Angular core version 5.2.0 represents a subtle but important update to the Angular framework, building upon the foundation laid by version 5.1.3. Released on January 10, 2018, 5.2.0 arrived just a few days after its predecessor (released on January 4, 2018), signaling a period of active development and refinement within the Angular team.
While both versions share the same core dependencies, tslib for TypeScript helpers, and identical peer dependencies on rxjs (version 5.5.0 or higher) and zone.js (version 0.8.4 or higher), developers should note the minimal change between these releases. For Angular developers, the short time between versions likely indicates bug fixes, performance improvements, or minor feature enhancements incorporated in version 5.2.0. Because the dependencies are identical, upgrading from 5.1.3 to 5.2.0 should be a relatively seamless process.
Both versions maintain the same MIT license and are managed under the angular/angular Git repository, ensuring continuity and a stable development experience. While the detailed changelog is essential for a full understanding, this quick look suggests that developers using Angular 5 should consider moving to version 5.2.0, prioritizing stability and benefitting from the newest patches.
All the vulnerabilities related to the version 5.2.0 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
