Angular core version 5.2.10 is a patch release in the Angular 5 series, building upon the foundation laid by version 5.2.9. Both versions share core characteristics: they feature the same core framework description, utilize the tslib dependency for TypeScript helper functions, and require rxjs and zone.js as peer dependencies, indicating compatibility with reactive programming and asynchronous task management. Both versions are licensed under MIT and are part of the official Angular repository. Authors are the same, angular. The file count remains the same at 144 files.
The most notable difference lies within the dist object and consequently, the release date. Version 5.2.10 was released on April 16, 2018, subsequent to version 5.2.9 which came out on March 14, 2018. The size of the unpacked package has slightly increased between the versions, from 7227543 to 7233896. This small size difference that is less than 1% suggests that 5.2.10 encompasses bug fixes and targeted improvements rather than substantial new features or architectural changes.
For developers, upgrading from 5.2.9 to 5.2.10 is generally recommended to benefit from the latest bug fixes and minor enhancements. Users should review the official Angular changelog for a detailed list of specific changes included in this patch release to assess its impact on their projects. Since both versions share the same peer dependencies, the upgrade should be relatively straightforward, ensuring compatibility with existing RxJS and Zone.js setups.
All the vulnerabilities related to the version 5.2.10 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
