Angular Core version 6.1.4 represents a minor update to the core framework, succeeding version 6.1.3. Both versions share a common foundation, built upon the MIT license and residing within the Angular GitHub repository. Key dependencies like tslib (version ^1.9.0) remain consistent between the two, ensuring Typescript compatibility. Similarly, peer dependencies on rxjs (version ^6.0.0) and zone.js (version ~0.8.26) highlight the ongoing reliance on these libraries for reactive programming and asynchronous operations within Angular applications.
The primary distinction lies in the "dist" section, specifically the unpackedSize and releaseDate. Version 6.1.4 shows a slight increase in unpacked size(15461959 bytes vs 15461725 bytes), suggesting potential bug fixes, minor feature additions, or internal optimizations. The release date difference indicates that version 6.1.4 followed version 6.1.3 by approximately a week. For developers, this means the newer version likely incorporates fixes or improvements identified shortly after the release of 6.1.3. Upgrading to 6.1.4 is generally recommended to leverage these refinements. Although without specifics on feature changes, jumping to the newest version is always the best decision when building with Angular. Given the minor version increment, the update is expected to be backward compatible, minimizing disruption during the upgrade process and maintaining a stable and reliable development environment for Angular projects.
All the vulnerabilities related to the version 6.1.4 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
