Angular core version 9.1.6 is a minor patch release following 9.1.5, both versions delivering the core functionalities for building Angular applications. Targeting developers already working within the Angular 9 ecosystem, the key difference lies in potential bug fixes and minor improvements introduced in 9.1.6. Both versions share identical peer dependencies, requiring rxjs version ^6.5.3, tslib version ^1.10.0, and zone.js version ~0.10.3 ensuring compatibility within existing Angular 9 projects.
File count and unpacked size remain unchanged at 682 files and 28148905 bytes respectively, suggesting no significant feature additions. The release date difference indicates a single day between 9.1.5 and 9.1.6, reinforcing the nature of the latter as a patch releasing fixing minor issues and improvements. Angular developers should consult the official Angular changelog for a full understanding of the specific bugs addressed and improvements made in version 9.1.6. Upgrading from 9.1.5 to 9.1.6 is recommended for all Angular 9 projects to benefit from the latest fixes and maintain stability. Developers starting new projects should always use the latest stable version.
All the vulnerabilities related to the version 9.1.6 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
