Angular Core version 9.1.7 represents a minor iteration in the Angular 9.1 series, building upon the foundation laid by version 9.1.6. Both versions share the same core description as the foundational framework for Angular applications, and maintain identical peer dependencies, requiring specific versions of RxJS, tslib, and zone.js for optimal functionality. This consistency ensures a smooth transition for developers already working within the Angular 9 ecosystem. Under the MIT license and maintained within the Angular GitHub repository, both versions offer a stable and well-supported environment. Key differences lie in the distribution details. Version 9.1.7, released on May 13, 2020, has a slightly smaller unpacked size of 27,974,582 bytes compared to version 9.1.6 (released on May 8, 2020) at 28,148,905 bytes. Furthermore, version 9.1.7 contains 680 files compared to the 682 files of its predecessor. While seemingly minor, these discrepancies suggest potential optimizations or bug fixes that contribute to a slightly leaner package. Developers considering an upgrade should investigate the specific changelog between 9.1.6 and 9.1.7 for detailed information on addressed issues and incorporated improvements, ensuring compatibility and enhanced performance within their Angular projects.
All the vulnerabilities related to the version 9.1.7 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
