NestJS, a progressive Node.js framework for building efficient and scalable server-side applications, saw a key update with the release of version 3.0.0 of its @nestjs/common package, succeeding version 2.1.2. While both versions share a fundamental dependency on cli-color for enhanced console output and the requirement for reflect-metadata as a peer dependency, the primary difference lies in the increment of the semver leading to a major version update. This jump to version 3.0.0 signals potential breaking changes or significant new features that developers should be aware of when upgrading.
The @nestjs/common package provides the foundational decorators, common exceptions, pipes, guards, and interceptors crucial for structuring a NestJS application. Developers should carefully review the official NestJS changelog and migration guides for version 3.0.0 to understand the specific changes made and ensure compatibility with their existing code, particularly if they rely on core functionalities provided by the package. The update, released on June 3, 2017, builds upon the established foundation of version 2.1.2, released on May 24, 2017, indicating a commitment to improving and evolving the framework. Upgrading to version 3.0.0 allows you to leverage potential performance gains, bug fixes and the latest features offered in NestJS.
All the vulnerabilities related to the version 3.0.0 of the package
nest allows a remote attacker to execute arbitrary code via the Content-Type header
File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.
