Angular core version 6.1.9 represents a subtle but potentially important update over its immediate predecessor, version 6.1.8. Both versions share the same core dependencies, relying on tslib version 1.9.0 or higher, and have identical peer dependencies requiring rxjs version 6.0.0 or greater and zone.js around version 0.8.26. This indicates underlying compatibility with existing ecosystems remains consistent. The MIT license applies to both, ensuring open-source usage rights. The source code repository also remains consistent between the two.
However, a notable difference lies in the release date. Version 6.1.9 was released on September 26, 2018, a week after version 6.1.8, which was released on September 19, 2018. Given the short time span, the update likely includes bug fixes, performance improvements, or minor refinements rather than major feature additions. Developers should be interested in this new version because of the bug fixes, even if the dependencies remain the same. We can notice a little change in the unpacked size of the package which can lead to a faster download. Consulting the official Angular changelog for the 6.1.9 release is crucial to understand the specific changes implemented and to determine if upgrading from 6.1.8 is necessary for their particular project based on the bug fixes.
All the vulnerabilities related to the version 6.1.9 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
