Angular core version 4.4.4 is a minor release following 4.4.3, both being part of the Angular framework's core functionality. Developers considering an upgrade should focus on understanding the subtle distinctions between these versions. Both versions share the same core dependencies, tslib for TypeScript helper functions, and peer dependencies on rxjs and zone.js, indicating a consistent reliance on these libraries for reactive programming and asynchronous task management. The license remains MIT, ensuring broad usability.
The primary difference lies in the release date, with version 4.4.4 being released on September 28, 2017, subsequent to version 4.4.3 released on September 19, 2017. While the provided metadata doesn't explicitly detail the code-level changes, a version bump from 4.4.3 to 4.4.4 usually signifies bug fixes, performance improvements, or minor feature additions, rather than breaking changes. Developers should consult the official Angular changelog or release notes for detailed specifics regarding these potential improvements or bug fixes.
For developers using Angular, upgrading to the latest minor version within a major version (like from 4.4.3 to 4.4.4) is generally recommended to benefit from these refinements and fixes, contributing to a more stable and performant application. However, always test your application thoroughly after upgrading to ensure compatibility and prevent unexpected issues. Remember to examine the Angular changelogs for in-depth details on the included fixes and enhancements.
All the vulnerabilities related to the version 4.4.4 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
