Angular core version 2.3.0 represents a notable update from version 2.2.4, offering developers improvements and dependency adjustments for building robust Angular applications. Released on December 7, 2016, version 2.3.0 builds upon the foundation of its predecessor, released just a week prior on November 30, 2016.
One key difference lies in the peer dependencies. Version 2.3.0 requires a newer version of RxJS, specifically "5.0.0-rc.4," indicating an upgrade to a release candidate, likely incorporating bug fixes and refined features within the reactive programming library. Previous version 2.2.4 depended on "5.0.0-beta.12". Similarly, the required Zone.js version is bumped up to "^0.7.2" from "^0.6.21". These dependency updates often reflect underlying changes within Angular that leverage the updated functionalities of these core libraries and potential performance or optimization benefits.
Developers considering the upgrade from 2.2.4 to 2.3.0 should pay close attention to these peer dependency changes. Ensuring compatibility with the updated RxJS and Zone.js versions is crucial for a smooth transition and to avoid potential runtime errors. These updates suggest ongoing enhancements in Angular's core functionalities, encouraging developers to stay current for the latest features and performance improvements offered by the framework and its dependencies. Always consult the official Angular changelog and migration guides for detailed information on specific changes and potential breaking changes when updating.
All the vulnerabilities related to the version 2.3.0 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
