NestJS developers should note the release of @nestjs/common version 10.2.8, succeeding the previous stable version 10.2.7. Both versions maintain the same core description as part of the Nest framework, focusing on modern, fast, and powerful Node.js web application development. They share identical dependencies, including uid, tslib, and iterare, and the same peer dependencies such as rxjs, class-validator, reflect-metadata, and class-transformer, indicating no breaking changes in basic compatibility. This means existing projects using these dependencies should upgrade smoothly.
Crucially, the releaseDate highlights a significant difference, with version 10.2.8 released on November 2, 2023, whereas 10.2.7 was released on October 5, 2023. Although fileCount is the same in both versions. the unpackedSize also shows just a minimal difference. that could indicate some optimization or bug fix included in the new version. Although its a minor version change, users should be aware that upgrading from 10.2.7 to 10.2.8 brings the latest refinements and potentially crucial bug fixes to their NestJS applications. Developers should always check the official NestJS changelog for a detailed list of changes.
All the vulnerabilities related to the version 10.2.8 of the package
nest allows a remote attacker to execute arbitrary code via the Content-Type header
File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.
