Angular Core version 10.0.9 represents a subtle but important update over its predecessor, version 10.0.8. Both versions, fundamental to Angular applications, share the same core framework description, MIT license, and dependency on tslib version ^2.0.0. They also maintain peer dependencies on rxjs version ^6.5.3 and zone.js version ~0.10.3, ensuring compatibility within existing Angular ecosystems.
The key distinctions lie in the details surrounding the distribution and timing of the releases. Version 10.0.9, published on August 12, 2020, at 16:44:22 GMT, encompasses 419 files within its tarball and unpacks to a size of 17,667,174 bytes. Contrast this with version 10.0.8, released earlier on August 4, 2020, at 23:02:55 GMT, which contains 414 files and an unpacked size of 17,556,234 bytes.
For developers, this increment suggests bug fixes, performance improvements, or minor feature additions incorporated between the two releases. While the core APIs and functionalities likely remain consistent, upgrading to version 10.0.9 offers access to these enhancements, potentially boosting application stability and efficiency. Reviewing the official Angular changelog associated with version 10.0.9 is highly recommended for a comprehensive understanding of the changes introduced since 10.0.8. The updated file count and unpacked size are indirect indicators that source code was modified between the two versions; however, more information is needed from the changelog to determine what was changed.
All the vulnerabilities related to the version 10.0.9 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
