Angular core version 6.1.8 represents a minor patch release in the Angular 6 lifecycle, building upon the foundation of version 6.1.7. Both versions share identical core dependencies, relying on tslib for TypeScript helper functions and listing rxjs and zone.js as peer dependencies, crucial for reactive programming and asynchronous task management within Angular applications. Developers upgrading from 6.1.7 will find the API surface remains consistent, ensuring minimal disruption to existing codebases. The license remains MIT, guaranteeing open-source usage rights.
The key difference lies in the "dist" section. Version 6.1.8 features a slightly larger unpacked size (15494146 bytes) compared to 6.1.7 (15462662 bytes), hinting at internal changes, possibly bug fixes, performance optimizations, or minor feature enhancements within the core framework. The file count remains the same across both versions. The release date of 6.1.8 is September 19, 2018, whereas 6.1.7 was released on September 6, 2018, indicating a relatively short interval between the two releases, which further suggests that 6.1.8 focuses mainly on bug fixes, stability improvements, or small tweaks rather than major functionality additions. Developers should consult the official Angular changelog for 6.1.8 details to understand the precise nature of these changes before upgrading.
All the vulnerabilities related to the version 6.1.8 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
