[Snyk] Fix for 2 vulnerabilities

[snyk-io]

Snyk has created this PR to fix 2 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• chargebee-js-angular/package.json
• chargebee-js-angular/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Cross-site Scripting (XSS) SNYK-JS-ANGULARCOMPILER-14908872	565
	Cross-site Scripting (XSS) SNYK-JS-ANGULARCORE-14908871	565

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[snyk-io]

This major version upgrade from Angular 18 to 19 introduces significant changes, making standalone components the default and stabilizing the Signals API. These changes require code and configuration updates.

Highlights:

• Standalone by Default: Components, directives, and pipes are now standalone by default. Projects using NgModules must explicitly set standalone: false in decorators. The ng update command assists with this migration.
• Signal APIs are Stable: Signal-based features like input(), model(), and queries are now stable. A migration tool is available to convert decorator-based @Input() to the new signal-based input().

Source: Angular documentation
Recommendation: Run the ng update @angular/cli@19 @angular/core@19 command, which will apply automatic migrations. Manually review changes, especially related to module declarations and component inputs, then merge for compatibility.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[snyk-io]

This major version upgrade to Angular 19 makes standalone components, directives, and pipes the default, which is a fundamental shift from the previous NgModule-based architecture. It also stabilizes the Signals API, introducing new reactive patterns.

Highlights:

• Standalone by Default: Components no longer need standalone: true. The ng update command will automatically refactor existing code, but projects relying on NgModules may require manual adjustments by setting standalone: false. [2, 3, 8]
• Stable Signal APIs: Signal-based input(), model(), and queries are now stable. The allowSignalWrites flag in effect() has been removed, which may require changes in how state is managed within effects. [4, 8, 9]

Source: Angular documentation
Recommendation: Run ng update @angular/core@19 @angular/cli@19 and carefully review the automated migrations. Developers should validate application behavior, especially around component architecture and reactive state management with Signals.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.