34087 task security upgrade angular to v20.31.5

[nicobytes]

Proposed Changes

This pull request introduces several improvements and refactors across multiple Angular applications in the monorepo, focusing on standardizing configuration, improving error handling patterns, and minor dependency/configuration cleanups. The most notable changes are grouped as follows:

1. Standardization of RxJS Error Handling:

• Refactored all usages of the tapResponse operator to use the object-based signature ({ next, error }) instead of positional arguments, improving code readability and aligning with best practices. This was done in files such as dotcdn.component.store.ts, dot-pages.store.ts, and dot-template.store.ts. [1] [2] [3] [4] [5] [6] [7] [8] [9]

2. Project Configuration Updates:

• Added or updated "tags" fields (often to empty arrays or with specific tags like ["skip:test", "skip:lint"]) in multiple project.json files for better project categorization and tooling compatibility. [1] [2] [3] [4]
• Added "continuous": true to several serve targets, likely to enable continuous build/watch mode for development servers. [1] [2] [3] [4]
• Set "tsConfig" options for test targets to explicitly point to the correct TypeScript configuration files, improving test setup reliability. [1] [2] [3]

3. TypeScript Compiler Configuration Improvements:

• Added "moduleResolution": "bundler" to various tsconfig.app.json and tsconfig.spec.json files, aligning module resolution with modern build tools and improving compatibility. [1] [2] [3] [4]

4. Dependency and Import Cleanups:

• Removed unused imports (e.g., DynamicDialogRef in dot-template-create-edit.component.ts) and simplified type usage for dialog references. [1] [2]

5. Minor Project Metadata Adjustments:

• Updated or added implicitDependencies fields and cleaned up redundant or misplaced tags arrays in project configuration files. [1] [2] [3]

These changes collectively improve code maintainability, developer experience, and build/test reliability across the workspace.

Checklist

• Tests
• Translations
• Security Implications Contemplated (add notes if applicable)

This PR fixes: #34087

This PR fixes: #34087

[Copilot]

Pull request overview

This pull request upgrades the Angular monorepo to Angular 20.3.15, Nx 21.6.9, and Storybook 9.x, while standardizing RxJS error handling patterns and Nx project configurations across the workspace.

Key Changes:

• Angular framework packages upgraded from 20.3.9 to 20.3.15
• Nx workspace tooling upgraded from 20.5.1 to 21.6.9
• Storybook upgraded to 9.x with partial migration to version 9.1.9
• Standardized all tapResponse operators to use object-based signature ({next, error, complete}) instead of positional arguments across ~50 files
• Added moduleResolution: "bundler" to TypeScript configurations for modern build tool compatibility
• Standardized project.json files with consistent tags placement, tsConfig references, and continuous: true flags for serve targets

Reviewed changes

Copilot reviewed 67 out of 70 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
package.json	Core dependency upgrades including Angular 20.3.15, Nx 21.6.9, Storybook 9.x, TypeScript 5.9.3, and Vite 7.2.7
nx.json	Added generator defaults for Angular schematics, removed deprecated useLegacyCache configuration
migrations.json	Replaced Angular 20.0 migration entries with tapResponse migration script
storybook-migration-summary.md	Documentation of Storybook 9 migration process and failed automation steps
Multiple project.json files	Standardized tags positioning, added explicit tsConfig paths for test targets, added continuous flag to serve targets
Multiple tsconfig files	Added moduleResolution: "bundler" to align with modern build tooling requirements
Multiple store files	Refactored all tapResponse calls from positional to object-based signature for better readability
Component files	Minor cleanups including unused import removal and type refinements

[semgrep-code-dotcms-test]

Legal Risk

The following dependencies were released under a license that
has been flagged by your organization for consideration.

Recommendation

While merging is not directly blocked, it's best to pause and consider what it means to use this license before continuing. If you are unsure, reach out to your security team or Semgrep admin to address this issue.

GPL-2.0

• node-forge 1.3.3

MPL-2.0

• dompurify 3.3.1