Angular core version 10.0.13 is a minor release within the Angular 10 family, arriving shortly after version 10.0.12. Both versions share the same core dependencies, relying on tslib for TypeScript helper functions and having rxjs and zone.js as peer dependencies, indicating compatibility requirements for reactive programming and asynchronous task management. The fileCount and unpackedSize in the dist object are also identical, suggesting only small code changes, bug fixes, or performance improvements rather than substantial feature additions.
The most noticeable difference lies in the releaseDate. Version 10.0.13 was released on August 26, 2020, while version 10.0.12 was released on August 24, 2020. This short interval suggests that version 10.0.13 is likely a patch release addressing issues discovered in the preceding version. For developers, jumping from 10.0.12 to 10.0.13 is generally recommended, as it will likely include bug fixes and optimizations. Given the identical dependency specifications, the update should be straightforward and without breaking changes, assuming projects already adhere to peer dependency requirements of RxJS 6.5.3 and Zone.js 0.10.3. Developers should consult the Angular changelog or release notes for specific details on the changes included in version 10.0.13 to fully understand the update. Both versions of the Angular core package ensure a solid foundation for creating modern web applications, adhering to the MIT license.
All the vulnerabilities related to the version 10.0.13 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
