deps(web): bump @angular/core from 21.0.6 to 21.2.4 in /web

[dependabot]

Bumps @angular/core from 21.0.6 to 21.2.4.

Release notes

Sourced from @​angular/core's releases.

21.2.4

compiler

Commit	Description
	disallow translations of iframe src

core

Commit	Description
	reverts "feat(core): add support for nested animations"
	sanitize translated form attributes

VSCode Extension: 21.2.3

This release contains internal refactorings only.

21.2.3

core

Commit	Description
	ensure definitions compile
	include signal debug names in their toString() representation
	sanitize translated attribute bindings with interpolations

VSCode Extension: 21.2.2

• fix(extension): bundle TypeScript 5.9 internally (da57d1af73)

21.2.2

compiler

Commit	Description
	prevent mutation of children array in RecursiveVisitor

compiler-cli

Commit	Description
	always parenthesize object literals in TCB
	ignore generated ngDevMode signal branch for code coverage

forms

Commit	Description
	add 'blur' option to debounce rule

VSCode Extension: 21.2.1

• perf(language-service): use lightweight project warmup for Angular analysis (d2137928e8)

21.2.1

core

Commit	Description
	adds transfer cache to httpResource to fix hydration
	prevent child animation elements from being orphaned
	Prevent removal of elements during drag and drop

... (truncated)

Changelog

Sourced from @​angular/core's changelog.

21.2.4 (2026-03-12)

compiler

Commit	Type	Description
ed2d324f9c	fix	disallow translations of iframe src

core

Commit	Type	Description
abbd8797bb	fix	reverts "feat(core): add support for nested animations"
d1dcd16c5b	fix	sanitize translated form attributes

22.0.0-next.2 (2026-03-11)

Breaking Changes

core

• createNgModuleRef was removed, use createNgModule instead

core

Commit	Type	Description
b918beda32	feat	allow debouncing signals
f9ede9ec98	fix	ensure definitions compile
b401c18674	fix	include signal debug names in their toString() representation
8630319f74	fix	sanitize translated attribute bindings with interpolations
36936872c9	refactor	remove createNgModuleRef

forms

Commit	Type	Description
3e7ce0dafc	fix	restrict SignalFormsConfig to a readonly API

language-service

Commit	Type	Description
5a6d88626b	feat	add angular template inlay hints support

21.2.3 (2026-03-11)

core

Commit	Type	Description
62a97f7e4b	fix	ensure definitions compile
21b1c3b2ee	fix	include signal debug names in their toString() representation
224e60ecb1	fix	sanitize translated attribute bindings with interpolations

21.2.2 (2026-03-09)

... (truncated)

Commits

• d1dcd16 fix(core): sanitize translated form attributes
• abbd879 fix(core): reverts "feat(core): add support for nested animations"
• 7907e98 test: remove duplicate tests
• 21b1c3b fix(core): include signal debug names in their toString() representation
• 6c73aac refactor(common): Removes unused generic type parameters from KeyValueDiffers
• c98eab7 refactor(core): remove old resource params
• 7513558 docs: combine multiple documentation improvements into one PR
• 575f302 refactor(core): interface cleanup
• 224e60e fix(core): sanitize translated attribute bindings with interpolations
• 09638ec docs(core): clarify provideZoneChangeDetection usage in v21+
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Labels

The following labels could not be found: web. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

📊 Benchmark Results

Benchmark	Time	Throughput

arena

| | 11.160 ns | - |
| | 5.7414 ns | - |
| | 404.65 ns | - |
| | 368.52 ns | - |
| | 648.02 ns | - |
| | 41.546 ns | - |
| | 657.56 ns | - |
| | 72.648 ns | - |
| | | - |
| | | - |
| | 401.56 ns | - |
| | 40.101 ns | - |
| | | - |
| | | - |
| | | - |
| | | - |
| | 47.812 ns | - |
| | 49.659 ns | - |

body

| | 22.909 ns | - |
| | 59.422 ns | - |
| | 21.930 ns | - |
| | 863.61 ps | - |
| | 46.251 ns | - |
| | 21.988 ns | - |
| | 116.09 ns | - |
| | 87.864 ns | - |
| | 50.697 ns | - |
| | 44.025 ns | - |
| | 52.934 ns | - |
| | 29.686 ns | - |
| | 141.31 ns | - |
| | 864.79 ps | - |
| | 67.328 ns | - |
| | 35.497 ns | - |
| | 121.27 ns | - |
| | 91.369 ns | - |
| | 16.131 ns | - |
| | 16.129 ns | - |
| | 16.135 ns | - |

json

| json_info/library_check | 288.37 ps | - |
| json_serialize/small | 55.698 ns | - |
| json_serialize/medium | 321.43 ns | - |
| json_serialize/large | | - |
| json_deserialize/small | 112.16 ns | - |
| json_deserialize/medium | 995.57 ns | - |
| json_deserialize/large | | - |
| json_roundtrip/small | 172.59 ns | - |
| json_roundtrip/medium | | - |
| json_roundtrip/large | | - |
| http_json/request_parse | | - |
| http_json/response_json | 408.11 ns | - |
| http_json/full_cycle | | - |

routing

| | 37.862 ns | - |
| | 96.543 ns | - |
| | 197.16 ns | - |
| | 204.40 ns | - |
| | 112.82 ns | - |
| | 1.3147 ns | - |
| | 288.32 ps | - |
| | 113.73 ns | - |
| | 292.44 ns | - |
| | | - |
| | 161.53 ns | - |
| | 30.238 ns | - |
| | 195.24 ns | - |
| | | - |
| | 60.396 ns | - |
| | 380.36 ns | - |
| | | - |
| routing/match_first/10 | 101.23 ns | - |
| routing/match_middle/10 | 270.43 ns | - |
| routing/match_last/10 | 268.54 ns | - |
| | 182.42 ns | - |
| routing/match_first/50 | 101.28 ns | - |
| routing/match_middle/50 | 852.85 ns | - |
| routing/match_last/50 | 267.38 ns | - |
| | | - |
| routing/match_first/100 | 100.89 ns | - |
| | 725.96 ns | - |
| routing/match_last/100 | | - |
| | | - |
| routing/match_first/500 | 99.029 ns | - |
| | 672.08 ns | - |
| routing/match_last/500 | 927.67 ns | - |
| | | - |
| | 288.40 ps | - |
| | 31.069 ns | - |
| | 340.60 ns | - |
| | 82.065 ns | - |
| | 147.75 ns | - |
| | 260.97 ns | - |
| | 16.146 ns | - |
| | 86.929 ns | - |
| | 163.86 ns | - |
| | 176.41 ns | - |
| | 309.76 ns | - |
| | 521.57 ns | - |
| | 955.20 ns | - |
| full_cycle/health_check | 659.49 ns | - |
| | | - |
| | | - |
| | 10.525 ns | - |
| | 11.040 ns | - |
| allocations/vec_small | 9.3658 ns | - |
| allocations/vec_large | 21.537 ns | - |
| | 58.220 ns | - |
| | | - |

security

| jwt/sign | 808.78 ns | - |
| jwt/verify | | - |
| jwt/sign_HS256 | 812.34 ns | - |
| jwt/sign_HS384 | | - |
| jwt/sign_HS512 | | - |

simd_parser

| query_string/small/simd | 209.67 ns | - |
| | 201.77 ns | - |
| | 665.63 ns | - |
| | | - |
| query_string/large/simd | | - |
| | | - |
| url_decode/plain/simd | 24.362 ns | - |
| url_decode/encoded/simd | 68.066 ns | - |
| | 96.894 ns | - |
| | 5.1888 ns | - |
| | 14.533 ns | - |
| | 4.3452 ns | - |
| | 10.547 ns | - |
| | 89.633 ns | - |
| | 89.747 ns | - |
| | 106.54 ns | - |
| path_split/short/simd | 35.983 ns | - |
| path_split/medium/simd | 128.75 ns | - |
| path_split/long/simd | 205.97 ns | - |
| | 137.65 ns | - |
| | 464.38 ns | - |

Summary

• Commit: e18b34a5db04512eeb80a92ec2c0790e15202303
• Branch: 154/merge
• Runner: Linux

---

Benchmark run triggered by commit e18b34a