Angular core version 7.0.0 represents a significant update from the 6.1.10 version, introducing key changes relevant for Angular developers. One notable difference is the introduction of @angular/compiler as a peer dependency in version 7.0.0, requiring developers to explicitly include this package in their projects when upgrading. This change likely reflects tighter integration or new features leveraging the compiler directly. While both versions rely on rxjs and zone.js as peer dependencies, ensuring compatibility with reactive programming and asynchronous operations, the introduction of @angular/compiler signifies a shift in the framework's internal architecture or supported functionalities.
Beyond dependency updates, version 7.0.0 shows an increase in both file count (590 vs. 527) and unpacked size (17649094 vs. 15491940), suggesting the inclusion of new features, optimizations, or expanded module capabilities. The release date difference indicates that version 7.0.0 was released just over a week after 6.1.10, which might indicate it addresses bug fixes or introduce minor updates. For developers, upgrading to version 7.0.0 promises potentially improved performance, enhanced functionality, and access to the latest Angular features, but requires careful consideration of the new @angular/compiler peer dependency. Always ensure alignment with other dependencies such as RxJS and Zone.js during the upgrade process.
All the vulnerabilities related to the version 7.0.0 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
