Angular core version 9.1.1 represents a minor update to the foundational framework component, building upon the 9.1.0 release. While both versions share the same core description, license, author, and repository details, a key difference lies in their peer dependencies. Version 9.1.1 requires zone.js version ~0.10.3, a slight bump from 9.1.0's ~0.10.2. This adjustment in a core dependency like zone.js, crucial for Angular's change detection mechanism, suggests improvements or bug fixes related to asynchronous task handling and stability within the Angular runtime.
Developers should consider this update to benefit from the refined zone.js integration, potentially leading to more predictable and efficient application behavior. Further analysis of zone.js changelogs between these versions would provide insight into the specific enhancements. Furthermore, while file count remains constant, the unpacked size has increased marginally in 9.1.1. This typically represents added functionality, potentially optimizations, or the inclusion of new features to handle specific scenarios.
Overall, upgrading to 9.1.1 from 9.1.0 is recommended to take advantage of these enhancements, with a close look at the impact to zone.js to ensure compatibility during update. The release date suggests that angular 9.1.1 followed angular 9.1.0 after some days, which is standard in software development to hotfix problems or security concerns.
All the vulnerabilities related to the version 9.1.1 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
