Command
other
Is this a regression?
The previous version in which this bug was not present was
21.2.x
Description
I upgraded a project from 21.2 to 22.0 and am now getting a new warning under npm audit.
The 21.2.x branch has been updated to @babel/core 7.29.7 with security fixes but the 22.0.x branch is still referencing the older 7.29.0 and caused npm audit warnings.
Minimal Reproduction
Start with an updated 21.2 project which (npm audit does not report @babel/core) and then upgrade the project to 22.
Now npm audit reports @babel/core package as having vulnerabilities and wants to revert @angular/build package to 21.2.19.
Exception or Error
Your Environment
Angular CLI : 22.0.6
Angular : 22.0.6
Node.js : 26.5.0
Package Manager : npm 11.17.0
Operating System : win32 x64
┌───────────────────────────┬───────────────────┬───────────────────┐
│ Package │ Installed Version │ Requested Version │
├───────────────────────────┼───────────────────┼───────────────────┤
│ @angular/animations │ 22.0.6 │ ^22.0.6 │
│ @angular/build │ 22.0.6 │ ^22.0.6 │
│ @angular/cli │ 22.0.6 │ ^22.0.6 │
│ @angular/common │ 22.0.6 │ ^22.0.6 │
│ @angular/compiler │ 22.0.6 │ ^22.0.6 │
│ @angular/compiler-cli │ 22.0.6 │ ^22.0.6 │
│ @angular/core │ 22.0.6 │ ^22.0.6 │
│ @angular/forms │ 22.0.6 │ ^22.0.6 │
│ @angular/language-service │ 22.0.6 │ ^22.0.6 │
│ @angular/localize │ 22.0.6 │ ^22.0.6 │
│ @angular/platform-browser │ 22.0.6 │ ^22.0.6 │
│ @angular/router │ 22.0.6 │ ^22.0.6 │
│ typescript │ 6.0.3 │ ~6.0.3 │
│ zone.js │ 0.16.2 │ ^0.16.2 │
└───────────────────────────┴───────────────────┴───────────────────┘
Anything else relevant?
No response
Command
other
Is this a regression?
The previous version in which this bug was not present was
21.2.x
Description
I upgraded a project from 21.2 to 22.0 and am now getting a new warning under
npm audit.The 21.2.x branch has been updated to @babel/core 7.29.7 with security fixes but the 22.0.x branch is still referencing the older 7.29.0 and caused
npm auditwarnings.Minimal Reproduction
Start with an updated 21.2 project which (npm audit does not report @babel/core) and then upgrade the project to 22.
Now
npm auditreports @babel/core package as having vulnerabilities and wants to revert @angular/build package to 21.2.19.Exception or Error
Your Environment
Anything else relevant?
No response