Angular core version 10.0.1 is a patch release succeeding version 10.0.0. Both versions share the same core dependencies, including tslib for TypeScript helper functions, and peer dependencies like rxjs for reactive programming and zone.js for change detection, all essential for Angular's functionality. The license remains MIT, assuring broad usability and the repository points to the Angular GitHub project, useful for developers needing to investigate the framework's source.
Key differences are subtle: the unpacked size increased slightly from 17,595,933 bytes in 10.0.0 to 17,606,283 bytes in 10.0.1, suggesting minor additions or fixes. More importantly, the release date of 10.0.1 is June 26, 2020, two days after 10.0.0 which was released on June 24, 2020. This temporal proximity strongly implies that version 10.0.1 contains bug fixes or very minor enhancements addressing issues discovered shortly after the initial 10.0.0 release.
For developers, upgrading from 10.0.0 to 10.0.1 is highly recommended. Patch releases often address critical bugs without introducing breaking changes, thus offering stability and improved reliability. While source code compatibility is most likely preserved, developers should always review the official Angular changelog for detailed specifics on the fixes or enhancements included in the patch. If you're starting a new Angular project, utilizing the latest stable version 10.0.1 will grant you the most up-to-date fixes and refinements.
All the vulnerabilities related to the version 10.0.1 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
