.2.0 to 8.2.2 (#226)
• 807d123 Bump @​typescript-eslint/eslint-plugin from 6.4.1 to 6.9.0 (#229)
• f68e292 Bump eslint-plugin-import from 2.28.1 to 2.29.0 (#230)
• b2e7489 Bump eslint-import-resolver-typescript from 3.6.0 to 3.6.1 (#225)
• ccb6488 Bump lint-staged from 14.0.1 to 15.0.2 (#231)
• cf3cd4f Bump actions/setup-node from 3 to 4 (#227)
• 0ce8017 pin babel/core to recent version and bump jest
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by auth0-oss, a new releaser for jwt-decode since your current version.

Updates nofilter from 4.0.2 to 5.0.0

Release notes

Sourced from nofilter's releases.

Update dependencies to 2024-09

Latest eslint, and updated all of the nits to the latest coding standard. No substantive changes, but node 18+ is now required; I'm not testing on older versions.

Changelog

Sourced from nofilter's changelog.

[5.0.0] - 2024-09-03

• Updated to eslint flat, fixed ensuing lint issues
• Updated all other dependencies
• [BREAKING] now requires node 18

[4.0.0] - 2023-05-13

Changed

• Now requires use as an ES6 module.
• Now requires Node.js version 16 or greater
• Now generates docs with typedoc
• Now uses c8 for coverage instead of nyc
• Updated all dependencies. Removed unused dependencies.

Commits

• e0c9ed1 5.0.0
• fa6035c Merge pull request #19 from hildjj/update
• 4b5df9c Publish from GHA
• 6eb96ac remove rimraf dependency while still supporting node 18
• e56764d Update changelog
• 924f7a9 Update depdencies, fix new lint issues. Remove docs and types from repo in p...
• See full diff in compare view

Updates ngx-toastr from 16.2.0 to 19.0.0

Release notes

Sourced from ngx-toastr's releases.

v19.0.0

19.0.0 (2024-06-01)

Features

• Angular 18 + enable usage with zoneless change detection (#1017) (5461eb4)

BREAKING CHANGES

• enable usage with zoneless change detection

Switched relevant parts to OnPush + Signals, so this will work with zoneless change detection enabled. I deliberately didn't use any of the new control flow syntax so this should technically still be compatible with Angular 16 (at least in a small test app with 16 it still worked for me)

v18.0.0

18.0.0 (2023-11-16)

Features

• upgrade to angular 17 (#1008) (d6b5e6b)

BREAKING CHANGES

• requires angular 17, typescript 5.2

v17.0.2

17.0.2 (2023-05-15)

Bug Fixes

• Move easeTime to the constructor (e3e4b74), closes #996

v17.0.1

17.0.1 (2023-05-14)

Bug Fixes

• add provenance (fb2720e)

v17.0.0

17.0.0 (2023-05-14)

Features

... (truncated)

Commits

• 5461eb4 feat: Angular 18 + enable usage with zoneless change detection (#1017)
• 3d8ef10 docs: update v17 in readme
• d6b5e6b feat: upgrade to angular 17 (#1008)
• e3e4b74 fix: Move easeTime to the constructor
• fb2720e fix: add provenance
• 38a641d feat: Upgrade to angular 16 (#995)
• c8074d6 docs: update readme to include standalone provider function (#992)
• See full diff in compare view

Updates @angular/cli from 19.1.9 to 19.2.8

Release notes

Sourced from @​angular/cli's releases.

19.2.8

@​angular/build

Commit	Description
	include module value check when adding custom conditions
	prevent nested CSS in components
	properly resolve transitive external dependencies in vite-dev-server
	update vite to 6.2.6

19.2.7

@​angular/build

Commit	Description
	include component test metadata in development builds
	skip normalization of relative externals

19.2.6

@​angular-devkit/schematics

Commit	Description
	properly resolve relative schematics when executed from a nested directory

@​angular/build

Commit	Description
	correctly handle false value in server option
	update vite to 6.2.4 due to a security issues

19.2.5

@​angular/build

Commit	Description
	correct handling of response/request errors
	handle undefined getOrCreateAngularServerApp during error compilation
	normalize karma asset paths before lookup
	update vite to 6.2.3

v19.2.4

19.2.4 (2025-03-19)

@​schematics/angular

Commit	Description
	replace @angular/platform-browser-dynamic with @angular/platform-browser

@​angular/build

Commit	Description
	ensure errors for missing component resources
	ensure relative karma stack traces for test failures

v19.2.3

... (truncated)

Changelog

Sourced from @​angular/cli's changelog.

19.2.8 (2025-04-16)

@​angular/build

Commit	Type	Description
4a8a4a083	fix	include module value check when adding custom conditions
00cd0d123	fix	prevent nested CSS in components
a297c4153	fix	properly resolve transitive external dependencies in vite-dev-server
8ab033e8e	fix	update vite to 6.2.6

20.0.0-next.5 (2025-04-09)

@​schematics/angular

Commit	Type	Description
fdc6291dd	feat	add update migration to keep previous style guide generation behavior
90615a88b	fix	default component templates to not use .ng.html extension
5fc595144	fix	generate guards with a dash type separator
040282d8f	fix	generate interceptors with a dash type separator
070d60fb3	fix	generate modules with a dash type separator
e6083b57b	fix	generate pipes with a dash type separator
92e193c0b	fix	generate resolvers with a dash type separator
ea1143ddd	fix	infer app component name and path in server schematic
661609e3e	fix	set explicit type in library schematic

@​angular/build

Commit	Type	Description
3e24a59a9	fix	disable TypeScript composite option with Angular compiler
6f913ad5e	fix	include component test metadata in development builds
fc0e05fea	fix	skip normalization of relative externals

@​angular/ssr

Commit	Type	Description
319b8e0c2	fix	manage unhandled errors in zoneless applications

@​ngtools/webpack

Commit	Type	Description
427bd846f	fix	disable TypeScript composite option with Angular compiler

... (truncated)

Commits

• 450dc45 release: cut the v19.2.8 release
• 03a420b refactor(@​angular/build): use ngHmrMode define for Vite prebundling
• 00cd0d1 fix(@​angular/build): prevent nested CSS in components
• 8ab033e fix(@​angular/build): update vite to 6.2.6
• 4a8a4a0 fix(@​angular/build): include module value check when adding custom conditions
• a297c41 fix(@​angular/build): properly resolve transitive external dependencies in vit...
• e0b1bed release: cut the v19.2.7 release
• 71537c8 build: update vite to 6.2.5
• f4021e6 build: update beasties to 0.3.2
• 74cd4ed fix(@​angular/build): skip normalization of relative externals
• Additional commits viewable in compare view

Updates @types/jasmine from 4.3.6 to 5.1.7

Commits

• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 5.48.2 to 8.31.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.31.0

8.31.0 (2025-04-21)

🚀 Features

• eslint-plugin: [no-unnecessary-type-assertion] add option to ignore string const assertions (#10979)

🩹 Fixes

• typescript-eslint: address bugs in config() around global ignores (#11065)
• typescript-eslint: gracefully handle invalid flat config objects in config helper (#11070)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger
• Nicolas Le Cam

You can read about our versioning strategy and releases on our website.

v8.30.1

8.30.1 (2025-04-14)

🚀 Features

• eslint-plugin: [no-explicit-any] suggest to replace keyof any with PropertyKey (#11032)

🩹 Fixes

• eslint-plugin: [promise-function-async] use a different error message for functions with promise and non-promise types (#10950)
• typescript-estree: use token type of PrivateIdentifier instead of Identifier for private identifiers (#11023)
• eslint-plugin: fix mistake with eslintrc config generation (#11072)

❤️ Thank You

• Dima Barabash @​dbarabashh
• Ronen Amiel
• Kirk Waiblinger @​kirkwaiblinger

You can read about our versioning strategy and releases on our website.

v8.30.0

see release notes here https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.30.1

v8.29.1

8.29.1 (2025-04-07)

🩹 Fixes

• eslint-plugin: [no-deprecated] report on deprecated imported variable used as property (#10998)
• typescript-estree: use token type of Numeric instead of Identifier for bigint literals (#11021)

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.31.0 (2025-04-21)

🚀 Features

• eslint-plugin: [no-unnecessary-type-assertion] add option to ignore string const assertions (#10979)

❤️ Thank You

• Nicolas Le Cam

You can read about our

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.