Angular core version 9.1.13 is a patch release in the Angular 9 series, following version 9.1.12. Both versions share the same core dependencies, requiring RxJS 6.5.3 or higher, tslib 1.10.0 or higher, and Zone.js in the 0.10.3 range. This indicates that the fundamental APIs and compatibility layers remain consistent between these two versions, minimizing breaking changes for developers already working within the Angular 9 ecosystem.
The key difference lies in the updated release date and the slightly increased size of the package. Version 9.1.13 was released on December 17, 2020, whereas 9.1.12 was released much earlier on July 8, 2020. This time difference suggests that 9.1.13 includes bug fixes, performance improvements, or minor enhancements accumulated over those intervening months. The slight increase in both file count (682 vs 681) and unpacked size (28017826 bytes vs 27991003 bytes) further supports this idea, signaling that new code or assets have been added.
For developers, upgrading from 9.1.12 to 9.1.13 is generally recommended. Patch releases like this typically address critical issues and refine existing features without introducing major breaking changes. Staying up-to-date ensures access to the latest improvements and a more stable development experience. Examining the Angular changelog for detailed information on the specific fixes and enhancements included in 9.1.13 would provide further insight for developers considering this upgrade.
All the vulnerabilities related to the version 9.1.13 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
