Skip to content

chore(deps): update all non-major dependencies#221

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch
Open

chore(deps): update all non-major dependencies#221
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 18, 2026
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence Type Update
@angular/build ^21.2.11^21.2.12 age confidence devDependencies patch
@angular/cli ^21.2.11^21.2.12 age confidence devDependencies patch
@angular/common (source) ^21.2.12^21.2.14 age confidence dependencies patch
@angular/compiler (source) ^21.2.12^21.2.14 age confidence dependencies patch
@angular/compiler-cli (source) ^21.2.12^21.2.14 age confidence devDependencies patch
@angular/core (source) ^21.2.12^21.2.14 age confidence devDependencies patch
@angular/core (source) ^21.2.12^21.2.14 age confidence dependencies patch
@angular/forms (source) ^21.2.12^21.2.14 age confidence dependencies patch
@angular/platform-browser (source) ^21.2.12^21.2.14 age confidence dependencies patch
@angular/router (source) ^21.2.12^21.2.14 age confidence dependencies patch
@eslint-react/eslint-plugin (source) ^5.7.7^5.8.4 age confidence devDependencies minor
@tanstack/react-query (source) ^5.100.10^5.100.14 age confidence dependencies patch
@tanstack/react-query-devtools (source) ^5.100.10^5.100.14 age confidence dependencies patch
@types/react (source) ^19.2.14^19.2.15 age confidence devDependencies patch
@vitejs/plugin-react (source) ^6.0.1^6.0.2 age confidence devDependencies patch
eslint (source) ^10.3.0^10.4.0 age confidence devDependencies minor
knip (source) ^6.13.1^6.14.2 age confidence devDependencies minor
nx (source) ^22.7.1^22.7.3 age confidence devDependencies patch
pnpm (source) 11.1.111.2.2 age confidence packageManager minor
pnpm (source) >=11.0.0>=11.2.2 age confidence engines minor
preact (source) ^10.29.1^10.29.2 age confidence devDependencies patch
preact (source) ^10.29.1^10.29.2 age confidence dependencies patch
solid-js (source) ^1.9.12^1.9.13 age confidence devDependencies patch
solid-js (source) ^1.9.12^1.9.13 age confidence dependencies patch
vite (source) ^8.0.12^8.0.14 age confidence devDependencies patch
vitest (source) ^4.1.6^4.1.7 age confidence devDependencies patch
zizmorcore/zizmor-action v0.5.3v0.5.6 age confidence action patch

Release Notes

angular/angular-cli (@​angular/build)

v21.2.12

Compare Source

@​angular/build
Commit Type Description
cbad57579 fix ignore virtual esbuild paths with (disabled):
angular/angular (@​angular/common)

v21.2.14

Compare Source

compiler
Commit Type Description
68282dff9f fix strip namespaced SVG script elements during template compilation
core
Commit Type Description
c0f52272ed fix do not insert todo when migrating void @​Output
938a7f3edd fix makes resource URL sanitizer lookup case-insensitive
0fb2724194 fix reject script element as a dynamic component host
49113ac0ef fix visit ICU expressions in signal migration schematics
router
Commit Type Description
099bf577ee fix skip scroll-to-top on initial navigation when hydrating

v21.2.13

Compare Source

core
Commit Type Description
1c6553e97d fix disallow event attribute bindings in host bindings unconditionally
platform-server
Commit Type Description
629905d537 fix add allowedHosts option to renderModule and renderApplication
0b7192f441 fix forward BEFORE_APP_SERIALIZED errors to ErrorHandler
Rel1cx/eslint-react (@​eslint-react/eslint-plugin)

v5.8.4

Compare Source

📝 Documentation
  • Website: Restructured the FAQ page from an accordion layout to standard headings for better SEO, accessibility, and direct anchor linking.
  • Website: Replaced the homepage Hint popover with a direct link to the FAQ anchor explaining the project's human/LLM collaboration policy.
  • Added a new "What does 90% human-written mean?" section to the FAQ.
  • Updated documentation for isClassComponent and JsxConfig.
  • Removed outdated documentation files.
🏗️ Internal
  • core: Simplified isClassComponent by removing the context parameter and replacing isClassComponentLoose with the simplified function.
  • eslint-plugin-react-x: Removed unnecessary optional chaining across multiple rules (immutability, no-unused-state, purity, refs, set-state-in-effect, static-components, use-memo, etc.) and expanded test coverage for edge cases (#​1792).
  • Added automated GitHub Release workflow and fixed actions/setup-node cache parameter error.
  • Added null-safety boundary tests for rules affected by PR #​1792 (#​1794).
  • Bumped dependencies across workspace packages: @takumi-rs/image-response to 1.2.1, fumadocs-mdx to 15.0.6, import-integrity-lint to 1.1.1, preact to 10.29.2, tsx to 4.22.1, @typescript-eslint to ^8.59.4, @types/node to ^25.9.0, dompurify to ^3.4.5, pnpm to 11.1.3, textlint to 15.7.1, and dprint TypeScript plugin to 0.96.1.
  • Cleaned up stray empty string in tsl.config.ts.
  • Cleaned up type and lint errors across the workspace (#​1793).
  • Downgraded TypeScript override in pnpm-workspace.yaml from ^6.0.3 to 5.9.3.
  • Fixed zizmor security audit findings in release workflow and moved ignore comments inline, removing .github/zizmor.yml.
  • Removed scripts/verify-lockfile.ts, scripts/verify-devtools.ts, and all references to them.
  • Reordered handler functions in react-jsx/no-children-prop (no logic change).
  • Updated baseline metrics and compacted tsconfig.

Full Changelog: Rel1cx/eslint-react@v5.8.3...v5.8.4

v5.8.3

Compare Source

🐞 Fixes
  • react-dom/no-unknown-property: Added React 19 precedence and blocking attributes to the known property allowlist with version-gated tag checks, preventing false positives on <style>, <link>, and <script> elements (#​1789, #​1790).

Full Changelog: Rel1cx/eslint-react@v5.8.2...v5.8.3

v5.8.2

Compare Source

📝 Documentation
  • Added React 19 use hook guidance to error-boundaries, rules-of-hooks, and no-use-context docs.
  • Added migration examples and corrected rule descriptions for class-component-related rules.
  • Improved eslint-plugin-react-x rule documentation with scenario-based examples, Troubleshooting sections, and Further Reading links across 48 rule docs (#​1786).
  • Removed inline ESLint error annotations (^^^) from documentation examples for better readability (#​1785).
  • Updated migration guide for eslint-plugin-react with additional details.
🏗️ Internal
  • Set up textlint and fixed inappropriate wording in documentation (#​1787).
  • Bumped dependencies across workspace packages (#​1788).
  • Updated pnpm-lock.yaml: bumped nx to 22.7.2 and brace-expansion to 5.0.5.

Full Changelog: Rel1cx/eslint-react@v5.8.1...v5.8.2

v5.8.1

Compare Source

📝 Documentation
  • Restructured rule documentation across all plugins (eslint-plugin-react-x, eslint-plugin-react-dom, eslint-plugin-react-jsx, eslint-plugin-react-web-api, eslint-plugin-react-naming-convention, eslint-plugin-react-debug, eslint-plugin-react-rsc) from the Common Violations / Invalid / Valid format to the new Examples / scenario-based / Troubleshooting / Further Reading format (#​1784).
  • Updated README tagline and description, removed the Benchmark section, and fixed migration guide links (#​1783).
  • Updated website recipe docs, FAQ, and third-party plugins page (#​1783).
🏗️ Internal
  • Updated scripts/scaffold-rule.ts and the rule request issue template to match the new documentation structure (#​1782).

Full Changelog: Rel1cx/eslint-react@v5.8.0...v5.8.1

v5.8.0

Compare Source

🪄 Improvements
  • react-jsx/no-children-prop, react-jsx/no-children-prop-with-children: Added support for createElement calls in addition to JSX elements (#​1780).
📝 Documentation
  • Added eslint-plugin-perfectionist to the third-party plugins documentation page (#​1778).
🏗️ Internal
  • Bumped import-integrity-lint to 1.0.1.
  • Fixed multiple versions of typescript-eslint and import-integrity-lint in the workspace (#​1776).
  • Increased pnpm minimumReleaseAge to 3 days and updated lockfile (#​1779).
  • Removed .repos directory references from config files (#​1773).
  • Removed obsolete maintenance scripts (create-spec-alignment-issues.sh, migrate-labels.sh) (#​1777).
  • Replaced eslint-plugin-fast-import with import-integrity-lint (#​1774).
  • Simplified the publish CI workflow by skipping install scripts and removing the lint step (#​1775).

Full Changelog: Rel1cx/eslint-react@v5.7.10...v5.8.0

v5.7.10

🐞 Fixes
  • react-x/no-leaked-conditional-rendering, react-x/set-state-in-effect: Added cycle detection to prevent stack overflow in recursive function analysis (#​1769).
📝 Documentation
  • Added third-party-plugins.mdx documentation page.
  • Added spec diff and compiler test fixtures for react-x/globals rule.
  • Updated ESLint Stylistic link to rules anchor.
  • Updated community projects (added Obsidian Copilot).
  • Added redirects and simplified removed docs page.
🏗️ Internal
  • react-x/error-boundaries: Simplified getEnclosingTryBlock implementation.
  • Added minimumReleaseAge and minimumReleaseAgeExclude entries to pnpm-workspace.yaml.
  • Bumped fumadocs-core and fumadocs-ui to 16.8.11.
  • Pinned pnpm to v11 in CI and adjusted install hooks.
  • Fixed the git diff noise issue caused by a large number of external repository files introduced by "Vendored facebook/react as git subtree under .repos" in v5.7.9 (re-released as v5.7.10, closes #​1772).

Full Changelog: Rel1cx/eslint-react@v5.7.8...v5.7.10

v5.7.8

Compare Source

🐞 Fixes
  • react-x/no-missing-key: Fixed the rule not detecting ConditionalExpression/LogicalExpression returned from block-bodied .map/Array.from callbacks. The rule now reports both branches when both lack a key, instead of only the first (#​1767, #​1766).
📝 Documentation
  • Added [NEEDS VERIFICATION] markers to spec diffs for React Compiler aligned rules.
  • Added Issue Labels Design Doc and migration scripts.
  • Added a Hint component to the website and used it on the home page.
🏗️ Internal
  • Bumped @effect/language-service to 0.86.0.
  • Bumped dompurify to 3.4.3.
  • Bumped fumadocs-mdx to 15.0.4 and related dependencies.
  • Bumped pnpm from 11.1.0 to 11.1.1.
  • Enabled caching for Nx targets.
  • Removed experimental.useFlatConfig from Zed settings.
  • Removed two dprint plugins from dprint.json.
  • Updated Sentrux baseline metrics.
TanStack/query (@​tanstack/react-query)

v5.100.14

Compare Source

Patch Changes

v5.100.13

Compare Source

Patch Changes

v5.100.12

Compare Source

Patch Changes

v5.100.11

Patch Changes
TanStack/query (@​tanstack/react-query-devtools)

v5.100.14

Compare Source

Patch Changes

v5.100.13

Compare Source

Patch Changes

v5.100.12

Compare Source

Patch Changes

v5.100.11

Patch Changes
vitejs/vite-plugin-react (@​vitejs/plugin-react)

v6.0.2

Compare Source

Allow all options in reactCompilerPreset (#​1189)

This is a type only change. Only compilationMode and target options were available for reactCompilerPreset.

eslint/eslint (eslint)

v10.4.0

Compare Source

webpro-nl/knip (knip)

v6.14.2: Release 6.14.2

Compare Source

v6.14.1: Release 6.14.1

Compare Source

v6.14.0: Release 6.14.0

Compare Source

  • Resolve imports satisfied via transitive peerDeps (d654ec7)
  • Don't flag undeclared sibling workspace imports as unlisted (#​1742) (e7122a1)
  • Update github-actions reporter snapshots (2308b5a)
  • Cache syncGlob() results like defaultGlob() does (6c34287)
  • Trim redundant statSync calls in FileEntryCache (eee3b89)
  • Cache parsed .gitignore patterns across --cache runs (7ffdc2f)
  • Tighten cache module callsites (64e5072)
  • Extract shared disk-cache helper used by glob and gitignore caches (0987421)
  • Simplify CacheConsultant: replace trampoline with default arrow methods (bebe750)
  • Pin pnpm minimumReleaseAge and trustPolicy (77efb32)
  • Eliminate rescanFrontier polling in walkAndAnalyze (38d91b6)
  • Reduce findWorkspaceByFilePath per-call overhead (9149437)
  • Memoize DependencyDeputy.getDependencies (a661a21)
  • Tighten module-graph map helpers (drop double-lookup + optional chains) (c11d62f)
  • Add --duration flag for zero-overhead duration measurement (d4b59d8)
  • Cover analysis pipeline with --performance timerify (694dbf4)
  • Align --help text (6f12997)
  • Add cli arg shorthands: -p, -s, -w, -D, -f, -F, -u (f21a587)
  • Format (8db5346)
  • This one's okay (662ceaf)
nrwl/nx (nx)

v22.7.3

Compare Source

22.7.3 (2026-05-22)
🚀 Features
🩹 Fixes
  • angular: only add @​oxc-project/runtime on the vitest-analog path (#​35734)
  • angular-rspack: exclude eslint config from tailwind v4 source scan (#​35663)
  • core: warn before installing unknown npm packages as preset (#​35644)
  • core: preserve input order in createNodes plugin results (#​35595)
  • core: resolve local plugin subpath imports from source (#​35631)
  • core: treat undefined task parallelism as parallel when scheduling (#​35736)
  • core: handle object form of bin field in getPrettierPath (#​35680)
  • core: detect vscode copilot ai agent (#​35757)
  • core: allow local plugin subpath imports without custom conditions (#​35751, #​35631)
  • dotnet: include Directory.. files in inputs (#​35738)
  • gradle: add transitive:true to all tasks (#​35677)
  • gradle: pin generated e2e project toolchain to installed JDK (#​35703)
  • js: fall back to npm publish when bun publish fails with auth error (#​35756)
  • linter: improve convert-to-flat-config output fidelity (#​35330)
  • linter: only rewrite workspace-package peer deps to workspace:* (#​35423, #​35318, #​33417)
  • misc: stop inferring projects: 'self' in dependsOn entries (#​35686)
  • misc: skip $ escaping in file paths on windows (#​35692)
  • repo: run dotnet restore before publish (#​35771)
  • repo: run dotnet restore before macos e2e job (#​35774)
  • rsbuild: infer build outputs from distPath.root directly (#​35707)
  • rsbuild: lazy-require @​rsbuild/core in plugin so spec mocks work after jest.resetModules (#​35707)
  • testing: correct yargs-parser import in getJestProjectsAsync (#​35672, #​35654)
❤️ Thank You

v22.7.2

Compare Source

22.7.2 (2026-05-14)

🚀 Features
  • gradle: stream batch task results to nx as they finish (#​35487)
  • nx-dev: track docs analytics for code copy, LLM prompt, YouTube (#​35526)
  • testing: add migration for Jest 30 snapshot guide link (#​35629)
🩹 Fixes
  • angular: disable vitest watch by default (#​35493)
  • angular-rspack: keep root-scoped assets out of per-locale i18n emit (#​35621)
  • bundling: include tsconfig solution input for rollup (#​35476)
  • bundling: include tsconfig solution input for webpack (#​35477, #​35476)
  • core: bump axios to 1.16.0 for all packages (#​35568)
  • core: add provenance check in nx console status path (#​35485)
  • core: remove access control header from graph app (#​35494)
  • core: ensure verbose logs go to stderr and daemon logs are properly decorated (#​34358)
  • core: show flaky-task count in run summary (#​35491)
  • core: unique telemetry user_id; expose workspace_id dimension (#​35553)
  • core: update minimatch to 10.2.5 (#​35569, #​34660)
  • core: restore use-legacy-versioning shim for @​nx/js@​21 ensurePackage path (#​35574)
  • core: isolate NX_PARALLEL env var in parallel-related specs (#​35579)
  • core: skip handleimport miss path when nx key packages are absent (#​35596)
  • core: use gethostuuid(3) instead of ioreg on macOS (#​35599)
  • core: isolate cache env vars in splitArgs spec (#​35584)
  • core: enable node's native v8 compile cache support (#​35415, #​20454)
  • core: support skipped batch tasks end-to-end and fix TUI double logs (#​35617)
  • core: keep TUI task selection on the in-progress section (#​35640)
  • core: allow nx mcp to run outside of an Nx workspace (#​35655)
  • core: cast perf entries to PerformanceMeasure for detail access (43c0c821ba)
  • devkit: exclude dist from jest module path scan (#​35615)
  • devkit: expand @​nx/devkit/internal re-exports for cherry-picked v23 deep-import migration (#​35541)
  • dotnet: correct output paths for Web SDK and centralized dist setups (#​35398)
  • gradle: exclude batch-runner from jest haste-map crawl (#​35501)
  • gradle: exclude project-graph from jest module path scan (#​35609)
  • gradle: support Windows file paths (#​35184, #​34987)
  • js: strip glob from inferred outputs before resolving as path (#​35463, #​35452)
  • js: reference vitest.config in eslint dep-checks for vitest libs (#​35460, #​33670, #​35450)
  • js: include transitive workspace deps in pruned pnpm lockfile (#​35532, #​35347, #​34655)
  • linter: prevent ENOENT crash in getRelativeImportPath for unresolvable paths (#​35007, #​13872, #​34066, #​30491, #​16716, #​35006, #​21889, #​32190)
  • maven: skip attached artifacts that fail to materialize in batch record (#​35473)
  • maven: serialize Maven 4 build state recording (#​35555)
  • maven: widen runCLI timeout for --no-batch maven.test.ts cases (#​35589)
  • nx-dev: document nested CLI subcommands beyond two levels (#​35519)
  • nx-dev: short-circuit bot probes in framer rewrite edge function (#​35527)
  • react: withSvgr migration preserves other properties (#​35484)
  • repo: clear NX_INVOCATION_ROOT_PID in run-native-target to avoid recursion false-positive (443dee0b22)
  • repo: revert deep-import rewrites that targeted v23-only @​nx/devkit/internal entry (ac8187963d)
  • repo: unblock 22.7.x cargo tests and nx-build e2e (#​34285)
  • repo: expand "..." spread token in graph typecheck inputs (#​34285, #​35458)
  • testing: pin jest to ~30.3.0 to avoid jest-runtime 30.4 RN incompat (#​35618)
  • testing: handle absolute cypress screenshotsFolder/videosFolder paths (#​35624)
  • testing: exclude dist and out-tsc from default jest module path scan (#​35619)
  • testing: update remaining snapshot guide links missed by migration (cd350c1140)
❤️ Thank You
pnpm/pnpm (pnpm)

v11.2.2

Compare Source

Patch Changes
  • When the install engine is delegated to pacquet via configDependencies, the user's CLI flags passed to pnpm install (e.g. --no-runtime, --prod, --dev, --no-optional, --node-linker, --cpu/--os/--libc, --offline, --prefer-offline) are now forwarded to pacquet's install subcommand verbatim. Previously pacquet was invoked with a fixed argument list, so flags like --no-runtime were silently dropped. Flag forwarding is gated on the command being install/i; add, update, and dedupe still don't forward (their flag surface doesn't line up with pacquet's install).
  • Fixed pnpm up (and pnpm add / pnpm remove) failing with pacquet_package_manager::outdated_lockfile when pacquet is declared in configDependencies. pnpm now passes --ignore-manifest-check to pacquet so its --frozen-lockfile check doesn't fire against the (pre-mutation) package.json pnpm hasn't written yet #​11797. Requires a pacquet release that supports the flag — bump PACQUET_VERSION in the e2e tests once it ships.

v11.2.1

Compare Source

Patch Changes
  • Mark optional subdependency snapshots of config dependencies with optional: true in the env lockfile, matching how optional dependencies are recorded elsewhere in pnpm-lock.yaml. Previously, snapshots for the platform-specific subdeps pulled in via a config dep's optionalDependencies were written as empty objects, which was inconsistent with the rest of the lockfile and made it look like those non-host platform variants were required.
  • Fix pickRegistryForPackage returning the wrong registry for an unscoped npm: alias under a scoped local name. A manifest entry like "@&#8203;private/foo": "npm:lodash@^1" was routing the lodash fetch through registries["@&#8203;private"], even though lodash is unscoped and doesn't live on that registry. The npm-alias branch now returns the alias target's own scope (or null for an unscoped target, falling through to registries.default) instead of leaking into the local key's scope.
  • Don't print "Installing config dependencies..." when config dependencies are already installed and nothing needs to be fetched, re-linked, or removed.

v11.2.0

Compare Source

Minor Changes

  • Experimental: Adding @pnpm/pacquet (the Rust port of pnpm) to configDependencies in pnpm-workspace.yaml now delegates the materialization phase of pnpm install to the pacquet binary. pnpm still owns dependency resolution; pacquet only fetches and imports from the freshly-written lockfile. This is an opt-in preview of the Rust install engine #​11723.

    To configure pacquet in a project, run:

    pnpm add @&#8203;pnpm/pacquet --config

    You'll see changes in pnpm-workspace.yaml and pnpm-lock.yaml that should be committed. If you experience any issues with pacquet, please let us know by mentioning this in the GitHub issue you create.

  • configDependencies now resolve and install one level of optionalDependencies declared by the config dependency, with os/cpu/libc platform filtering applied at install time. This unlocks the esbuild/swc-style pattern where a package ships platform-specific binaries via optionalDependencies — a config dependency can now do the same and have the matching binary symlinked next to it in the global virtual store, so require('pkg-platform-arch') from inside the config dependency resolves correctly.

    The env lockfile records all platform variants regardless of host platform, so it remains portable across machines. Each entry in a config dependency's optionalDependencies must declare an exact version — ranges and tags are rejected to keep installs reproducible.

  • Implement the documented pnpm login --scope <scope> flag. The scope is normalized (a leading @ is added if missing; blank values are ignored) and an @<scope>:registry=<registry> mapping is written to the pnpm auth file alongside the auth token. Subsequent installs of @<scope>/* packages then route to the chosen registry. Previously pnpm login --scope foo errored with Unknown option: 'scope' despite the flag being listed in the online documentation #​11716.

  • pnpm outdated and pnpm update --interactive now report Node.js, Deno, and Bun runtimes installed as proj

Note

PR body was truncated to here.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested a review from a team as a code owner May 18, 2026 00:39
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 18, 2026
edited
Loading

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

Pinned zizmor action (v0.5.3 → v0.5.6) and applied coordinated patch/minor dependency bumps across root, packages, and example manifests (Angular, React, Preact, Solid, Vanilla).

Changes

Monorepo dependency and workflow updates

Layer / File(s) Summary
CI: Pin zizmor action revision
.github/workflows/zizmor.yml		 Updates the zizmor action commit hash used in the workflow (v0.5.3 → v0.5.6).
Root and internal packages tooling bumps
package.json, packages/*/package.json		 Bumps packageManager and dev tooling (eslint, knip, nx, vitest) and updates internal package runtime/dev deps (Angular core, Solid, Preact, React tooling entries).
Examples: Angular manifests aligned
examples/angular/*/package.json		 Updates packageManager to pnpm@11.1.3 and bumps @angular/* runtime and @angular/compiler-cli to ^21.2.13 across Angular examples (also bumps vitest).
Examples: React Vite/tooling bumps
examples/react/*/package.json		 Bumps @vitejs/plugin-react, @types/react, and vite patch versions across React examples; updates selected @tanstack/react-query entries.
Examples: Preact + Vite bumps
examples/preact/*/package.json		 Bumps preact to ^10.29.2 and vite to ^8.0.13 across Preact examples.
Examples: Solid + Vite bumps
examples/solid/*/package.json		 Bumps solid-js to ^1.9.13 and vite to ^8.0.13 across Solid examples.
Examples: Vanilla Vite bumps
examples/vanilla/*/package.json		 Bumps vite devDependency to ^8.0.13 across Vanilla examples.

Estimated code review effort
🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related issues

Possibly related PRs

Poem

I nibble versions, hop and prune,
pnpm polished by the moon.
Vite and friends, all patched just right,
Angular, Solid, Preact bright.
Workflow pinned — a tidy night. 🐇✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning PR description lacks required sections from template: missing '🎯 Changes' section with motivation and missing '✅ Checklist' items with verification steps. Add the missing '🎯 Changes' section explaining the update scope and motivation. Complete the '✅ Checklist' by confirming testing via 'pnpm run test:pr' and selecting appropriate release impact option (dependencies/CI change requires changeset if published).
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the main change: updating all non-major dependencies across the project.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch renovate/all-minor-patch

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed May 18, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 6

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
examples/angular/injectAsyncThrottledCallback/package.json (1)

1-1: ⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

Critical: Lockfile out of sync with package.json changes.

The pipeline failure indicates pnpm-lock.yaml is not up to date after the dependency updates across the monorepo. The lockfile needs to be regenerated to reflect the new versions of eslint (^10.4.0), knip (^6.14.1), and nx (^22.7.2) in the root package.json.

Run the following to regenerate the lockfile:

pnpm install

Then commit the updated pnpm-lock.yaml.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@examples/angular/injectAsyncThrottledCallback/package.json` at line 1, The
repo's pnpm-lock.yaml is out of sync with package.json changes (root deps
updated to eslint ^10.4.0, knip ^6.14.1, nx ^22.7.2); regenerate the lockfile by
running pnpm install at repo root, verify pnpm-lock.yaml updates, then commit
the updated pnpm-lock.yaml alongside the modified package.json so the lockfile
matches the new dependency versions.
examples/solid/createDebouncer/package.json (1)

1-1: ⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

Regenerate pnpm-lock.yaml to fix the pipeline failure.

The CI failure indicates pnpm-lock.yaml is out of sync with root package.json due to mismatched specifiers for eslint, knip, and nx. Run pnpm install at the repository root to update the lockfile.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@examples/solid/createDebouncer/package.json` at line 1, Regenerate the
repository lockfile so specifiers for eslint, knip, and nx match the root
package.json: run pnpm install from the repository root to update pnpm-lock.yaml
(ensuring the lockfile reflects the root package.json changes), then commit the
updated pnpm-lock.yaml so CI no longer fails due to mismatched specifiers for
eslint/knip/nx.
🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@examples/angular/asyncBatch/package.json`:
- Around line 23-38: The package.json was updated (packageManager/pnpm and
dependency version bumps) but the pnpm-lock.yaml was not regenerated and
committed, causing CI to fail with ERR_PNPM_OUTDATED_LOCKFILE; run pnpm install
to regenerate pnpm-lock.yaml (or pnpm install --lockfile-only) using the updated
package.json, add and commit the new pnpm-lock.yaml alongside the package.json
changes, and push so CI can run pnpm install --frozen-lockfile successfully.

In `@examples/angular/injectQueuedSignal/package.json`:
- Line 23: The repo’s pnpm lockfile is out of sync with updated dependency specs
(packageManager/pnpm version and several root/example deps), causing
ERR_PNPM_OUTDATED_LOCKFILE; regenerate pnpm-lock.yaml and commit it. Run pnpm
install using the declared pnpm version (pnpm@11.1.2) to produce an updated
pnpm-lock.yaml, verify root deps (eslint, knip, nx) and example Angular deps
match package.json entries, and commit the updated pnpm-lock.yaml so
frozen-lockfile CI will pass.

In `@examples/react/rateLimit/package.json`:
- Around line 19-20: The CI failure is caused by an out-of-sync pnpm lockfile
after dependency changes (e.g. "`@vitejs/plugin-react`" and "vite") in
package.json; run `pnpm install` in this workspace to regenerate pnpm-lock.yaml,
verify the lockfile changes, and commit the updated pnpm-lock.yaml alongside
your package.json change so the pipeline picks up the consistent dependencies.

In `@examples/react/useBatcher/package.json`:
- Around line 19-20: The package manifest was bumped (e.g., dependency entries
like "`@vitejs/plugin-react`" and "vite" in package.json) but pnpm-lock.yaml was
not regenerated, causing CI to fail with ERR_PNPM_OUTDATED_LOCKFILE; run pnpm
install (or pnpm install --lockfile-only) at the repo root to regenerate
pnpm-lock.yaml so it matches the updated manifests, verify the lockfile
addresses specifier drift for packages such as eslint/knip/nx, and commit the
updated pnpm-lock.yaml alongside the manifest changes.

In `@examples/react/useQueuerWithPersister/package.json`:
- Around line 20-21: The package.json bump for "`@vitejs/plugin-react`" and "vite"
requires updating the pnpm lockfile so CI won't fail; regenerate and commit an
updated pnpm-lock.yaml by running pnpm install (or pnpm install --lockfile-only
/ pnpm up) in the repo root to sync the lockfile with the new dependency
versions, verify the lockfile changes are staged/committed, and re-run CI to
confirm the ERR_PNPM_OUTDATED_LOCKFILE error is resolved.

In `@package.json`:
- Around line 61-66: The lockfile is out of sync with the bumped dependency
versions (eslint, knip, nx) causing --frozen-lockfile to fail; regenerate
pnpm-lock.yaml by running pnpm install (or pnpm install --lockfile-only) so the
lockfile matches the new specifiers, verify the updated pnpm-lock.yaml reflects
the updated packages (eslint, knip, nx), and commit the changed pnpm-lock.yaml
to the repo so CI can install deterministically.

---

Outside diff comments:
In `@examples/angular/injectAsyncThrottledCallback/package.json`:
- Line 1: The repo's pnpm-lock.yaml is out of sync with package.json changes
(root deps updated to eslint ^10.4.0, knip ^6.14.1, nx ^22.7.2); regenerate the
lockfile by running pnpm install at repo root, verify pnpm-lock.yaml updates,
then commit the updated pnpm-lock.yaml alongside the modified package.json so
the lockfile matches the new dependency versions.

In `@examples/solid/createDebouncer/package.json`:
- Line 1: Regenerate the repository lockfile so specifiers for eslint, knip, and
nx match the root package.json: run pnpm install from the repository root to
update pnpm-lock.yaml (ensuring the lockfile reflects the root package.json
changes), then commit the updated pnpm-lock.yaml so CI no longer fails due to
mismatched specifiers for eslint/knip/nx.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2024b0f6-f342-4cd9-917f-27fc3cb3b02e

📥 Commits

Reviewing files that changed from the base of the PR and between a894009 and 5124183.

📒 Files selected for processing (167)
  • .github/workflows/zizmor.yml
  • examples/angular/asyncBatch/package.json
  • examples/angular/asyncDebounce/package.json
  • examples/angular/asyncRateLimit/package.json
  • examples/angular/asyncRetry/package.json
  • examples/angular/asyncThrottle/package.json
  • examples/angular/batch/package.json
  • examples/angular/debounce/package.json
  • examples/angular/injectAsyncBatchedCallback/package.json
  • examples/angular/injectAsyncBatcher/package.json
  • examples/angular/injectAsyncDebouncedCallback/package.json
  • examples/angular/injectAsyncDebouncer/package.json
  • examples/angular/injectAsyncQueuedSignal/package.json
  • examples/angular/injectAsyncQueuer/package.json
  • examples/angular/injectAsyncRateLimiter/package.json
  • examples/angular/injectAsyncRateLimiterWithPersister/package.json
  • examples/angular/injectAsyncThrottledCallback/package.json
  • examples/angular/injectAsyncThrottler/package.json
  • examples/angular/injectBatchedCallback/package.json
  • examples/angular/injectBatcher/package.json
  • examples/angular/injectDebouncedCallback/package.json
  • examples/angular/injectDebouncedSignal/package.json
  • examples/angular/injectDebouncedValue/package.json
  • examples/angular/injectDebouncer/package.json
  • examples/angular/injectQueuedSignal/package.json
  • examples/angular/injectQueuedValue/package.json
  • examples/angular/injectQueuer/package.json
  • examples/angular/injectQueuerWithPersister/package.json
  • examples/angular/injectRateLimitedCallback/package.json
  • examples/angular/injectRateLimitedSignal/package.json
  • examples/angular/injectRateLimitedValue/package.json
  • examples/angular/injectRateLimiter/package.json
  • examples/angular/injectRateLimiterWithPersister/package.json
  • examples/angular/injectThrottledCallback/package.json
  • examples/angular/injectThrottledSignal/package.json
  • examples/angular/injectThrottledValue/package.json
  • examples/angular/injectThrottler/package.json
  • examples/angular/queue/package.json
  • examples/angular/rateLimit/package.json
  • examples/angular/throttle/package.json
  • examples/preact/asyncBatch/package.json
  • examples/preact/asyncDebounce/package.json
  • examples/preact/asyncRateLimit/package.json
  • examples/preact/asyncRetry/package.json
  • examples/preact/asyncThrottle/package.json
  • examples/preact/batch/package.json
  • examples/preact/debounce/package.json
  • examples/preact/queue/package.json
  • examples/preact/rateLimit/package.json
  • examples/preact/throttle/package.json
  • examples/preact/useAsyncBatchedCallback/package.json
  • examples/preact/useAsyncBatcher/package.json
  • examples/preact/useAsyncDebouncedCallback/package.json
  • examples/preact/useAsyncDebouncer/package.json
  • examples/preact/useAsyncQueuedState/package.json
  • examples/preact/useAsyncQueuer/package.json
  • examples/preact/useAsyncRateLimiter/package.json
  • examples/preact/useAsyncRateLimiterWithPersister/package.json
  • examples/preact/useAsyncThrottledCallback/package.json
  • examples/preact/useAsyncThrottler/package.json
  • examples/preact/useBatchedCallback/package.json
  • examples/preact/useBatcher/package.json
  • examples/preact/useDebouncedCallback/package.json
  • examples/preact/useDebouncedState/package.json
  • examples/preact/useDebouncedValue/package.json
  • examples/preact/useDebouncer/package.json
  • examples/preact/useQueuedState/package.json
  • examples/preact/useQueuedValue/package.json
  • examples/preact/useQueuer/package.json
  • examples/preact/useQueuerWithPersister/package.json
  • examples/preact/useRateLimitedCallback/package.json
  • examples/preact/useRateLimitedState/package.json
  • examples/preact/useRateLimitedValue/package.json
  • examples/preact/useRateLimiter/package.json
  • examples/preact/useRateLimiterWithPersister/package.json
  • examples/preact/useThrottledCallback/package.json
  • examples/preact/useThrottledState/package.json
  • examples/preact/useThrottledValue/package.json
  • examples/preact/useThrottler/package.json
  • examples/preact/util-comparison/package.json
  • examples/react/asyncBatch/package.json
  • examples/react/asyncDebounce/package.json
  • examples/react/asyncRateLimit/package.json
  • examples/react/asyncRetry/package.json
  • examples/react/asyncThrottle/package.json
  • examples/react/batch/package.json
  • examples/react/debounce/package.json
  • examples/react/queue/package.json
  • examples/react/rateLimit/package.json
  • examples/react/react-query-debounced-prefetch/package.json
  • examples/react/react-query-queued-prefetch/package.json
  • examples/react/react-query-throttled-prefetch/package.json
  • examples/react/throttle/package.json
  • examples/react/useAsyncBatchedCallback/package.json
  • examples/react/useAsyncBatcher/package.json
  • examples/react/useAsyncDebouncedCallback/package.json
  • examples/react/useAsyncDebouncer/package.json
  • examples/react/useAsyncQueuedState/package.json
  • examples/react/useAsyncQueuer/package.json
  • examples/react/useAsyncRateLimiter/package.json
  • examples/react/useAsyncRateLimiterWithPersister/package.json
  • examples/react/useAsyncThrottledCallback/package.json
  • examples/react/useAsyncThrottler/package.json
  • examples/react/useBatchedCallback/package.json
  • examples/react/useBatcher/package.json
  • examples/react/useDebouncedCallback/package.json
  • examples/react/useDebouncedState/package.json
  • examples/react/useDebouncedValue/package.json
  • examples/react/useDebouncer/package.json
  • examples/react/useQueuedState/package.json
  • examples/react/useQueuedValue/package.json
  • examples/react/useQueuer/package.json
  • examples/react/useQueuerWithPersister/package.json
  • examples/react/useRateLimitedCallback/package.json
  • examples/react/useRateLimitedState/package.json
  • examples/react/useRateLimitedValue/package.json
  • examples/react/useRateLimiter/package.json
  • examples/react/useRateLimiterWithPersister/package.json
  • examples/react/useThrottledCallback/package.json
  • examples/react/useThrottledState/package.json
  • examples/react/useThrottledValue/package.json
  • examples/react/useThrottler/package.json
  • examples/react/util-comparison/package.json
  • examples/solid/asyncBatch/package.json
  • examples/solid/asyncDebounce/package.json
  • examples/solid/asyncRateLimit/package.json
  • examples/solid/asyncThrottle/package.json
  • examples/solid/batch/package.json
  • examples/solid/createAsyncBatcher/package.json
  • examples/solid/createAsyncDebouncer/package.json
  • examples/solid/createAsyncQueuer/package.json
  • examples/solid/createAsyncRateLimiter/package.json
  • examples/solid/createAsyncThrottler/package.json
  • examples/solid/createBatcher/package.json
  • examples/solid/createDebouncedSignal/package.json
  • examples/solid/createDebouncedValue/package.json
  • examples/solid/createDebouncer/package.json
  • examples/solid/createQueuedSignal/package.json
  • examples/solid/createQueuer/package.json
  • examples/solid/createRateLimitedSignal/package.json
  • examples/solid/createRateLimitedValue/package.json
  • examples/solid/createRateLimiter/package.json
  • examples/solid/createThrottledSignal/package.json
  • examples/solid/createThrottledValue/package.json
  • examples/solid/createThrottler/package.json
  • examples/solid/debounce/package.json
  • examples/solid/queue/package.json
  • examples/solid/rateLimit/package.json
  • examples/solid/throttle/package.json
  • examples/vanilla/LiteBatcher/package.json
  • examples/vanilla/LiteDebouncer/package.json
  • examples/vanilla/LiteQueuer/package.json
  • examples/vanilla/LiteRateLimiter/package.json
  • examples/vanilla/LiteThrottler/package.json
  • examples/vanilla/liteBatch/package.json
  • examples/vanilla/liteDebounce/package.json
  • examples/vanilla/liteQueue/package.json
  • examples/vanilla/liteRateLimit/package.json
  • examples/vanilla/liteThrottle/package.json
  • package.json
  • packages/angular-pacer/package.json
  • packages/pacer-devtools/package.json
  • packages/preact-pacer-devtools/package.json
  • packages/preact-pacer/package.json
  • packages/react-pacer-devtools/package.json
  • packages/react-pacer/package.json
  • packages/solid-pacer/package.json

Comment thread examples/angular/asyncBatch/package.json Outdated
Comment thread examples/angular/injectQueuedSignal/package.json Outdated
},
"private": true,
"packageManager": "pnpm@11.1.1",
"packageManager": "pnpm@11.1.2",
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify lockfile drift matches the reported CI error (read-only checks)
set -euo pipefail

echo "Root dependency specifiers:"
rg -n '"(eslint|knip|nx)"\s*:\s*"\^[^"]+"' package.json

echo
echo "Lockfile entries:"
rg -n '^\s{2}(eslint|knip|nx)@' pnpm-lock.yaml || true

echo
echo "If versions differ from package.json intent, run locally:"
echo "pnpm install && git add pnpm-lock.yaml"

Repository: TanStack/pacer

Length of output: 461

🏁 Script executed:

# Verify the actual file structure and content
echo "=== Checking if example directory exists ==="
ls -la examples/angular/injectQueuedSignal/ 2>&1 | head -20

echo -e "\n=== Checking package.json at the example location ==="
if [ -f "examples/angular/injectQueuedSignal/package.json" ]; then
  echo "File exists. Line 23:"
  sed -n '20,30p' examples/angular/injectQueuedSignal/package.json
else
  echo "File not found"
fi

echo -e "\n=== Checking for pnpm-lock.yaml locations ==="
find . -name "pnpm-lock.yaml" -type f 2>/dev/null | head -5

echo -e "\n=== Checking root package.json at line 23 ==="
sed -n '20,30p' package.json

Repository: TanStack/pacer

Length of output: 2347

🏁 Script executed:

# Check example package.json dependencies
echo "=== Example package.json full content ==="
cat examples/angular/injectQueuedSignal/package.json

echo -e "\n=== Extract dependency versions from example ==="
jq '.dependencies, .devDependencies' examples/angular/injectQueuedSignal/package.json

echo -e "\n=== Check lockfile for these dependencies ==="
# Get all packages from example dependencies
rg -o '"`@angular/`[^"]+"|"typescript"|"`@nrwl/`[^"]+"' examples/angular/injectQueuedSignal/package.json | head -20

Repository: TanStack/pacer

Length of output: 1876

🏁 Script executed:

# Check if example's dependencies have lockfile versions matching their specifiers
echo "=== Check lockfile for Angular and other example dependencies ==="

echo "Checking `@angular/common`:"
rg -n '`@angular/common`@21\.2\.13' pnpm-lock.yaml || echo "Not found"

echo -e "\nChecking typescript:"
rg -n 'typescript@6\.0\.3' pnpm-lock.yaml || echo "Not found"

echo -e "\nChecking all typescript versions in lockfile:"
rg -n '^\s+typescript@' pnpm-lock.yaml | head -5

echo -e "\nChecking `@angular/common` versions in lockfile:"
rg -n '^\s+@angular/common@' pnpm-lock.yaml | head -5

echo -e "\n=== Check if root has install issues due to lockfile ==="
echo "Root package.json eslint, knip, nx specs:"
rg '"(eslint|knip|nx)"\s*:\s*' package.json | grep -E "^\s+"

echo -e "\nRoot lockfile versions:"
rg -n '^\s{2}(eslint|knip|nx)@' pnpm-lock.yaml | head -10

Repository: TanStack/pacer

Length of output: 45468

Regenerate and commit pnpm-lock.yaml to unblock frozen-lockfile CI.

The PR fails install with ERR_PNPM_OUTDATED_LOCKFILE; updated dependency specifiers are not reflected in the lockfile. Root dependencies (eslint ^10.4.0 vs 10.3.0, knip ^6.14.1 vs 6.13.1, nx ^22.7.2 vs 22.7.1) and example dependencies (Angular ^21.2.13 vs 21.2.12) are all out of sync. This blocks merge.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@examples/angular/injectQueuedSignal/package.json` at line 23, The repo’s pnpm
lockfile is out of sync with updated dependency specs (packageManager/pnpm
version and several root/example deps), causing ERR_PNPM_OUTDATED_LOCKFILE;
regenerate pnpm-lock.yaml and commit it. Run pnpm install using the declared
pnpm version (pnpm@11.1.2) to produce an updated pnpm-lock.yaml, verify root
deps (eslint, knip, nx) and example Angular deps match package.json entries, and
commit the updated pnpm-lock.yaml so frozen-lockfile CI will pass.

Comment thread examples/react/rateLimit/package.json Outdated
Comment thread examples/react/useBatcher/package.json Outdated
Comment thread examples/react/useQueuerWithPersister/package.json Outdated
Comment thread package.json Outdated
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch from 5124183 to 2d4efc4 Compare May 18, 2026 22:15
@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 18, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​tanstack/​react-query-devtools@​5.100.141001007199100
Added@​angular/​cli@​21.2.12741007898100
Added@​angular/​core@​21.2.14751007998100
Added@​angular/​compiler@​21.2.14751007898100
Added@​angular/​platform-browser@​21.2.14771007598100
Added@​angular/​compiler-cli@​21.2.14811007798100
Added@​angular/​forms@​21.2.14771007798100
Added@​angular/​router@​21.2.14781007798100
Addednx@​22.7.37810093100100
Added@​angular/​build@​21.2.12791007898100
Added@​types/​react@​19.2.151001007996100
Addedvitest@​4.1.7961007999100
Added@​angular/​common@​21.2.141001007998100
Addedvite@​8.0.14991008298100
Added@​tanstack/​react-query@​5.100.14991008899100
Addedpreact@​10.29.28810010096100
Addedeslint@​10.4.08910010095100
Added@​vitejs/​plugin-react@​6.0.210010010092100
Addedknip@​6.14.2991009596100
Addedsolid-js@​1.9.1310010010096100
Added@​eslint-react/​eslint-plugin@​5.8.49910010096100

View full report

@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 18, 2026
edited
Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @angular/build is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: examples/angular/asyncBatch/package.jsonnpm/@angular/build@21.2.12

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@angular/build@21.2.12. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm @angular/cli is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: examples/angular/asyncBatch/package.jsonnpm/@angular/cli@21.2.12

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@angular/cli@21.2.12. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm @schematics/angular is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@angular/cli@21.2.12npm/@schematics/angular@21.2.12

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@schematics/angular@21.2.12. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm nx is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: package.jsonnpm/nx@22.7.3

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/nx@22.7.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm preact is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: examples/preact/asyncBatch/package.jsonnpm/preact@10.29.2

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/preact@10.29.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Low adoption: npm eslint-plugin-react-jsx

Location: Package overview

From: pnpm-lock.yamlnpm/@eslint-react/eslint-plugin@5.8.4npm/eslint-plugin-react-jsx@5.8.4

ℹ Read more on: This package | This alert | What are unpopular packages?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Unpopular packages may have less maintenance and contain other problems.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/eslint-plugin-react-jsx@5.8.4. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

coderabbitai[bot]
coderabbitai Bot reviewed May 18, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@examples/angular/asyncBatch/package.json`:
- Around line 25-30: Update the Angular build and CLI package versions to match
the runtime packages: change the `@angular/build` and `@angular/cli` entries to use
^21.2.13 so they align with `@angular/core`, `@angular/common`, `@angular/compiler`,
`@angular/forms`, `@angular/platform-browser`, and `@angular/router`; locate and edit
the `@angular/build` and `@angular/cli` entries in package.json to ensure all
Angular packages are on the same 21.2.13 patch level.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8ac82c91-3225-4eb0-8072-b2a8db3ee3bb

📥 Commits

Reviewing files that changed from the base of the PR and between 5124183 and 2d4efc4.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (167)
  • .github/workflows/zizmor.yml
  • examples/angular/asyncBatch/package.json
  • examples/angular/asyncDebounce/package.json
  • examples/angular/asyncRateLimit/package.json
  • examples/angular/asyncRetry/package.json
  • examples/angular/asyncThrottle/package.json
  • examples/angular/batch/package.json
  • examples/angular/debounce/package.json
  • examples/angular/injectAsyncBatchedCallback/package.json
  • examples/angular/injectAsyncBatcher/package.json
  • examples/angular/injectAsyncDebouncedCallback/package.json
  • examples/angular/injectAsyncDebouncer/package.json
  • examples/angular/injectAsyncQueuedSignal/package.json
  • examples/angular/injectAsyncQueuer/package.json
  • examples/angular/injectAsyncRateLimiter/package.json
  • examples/angular/injectAsyncRateLimiterWithPersister/package.json
  • examples/angular/injectAsyncThrottledCallback/package.json
  • examples/angular/injectAsyncThrottler/package.json
  • examples/angular/injectBatchedCallback/package.json
  • examples/angular/injectBatcher/package.json
  • examples/angular/injectDebouncedCallback/package.json
  • examples/angular/injectDebouncedSignal/package.json
  • examples/angular/injectDebouncedValue/package.json
  • examples/angular/injectDebouncer/package.json
  • examples/angular/injectQueuedSignal/package.json
  • examples/angular/injectQueuedValue/package.json
  • examples/angular/injectQueuer/package.json
  • examples/angular/injectQueuerWithPersister/package.json
  • examples/angular/injectRateLimitedCallback/package.json
  • examples/angular/injectRateLimitedSignal/package.json
  • examples/angular/injectRateLimitedValue/package.json
  • examples/angular/injectRateLimiter/package.json
  • examples/angular/injectRateLimiterWithPersister/package.json
  • examples/angular/injectThrottledCallback/package.json
  • examples/angular/injectThrottledSignal/package.json
  • examples/angular/injectThrottledValue/package.json
  • examples/angular/injectThrottler/package.json
  • examples/angular/queue/package.json
  • examples/angular/rateLimit/package.json
  • examples/angular/throttle/package.json
  • examples/preact/asyncBatch/package.json
  • examples/preact/asyncDebounce/package.json
  • examples/preact/asyncRateLimit/package.json
  • examples/preact/asyncRetry/package.json
  • examples/preact/asyncThrottle/package.json
  • examples/preact/batch/package.json
  • examples/preact/debounce/package.json
  • examples/preact/queue/package.json
  • examples/preact/rateLimit/package.json
  • examples/preact/throttle/package.json
  • examples/preact/useAsyncBatchedCallback/package.json
  • examples/preact/useAsyncBatcher/package.json
  • examples/preact/useAsyncDebouncedCallback/package.json
  • examples/preact/useAsyncDebouncer/package.json
  • examples/preact/useAsyncQueuedState/package.json
  • examples/preact/useAsyncQueuer/package.json
  • examples/preact/useAsyncRateLimiter/package.json
  • examples/preact/useAsyncRateLimiterWithPersister/package.json
  • examples/preact/useAsyncThrottledCallback/package.json
  • examples/preact/useAsyncThrottler/package.json
  • examples/preact/useBatchedCallback/package.json
  • examples/preact/useBatcher/package.json
  • examples/preact/useDebouncedCallback/package.json
  • examples/preact/useDebouncedState/package.json
  • examples/preact/useDebouncedValue/package.json
  • examples/preact/useDebouncer/package.json
  • examples/preact/useQueuedState/package.json
  • examples/preact/useQueuedValue/package.json
  • examples/preact/useQueuer/package.json
  • examples/preact/useQueuerWithPersister/package.json
  • examples/preact/useRateLimitedCallback/package.json
  • examples/preact/useRateLimitedState/package.json
  • examples/preact/useRateLimitedValue/package.json
  • examples/preact/useRateLimiter/package.json
  • examples/preact/useRateLimiterWithPersister/package.json
  • examples/preact/useThrottledCallback/package.json
  • examples/preact/useThrottledState/package.json
  • examples/preact/useThrottledValue/package.json
  • examples/preact/useThrottler/package.json
  • examples/preact/util-comparison/package.json
  • examples/react/asyncBatch/package.json
  • examples/react/asyncDebounce/package.json
  • examples/react/asyncRateLimit/package.json
  • examples/react/asyncRetry/package.json
  • examples/react/asyncThrottle/package.json
  • examples/react/batch/package.json
  • examples/react/debounce/package.json
  • examples/react/queue/package.json
  • examples/react/rateLimit/package.json
  • examples/react/react-query-debounced-prefetch/package.json
  • examples/react/react-query-queued-prefetch/package.json
  • examples/react/react-query-throttled-prefetch/package.json
  • examples/react/throttle/package.json
  • examples/react/useAsyncBatchedCallback/package.json
  • examples/react/useAsyncBatcher/package.json
  • examples/react/useAsyncDebouncedCallback/package.json
  • examples/react/useAsyncDebouncer/package.json
  • examples/react/useAsyncQueuedState/package.json
  • examples/react/useAsyncQueuer/package.json
  • examples/react/useAsyncRateLimiter/package.json
  • examples/react/useAsyncRateLimiterWithPersister/package.json
  • examples/react/useAsyncThrottledCallback/package.json
  • examples/react/useAsyncThrottler/package.json
  • examples/react/useBatchedCallback/package.json
  • examples/react/useBatcher/package.json
  • examples/react/useDebouncedCallback/package.json
  • examples/react/useDebouncedState/package.json
  • examples/react/useDebouncedValue/package.json
  • examples/react/useDebouncer/package.json
  • examples/react/useQueuedState/package.json
  • examples/react/useQueuedValue/package.json
  • examples/react/useQueuer/package.json
  • examples/react/useQueuerWithPersister/package.json
  • examples/react/useRateLimitedCallback/package.json
  • examples/react/useRateLimitedState/package.json
  • examples/react/useRateLimitedValue/package.json
  • examples/react/useRateLimiter/package.json
  • examples/react/useRateLimiterWithPersister/package.json
  • examples/react/useThrottledCallback/package.json
  • examples/react/useThrottledState/package.json
  • examples/react/useThrottledValue/package.json
  • examples/react/useThrottler/package.json
  • examples/react/util-comparison/package.json
  • examples/solid/asyncBatch/package.json
  • examples/solid/asyncDebounce/package.json
  • examples/solid/asyncRateLimit/package.json
  • examples/solid/asyncThrottle/package.json
  • examples/solid/batch/package.json
  • examples/solid/createAsyncBatcher/package.json
  • examples/solid/createAsyncDebouncer/package.json
  • examples/solid/createAsyncQueuer/package.json
  • examples/solid/createAsyncRateLimiter/package.json
  • examples/solid/createAsyncThrottler/package.json
  • examples/solid/createBatcher/package.json
  • examples/solid/createDebouncedSignal/package.json
  • examples/solid/createDebouncedValue/package.json
  • examples/solid/createDebouncer/package.json
  • examples/solid/createQueuedSignal/package.json
  • examples/solid/createQueuer/package.json
  • examples/solid/createRateLimitedSignal/package.json
  • examples/solid/createRateLimitedValue/package.json
  • examples/solid/createRateLimiter/package.json
  • examples/solid/createThrottledSignal/package.json
  • examples/solid/createThrottledValue/package.json
  • examples/solid/createThrottler/package.json
  • examples/solid/debounce/package.json
  • examples/solid/queue/package.json
  • examples/solid/rateLimit/package.json
  • examples/solid/throttle/package.json
  • examples/vanilla/LiteBatcher/package.json
  • examples/vanilla/LiteDebouncer/package.json
  • examples/vanilla/LiteQueuer/package.json
  • examples/vanilla/LiteRateLimiter/package.json
  • examples/vanilla/LiteThrottler/package.json
  • examples/vanilla/liteBatch/package.json
  • examples/vanilla/liteDebounce/package.json
  • examples/vanilla/liteQueue/package.json
  • examples/vanilla/liteRateLimit/package.json
  • examples/vanilla/liteThrottle/package.json
  • package.json
  • packages/angular-pacer/package.json
  • packages/pacer-devtools/package.json
  • packages/preact-pacer-devtools/package.json
  • packages/preact-pacer/package.json
  • packages/react-pacer-devtools/package.json
  • packages/react-pacer/package.json
  • packages/solid-pacer/package.json
✅ Files skipped from review due to trivial changes (106)
  • examples/react/useQueuerWithPersister/package.json
  • examples/react/asyncDebounce/package.json
  • packages/preact-pacer-devtools/package.json
  • examples/react/throttle/package.json
  • packages/solid-pacer/package.json
  • examples/react/asyncBatch/package.json
  • examples/solid/rateLimit/package.json
  • examples/react/useAsyncBatchedCallback/package.json
  • examples/solid/createThrottledValue/package.json
  • examples/react/useThrottler/package.json
  • examples/react/useDebouncedState/package.json
  • packages/pacer-devtools/package.json
  • examples/react/useQueuer/package.json
  • examples/preact/useDebouncedValue/package.json
  • examples/react/useAsyncDebouncer/package.json
  • examples/react/useAsyncBatcher/package.json
  • examples/react/batch/package.json
  • examples/react/useAsyncDebouncedCallback/package.json
  • examples/preact/useAsyncRateLimiter/package.json
  • examples/react/useDebouncer/package.json
  • examples/preact/asyncThrottle/package.json
  • examples/preact/useQueuedState/package.json
  • examples/react/useRateLimitedValue/package.json
  • examples/solid/asyncBatch/package.json
  • examples/vanilla/liteRateLimit/package.json
  • examples/solid/createBatcher/package.json
  • examples/react/queue/package.json
  • examples/solid/createDebouncedValue/package.json
  • examples/preact/useThrottledValue/package.json
  • examples/react/useAsyncRateLimiter/package.json
  • examples/preact/useAsyncThrottler/package.json
  • examples/react/useThrottledValue/package.json
  • examples/solid/createAsyncRateLimiter/package.json
  • examples/preact/useAsyncDebouncer/package.json
  • examples/react/useQueuedState/package.json
  • examples/preact/useAsyncBatchedCallback/package.json
  • examples/react/useThrottledState/package.json
  • packages/angular-pacer/package.json
  • examples/react/useDebouncedCallback/package.json
  • examples/solid/createRateLimitedSignal/package.json
  • examples/solid/createAsyncBatcher/package.json
  • examples/preact/useRateLimitedValue/package.json
  • examples/vanilla/LiteQueuer/package.json
  • examples/preact/useAsyncRateLimiterWithPersister/package.json
  • examples/preact/useQueuedValue/package.json
  • examples/solid/batch/package.json
  • examples/preact/useAsyncBatcher/package.json
  • examples/vanilla/liteThrottle/package.json
  • examples/react/useRateLimitedState/package.json
  • examples/react/rateLimit/package.json
  • examples/solid/createQueuedSignal/package.json
  • examples/react/util-comparison/package.json
  • examples/vanilla/LiteRateLimiter/package.json
  • examples/react/useAsyncRateLimiterWithPersister/package.json
  • examples/vanilla/liteBatch/package.json
  • examples/angular/rateLimit/package.json
  • examples/preact/useAsyncThrottledCallback/package.json
  • examples/preact/useThrottledState/package.json
  • examples/react/useQueuedValue/package.json
  • examples/solid/asyncRateLimit/package.json
  • package.json
  • examples/solid/createRateLimiter/package.json
  • examples/react/useAsyncThrottledCallback/package.json
  • examples/solid/queue/package.json
  • examples/vanilla/LiteDebouncer/package.json
  • examples/react/useThrottledCallback/package.json
  • examples/solid/createRateLimitedValue/package.json
  • examples/preact/useBatchedCallback/package.json
  • examples/angular/injectDebouncedCallback/package.json
  • examples/react/useDebouncedValue/package.json
  • examples/preact/useAsyncQueuer/package.json
  • examples/react/useBatcher/package.json
  • examples/preact/useDebouncedCallback/package.json
  • examples/preact/useRateLimiterWithPersister/package.json
  • examples/solid/createThrottler/package.json
  • examples/angular/injectBatcher/package.json
  • examples/angular/injectDebouncedValue/package.json
  • examples/angular/injectAsyncBatchedCallback/package.json
  • examples/preact/asyncRateLimit/package.json
  • examples/solid/createAsyncThrottler/package.json
  • packages/react-pacer/package.json
  • examples/solid/createThrottledSignal/package.json
  • examples/preact/debounce/package.json
  • examples/vanilla/LiteThrottler/package.json
  • examples/preact/useRateLimiter/package.json
  • examples/solid/asyncThrottle/package.json
  • examples/preact/useDebouncedState/package.json
  • examples/react/useBatchedCallback/package.json
  • examples/angular/injectRateLimitedSignal/package.json
  • examples/angular/injectQueuerWithPersister/package.json
  • examples/preact/useBatcher/package.json
  • examples/solid/asyncDebounce/package.json
  • examples/preact/rateLimit/package.json
  • examples/angular/asyncDebounce/package.json
  • examples/solid/createQueuer/package.json
  • examples/react/useAsyncQueuer/package.json
  • examples/react/useAsyncQueuedState/package.json
  • examples/angular/injectAsyncQueuedSignal/package.json
  • examples/vanilla/LiteBatcher/package.json
  • examples/solid/createAsyncQueuer/package.json
  • examples/angular/injectRateLimitedCallback/package.json
  • packages/preact-pacer/package.json
  • examples/angular/asyncRetry/package.json
  • examples/preact/queue/package.json
  • examples/angular/queue/package.json
  • examples/solid/createAsyncDebouncer/package.json
🚧 Files skipped from review as they are similar to previous changes (51)
  • examples/preact/useThrottledCallback/package.json
  • examples/preact/useAsyncQueuedState/package.json
  • examples/vanilla/liteQueue/package.json
  • examples/react/debounce/package.json
  • examples/preact/batch/package.json
  • examples/solid/debounce/package.json
  • .github/workflows/zizmor.yml
  • examples/react/asyncRateLimit/package.json
  • examples/angular/injectRateLimiter/package.json
  • examples/preact/asyncBatch/package.json
  • examples/angular/injectThrottledValue/package.json
  • examples/angular/throttle/package.json
  • examples/preact/util-comparison/package.json
  • examples/angular/injectAsyncThrottler/package.json
  • examples/vanilla/liteDebounce/package.json
  • examples/preact/useRateLimitedCallback/package.json
  • examples/angular/injectQueuedValue/package.json
  • examples/preact/useQueuer/package.json
  • examples/angular/debounce/package.json
  • examples/angular/injectAsyncDebouncer/package.json
  • examples/angular/injectAsyncBatcher/package.json
  • examples/react/useRateLimiterWithPersister/package.json
  • examples/solid/throttle/package.json
  • examples/preact/useRateLimitedState/package.json
  • examples/angular/injectRateLimitedValue/package.json
  • examples/angular/injectBatchedCallback/package.json
  • examples/angular/injectAsyncRateLimiterWithPersister/package.json
  • examples/preact/useQueuerWithPersister/package.json
  • examples/react/useRateLimiter/package.json
  • examples/react/useRateLimitedCallback/package.json
  • examples/angular/injectThrottler/package.json
  • examples/react/react-query-queued-prefetch/package.json
  • examples/react/useAsyncThrottler/package.json
  • examples/angular/injectThrottledSignal/package.json
  • packages/react-pacer-devtools/package.json
  • examples/angular/injectQueuer/package.json
  • examples/angular/injectQueuedSignal/package.json
  • examples/angular/injectRateLimiterWithPersister/package.json
  • examples/preact/useDebouncer/package.json
  • examples/preact/asyncRetry/package.json
  • examples/angular/injectAsyncThrottledCallback/package.json
  • examples/solid/createDebouncedSignal/package.json
  • examples/angular/injectAsyncQueuer/package.json
  • examples/angular/injectDebouncer/package.json
  • examples/angular/batch/package.json
  • examples/preact/useAsyncDebouncedCallback/package.json
  • examples/angular/asyncThrottle/package.json
  • examples/angular/injectThrottledCallback/package.json
  • examples/angular/injectDebouncedSignal/package.json
  • examples/angular/injectAsyncRateLimiter/package.json
  • examples/preact/asyncDebounce/package.json

Comment thread examples/angular/asyncBatch/package.json Outdated
Comment on lines +25 to +30
"@angular/common": "^21.2.13",
"@angular/compiler": "^21.2.13",
"@angular/core": "^21.2.13",
"@angular/forms": "^21.2.13",
"@angular/platform-browser": "^21.2.13",
"@angular/router": "^21.2.13",
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check Angular release notes and compatibility for version skew

# Search for known issues with mixing Angular 21.2.13 runtime and 21.2.11 build tools
rg -n "`@angular/`(build|cli).*21\.2\.11" examples/angular/ -A 2 -B 2

Repository: TanStack/pacer

Length of output: 18607

🌐 Web query:

Angular 21.2.13 compatibility with Angular CLI 21.2.11 and Angular build 21.2.11

💡 Result:

Angular 21.2.13 compatibility with Angular CLI 21.2.11 and Angular build 21.2.11: While there is no official documentation explicitly confirming the compatibility of these specific patch versions, the standard practice and official guidance for Angular projects is to keep the Angular core, Angular CLI, and build packages aligned at the same version [1]. What the sources confirm: 1) Major version alignment: Angular’s official documentation states that major versions of Angular core and the CLI must be aligned [1]. 2) Version consistency: The official guidance is that in order to use the CLI, the version of @angular/core and the CLI should be the same [1]. 3) Release trains: The @angular/cli repository releases (such as v21.2.11) are part of a unified release train that includes the CLI and build packages [2]. Recommendation: To ensure stability and avoid potential issues, it is strongly recommended to update your @angular/core, @angular/cli, and build packages (@angular-devkit/build-angular or @angular/build) to the same version (e.g., 21.2.13). While they may technically function if mismatched within the same minor version (21.2.x), keeping them aligned is the only way to guarantee full compatibility and support [1].

Citations:

Align build and runtime package versions.

Runtime packages (@angular/core, @angular/common, etc.) are at ^21.2.13 while build packages (@angular/build at line 36, @angular/cli at line 37) remain at ^21.2.11. Angular's official guidance recommends keeping core, CLI, and build packages aligned to the same version for full compatibility and support. While patch-level mismatches within the same minor version (21.2.x) may function, updating @angular/build and @angular/cli to ^21.2.13 ensures version consistency and eliminates potential compatibility gaps.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@examples/angular/asyncBatch/package.json` around lines 25 - 30, Update the
Angular build and CLI package versions to match the runtime packages: change the
`@angular/build` and `@angular/cli` entries to use ^21.2.13 so they align with
`@angular/core`, `@angular/common`, `@angular/compiler`, `@angular/forms`,
`@angular/platform-browser`, and `@angular/router`; locate and edit the
`@angular/build` and `@angular/cli` entries in package.json to ensure all Angular
packages are on the same 21.2.13 patch level.

@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 10 times, most recently from f35b718 to 0146194 Compare May 22, 2026 22:39
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch from 0146194 to 044b9bf Compare May 23, 2026 17:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants