build(deps): Bump the production group in /frontend with 4 updates

[dependabot]

Bumps the production group in /frontend with 4 updates: @ng-bootstrap/ng-bootstrap, bootstrap, keycloak-angular and ngx-drag-drop.

Updates @ng-bootstrap/ng-bootstrap from 18.0.0 to 19.0.1

Release notes

Sourced from @​ng-bootstrap/ng-bootstrap's releases.

19.0.1

19.0.1 (2025-07-01)

Bug Fixes

• toast: missing export of NgbToastOptions interface (6b26ef3)
• positioning: missing export of PlacementArray type (#4847) (a4e94a3)
• datepicker: missing export of DayTemplateContext interface (1b90da5)

19.0.0

19.0.0 (2025-06-19)

This release bumps minimum required versions to Angular 20.0.0

Bug Fixes

• carousel: remove invalid aria-activedescendant (6ecb129)
• datepicker: add missing attributes aria-disabled and aria-selected (fab39cb)
• modal: fix usage of modal in zoneless, by calling mark for check after update of modal options (afe98ee)
• pagination: put aria-current on link element instead of li for a11y (39dc037)
• timepicker: wrong auto-setting of hour value (4137c60)
• tooltip: opening just after a close does not keep the tooltip open (bfee86d)
• tooltip: tooltip created after view destroyed (d9c96aa)
• typeahead: add aria-controls for accessibility (#4816)
• typeahead: set the value of typeahead's control to null instead of undefined when using the non-editable mode (daaa56d)

Features

• tooltip,popover: allow to keep tooltip/popover open when hovered if closeDelay is a positive number (8117bfa)

19.0.0-rc.0

This release candidate version bumps minimum required versions to Angular 20.0.0

Bug Fixes

• carousel: remove invalid aria-activedescendant (6ecb129)
• datepicker: add missing attributes aria-disabled and aria-selected (fab39cb)
• modal: fix usage of modal in zoneless, by calling mark for check after update of modal options (afe98ee)
• pagination: put aria-current on link element instead of li for a11y (39dc037)
• timepicker: wrong auto-setting of hour value (4137c60)
• tooltip: opening just after a close does not keep the tooltip open (bfee86d)
• typeahead: add aria-controls for accessibility (#4816)
• typeahead: set the value of typeahead's control to null instead of undefined when using the non-editable mode (daaa56d)

Features

• tooltip,popover: allow to keep tooltip/popover open when hovered if closeDelay is a positive number (8117bfa)

Changelog

Sourced from @​ng-bootstrap/ng-bootstrap's changelog.

19.0.1 (2025-07-01)

Bug Fixes

• toast: missing export of NgbToastOptions interface (6b26ef3)
• positioning: missing export of PlacementArray type (#4847) (a4e94a3)
• datepicker: missing export of DayTemplateContext interface (1b90da5)

19.0.0 (2025-06-19)

This release bumps minimum required versions to Angular 20.0.0

Bug Fixes

• carousel: remove invalid aria-activedescendant (6ecb129)
• datepicker: add missing attributes aria-disabled and aria-selected (fab39cb)
• modal: fix usage of modal in zoneless, by calling mark for check after update of modal options (afe98ee)
• pagination: put aria-current on link element instead of li for a11y (39dc037)
• timepicker: wrong auto-setting of hour value (4137c60)
• tooltip: opening just after a close does not keep the tooltip open (bfee86d)
• tooltip: tooltip created after view destroyed (d9c96aa)
• typeahead: add aria-controls for accessibility (#4816)
• typeahead: set the value of typeahead's control to null instead of undefined when using the non-editable mode (daaa56d)

Features

• tooltip,popover: allow to keep tooltip/popover open when hovered if closeDelay is a positive number (8117bfa)

Commits

• b117049 19.0.1
• a4e94a3 fix(types): export PlacementArray in main index (#4847)
• db98bf0 demo: add clipboard button functionality and relevant styling (#4845)
• 1b90da5 feat(datepicker): export DayTemplateContext
• 6b26ef3 fix(toast): missing export of NgbToastOptions interface
• 2704265 docs: release 19.0.0
• 3dec2a2 docs: add release 18 in demo
• 622ba01 docs: update README adding 19.0.0 info
• d9c96aa fix(tooltip): tooltip created after view destroyed
• a6635ce demo: bump bootstrap to 5.3.6
• Additional commits viewable in compare view

Updates bootstrap from 5.3.6 to 5.3.7

Release notes

Sourced from bootstrap's releases.

v5.3.7

📚 Documentation

• Fixed broken "View on GitHub" URLs
• Corrected HTML <head> content generated by the "Download examples" button
• Refined sanitizer documentation for clarity and completeness
• Improved accessibility in the "On this page" table of contents and section heading anchor links
• Relocated ads to the right sidebar to minimize content reflow
• Added a new section on the Download page for the Intelissence extension
• Clarified the "Via JavaScript" usage example for Accordion Collapse
• Made internal documentation improvements to support future maintenance (no visible user impact)
• Mention CDN integrity and crossorigin attributes in introduction page
• Enhance floating labels placeholder usage description
• Add example of showing dynamic range value with output

🎨 Sass

• Consolidated multiple 'none' values in the box-shadow Sass mixin for cleaner output

🤖 JavaScript

• Fixed popover and tooltip behavior with a trigger: "hover click" configuration

🤝 Contributions

• Added recommended VSCode extensions and settings configuration to the repository

Commits

• e0032ae Release v5.3.7 (#41509)
• 0f63de9 Build(deps-dev): Bump zod from 3.25.56 to 3.25.57
• 37f33ff Build(deps-dev): Bump the development-dependencies group with 2 updates (#41531)
• 03f27a2 Docs: add example of showing dynamic range value with output (#41516)
• f04b980 Docs: enhance floating labels placeholder usage description (#41526)
• 1c00b1f Build(deps-dev): Bump the development-dependencies group with 3 updates (#41528)
• 590226f Build(deps-dev): Bump the development-dependencies group with 2 updates
• 0a9fa30 Build(deps-dev): Bump the development-dependencies group with 4 updates (#41525)
• 0b6c09a Build(deps-dev): Bump zod from 3.25.48 to 3.25.49 (#41513)
• e6fdd27 Mentions CDN integrity and crossorigin attributes in Intro docs page (#41515)
• Additional commits viewable in compare view

Updates keycloak-angular from 19.0.2 to 20.0.0

Release notes

Sourced from keycloak-angular's releases.

v20.0.0

✨ Key Highlights

• Support for Angular v20: Added support for the latest Angular release, v20. [build(deps-dev): Bump the development group in /frontend with 4 updates #644, #649]
• Documentation: Fixed incorrect references, added instructions for loading an external configuration file, and improved the AutoRefreshToken documentation. [build(deps): Bump @eslint/plugin-kit from 0.3.3 to 0.3.4 in /services in the npm_and_yarn group #614, #629, #638, #639]
• Examples: Added a new example demonstrating how to load an external configuration file in fetch_config.
• Interceptor: Applied a security fix to properly evaluate asynchronous conditions in the custom bearer token interceptor. #619

🙌 Special Thanks

This release was made possible with support from the following contributors. Thank you all for your great work and for helping improve the quality of this library!

• @​ArnaudFlaesch
• @​rammba
• @​lucagobbi
• @​bartvanb
• @​Tlepel

Commits

• 04bb568 Feature: Support for Angular v20 and Improvements (#651)
• b6ba1f7 fix: fix lint issue in custom-bearer-token.interceptor
• cd1fba2 fix: evaluate async conditions in the custom bearer token interceptor (#619)
• 1355170 bugfix: fix typos in auto-refresh-token.service.ts & keycloak.feature.ts (#614)
• See full diff in compare view

Updates ngx-drag-drop from 19.0.0 to 20.0.1

Release notes

Sourced from ngx-drag-drop's releases.

v20

What's Changed

• Migrate to angular 20 by @​nartblood in reppners/ngx-drag-drop#189

New Contributors

• @​nartblood made their first contribution in reppners/ngx-drag-drop#189

Full Changelog: reppners/ngx-drag-drop@v18.0.2...v20

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml