Angular core version 7.2.9 is a minor release in the 7.x series, following 7.2.8. Both versions share the same core dependencies, relying on tslib version ^1.9.0. The peer dependencies also remain consistent, requiring rxjs version ^6.0.0 and zone.js version ~0.8.26. This signifies compatibility with existing projects using these versions. The license remains under the MIT license and the code repository is the official Angular repository on Github.
However, key differences exist in the dist object and release date. Version 7.2.9, released on March 12, 2019, contains 611 files within its distributed tarball that has unpackedSize of 20724762 bytes. This suggests potential bug fixes, performance improvements and small changes. In contrast, version 7.2.8 released on March 6, 2019, shares the same file count (611 files) but has a slightly larger unpackedSize of 20724772 bytes.
For developers, upgrading to 7.2.9 from 7.2.8 is likely seamless given the identical dependency and peer dependency requirements. The slight change in unpacked package size hints, but does not necessarily confirm any specific updates or bug fixes improving the overall developer experience.
All the vulnerabilities related to the version 7.2.9 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
