chore(deps): bump tar, @angular-devkit/build-angular and @angular/cli in /front-end

[dependabot]

Bumps tar to 7.5.16 and updates ancestor dependencies tar, @angular-devkit/build-angular and @angular/cli. These dependencies need to be updated together.

Updates tar from 6.1.11 to 7.5.16

Release notes

Sourced from tar's releases.

v6.1.13

6.1.13 (2022-12-07)

Dependencies

• cc4e0dd #343 bump minipass from 3.3.6 to 4.0.0

v6.1.12

6.1.12 (2022-10-31)

Bug Fixes

• 57493ee #332 ensuring close event is emited after stream has ended (@​webark)
• b003c64 #314 replace deprecated String.prototype.substr() (#314) (@​CommanderRoot, @​lukekarrys)

Documentation

• f129929 #313 remove dead link to benchmarks (#313) (@​yetzt)
• c1faa9f add examples/explanation of using tar.t (@​isaacs)

Changelog

Sourced from tar's changelog.

Changelog

7.5

• Added zstd compression support.
• Consistent TOCTOU behavior in sync t.list
• Only read from ustar block if not specified in Pax
• Fix sync tar.list when file size reduces while reading
• Sanitize absolute linkpaths properly
• Prevent writing hardlink entries to the archive ahead of their file target

7.4

• Deprecate onentry in favor of onReadEntry for clarity.

7.3

• Add onWriteEntry option

7.2

• DRY the command definitions into a single makeCommand method, and update the type signatures to more appropriately infer the return type from the options and arguments provided.

7.1

• Update minipass to v7.1.0
• Update the type definitions of write() and end() methods on Unpack and Parser classes to be compatible with the NodeJS.WritableStream type in the latest versions of @types/node.

7.0

• Drop support for node <18
• Rewrite in TypeScript, provide ESM and CommonJS hybrid interface
• Add tree-shake friendly exports, like import('tar/create') and import('tar/read-entry') to get individual functions or classes.
• Add chmod option that defaults to false, and deprecate noChmod. That is, reverse the default option regarding explicitly setting file system modes to match tar entry settings.
• Add processUmask option to avoid having to call process.umask() when chmod: true (or noChmod: false) is set.

... (truncated)

Commits

• cf21338 7.5.16
• 21a8220 do not apply PAX header fields to meta entries
• 52632cf update project deps
• 302f51f fix inconsequential typo in PENDINGLINKS symbol name
• 55dbb99 remove some uses of mutate-fs
• 87cc309 7.5.15
• 7aef486 fix: regression in pending links detection
• 6244eb3 7.5.14
• 9704d8c stricter protection against hardlinks preempting their targets
• 700734f update workflows and deps
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for tar since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates @angular-devkit/build-angular from 12.2.18 to 21.2.16

Release notes

Sourced from @​angular-devkit/build-angular's releases.

21.2.16

@​angular/cli

Commit	Description
	update pacote to 21.5.1

@​angular/ssr

Commit	Description
	prioritize options over environment variables in AngularNodeAppEngine

21.2.15

@​angular/cli

Commit	Description
	remove forceAuth and unscoped credential parsing
	support registry metadata fetching under bun package manager

21.2.14

@​angular/cli

Commit	Description
	expand package groups for newly added peer dependencies in update schematic

@​angular/build

Commit	Description
	prevent esbuild service child process leakage

21.2.13

@​angular-devkit/build-angular

Commit	Description
	remove unconditional CORS wildcard from webpack dev-server

@​angular/build

Commit	Description
	assert that asset input paths are within workspace root

21.2.12

@​angular/build

Commit	Description
	ignore virtual esbuild paths with (disabled):

21.2.11

@​angular/cli

Commit	Description
	robustly parse npm manifest from array

@​angular/ssr

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

21.2.16 (2026-06-17)

@​angular/cli

Commit	Type	Description
77c9047ac	fix	update pacote to 21.5.1

@​angular/ssr

Commit	Type	Description
d052e97da	fix	prioritize options over environment variables in AngularNodeAppEngine

20.3.29 (2026-06-17)

@​angular/cli

Commit	Type	Description
5f7c0328c	fix	update pacote to 21.5.1

@​angular/ssr

Commit	Type	Description
a75d78e68	fix	prioritize options over environment variables in AngularNodeAppEngine

22.0.2 (2026-06-17)

@​angular/cli

Commit	Type	Description
136fc2714	fix	support registry metadata fetching under bun package manager
2653dd5c7	perf	implement semaphore backpressure throttling in PackageManager

@​angular/build

Commit	Type	Description
0b4a48add	perf	implement semaphore backpressure throttling in JavaScriptTransformer

... (truncated)

Commits

• 1efc647 release: cut the v21.2.16 release
• 14459e2 build: update dependency webpack-dev-server to 5.2.5
• 77c9047 fix(@​angular/cli): update pacote to 21.5.1
• d052e97 fix(@​angular/ssr): prioritize options over environment variables in AngularNo...
• d318ddd release: cut the v21.2.15 release
• c7a7f19 fix(@​angular/cli): support registry metadata fetching under bun package manager
• bdc3d2f test(@​angular/cli): ignore engines in version-specifier E2E test when using yarn
• 42ac0ed fix(@​angular/cli): remove forceAuth and unscoped credential parsing
• 2c25333 test(@​angular/cli): remove unscoped authentication test cases from registry t...
• 4488398 release: cut the v21.2.14 release
• Additional commits viewable in compare view

Updates @angular/cli from 12.2.18 to 22.0.3

Release notes

Sourced from @​angular/cli's releases.

22.0.3

@​schematics/angular

Commit	Description
	remove default workspace vscode mcp.json configuration

22.0.2

@​angular/cli

Commit	Description
	support registry metadata fetching under bun package manager
	implement semaphore backpressure throttling in PackageManager

@​angular/build

Commit	Description
	implement semaphore backpressure throttling in JavaScriptTransformer

@​angular/ssr

Commit	Description
	avoid caching non-SSG page lookups
	correct grammar in console warning for redirected location headers
	prioritize options over environment variables in AngularNodeAppEngine

22.0.1

@​schematics/angular

Commit	Description
	fix browserMode option mapping in refactor-jasmine-vitest
	safely comment out multiline statements in refactor-jasmine-vitest
	use null objects and callbacks in karma-to-vitest migration

@​angular/cli

Commit	Description
	do not sort migrations of the same version alphabetically
	fallback to local package.json for schematic detection on first run
	isolate temporary package installation from parent pnpm workspace
	remove forceAuth and unscoped credential parsing
	validate registry option is a valid URL in ng add
	optimize update schematic registry query counts by fetching package metadata lazily

@​angular/build

Commit	Description
	allow disabling Vitest isolation from builder
	exclude JSON imports from Vite dependency optimization
	prevent concurrent stylesheet bundling esbuild context leaks
	restrict application builder output paths to output directory

22.0.0

@​schematics/angular

| Commit | Description |

... (truncated)

Changelog

Sourced from @​angular/cli's changelog.

22.0.3 (2026-06-18)

@​schematics/angular

Commit	Type	Description
0eddea898	fix	remove default workspace vscode mcp.json configuration

21.2.16 (2026-06-17)

@​angular/cli

Commit	Type	Description
77c9047ac	fix	update pacote to 21.5.1

@​angular/ssr

Commit	Type	Description
d052e97da	fix	prioritize options over environment variables in AngularNodeAppEngine

20.3.29 (2026-06-17)

@​angular/cli

Commit	Type	Description
5f7c0328c	fix	update pacote to 21.5.1

@​angular/ssr

Commit	Type	Description
a75d78e68	fix	prioritize options over environment variables in AngularNodeAppEngine

22.0.2 (2026-06-17)

... (truncated)

Commits

• b30b9d3 release: cut the v22.0.3 release
• bc97bb3 build: update dependency vite to v7.3.5
• 0eddea8 fix(@​schematics/angular): remove default workspace vscode mcp.json configuration
• 08f9959 refactor(@​angular/cli): promote experimental MCP tools to stable
• aab6c10 release: cut the v22.0.2 release
• 376e4dc build: update cross-repo angular dependencies
• d996a27 fix(@​angular/ssr): avoid caching non-SSG page lookups
• 5714bfc build: update pnpm to v10.34.3
• f26011a build: lock file maintenance
• 2879ed9 build: update bazel dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.