@nestjs/common version 9.3.9 represents a minor update to the popular NestJS framework's core module, building upon the solid foundation of version 9.3.8. Both versions share identical core dependencies: uid (version 2.0.1), tslib (version 2.5.0), and iterare (version 1.2.1), indicating that internal functionalities related to unique ID generation, TypeScript helper functions, and iterable manipulation remain consistent. Similarly, the peer dependencies, vital for interoperability with other libraries, are also unchanged. This includes rxjs (version ^7.1.0 or higher), cache-manager (version 5 or lower), class-validator (any version), reflect-metadata (version ^0.1.12 or higher), and class-transformer (any version), implying no breaking changes related to reactive programming, caching, validation, metadata reflection, or class transformation.
The significant difference lies in the release date. Version 9.3.9 was released on February 14, 2023, following the release of version 9.3.8 on February 10, 2023. The unpacked size of the newer version is slightly larger by 3kb (422687 vs 422684), suggesting minor bug fixes, performance enhancements, or documentation updates were integrated in the later release. Developers should consider upgrading to version 9.3.9 to benefit from these improvements and ensure they are using the most recent stable version. It's recommended to carefully review the official NestJS changelog and release notes for a detailed breakdown of the changes and any potential impact on existing applications.
All the vulnerabilities related to the version 9.3.9 of the package
nest allows a remote attacker to execute arbitrary code via the Content-Type header
File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.
