Angular core version 11.0.3 represents a minor update to the foundational framework, succeeding version 11.0.2. Both versions share the same core dependencies, relying on tslib version 2.0.0 or higher. They also maintain identical peer dependencies, requiring rxjs version 6.5.3 or later and zone.js around version 0.10.3 for optimal compatibility. The license remains MIT, ensuring open-source usage. The repository details point to the packages/core directory within the main Angular GitHub repository, managed by the Angular team.
A key difference lies in the dist section, which highlights the packaged distribution. Version 11.0.3 exhibits a smaller unpacked size of approximately 18.2MB compared to version 11.0.2's 18.3MB. While the number of files remains consistent at 477, the reduced size suggests potential optimizations or bug fixes that contribute to a more streamlined package. Furthermore, the release date of version 11.0.3 is December 2, 2020, indicating it incorporates improvements and refinements implemented since version 11.0.2 released on November 19, 2020. For developers, upgrading to 11.0.3 could provide slight performance benefits and potentially address minor issues present in the previous version, even though the specific changes might require consulting the detailed changelog.
All the vulnerabilities related to the version 11.0.3 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
