Visit Angular NES Home Page
Angular 14
Release Notes
Angular
14.3.9 - January 29, 2026
Notes
- Full package names and versions:
@neverendingsupport/angular-animations@14.3.0-angular-14.3.9@neverendingsupport/angular-bazel@14.3.0-angular-14.3.9@neverendingsupport/angular-common@14.3.0-angular-14.3.9@neverendingsupport/angular-compiler@14.3.0-angular-14.3.9@neverendingsupport/angular-compiler-cli@14.3.0-angular-14.3.9@neverendingsupport/angular-core@14.3.0-angular-14.3.9@neverendingsupport/angular-elements@14.3.0-angular-14.3.9@neverendingsupport/angular-forms@14.3.0-angular-14.3.9@neverendingsupport/angular-language-service@14.3.0-angular-14.3.9@neverendingsupport/angular-localize@14.3.0-angular-14.3.9@neverendingsupport/angular-platform-browser@14.3.0-angular-14.3.9@neverendingsupport/angular-platform-browser-dynamic@14.3.0-angular-14.3.9@neverendingsupport/angular-platform-server@14.3.0-angular-14.3.9@neverendingsupport/angular-router@14.3.0-angular-14.3.9@neverendingsupport/angular-service-worker@14.3.0-angular-14.3.9@neverendingsupport/angular-upgrade@14.3.0-angular-14.3.9
Security Fixes
- core: Sanitize sensitive attributes on SVG script elements.
- This fixes a high-severity Cross-Site Scripting (XSS) vulnerability (CVE-2026-22610).
14.3.8 - December, 2025
Notes
- Full package name(s) and version(s):
@neverendingsupport/angular-animations@14.3.0-angular-14.3.8@neverendingsupport/angular-bazel@14.3.0-angular-14.3.8@neverendingsupport/angular-common@14.3.0-angular-14.3.8@neverendingsupport/angular-compiler@14.3.0-angular-14.3.8@neverendingsupport/angular-compiler-cli@14.3.0-angular-14.3.8@neverendingsupport/angular-core@14.3.0-angular-14.3.8@neverendingsupport/angular-elements@14.3.0-angular-14.3.8@neverendingsupport/angular-forms@14.3.0-angular-14.3.8@neverendingsupport/angular-language-service@14.3.0-angular-14.3.8@neverendingsupport/angular-localize@14.3.0-angular-14.3.8@neverendingsupport/angular-platform-browser@14.3.0-angular-14.3.8@neverendingsupport/angular-platform-browser-dynamic@14.3.0-angular-14.3.8@neverendingsupport/angular-platform-server@14.3.0-angular-14.3.8@neverendingsupport/angular-router@14.3.0-angular-14.3.8@neverendingsupport/angular-service-worker@14.3.0-angular-14.3.8@neverendingsupport/angular-upgrade@14.3.0-angular-14.3.8
Security Fixes
- Fixed stored XSS vulnerability involving SVG Animation, SVG URL and MathML Attributes.
- This fixes a high-severity Cross-Site Scripting (XSS) vulnerability (CVE-2025-66412).
14.3.7 - December, 2025
Notes
- Full package name(s) and version(s):
@neverendingsupport/angular-animations@14.3.0-angular-14.3.7@neverendingsupport/angular-bazel@14.3.0-angular-14.3.7@neverendingsupport/angular-common@14.3.0-angular-14.3.7@neverendingsupport/angular-compiler@14.3.0-angular-14.3.7@neverendingsupport/angular-compiler-cli@14.3.0-angular-14.3.7@neverendingsupport/angular-core@14.3.0-angular-14.3.7@neverendingsupport/angular-elements@14.3.0-angular-14.3.7@neverendingsupport/angular-forms@14.3.0-angular-14.3.7@neverendingsupport/angular-language-service@14.3.0-angular-14.3.7@neverendingsupport/angular-localize@14.3.0-angular-14.3.7@neverendingsupport/angular-platform-browser@14.3.0-angular-14.3.7@neverendingsupport/angular-platform-browser-dynamic@14.3.0-angular-14.3.7@neverendingsupport/angular-platform-server@14.3.0-angular-14.3.7@neverendingsupport/angular-router@14.3.0-angular-14.3.7@neverendingsupport/angular-service-worker@14.3.0-angular-14.3.7@neverendingsupport/angular-upgrade@14.3.0-angular-14.3.7
Security Fixes
- common/http: Prevent Cross-Site Request Forgery (XSRF) token leakage to protocol-relative URLs.
- This fixes a high-severity Information Exposure vulnerability (CVE-2025-66035).
- core: Introduce BootstrapContext for improved server bootstrapping.
- This fixes a high-severity Information Exposure vulnerability (CVE-2025-59052).
Breaking Changes
core
- The server-side bootstrapping process has been changed to eliminate the reliance on a global platform injector.
Before:
const bootstrap = () => bootstrapApplication(AppComponent, config);
After:const bootstrap = (context: BootstrapContext) => bootstrapApplication(AppComponent, config, context);
In addition,getPlatform()anddestroyPlatform()will now returnnulland be a no-op respectively when running in a server environment.
14.3.6 - June 17, 2025
Notes
- This release contains no functional changes from NES v14.3.5.
- Full package name(s) and version(s):
@neverendingsupport/angular-animations@14.3.0-angular-14.3.6@neverendingsupport/angular-bazel@14.3.0-angular-14.3.6@neverendingsupport/angular-common@14.3.0-angular-14.3.6@neverendingsupport/angular-compiler@14.3.0-angular-14.3.6@neverendingsupport/angular-compiler-cli@14.3.0-angular-14.3.6@neverendingsupport/angular-core@14.3.0-angular-14.3.6@neverendingsupport/angular-elements@14.3.0-angular-14.3.6@neverendingsupport/angular-forms@14.3.0-angular-14.3.6@neverendingsupport/angular-language-service@14.3.0-angular-14.3.6@neverendingsupport/angular-localize@14.3.0-angular-14.3.6@neverendingsupport/angular-platform-browser@14.3.0-angular-14.3.6@neverendingsupport/angular-platform-browser-dynamic@14.3.0-angular-14.3.6@neverendingsupport/angular-platform-server@14.3.0-angular-14.3.6@neverendingsupport/angular-router@14.3.0-angular-14.3.6@neverendingsupport/angular-service-worker@14.3.0-angular-14.3.6@neverendingsupport/angular-upgrade@14.3.0-angular-14.3.6
14.3.5
Notes
- Added HeroDevs NES License to each package.
- Full Version:
14.3.0-{PACKAGE_NAME}-14.3.5
14.3.4
Notes
- This release contains only internal updates related to build processes.
- Full Version:
14.3.0-{PACKAGE_NAME}-14.3.4
14.3.3
Notes
- Full Version:
14.3.0-{PACKAGE_NAME}-14.3.3
Bug Fixes
- Fixed build issues: updated peer dependency version numbers.
14.3.2
Notes
- Full Version:
14.3.2-{PACKAGE_NAME}
Bug Fixes
- Fixed build issues: updated peer dependencies to match current release.
14.3.1
Notes
- Full Version:
14.3.1-{PACKAGE_NAME}
Bug Fixes
- compiler: Fixed issue with CSS value quoting.
- Core: Improved style property value handling for invalid values.
Angular CLI
14.2.17 - September, 2025
Notes
- Full package name(s) and version(s):
@neverendingsupport/angular-cli@14.2.13-angular-cli-14.2.17@neverendingsupport/angular-create@14.2.13-angular-cli-14.2.17@neverendingsupport/angular-pwa@14.2.13-angular-cli-14.2.17@neverendingsupport/angular-devkit-architect@0.1402.13-angular-cli-14.2.17@neverendingsupport/angular-devkit-architect-cli@0.1402.13-angular-cli-14.2.17@neverendingsupport/angular-devkit-build-angular@14.2.13-angular-cli-14.2.17@neverendingsupport/angular-devkit-build-webpack@0.1402.13-angular-cli-14.2.17@neverendingsupport/angular-devkit-core@14.2.13-angular-cli-14.2.17@neverendingsupport/angular-devkit-schematics@14.2.13-angular-cli-14.2.17@neverendingsupport/angular-devkit-schematics-cli@14.2.13-angular-cli-14.2.17@neverendingsupport/ngtools-webpack@14.2.13-angular-cli-14.2.17
Bug Fixes
- Fixed build issues: updated peer dependency version numbers.
14.2.16 - June 5, 2025
Notes
- This release contains no functional changes from NES v14.2.15.
- Full package name(s) and version(s):
@neverendingsupport/angular-cli@14.2.13-angular-cli-14.2.16@neverendingsupport/angular-create@14.2.13-angular-cli-14.2.16@neverendingsupport/angular-pwa@14.2.13-angular-cli-14.2.16@neverendingsupport/angular-devkit-architect@0.1402.13-angular-cli-14.2.16@neverendingsupport/angular-devkit-architect-cli@0.1402.13-angular-cli-14.2.16@neverendingsupport/angular-devkit-build-angular@14.2.13-angular-cli-14.2.16@neverendingsupport/angular-devkit-build-webpack@0.1402.13-angular-cli-14.2.16@neverendingsupport/angular-devkit-core@14.2.13-angular-cli-14.2.16@neverendingsupport/angular-devkit-schematics@14.2.13-angular-cli-14.2.16@neverendingsupport/angular-devkit-schematics-cli@14.2.13-angular-cli-14.2.16@neverendingsupport/ngtools-webpack@14.2.13-angular-cli-14.2.16
14.2.15 - February 10, 2025
Notes
- Added
@ngtools/webpack,@angular/pwa,@angular-devkit/architect-cli, and@angular-devkit/schematics-clipackages. - Full Version:
14.2.13-{PACKAGE_NAME}-14.2.15