Angular core version 6.1.2 is a minor patch release that followed version 6.1.1, offering subtle improvements and refinements to the core Angular framework. Both versions share the same fundamental dependency on tslib version ^1.9.0, ensuring compatibility for TypeScript helper functions. Similarly, they maintain peer dependency requirements for rxjs (version ^6.0.0) and zone.js (version ~0.8.26), ensuring consistent integration with these essential libraries for reactive programming and asynchronous task management within Angular applications. Both versions are released under the MIT license, promoting open-source usage and contribution.
The key difference lies in the dist metadata. Version 6.1.2 presents a slightly larger unpacked size of 15,462,683 bytes compared to 6.1.1's 15,457,456 bytes. While the file count remains consistent at 527, this difference in size suggests potential updates in underlying code, bug fixes, or minor feature enhancements. The release date also distinguishes these versions, with 6.1.2 being released on August 8, 2018, a few days after 6.1.1's release on August 2, 2018. For developers, upgrading from 6.1.1 to 6.1.2 should be relatively straightforward, offering potential performance improvements due to the updated code. The fact that is a patch version makes the upgrade safe and recommended.
All the vulnerabilities related to the version 6.1.2 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
