@nestjs/common version 10.4.2 represents a minor update to the popular NestJS framework's core module, focusing on incremental improvements and bug fixes rather than introducing substantial new features. Comparing it to the previous stable version, 10.4.1, unveils subtle yet important distinctions for developers. One key difference lies in the updated tslib dependency, moving from version 2.6.3 to 2.7.0. While tslib itself provides helper functions for TypeScript, this update likely addresses underlying TypeScript compatibility issues or performance enhancements, ensuring smoother operation with the latest TypeScript versions.
Furthermore, the unpacked size has slightly decreased from 430343 to 429286, indicating potential optimizations in the codebase or dependency tree. Developers might experience marginally faster installation times or a slightly smaller application bundle size. Another important aspect is the release date, as a later version means that the older version had some problems which required a new release. Both versions maintain the same peer dependencies, requiring rxjs, class-validator, reflect-metadata, and class-transformer, highlighting the stability of the core API and its reliance on these established libraries for reactive programming, validation, and metadata functionalities. Developers can seamlessly upgrade without major breaking changes to their existing codebase.
All the vulnerabilities related to the version 10.4.2 of the package
nest allows a remote attacker to execute arbitrary code via the Content-Type header
File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.
