what stackpulse tracks
Angular releases from GitHub
StackPulse watches Angular release notes and keeps the original source link close to every summary.
#stacks/angular/framework
Angular release notes, breaking changes, and upgrade notes.
The web development framework for building modern apps StackPulse turns upstream changelogs into scannable summaries with risky changes, deprecations, migration notes, and source links.
releases
12
breaking
1
security
6
deprecated
4
migrations
3
upgrade risk
Breaking changes and deprecations
Risky changes are separated from normal feature notes so you can scan upgrade impact before changing production dependencies.
migration notes
Source-backed next steps
Migration steps and recommended actions are only shown when the upstream release notes support them.
# latest_releases
source-backedv22.1.0-next.0mediumdeprecationfeaturesecurityprereleaseJun 10, 2026
22.1.0-next.0
This prerelease introduces several fixes and improvements, including enhanced support for foreign components, HTTP transfer cache optimizations, and deprecation of JSONP support in the HTTP module.
affected
Developers using JSONP functionality in Angular's HTTP module are affected by its deprecation.
action
Migrate from JSONP to standard HTTP requests.
release_signals
!Harden platform location origin validation during SSR (#69184)
!Deprecate `HttpClient.jsonp`, `HttpClientJsonpModule`, and related JSONP classes/functions
+Add custom set option to linkedSignal
+Compile non-exported classes if standalone in language-service
+Typecheck templates requiring inline typecheck blocks in language-service
v22.0.1mediumdeprecationsecurityJun 10, 2026
22.0.1
This release focuses on bug fixes and security improvements across various Angular modules, including common, compiler, core, forms, http, and platform-server.
affected
Developers using Angular's platform-server module for XHR requests are affected by the deprecation.
action
Migrate from XHR to standard `fetch` APIs in `@angular/platform-server`.
release_signals
!Prevent prototype pollution in formatDateTime
!Use cryptographically secure SHA-256 for transfer cache key generation
!Sanitize `href`/`xlink:href` attributes of any element of the MathML namespace
!Harden TransferState restoration against DOM clobbering
!Strips sensitive headers on cross-origin redirects
!XHR support in `@angular/platform-server` is deprecated. Use standard `fetch` APIs instead.
v21.2.17mediumdeprecationsecurityJun 10, 2026
21.2.17
This release focuses on security hardening, bug fixes, and deprecations across Angular's common, compiler, core, http, platform-server, and service-worker modules.
affected
Developers using Angular's platform-server XHR APIs or relying on transfer cache, DOM manipulation, or cross-origin redirects may be affected.
action
Migrate from deprecated XHR APIs to `fetch` and review security-related changes for potential impacts.
release_signals
!Use cryptographically secure SHA-256 for transfer cache key generation
!Harden TransferState restoration against DOM clobbering
!Strips sensitive headers on cross-origin redirects
!Sanitize two-way properties
!Harden platform location origin validation during SSR
!XHR support in `@angular/platform-server` is deprecated. Use standard `fetch` APIs instead.
v20.3.25mediumdeprecationsecurityJun 10, 2026
20.3.25
This release focuses on security hardening, bug fixes, and deprecations across Angular's core modules. Key changes include improved transfer cache security, stricter URL validation, and deprecation of server-side XHR.
affected
Developers using Angular's platform-server XHR APIs or handling sensitive HTTP headers in service workers are most affected.
action
Migrate from platform-server XHR APIs to fetch APIs and review HTTP header handling in service workers.
release_signals
!Use cryptographically secure SHA-256 for transfer cache key generation
!Harden TransferState restoration against DOM clobbering
!Strips sensitive headers on cross-origin redirects
!Rejects non-HTTP(S) URLs in JSONP requests
!Harden platform location origin validation during SSR
!XHR support in `@angular/platform-server` is deprecated. Use standard `fetch` APIs instead.