Angular core version 8.2.12 represents a small but important update to the core Angular framework, following closely its predecessor version 8.2.11. Both versions share the foundational elements that define Angular, including the "tslib" dependency for TypeScript helper functions and peer dependencies on "rxjs" for reactive programming and "zone.js" for change detection. Developers relying on Angular 8 should find familiar ground in both with mostly the same core functionalities.
The key distinction lies within the "dist" metadata. While both releases comprise 614 files, an almost negligible size difference is noticed in the unpacked size, with 8.2.12 being marginally larger. This minor increase potentially alludes to bug fixes, performance improvements, or small feature enhancements introduced in the newer version. The release dates also mark the difference between the two versions: version 8.2.11 was released on October 15, 2019 and 8.2.12 was released eight days later, on October 23.
Angular developers should carefully evaluate changelogs and release notes associated with version 8.2.12 to ascertain the precise nature of these changes and whether they directly address specific issues or open new opportunities within their applications. While the core dependencies remain consistent, these subtle adjustments could be crucial for ensuring optimal performance, stability, and compatibility within existing Angular 8 projects. Updating to the latest patch version is generally recommended for bug fixes and security improvements.
All the vulnerabilities related to the version 8.2.12 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
