NestJS @nestjs/common version 3.1.1 represents a minor patch release over its predecessor, version 3.1.0, both iterations of the core module for the modern, fast, and powerful Node.js web framework. Examining the metadata, the fundamental architecture and core dependencies remain consistent. Both versions depend on cli-color version 1.1.0 for command-line interface styling and declare reflect-metadata version 0.1.10 as a peer dependency, meaning that it needs to be installed separately alongside @nestjs/common. The license remains MIT, offering developers broad freedom in usage and modification, and authorship is credited to Kamil Mysliwiec.
The primary distinction between the two versions lies in their release timing. Version 3.1.1 was published approximately an hour after version 3.1.0. Given the rapid succession, it's highly probable that version 3.1.1 contains bug fixes or very minor enhancements identified immediately after the initial 3.1.0 release. For developers adopting @nestjs/common, upgrading from 3.1.0 to 3.1.1 is recommended, particularly if encountering any unexpected behavior with the earlier version. This ensures benefiting from the latest stability improvements and potential fixes. While the changelog isn't provided in the metadata, the quick release cycle implies that it addresses issues discovered right after the previous release.
All the vulnerabilities related to the version 3.1.1 of the package
nest allows a remote attacker to execute arbitrary code via the Content-Type header
File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.
