Angular core version 9.0.6 represents a minor update to the core Angular framework, building upon the foundation established by version 9.0.5. Both versions share identical peer dependencies, requiring RxJS 6.5.3 or higher, tslib 1.10.0 or higher, and zone.js ~0.10.2, ensuring compatibility with existing Angular 9 projects. The license remains MIT, allowing for broad usage and modification. The repository information points to the Angular GitHub repository, indicating a continued commitment to open-source development.
The primary difference lies in the release date. Version 9.0.6 was published on March 11, 2020, while version 9.0.5 was released on March 4, 2020, meaning 9.0.6 incorporates any bug fixes or minor enhancements implemented within that week. Developers should consider upgrading to 9.0.6 to benefit from these potential improvements, addressing any reported issues or stability concerns identified in version 9.0.5. The slightly larger unpacked size of version 9.0.6 (27,835,647 bytes compared to 27,823,190 bytes) hints at internal code adjustments or the inclusion of additional assets, but the file count is equal. While no major feature additions are apparent, Angular developers aiming for the most stable and up-to-date experience within the Angular 9 lifecycle should prefer the newer release.
All the vulnerabilities related to the version 9.0.6 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
