Angular core version 11.0.2 represents a minor update to the Angular framework, building upon the foundation laid by version 11.0.1. Both versions, architected around TypeScript, share core dependencies like tslib for helper functions and peer dependencies on rxjs for reactive programming and zone.js for change detection. Developers familiar with Angular will find the core functionalities and APIs remain consistent across these iterations, ensuring a relatively smooth transition.
The key differences lie in under-the-hood improvements and bug fixes that enhance stability and performance. Evidenced by the slight increase in fileCount (from 472 to 477) and unpackedSize (from 18293606 to 18304810), version 11.0.2 incorporates subtle adjustments. While a detailed changelog would provide specifics, this variance usually signals refinements to existing features rather than groundbreaking additions.
For developers depending on Angular core, upgrading to 11.0.2 is a recommended practice. It inherits the features and benefits of 11.0.1 while incorporating necessary fixes. Given the shared peer dependencies on rxjs and zone.js, compatibility within existing projects relying on these versions is expected. Always ensure to test thoroughly after upgrading, even with minor releases, to confirm seamless functionality within unique project configurations. The release date difference, roughly one day, indicates that 11.0.2 was likely released to solve a problem happening in the previous build.
All the vulnerabilities related to the version 11.0.2 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
