Angular developers looking to upgrade the core framework from version 9.0.7 to 9.1.0 will find a relatively incremental update, but one that includes valuable improvements. Both versions share identical peer dependencies, requiring rxjs (version ^6.5.3), tslib (^1.10.0), and zone.js (~0.10.2), ensuring compatibility regarding these core libraries. The licensing remains consistent under the MIT license.
While the fundamental description and repository information are unchanged, some differences exist in the distribution metadata. Version 9.1.0 has a slight increase in fileCount (682 vs. 678) and unpackedSize (27922428 vs. 27860811 bytes) compared to 9.0.7. This suggests minor additions or modifications within the core package, potentially bug fixes, performance enhancements, or subtle feature tweaks. The release date also tells a bit of a story - version 9.1.0 was released on March 25, 2020, about a week after version 9.0.7 (March 18, 2020).
Although the provided data doesn't delve into the specifics of the changes, developers should consult the official Angular changelog for a comprehensive understanding of the enhancements in version 9.1.0. The updated version likely addresses issues identified in 9.0.7 and could offer a smoother developer experience. Upgrading is generally recommended to leverage these improvements, provided thorough testing is conducted to ensure compatibility with existing application code.
All the vulnerabilities related to the version 9.1.0 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
