Angular core version 10.0.3 is a minor release following version 10.0.2, both iterations focusing on the core framework functionalities. For developers employing Angular in their projects, understanding the nuances between these versions is key to maintaining application stability and accessing potential feature enhancements or bug fixes.
While the core dependencies on tslib, rxjs, and zone.js remain consistent, ensuring compatibility with existing projects, several subtle improvements differentiate the two. The most noticeable difference is the slightly larger unpacked size of version 10.0.3, suggesting that it includes minor refactorings, performance improvements, or bug fixes. The fileCount remaining constant indicates those changes were inside current files.
The release dates highlight the recency of version 10.0.3, indicating that it incorporates the latest adjustments and is most likely to bring the most stable and secure option. Developers should consult the official Angular changelog for detailed specifics on included changes. Staying up-to-date with minor version upgrades like this ensures developers benefit from the ongoing development efforts and keeps their Angular applications aligned with the latest best practices without introducing major breaking changes. This incremental approach to updates allows for a smoother adoption process and fosters a more confident development experience. Be aware that newer versions may contain security fixes and performance enhancements that will benefit your application.
All the vulnerabilities related to the version 10.0.3 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
