Angular core version 7.2.7 is a minor update to the core framework, following closely on the heels of version 7.2.6. Both versions share the same fundamental dependencies, relying on tslib at version ^1.9.0, rxjs at ^6.0.0, and zone.js at ~0.8.26. This consistent dependency structure suggests a focus on stability and incremental improvements rather than sweeping architectural changes.
The key differences between the two versions lie in their release timing and potentially subtle internal changes. Version 7.2.7 was released on February 27, 2019, a week after version 7.2.6, which was released on February 20, 2019. While both versions contain the same amount of files, 611, the newer version shows an extremely small increase in unpacked size (20722093 vs 20709225). This slight size increase hints at bug fixes, performance optimizations, or very minor feature additions in version 7.2.7. Developers should upgrade to the newest version to ensure getting the latest bug fixes and improvements. Considering the frequent release cycle during this period and the shared dependency requirements, upgrading from 7.2.6 to 7.2.7 is likely a smooth and beneficial process for most Angular projects seeking to maintain optimal performance and stability.
All the vulnerabilities related to the version 7.2.7 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
