Angular core version 6.0.3 represents a minor update to the 6.0.x series, following version 6.0.2. Both versions, maintaining the core framework's functionality, share identical dependencies on tslib version ^1.9.0, and peer dependencies on rxjs version ^6.0.0 and zone.js version ~0.8.26, ensuring compatibility within the Angular ecosystem. Licensed under MIT, reinforcing its open-source nature, these versions are readily accessible via the Angular GitHub repository and npm registry.
The primary difference lies in the release date and the unpacked size. Version 6.0.3 was released on May 22, 2018, a week after version 6.0.2, which came out on May 15, 2018. While both have the same number of files(464) included in the package, the newer version exhibits a very slightly smaller unpacked size of 13,331,099 bytes compared to 6.0.2's 13,331,112 bytes, which could indicate minor optimizations or bug fixes. Developers considering upgrading from 6.0.2 to 6.0.3 should anticipate a seamless transition, given the consistent dependency specifications. This incremental update ensures continued stability and reliability within the Angular framework, offering developers a refined experience without significant breaking changes. The small reduction of the unpackedSize may imply improvements under the hood.
All the vulnerabilities related to the version 6.0.3 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
