@nestjs/common version 9.3.6 represents a minor update over its predecessor, version 9.3.5, within the NestJS framework, a popular choice for building efficient and scalable Node.js server-side applications. Both versions share identical core metadata, encompassing project description, dependencies like uid, tslib, and iterare, peer dependencies including rxjs, cache-manager, class-validator, reflect-metadata, and class-transformer, the MIT license, repository details, author, and funding information. Developers relying on these dependencies can be assured of continued compatibility.
The primary distinctions between the two versions lie in their release timing, unpacked size, and potentially, internal bug fixes or enhancements that are not explicitly detailed in the metadata. Version 9.3.6 was released on February 8, 2023, shortly after version 9.3.5's release on February 7, 2023. The newer version has a slightly larger unpacked size (422524 bytes compared to 422396 bytes), suggesting minor code adjustments or additions were implemented. While the fileCount remains the same at 383, developers should investigate the changelog (if available) for specific modifications undertaken between the versions. This update likely contains incremental improvements that contribute to overall stability and performance within NestJS projects. For projects seeking the latest refinements, upgrading to 9.3.6 is advisable, while projects already on 9.3.5 should evaluate the potential benefits against the backdrop of their specific needs.
All the vulnerabilities related to the version 9.3.6 of the package
nest allows a remote attacker to execute arbitrary code via the Content-Type header
File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.
