fix(core): size regression with closure compiler (#25531)

By pulling in `compiler` into `core` the `compiler` was not
100% tree-shakable and about  8KB of code was retained
when tree-shaken with closure.

PR Close #25531

packages/compiler/src/schema/dom_element_schema_registry.ts

@@ -342,11 +342,11 @@ export class DomElementSchemaRegistry extends ElementSchemaRegistry {
     // property names do not have a security impact.
     tagName = tagName.toLowerCase();
     propName = propName.toLowerCase();
-    let ctx = SECURITY_SCHEMA[tagName + '|' + propName];
+    let ctx = SECURITY_SCHEMA()[tagName + '|' + propName];
     if (ctx) {
       return ctx;
     }
-    ctx = SECURITY_SCHEMA['*|' + propName];
+    ctx = SECURITY_SCHEMA()['*|' + propName];
     return ctx ? ctx : SecurityContext.NONE;
   }
 

packages/compiler/src/schema/dom_security_schema.ts

@@ -20,39 +20,45 @@ import {SecurityContext} from '../core';
 // =================================================================================================
 
 /** Map from tagName|propertyName SecurityContext. Properties applying to all tags use '*'. */
-export const SECURITY_SCHEMA: {[k: string]: SecurityContext} = {};
+let _SECURITY_SCHEMA !: {[k: string]: SecurityContext};
 
-function registerContext(ctx: SecurityContext, specs: string[]) {
-  for (const spec of specs) SECURITY_SCHEMA[spec.toLowerCase()] = ctx;
+export function SECURITY_SCHEMA(): {[k: string]: SecurityContext} {
+  if (!_SECURITY_SCHEMA) {
+    _SECURITY_SCHEMA = {};
+    // Case is insignificant below, all element and attribute names are lower-cased for lookup.
+
+    registerContext(SecurityContext.HTML, [
+      'iframe|srcdoc',
+      '*|innerHTML',
+      '*|outerHTML',
+    ]);
+    registerContext(SecurityContext.STYLE, ['*|style']);
+    // NB: no SCRIPT contexts here, they are never allowed due to the parser stripping them.
+    registerContext(SecurityContext.URL, [
+      '*|formAction', 'area|href',       'area|ping',       'audio|src',    'a|href',
+      'a|ping',       'blockquote|cite', 'body|background', 'del|cite',     'form|action',
+      'img|src',      'img|srcset',      'input|src',       'ins|cite',     'q|cite',
+      'source|src',   'source|srcset',   'track|src',       'video|poster', 'video|src',
+    ]);
+    registerContext(SecurityContext.RESOURCE_URL, [
+      'applet|code',
+      'applet|codebase',
+      'base|href',
+      'embed|src',
+      'frame|src',
+      'head|profile',
+      'html|manifest',
+      'iframe|src',
+      'link|href',
+      'media|src',
+      'object|codebase',
+      'object|data',
+      'script|src',
+    ]);
+  }
+  return _SECURITY_SCHEMA;
 }
 
-// Case is insignificant below, all element and attribute names are lower-cased for lookup.
-
-registerContext(SecurityContext.HTML, [
-  'iframe|srcdoc',
-  '*|innerHTML',
-  '*|outerHTML',
-]);
-registerContext(SecurityContext.STYLE, ['*|style']);
-// NB: no SCRIPT contexts here, they are never allowed due to the parser stripping them.
-registerContext(SecurityContext.URL, [
-  '*|formAction', 'area|href',       'area|ping',       'audio|src',    'a|href',
-  'a|ping',       'blockquote|cite', 'body|background', 'del|cite',     'form|action',
-  'img|src',      'img|srcset',      'input|src',       'ins|cite',     'q|cite',
-  'source|src',   'source|srcset',   'track|src',       'video|poster', 'video|src',
-]);
-registerContext(SecurityContext.RESOURCE_URL, [
-  'applet|code',
-  'applet|codebase',
-  'base|href',
-  'embed|src',
-  'frame|src',
-  'head|profile',
-  'html|manifest',
-  'iframe|src',
-  'link|href',
-  'media|src',
-  'object|codebase',
-  'object|data',
-  'script|src',
-]);
+function registerContext(ctx: SecurityContext, specs: string[]) {
+  for (const spec of specs) _SECURITY_SCHEMA[spec.toLowerCase()] = ctx;
+}