@vue/typescript-plugin versions 2.0.21 and 2.0.20 offer crucial enhancements for Vue developers leveraging TypeScript. Both versions serve as essential plugins for tsserver or typescript-language-server, ensuring seamless integration and enhanced language support within your IDE. Primarily designed for installation in locations accessible by the language server, notably within a project's node_modules directory, these plugins elevate the development experience by providing features like type checking, auto-completion, and diagnostics directly derived from your Vue components and TypeScript code.
The key difference lies in the updated dependencies. Version 2.0.21 sees an update to "@volar/typescript" to version "~2.3.0-alpha.15" and "@vue/language-core" to version "2.0.21" while version 2.0.20 uses "@volar/typescript" version "~2.3.0-alpha.14" and "@vue/language-core" version "2.0.20". These dependency upgrades likely incorporate bug fixes, performance improvements, and potentially new features within the core language tooling. Developers should prioritize upgrading to version 2.0.21 to benefit from the latest advancements in Vue's TypeScript support, ensuring a more robust and efficient development workflow. The updated release also had a later release date, meaning it will have the newest set of features. Both packages share the same unpacked size so no changes in size exist.
All the vulnerabilities related to the version 2.0.21 of the package
vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)
A vulnerability has been discovered in vue-template-compiler, that allows an attacker to perform XSS via prototype pollution. The attacker could change the prototype chain of some properties such as Object.prototype.staticClass or Object.prototype.staticStyle to execute arbitrary JavaScript code. Vue 2 has reached End-of-Life. This vulnerability has been patched in Vue 3.
