fix: add zone.js as devDependency to fix unit test failures

[devin-ai-integration]

Summary

All 6 unit test files were failing because they import "zone.js" and import "zone.js/testing", but zone.js was not listed as a project dependency. This PR adds zone.js ^0.16.1 as a devDependency, resolving all test failures.

Before: 6/6 test files failed with Failed to resolve import "zone.js"
After: 180/180 tests pass across all 6 test files

Review & Testing Checklist for Human

• Run bun run test and verify all 180 unit tests pass
• Verify no runtime regressions by running bun run start and checking the app loads

Notes

The @angular/core 21.2.4 update (merged in PR realworld-apps#347) likely surfaced this issue — the lock file already referenced zone.js@0.16.0 but it was never explicitly declared as a devDependency, so it wasn't reliably resolved during test runs.

Link to Devin session: https://app.devin.ai/sessions/199a412ebf82434fa1988dbca4c0a1a2
Requested by: @WesternConcrete

---

Devin Review

Status	Commit
⚪ Not started	—

💡 Connect your GitHub account to enable automatic code reviews.

---

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[devin-ai-integration]

Devin Review found 1 potential issue.

View 2 additional findings in Devin Review.

[devin-ai-integration]

🔴 @angular/core upgraded to 21.2.4 while all other @angular/ packages remain at 21.1.1, violating exact peer dependencies*

@angular/core was bumped to 21.2.4 but all sibling Angular packages (@angular/common, @angular/animations, @angular/forms, @angular/platform-browser, @angular/platform-browser-dynamic, @angular/router, @angular/compiler, @angular/compiler-cli) remain at 21.1.1. Angular packages use exact peer dependency constraints — e.g. @angular/common@21.1.1 declares "@angular/core": "21.1.1", @angular/forms@21.1.1 declares "@angular/core": "21.1.1", etc. Additionally, @angular/core@21.2.4 itself declares "@angular/compiler": "21.2.4" as a peer dependency, but only @angular/compiler@21.1.1 is installed. Angular's internal APIs are tightly coupled across packages within a release; mixing major.minor versions can cause subtle runtime errors, broken change detection, or incompatible internal data structures. All @angular/* packages should be updated together to the same version.

Affected peer dependency mismatches from bun.lock

• @angular/common@21.1.1 → peerDep @angular/core: "21.1.1" (installed: 21.2.4)
• @angular/animations@21.1.1 → peerDep @angular/core: "21.1.1" (installed: 21.2.4)
• @angular/forms@21.1.1 → peerDep @angular/core: "21.1.1" (installed: 21.2.4)
• @angular/platform-browser@21.1.1 → peerDep @angular/core: "21.1.1" (installed: 21.2.4)
• @angular/platform-browser-dynamic@21.1.1 → peerDep @angular/core: "21.1.1" (installed: 21.2.4)
• @angular/router@21.1.1 → peerDep @angular/core: "21.1.1" (installed: 21.2.4)
• @angular/core@21.2.4 → peerDep @angular/compiler: "21.2.4" (installed: 21.1.1)

(Refers to line 32)

Prompt for agents

The @angular/core package was updated to 21.2.4 (likely by Dependabot) without updating the rest of the Angular packages. Angular requires all @angular/* packages to be at the same version. Either revert @angular/core back to 21.1.1, or update ALL Angular packages to 21.2.4 together. The affected packages in package.json are: @angular/animations, @angular/common, @angular/compiler (in dependencies), and @angular/build, @angular/cli, @angular/compiler-cli (in devDependencies). All should match the same version. Check if 21.2.4 exists for all these packages; if not, use the latest version that all packages share.

---

Was this helpful? React with 👍 or 👎 to provide feedback.

[devin-ai-integration]

The @angular/core 21.2.4 upgrade is pre-existing from PR realworld-apps#347 (merged via Dependabot). It's already on main in package.json — this PR only adds zone.js as a devDependency. The lock file diff reflects the existing state resolving.

The peer dependency mismatch is a valid concern but out of scope for this PR. Aligning all @angular/* packages to 21.2.x would be a separate task.