Angular core version 2.1.0 introduces incremental improvements upon the preceding stable release, version 2.0.2. While both versions share the fundamental characteristics of the Angular core framework, including the same peer dependencies on RxJS 5.0.0-beta.12 and Zone.js ^0.6.21, subtle enhancements and bug fixes likely differentiate the two. Developers considering upgrading from 2.0.2 to 2.1.0 should primarily focus on the specific change logs and release notes accompanying the newer version. These resources typically detail the exact modifications, bug resolutions, and performance improvements implemented.
The release date difference is also notable; version 2.1.0 was published on October 12, 2016, approximately six days after 2.0.2. This suggests that 2.1.0 likely addresses issues discovered or optimizations identified in the initial days following the release of 2.0.2. If developers encountered any problems utilizing 2.0.2, investigating the changes incorporated within 2.1.0 is highly recommended as there is a high chance their issues have been addressed with the new version. Keep in mind that both versions share the same MIT License, ensuring developers are free to use them in a wide range of projects. Also, the GitHub repository remains consistent, indicating no major architectural shifts between the two versions.
All the vulnerabilities related to the version 2.1.0 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
