[Snyk] Security upgrade @angular/platform-server from 9.1.13 to 19.2.22

[patzeltj]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• src/frontend/packages/core/package.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Server-side Request Forgery (SSRF) SNYK-JS-ANGULARPLATFORMSERVER-16770437	726

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Server-side Request Forgery (SSRF)

[patzeltj]

This is a major upgrade spanning ten versions of Angular (v9 to v19), which introduces a vast number of significant breaking changes. A direct upgrade is not feasible and will require a multi-stage migration or a complete application rewrite. The official Angular Update Guide recommends migrating one major version at a time.

Key Breaking Changes & Architectural Shifts:

• End of View Engine (v13): Angular v13 is 100% Ivy, completely removing the legacy View Engine. This was a massive architectural shift that impacts compilation, rendering, and library compatibility. Any dependencies not compiled with Ivy will break.
• Standalone Components (v14-v19): Introduced in v14 and made the default in v17/v19, Standalone Components, Directives, and Pipes fundamentally change application architecture by removing the need for NgModules. This is the new default and recommended approach for building applications.
• Server-Side Rendering (SSR) Overhaul: The logic for SSR, highly relevant for @angular/platform-server, has been completely revamped. The @nguniversal packages have been integrated into core as @angular/ssr (v17), and hydration has evolved significantly.
• New Control Flow Syntax (v17): The classic *ngIf, *ngFor, and *ngSwitch directives have been replaced by a new, built-in block syntax (@if, @for, @switch) that offers better performance and type-checking.
• Zoneless Change Detection (v18): Angular is moving towards a zoneless future, which is now in developer preview. This changes the fundamental mechanism of how Angular detects and propagates changes.
• Environment Support: Support for older versions of Node.js, TypeScript, and browsers like IE11 has been progressively dropped with each major release.

Recommendation: Do not attempt a direct upgrade from v9 to v19. Use the official Angular Update Guide to create a step-by-step migration plan, moving from one major version to the next (v9 → v10, v10 → v11, etc.). This is a significant refactoring effort that requires careful planning and extensive testing at each stage.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.