Angular core version 8.2.10 is a minor patch release following version 8.2.9, both being part of the Angular 8 series, designed for building dynamic web applications. Both versions share the same core dependencies, including "tslib" for TypeScript helper functions, and peer dependencies on "rxjs" for reactive programming and "zone.js" for managing asynchronous operations. This indicates a high degree of compatibility and a relatively smooth upgrade path between the two.
The key difference lies in the "dist" section, specifically the unpacked size. Version 8.2.10 has a slightly smaller unpacked size (25930863 bytes) compared to 8.2.9 (25932677 bytes). This suggests that some minor optimizations or bug fixes were introduced in version 8.2.10, leading to a slightly more compact distribution. While the file count remains the same at 614, hinting that the structure of the package didn't change significantly.
The release date also marks a difference, with version 8.2.10 released on October 9, 2019, following version 8.2.9 which was released on October 2, 2019. Developers already using Angular 8 should consider upgrading to 8.2.10, as it likely includes bug fixes and potentially performance improvements, even if subtle. Given the shared dependencies and the "patch" nature of the release, the upgrade path should be seamless, minimizing the risk of introducing breaking changes, providing a more stable and performant Angular development environment.
All the vulnerabilities related to the version 8.2.10 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
