[Snyk] Upgrade @angular/compiler from 13.3.6 to 13.4.0

[sumansaurabh]

User description

Snyk has created this PR to upgrade @angular/compiler from 13.3.6 to 13.4.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.

• The recommended version was released 2 years ago.

Release notes

Package name: @angular/compiler

• 13.4.0 - 2023-04-06
• 13.3.12 - 2022-11-21
• 13.3.11 - 2022-05-31
• 13.3.10 - 2022-05-25
• 13.3.9 - 2022-05-18
• 13.3.8 - 2022-05-12
• 13.3.7 - 2022-05-11
• 13.3.6 - 2022-05-04

from @angular/compiler GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

---

Description

• Upgraded @angular/compiler to version 13.4.0 to enhance project security and compatibility.
• This upgrade includes updated integrity hashes and license information.
• Keeping dependencies up-to-date helps in identifying and fixing vulnerabilities quickly.

---

Changes walkthrough 📝

Relevant files

Dependencies

package-lock.json Upgrade @angular/compiler to version 13.4.0                            frameworks/hello-world-angular/webview-ui/package-lock.json Upgraded @angular/compiler from version 13.3.6 to 13.4.0. Updated resolved URL and integrity hash for the new version. Added license information for the new version. +9/-7      package.json Update @angular/compiler dependency version                            frameworks/hello-world-angular/webview-ui/package.json Updated @angular/compiler dependency version from ~13.3.0 to ~13.4.0. +1/-1

---

💡 Penify usage:
Comment /help on the PR to get a list of all available Penify tools and their descriptions

[penify-dev]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	2, because the changes are straightforward and involve upgrading a dependency with minimal impact on the existing codebase.
🧪 Relevant tests	No
⚡ Possible issues	No
🔒 Security concerns	No

[penify-dev]

PR Code Suggestions ✨

Category	Suggestion	Score
Security	Confirm the integrity hash for the updated dependency version Verify the integrity hash for @angular/compiler to ensure it matches the expected value for version 13.4.0. frameworks/hello-world-angular/webview-ui/package-lock.json [406] -"integrity": "sha512-tPWoq2RC/VIrJtynEnMRWQZemBIC/ypuVfuUf3p8IIXCZHjuGnibdlZTtFYkexc4/sR1ug9xk1cJWvbOPwilng==", +"integrity": "sha512-<expected_hash_for_13.4.0>", Suggestion importance[1-10]: 8 Why: This suggestion is valid as it addresses the importance of verifying the integrity hash for security purposes, ensuring that the correct hash is used for the updated version.	8
Maintainability	Clean up unnecessary fields in the lock file for clarity Consider removing any redundant fields in the package-lock.json that may not be necessary for the updated version of @angular/compiler. frameworks/hello-world-angular/webview-ui/package-lock.json [407] -"license": "MIT", +// Consider removing if not needed Suggestion importance[1-10]: 3 Why: While cleaning up unnecessary fields can improve clarity, this suggestion does not address a critical issue and is more of a minor improvement.	3