Commit Graph

12 Commits

Author SHA1 Message Date
Tobias Bosch 3f55aa609f feat(browser): use AppModules for bootstrap in the browser
This introduces the `BrowserModule` to be used for long form
bootstrap and offline compile bootstrap:

```
@AppModule({
  modules: [BrowserModule],
  precompile: [MainComponent],
  providers: […], // additional providers
  directives: […], // additional platform directives
  pipes: […] // additional platform pipes
})
class MyModule {
  constructor(appRef: ApplicationRef) {
    appRef.bootstrap(MainComponent);
  }
}

// offline compile
import {bootstrapModuleFactory} from ‘@angular/platform-browser’;
bootstrapModuleFactory(MyModuleNgFactory);

// runtime compile long form
import {bootstrapModule} from ‘@angular/platform-browser-dynamic’;
bootstrapModule(MyModule);
```

The short form, `bootstrap(...)`, can now creates a module on the fly,
given `directives`, `pipes, `providers`, `precompile` and `modules`
properties.

Related changes:
- make `SanitizationService`, `SecurityContext` public in `@angular/core` so that the offline compiler can resolve the token
- move `AnimationDriver` to `platform-browser` and make it
  public so that the offline compiler can resolve the token

BREAKING CHANGES:
- short form bootstrap does no longer allow
  to inject compiler internals (i.e. everything 
  from `@angular/compiler). Inject `Compiler` instead.
  To provide custom providers for the compiler,
  create a custom compiler via `browserCompiler({providers: [...]})`
  and pass that into the `bootstrap` method.
2016-07-02 20:35:09 -07:00
Igor Minar 24eb8389d2 fix: public api surface fixes + stability markers
- ts-api-guardian will now error if a new public symbol is added with a stability marker (`@stable`, `@experimental`, `@deprecated`)
- DomEventsPlugin and KeyEventsPlugin were removed from public api surface - these classes is an implementation detail
- deprecated BROWSER_PROVIDERS was removed completely
- `@angular/compiler` was removed from the ts-api-guardian check since this package shouldn't contain anything that users need to directly import
- the rest of the api surface was conservatively marked as stable or experimental

BREAKING CHANGES: DomEventsPlugin and KeyEventsPlugin previously exported from core are no longer public - these classes are implementation detail.

Previously deprecated BROWSER_PROVIDERS was completely removed from platform-browser.

Closes #9236
Closes #9235
Ref #9234
2016-06-28 07:39:40 -07:00
ScottSWu ae75e3640a chore(lint): Added license headers to most TypeScript files
Relates to #9380
2016-06-23 09:47:54 -07:00
Matias Niemelä 55860e1621 fix(animations): ensure AUTO styles are cleared at the end of the state-change animation
Closes #9014
Closes #9015
2016-06-11 00:08:41 -07:00
Alex Eagle f39c9c9e75 style(lint): re-format modules/@angular 2016-06-09 17:00:15 -07:00
Matias Niemelä fa0718ba9a feat(animations): provide support for offline compilation 2016-06-03 14:36:11 -07:00
Vikram Subramanian f4f6b8721a fix(core): Keep core exports seperate from core/testing exports. 2016-05-31 20:09:43 -07:00
Miško Hevery 39ecd01b86 chore: audit @angular/core API classification (#8808) 2016-05-25 15:00:05 -07:00
Matias Niemelä 5e0f8cf3f0 feat(core): introduce support for animations
Closes #8734
2016-05-25 13:56:50 -07:00
Martin Probst 908a102a87 feat: security implementation in Angular 2.
Summary:
This adds basic security hooks to Angular 2.

* `SecurityContext` is a private API between core, compiler, and
  platform-browser. `SecurityContext` communicates what context a value is used
  in across template parser, compiler, and sanitization at runtime.
* `SanitizationService` is the bare bones interface to sanitize values for a
  particular context.
* `SchemaElementRegistry.securityContext(tagName, attributeOrPropertyName)`
  determines the security context for an attribute or property (it turns out
  attributes and properties match for the purposes of sanitization).

Based on these hooks:

* `DomSchemaElementRegistry` decides what sanitization applies in a particular
  context.
* `DomSanitizationService` implements `SanitizationService` and adds *Safe
  Value*s, i.e. the ability to mark a value as safe and not requiring further
  sanitization.
* `url_sanitizer` and `style_sanitizer` sanitize URLs and Styles, respectively
  (surprise!).

`DomSanitizationService` is the default implementation bound for browser
applications, in the three contexts (browser rendering, web worker rendering,
server side rendering).

BREAKING CHANGES:
*** SECURITY WARNING ***
Angular 2 Release Candidates do not implement proper contextual escaping yet.
Make sure to correctly escape all values that go into the DOM.
*** SECURITY WARNING ***

Reviewers: IgorMinar

Differential Revision: https://reviews.angular.io/D103
2016-05-03 09:21:43 -07:00
Misko Hevery 3e17c99f4e chore: clang-reformat 2016-05-01 22:59:41 -07:00
Igor Minar a66cdb469f repackaging: all the repackaging changes squashed 2016-05-01 20:51:00 -07:00