chore(deps): bump esbuild, @angular-devkit/build-angular and ng-packagr

[dependabot]

Bumps esbuild to 0.27.2 and updates ancestor dependencies esbuild, @angular-devkit/build-angular and ng-packagr. These dependencies need to be updated together.

Updates esbuild from 0.17.8 to 0.27.2

Release notes

Sourced from esbuild's releases.

v0.27.2

• Allow import path specifiers starting with #/ (#4361)

  Previously the specification for package.json disallowed import path specifiers starting with #/, but this restriction has recently been relaxed and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping #/* to ./src/* (previously you had to use another character such as #_* instead, which was more confusing). There is some more context in nodejs/node#49182.

  This change was contributed by @​hybrist.

• Automatically add the -webkit-mask prefix (#4357, #4358)

  This release automatically adds the -webkit- vendor prefix for the mask CSS shorthand property:

  /* Original code */
  main {
    mask: url(x.png) center/5rem no-repeat
  }
  /* Old output (with --target=chrome110) */
  main {
  mask: url(x.png) center/5rem no-repeat;
  }
  /* New output (with --target=chrome110) */
  main {
  -webkit-mask: url(x.png) center/5rem no-repeat;
  mask: url(x.png) center/5rem no-repeat;
  }

  This change was contributed by @​BPJEnnova.

• Additional minification of switch statements (#4176, #4359)

  This release contains additional minification patterns for reducing switch statements. Here is an example:

  // Original code
  switch (x) {
    case 0:
      foo()
      break
    case 1:
    default:
      bar()
  }
  // Old output (with --minify)
  switch(x){case 0:foo();break;case 1:default:bar()}
  // New output (with --minify)

... (truncated)

Changelog

Sourced from esbuild's changelog.

Changelog: 2023

This changelog documents all esbuild versions published in the year 2023 (versions 0.16.13 through 0.19.11).

0.19.11

• Fix TypeScript-specific class transform edge case (#3559)

  The previous release introduced an optimization that avoided transforming super() in the class constructor for TypeScript code compiled with useDefineForClassFields set to false if all class instance fields have no initializers. The rationale was that in this case, all class instance fields are omitted in the output so no changes to the constructor are needed. However, if all of this is the case and there are #private instance fields with initializers, those private instance field initializers were still being moved into the constructor. This was problematic because they were being inserted before the call to super() (since super() is now no longer transformed in that case). This release introduces an additional optimization that avoids moving the private instance field initializers into the constructor in this edge case, which generates smaller code, matches the TypeScript compiler's output more closely, and avoids this bug:

  // Original code
  class Foo extends Bar {
    #private = 1;
    public: any;
    constructor() {
      super();
    }
  }
  // Old output (with esbuild v0.19.9)
  class Foo extends Bar {
  constructor() {
  super();
  this.#private = 1;
  }
  #private;
  }
  // Old output (with esbuild v0.19.10)
  class Foo extends Bar {
  constructor() {
  this.#private = 1;
  super();
  }
  #private;
  }
  // New output
  class Foo extends Bar {
  #private = 1;
  constructor() {
  super();
  }
  }

• Minifier: allow reording a primitive past a side-effect (#3568)

  The minifier previously allowed reordering a side-effect past a primitive, but didn't handle the case of reordering a primitive past a side-effect. This additional case is now handled:

... (truncated)

Commits

• cd83297 publish 0.27.2 to npm
• 2759721 additional tests for switch with break
• fd2b4b3 update release notes
• c8d93a7 fix #4357: -webkit- prefix for mask shorthand (#4358)
• 92ff12c compat table: update @types/node
• a35eceb compat table: fix a type error with the new types
• f598984 fix make compat-table to install dependencies
• f7f6df0 release notes for #4361
• 6f8ec15 fix: allow subpath imports that start with #/ (#4361)
• f7ae61f minify some switch statements to if-else statement
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for esbuild since your current version.

Updates @angular-devkit/build-angular from 15.2.10 to 21.1.3

Release notes

Sourced from @​angular-devkit/build-angular's releases.

21.1.3

@​schematics/angular

Commit	Description
	warn when production configuration is missing for service worker

@​angular-devkit/build-angular

Commit	Description
	address Node.js deprecation DEP0190

21.1.2

@​angular-devkit/schematics-cli

Commit	Description
	Add boolean type inference for 'true' and 'false' string values in argument parsing

@​angular-devkit/architect

Commit	Description
	Add boolean type inference for 'true' and 'false' string values in argument parsing

@​angular/build

Commit	Description
	loosen Vitest dependency checks when runnerConfig is used
	support merging coverage thresholds with Vitest runnerConfig

21.1.1

@​schematics/angular

Commit	Description
	correct vscode MCP configuration for new projects
	remove special characters from jasmine-vitest report filename

@​angular/cli

Commit	Description
	Remove nonexistent link from MCP response

@​angular/build

Commit	Description
	allow application assets in workspace root
	prevent incorrect catch binding removal in downleveled for-await
	update undici to v7.18.2

21.1.0

@​schematics/angular

Commit	Description
	add browserMode option to jasmine-vitest schematic
	generate detailed migration report for refactor-jasmine-vitest
	add MCP configuration file to new workspaces

@​angular/cli

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

21.1.3 (2026-02-05)

@​schematics/angular

Commit	Type	Description
a18196a10	fix	warn when production configuration is missing for service worker

@​angular-devkit/build-angular

Commit	Type	Description
6d05d27ca	fix	address Node.js deprecation DEP0190

21.2.0-next.0 (2026-01-28)

@​angular/cli

Commit	Type	Description
0dd04f289	feat	add markdown files to Prettier's formatting list
fbae1b6ab	feat	automatic formatting files modified by schematics
98a24d040	feat	standardize MCP tools around workspace/project options
d9cd609c5	fix	correctly parse scoped packages in yarn classic list output
5b05f2500	fix	enable shell option for Prettier execution on Windows platforms

@​schematics/angular

Commit	Type	Description
aa7381efd	feat	add a '.prettierrc' file to generated workspaces and add Prettier as dev dependency
f80db6fb7	feat	add ng-add support for Vitest browser providers

@​angular-devkit/build-angular

Commit	Type	Description
b4a8d198c	fix	address Node.js deprecation DEP0190

@​angular/build

Commit	Type	Description
0b4982720	fix	adjust sourcemap sources when Vitest wrapper is bypassed

... (truncated)

Commits

• 0a8860d release: cut the v21.1.3 release
• e80d7c5 build: update dependency @​modelcontextprotocol/sdk to v1.26.0
• f6cc58c build: update webpack dependency to version 5.105.0
• 133cf28 build: update cross-repo angular dependencies to v21.1.3
• ed0b4c5 build: update rules_browsers digest to e08ae33
• 31931f6 build: update github/codeql-action action to v4.32.1
• 94a830c build: update dependency @​modelcontextprotocol/sdk to v1.25.3
• 7a2ec50 build: update cross-repo angular dependencies
• d5a8314 build: configure Jasmine to allow duplicate describe block names
• f4c14f0 build: lock file maintenance
• Additional commits viewable in compare view

Updates ng-packagr from 15.2.2 to 21.1.0

Release notes

Sourced from ng-packagr's releases.

21.1.0

Features

• add importAttributesKey: 'with' to Rollup output options (ba4f690), closes #3212

Bug Fixes

• correctly identify external modules (7c24c84)

21.1.0-rc.0

Features

• add importAttributesKey: 'with' to Rollup output options (ba4f690), closes #3212

21.0.1

Bug Fixes

• correctly identify external modules (e0f7b22)

21.0.0

⚠ BREAKING CHANGES

• TypeScript versions older than 5.9 are no longer supported.
• The javascriptEnabled option for Less is no longer supported. Projects relying on inline JavaScript within Less files will need to refactor their stylesheets to remove this dependency.

Bug Fixes

• drop support for TypeScript 5.8 (7b48224)
• remove deprecated javascriptEnabled option for Less (d57278d)

Features

• write the types in types directory (7a5e8fb)
• add support for Angular version 21 (ed70e23)

21.0.0-rc.1

Performance

• reduce memory usage for multiple entry-points (non-watch) (01bdd42), closes #3168

21.0.0-next.4

⚠ BREAKING CHANGES

• The javascriptEnabled option for Less is no longer supported. Projects relying on inline JavaScript within Less files will need to refactor their stylesheets to remove this dependency.

... (truncated)

Changelog

Sourced from ng-packagr's changelog.

21.1.0 (2026-01-14)

Features

• add importAttributesKey: 'with' to Rollup output options (ba4f690), closes #3212

Bug Fixes

• correctly identify external modules (7c24c84)

21.0.1 (2025-12-15)

Bug Fixes

• correctly identify external modules (e0f7b22)

21.1.0-next.0 (2025-11-19)

21.1.0-next.0 (2025-11-19)

21.0.0 (2025-11-19)

⚠ BREAKING CHANGES

• TypeScript versions older than 5.9 are no longer supported.
• The javascriptEnabled option for Less is no longer supported. Projects relying on inline JavaScript within Less files will need to refactor their stylesheets to remove this dependency.

Bug Fixes

• drop support for TypeScript 5.8 (7b48224)
• remove deprecated javascriptEnabled option for Less (d57278d)

Features

• write the types in types directory (7a5e8fb)
• add support for Angular version 21 (ed70e23)

20.3.2 (2025-11-13)

Bug Fixes

• ensure deterministic ordering of 'exports' field (952ca64), closes #3175

20.3.1 (2025-11-12)

Performance

... (truncated)

Commits

• 63cf1ac release: cut 21.1.0
• 3f1a2dc build: lock file maintenance
• 03c6e02 build: update pnpm to v10.28.0
• 3ad5509 Update renovate.json
• 294a52e build: update dependency node to v22.22.0
• 8c74a59 Update renovate.json
• c38dc0b Update renovate.json
• 2e81ae5 build: update all non-major dependencies to v8.52.0
• 858ca3e release: cut 21.1.0-rc.0
• ba4f690 feat: add importAttributesKey: 'with' to Rollup output options
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for ng-packagr since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.