build: update cross-repo angular dependencies (21.2.x)

[angular-robot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@angular/animations (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/cdk	21.2.4 → 21.2.5					devDependencies	patch
@angular/common (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/compiler (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/compiler-cli (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/core (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/forms (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/localize	21.2.6 → 21.2.7					devDependencies	patch
@angular/material	21.2.4 → 21.2.5					devDependencies	patch
@angular/ng-dev	cdbe118 → 75f8102					devDependencies	digest
@angular/platform-browser (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/platform-server (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/router (source)	21.2.6 → 21.2.7					devDependencies	patch
@angular/service-worker (source)	21.2.6 → 21.2.7					devDependencies	patch
angular/dev-infra	616a50d → a3baba2					action	digest
devinfra	616a50d → a3baba2					git_override	digest

🔡 If you wish to disable git hash updates, add ":disableDigestUpdates" to the extends array in your config.

---

• If you want to rebase/retry this PR, check this box

---

Release Notes

angular/angular (@​angular/animations)

v21.2.7

Compare Source

compiler

Commit	Type	Description
fea25d1a60	fix	register SVG animation attributes in URL security context (#​67797)

compiler-cli

Commit	Type	Description
bba5ed8e64	fix	prevent recursive scope checks for invalid NgModule imports

core

Commit	Type	Description
d04ddd73df	fix	prevent binding unsafe attributes on SVG animation elements (#​67797)
8fd896e99a	fix	resolve component import by exact specifier in route lazy-loading schematic
b682c62873	fix	treat object[data] as resource URL context (#​67797)

localize

Commit	Type	Description
3c41e74fdd	fix	validate locale in getOutputPathFn to prevent path traversal

router

Commit	Type	Description
0960592d3d	fix	pass outlet context to split to fix empty path named outlets

angular/components (@​angular/cdk)

v21.2.5

Compare Source

cdk

Commit	Type	Description
42e10553c	fix	stepper: linear updates not reflected in the DOM (#​33007)

material

Commit	Type	Description
895908a12	fix	sidenav: not resetting margin if transition does not start (#​33001)
475a8aabb	fix	slider: not picking up static direction (#​33006)
8a5ed09e5	fix	tooltip: allow hover detection logic to be customized (#​33018)

[gemini-code-assist]

Code Review

This pull request updates Angular dependencies from version 21.2.6 to 21.2.7 across the workspace, including the root package.json and specific package manifests for SSR and Webpack tools. It also updates the devinfra git override in MODULE.bazel and synchronizes the pnpm-lock.yaml file to reflect these version bumps. I have no feedback to provide.