NestJS developers will find the update from @nestjs/common version 9.4.1 to 9.4.2 a subtle but potentially important upgrade. Both versions maintain the core functionalities of the NestJS framework, a popular choice for building efficient and scalable Node.js server-side applications. Key dependencies like uid and iterare remain consistent, ensuring stability in those underlying utilities. The peer dependencies, crucial for compatibility with other libraries such as rxjs, cache-manager, class-validator, reflect-metadata, and class-transformer, are also unchanged, minimizing the risk of breaking changes in existing projects.
The primary difference lies in the tslib dependency, updated from version 2.5.0 to 2.5.2. tslib provides helper functions for TypeScript, and while the change appears minor, it may contain bug fixes or performance improvements that could benefit NestJS applications. The unpacked size of the package has slightly increased from 428382 to 428580, which could indicate added features, improved code, or simply changes during the packaging process. Finally, the release date shows a week difference between the versions, with 9.4.2 released on May 23, 2023. Developers should review the changelog for tslib and @nestjs/common itself to understand the specific changes implemented in version 9.4.2 and assess whether the update addresses any existing issues or offers relevant enhancements for their projects.
All the vulnerabilities related to the version 9.4.2 of the package
nest allows a remote attacker to execute arbitrary code via the Content-Type header
File Upload vulnerability in nestjs nest prior to v.11.0.16 allows a remote attacker to execute arbitrary code via the Content-Type header.
