Angular core version 8.0.2 represents a minor update to the core framework, building upon the solid foundation established by version 8.0.1. Both versions, described as "Angular - the core framework" share the same fundamental dependencies specifying tslib "^1.9.0" and peer dependencies, rxjs "^6.4.0" and zone.js "~0.9.1", ensuring compatibility with existing Angular ecosystems. Authored by the Angular team and licensed under MIT, these versions continue to support the development of robust and scalable web applications. The repository remains consistent, hosted on GitHub at https://github.com/angular/angular.git, facilitating community contributions and issue tracking.
The key distinction lies in the release dates and potentially subtle bug fixes or performance improvements. Version 8.0.2 was released on June 19, 2019, a few days after 8.0.1 released June 13, 2019. The dist object reveals slight differences in unpackedSize, hinting at code modifications within the package with 8.0.2 being slightly bigger than 8.0.1. Developers considering upgrading from 8.0.1 to 8.0.2 should review the official Angular changelog for detailed information on resolved issues, performance enhancements, and any potential breaking changes. Although no major dependency updates are evident, staying current with the latest minor version is generally advisable to benefit from the most stable and optimized codebase. The focus should be on bug fixes and small improvements rather than major new features.
All the vulnerabilities related to the version 8.0.2 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
