Angular core 7.2.3 represents a minor version update following closely on the heels of version 7.2.2, both iterations of the core framework. Examining the metadata reveals subtle shifts between these releases. While dependencies on tslib, rxjs, and zone.js remain consistent, suggesting no breaking changes in these core areas, the unpacked size reveals a small increase from 20,659,620 bytes in 7.2.2 to 20,660,232 bytes in 7.2.3. This minor increment hints at internal adjustments, possibly bug fixes, performance enhancements, or small feature additions that don't fundamentally alter the API.
The release dates underscore the rapid development cycle: 7.2.2 arrived on January 22, 2019, and 7.2.3 appeared just over a week later on January 30, 2019. This quick succession suggests that 7.2.3 might be addressing issues or improvements discovered shortly after the 7.2.2 release.
For developers using Angular, upgrading from 7.2.2 to 7.2.3 likely represents a low-risk proposition, assuming their projects adhere to the established peer dependency constraints. While the core dependencies remain unchanged, inspecting the detailed changelog and release notes (available on the Angular GitHub repository) is always advisable to understand the specific refinements made in 7.2.3. These incremental updates exemplify Angular's commitment to continuous enhancement and stability within a specific version branch.
All the vulnerabilities related to the version 7.2.3 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
