Angular core version 4.4.5 represents a minor update over its predecessor, version 4.4.4, within the Angular framework. Both versions share fundamental characteristics, including their core framework functionality, reliance on the tslib dependency, and peer dependencies on rxjs and zone.js. Developers familiar with Angular will find the basic structure and approach consistent between the two. Key details like the MIT license and the repository URL remain unchanged, ensuring continuity in the project's open-source nature and access to the source code. The author remains "angular," indicating the ongoing commitment of the Angular team.
The primary distinction lies in the release date and potentially bug fixes or minor performance enhancements incorporated in version 4.4.5. Released on October 12, 2017, version 4.4.5 follows version 4.4.4, which was released on September 28, 2017. Developers should consider upgrading to version 4.4.5 to benefit from any bug fixes and improvements made since the previous release. While the provided data does not detail specific changes, the existence of a newer version generally suggests stability or performance improvements. Developers should consult the official Angular changelog or release notes for a comprehensive list of changes between these versions. Therefore, upgrade from 4.4.4 to 4.4.5 for the latest features and improvements.
All the vulnerabilities related to the version 4.4.5 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
