Bump postcss and @angular-devkit/build-angular in /CloudPatterns/ClientApp

[dependabot]

Bumps postcss to 8.5.12 and updates ancestor dependency @angular-devkit/build-angular. These dependencies need to be updated together.

Updates postcss from 8.5.6 to 8.5.12

Release notes

Sourced from postcss's releases.

8.5.12

• Fixed reading any file via user-generated CSS.
• Added opts.unsafeMap to disable checks.

8.5.11

• Fixed nested brackets parsing performance (by @​offset).

8.5.10

• Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

• Speed up source map encoding paring in case of the error.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

Changelog

Sourced from postcss's changelog.

8.5.12

• Fixed reading any file via user-generated CSS.
• Added opts.unsafeMap to disable checks.

8.5.11

• Fixed nested brackets parsing performance (by @​offset).

8.5.10

• Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

• Speed up source map encoding paring in case of the error.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

Commits

• 9bc81c4 Release 8.5.12 version
• 85c4d7d Another try to fix coverage
• 94484ca Try to fix coverage
• c64b748 Load only .map source maps
• aaec7b7 Avoid throwing JSON parsing errors for non-JSON source maps
• 233fb26 Mention original author of the solution
• 2502f75 Release 8.5.11 version
• 5ca1901 Speed up parsing many nested brackets
• 42b5337 Update dependencies
• 7e36e15 Cache node.raws locally in Stringifier hot methods
• Additional commits viewable in compare view

Updates @angular-devkit/build-angular from 20.3.18 to 20.3.25

Release notes

Sourced from @​angular-devkit/build-angular's releases.

20.3.25

@​angular-devkit/build-angular

Commit	Description
	upgrade postcss to 8.5.12

@​angular/ssr

Commit	Description
	introduce trustProxyHeaders option to safely validate and sanitize proxy headers

20.3.24

@​angular/build

Commit	Description
	update esbuild to 0.28.0

20.3.23

@​angular/build

Commit	Description
	update vite to 7.3.2

20.3.22

@​angular-devkit/build-angular

Commit	Description
	update picomatch to 4.0.4

@​angular-devkit/core

Commit	Description
	update picomatch to 4.0.4

@​angular/build

Commit	Description
	update picomatch to 4.0.4

20.3.21

@​angular/ssr

Commit	Description
	disallow x-forwarded-prefix starting with a backslash
	ensure unique values in redirect response Vary header
	support custom headers in redirect responses

20.3.20

@​angular/build

Commit	Description
	pass process environment variables to prerender workers

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

20.3.25 (2026-04-29)

@​angular-devkit/build-angular

Commit	Type	Description
5e01ef40e	fix	upgrade postcss to 8.5.12

@​angular/ssr

Commit	Type	Description
6686848d9	fix	introduce trustProxyHeaders option to safely validate and sanitize proxy headers

22.0.0-next.6 (2026-04-22)

@​angular/cli

Commit	Type	Description
cc30034da	fix	dynamically resolve project Angular CLI executable inside MCP tools
ead60d3d5	fix	ignore EBADF file system errors during MCP project scan
0d984cf1c	fix	use headless option in MCP test tool

@​schematics/angular

Commit	Type	Description
de630c2fc	feat	stabilize refactor-jasmine-vitest schematic

@​angular-devkit/build-angular

Commit	Type	Description
30d8332ed	fix	ensure route has leading slash in prerender builder
cf5b49ed7	fix	fix app-shell route format and

@​angular/build

Commit	Type	Description
0781f7498	feat	add quiet option to suppress build noise in unit tests
cd2ad3c19	feat	enable chunk optimization by default with heuristics
b85ec6798	fix	allow configuring Access-Control-Allow-Origin via headers option
59803b12b	fix	use rootDir for HMR component updates path resolution
74e7dbe56	fix	validate V8 coverage support for browsers in Vitest

... (truncated)

Commits

• 985e580 release: cut the v20.3.25 release
• 5e01ef4 fix(@​angular-devkit/build-angular): upgrade postcss to 8.5.12
• 24e2502 refactor: ensure prerender routes start with a forward slash and update packa...
• 6686848 fix(@​angular/ssr): introduce trustProxyHeaders option to safely validate and...
• 5411257 release: cut the v20.3.24 release
• 10c09c7 fix(@​angular/build): update esbuild to 0.28.0
• afe50b7 release: cut the v20.3.23 release
• ccab02b fix(@​angular/build): update vite to 7.3.2
• e18c125 release: cut the v20.3.22 release
• 6e9b926 fix(@​angular-devkit/core): update picomatch to 4.0.4
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.