Angular Core version 5.2.6 represents a minor update over its predecessor, version 5.2.5, within the Angular framework. Both versions share fundamental characteristics, including the core framework description, the 'MIT' license, and a shared repository on GitHub. They also maintain identical dependencies, relying on 'tslib' version '^1.7.1' and peer dependencies like 'rxjs' version '^5.5.0' and 'zone.js' version '^0.8.4', ensuring compatibility with existing Angular projects using these libraries.
The primary difference lies in the release date and the unpacked size of the distribution. Version 5.2.6 was released on February 22, 2018, subsequent to the release of version 5.2.5 on February 14, 2018. Furthermore, version 5.2.6 exhibits a slightly larger unpacked size of 7,227,543 bytes, compared to the 7,222,099 bytes of version 5.2.5. This suggests that version 5.2.6 incorporates minor enhancements, bug fixes, or performance improvements, potentially addressing issues discovered in the previous iteration. With an identical 'fileCount' of 144, the update seems to be contained inside the existing files rather than new ones. For developers, upgrading to version 5.2.6 is recommended to leverage these potential refinements and maintain the stability and performance of their Angular applications where a potential bug could be solved.
All the vulnerabilities related to the version 5.2.6 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
