Angular core version 4.2.1 represents a minor patch release following closely on the heels of version 4.2.0. Both versions share the same core description as the foundational framework for Angular applications. A key similarity lies in their dependencies, both relying on tslib version 1.7.1 or higher for TypeScript helper functions. They also specify identical peer dependency requirements, namely rxjs version 5.0.1 or greater for reactive programming capabilities and zone.js version 0.8.4 or higher for managing asynchronous operations within the Angular zone. Both versions are released under the MIT license and are maintained in the angular/angular Git repository.
The primary difference between the two versions is the release date, with version 4.2.1 being published on June 9, 2017, shortly after version 4.2.0's release on June 8, 2017. This suggests that version 4.2.1 likely includes bug fixes or minor improvements addressing issues discovered shortly after the release of 4.2.0. For developers using Angular, the upgrade from 4.2.0 to 4.2.1 should be seamless, given the minor version increment. However, it's always recommended to review the changelog or release notes for specific details on the fixes or enhancements included in version 4.2.1 to ensure compatibility and take advantage of any improvements. Always ensure your project meets the peer dependency requirements of supporting RxJS and Zone.js versions.
All the vulnerabilities related to the version 4.2.1 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
