Angular core version 8.2.4 represents a minor update over its predecessor, version 8.2.3, within the Angular framework. Both versions share identical core dependencies, relying on tslib for TypeScript helper functions and peer dependencies on rxjs for reactive programming and zone.js for change detection. This consistency signifies that the fundamental architecture and API surface remain largely unchanged between the two releases.
Developers will find that the file count and unpacked size of the distribution tarballs are exactly the same between the two versions. As such, the difference between the two versions isn't in the amount of files or the unpacked size but only in the release date, with version 8.2.4 released on August 28, 2019, a week later than version 8.2.3. Since this is a later version, it's expected it includes bug fixes and potentially small performance improvements and for that reason, it's better to upgrade to this more recent version. While the core functionalities and dependency landscape remain constant, developers should investigate the specific changelog or release notes associated with version 8.2.4 to understand the precise nature of these improvements. As a general rule, staying up-to-date with minor version bumps is recommended for taking advantage of the latest enhancements and resolutions.
All the vulnerabilities related to the version 8.2.4 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
