Bump tar and @angular/cli in /frontend

[dependabot]

Bumps tar to 7.5.11 and updates ancestor dependency @angular/cli. These dependencies need to be updated together.

Updates tar from 7.5.1 to 7.5.11

Commits

• bf776f6 7.5.11
• f48b5fa prevent escaping symlinks with drive-relative paths
• 97cff15 docs: more security info
• 2b72abc 7.5.10
• 7bc755d parse root off paths before sanitizing .. parts
• c8cb846 update deps
• 1f0c2c9 7.5.9
• fbb0851 build minified version as default export
• 6b8eba0 7.5.8
• 2cb1120 fix(unpack): improve UnpackSync symlink error "into" path accuracy
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for tar since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates @angular/cli from 20.3.13 to 20.3.19

Release notes

Sourced from @​angular/cli's releases.

20.3.19

@​angular-devkit/build-angular

Commit	Description
	update copy-webpack-plugin to v14.0.0

20.3.18

@​angular-devkit/core

Commit	Description
	update ajv to 8.18.0

@​angular/build

Commit	Description
	update rollup to 4.59.0

20.3.17

@​angular/ssr

Commit	Description
	prevent open redirect via X-Forwarded-Prefix header
	validate host headers to prevent header-based SSRF

20.3.16

@​angular/cli

Commit	Description
	update dependency @​modelcontextprotocol/sdk to v1.26.0

20.3.15

@​angular/cli

Commit	Description
	update pacote to v21.0.4

@​angular-devkit/build-angular

Commit	Description
	update webpack to version 5.104.1

20.3.14

@​angular/cli

Commit	Description
	update dependency @​modelcontextprotocol/sdk to v1.25.2

Changelog

Sourced from @​angular/cli's changelog.

20.3.19 (2026-03-04)

@​angular-devkit/build-angular

Commit	Type	Description
0299b4d1a	fix	update copy-webpack-plugin to v14.0.0

20.3.18 (2026-02-26)

@​angular-devkit/core

Commit	Type	Description
39596d529	fix	update ajv to 8.18.0

@​angular/build

Commit	Type	Description
f668e2778	fix	update rollup to 4.59.0

19.2.22 (2026-02-26)

@​angular-devkit/core

Commit	Type	Description
0a01aecd9	fix	update ajv to 8.18.0

@​angular/build

Commit	Type	Description
79f59412a	fix	update rollup to 4.59.0

21.2.0 (2026-02-25)

... (truncated)

Commits

• 93a6f36 release: cut the v20.3.19 release
• 0299b4d fix(@​angular-devkit/build-angular): update copy-webpack-plugin to v14.0.0
• 05b3511 release: cut the v20.3.18 release
• 39596d5 fix(@​angular-devkit/core): update ajv to 8.18.0
• f668e27 fix(@​angular/build): update rollup to 4.59.0
• c0d1626 release: cut the v20.3.17 release
• 8700e18 fix(@​angular/ssr): prevent open redirect via X-Forwarded-Prefix header
• 67582a9 fix(@​angular/ssr): validate host headers to prevent header-based SSRF
• 750f037 release: cut the v20.3.16 release
• 0f02aca build: update webpack to v5.105.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

The change involves updating a dependency version in the package.json of a frontend project. Specifically, the Angular CLI version has been incremented from 20.3.13 to 20.3.19. This update generally implies internal improvements, bug fixes, or minor feature additions that are backward-compatible.

Walkthrough

• Chore: Updated @angular/cli from 20.3.13 to 20.3.19. This version upgrade may include optimizations, bug fixes, and small feature enhancements that improve the developer experience and tooling reliability without introducing breaking changes. No functional change for end users is expected directly from this update.

_{Model: gpt-4o-2024-08-06 | Prompt Tokens: 319 | Completion Tokens: 137}

[github-actions]

Here's a collaborative code review enhanced with AI insights. These suggestions are thoughtful recommendations rather than absolute requirements, so please apply what feels most valuable for your project. You remain the expert and decision-maker—AI simply offers additional perspective to support your development process.

---

Always critique what AI says. Do not let AI replace YOUR I.
_{Model: claude-sonnet-4-20250514 | Prompt Tokens: 890 | Completion Tokens: 283}

[github-actions]

Consider updating all Angular-related dependencies to maintain consistency and avoid potential compatibility issues. The @angular-eslint/template-parser is on version ^20.1.1 while other Angular ESLint packages are on ^20.6.0. Similarly, @angular/compiler-cli is on ^20.3.15 while @angular/cli is being updated to ^20.3.19.

"@angular-eslint/template-parser": "^20.6.0",
"@angular/compiler-cli": "^20.3.19"

This ensures all Angular tooling works together harmoniously and reduces the risk of version conflicts.