NestJS developers will find the jump from version 9.3.2 to 9.3.3 of the @nestjs/common package a subtle but potentially important update. Both versions share the same core dependencies, including uid, tslib, and iterare, suggesting no significant architectural changes in these areas. Similarly, the peer dependencies, rxjs, cache-manager, class-validator, reflect-metadata, and class-transformer, remain consistent, implying compatibility is maintained with these commonly-used libraries. This means upgrading shouldn't introduce immediate breaking changes related to these dependencies.
The critical difference lies in the details of the distribution package. While the file count remains static at 383, the unpacked size saw a small reduction, decreasing from 422137 bytes in 9.3.2 to 421952 bytes in 9.3.3. This slight decrease suggests possible optimizations or minor code refactoring that could contribute to a marginally smaller footprint in your project. Furthermore, the release date indicates a newer version, published on February 6, 2023, compared to February 3, 2023. This newer date usually implies bug fixes or minor improvements addressed in the newer version which can be crucial for software stability. Developers should consider upgrading from 9.3.2 to 9.3.3 to benefit from the latest refinements, bug fixes, and the slightly reduced package size which enhances performance.
All the vulnerabilities related to the version 9.3.3 of the package
nest allows a remote attacker to execute arbitrary code via the Content-Type header
File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.
