Growl is a Node.js library designed to provide unobtrusive desktop notifications using the Growl notification system. Looking at versions 1.8.0 and 1.8.1, the core functionality remains consistent, with both versions offering a straightforward way to send notifications to users' desktops. The key differentiator between these versions lies in the timing of their releases. Version 1.8.1 was published shortly after 1.8.0, with only about 23 minutes separating them. This suggests that version 1.8.1 is likely a patch release addressing a minor bug fix or immediate issue discovered in version 1.8.0.
For developers considering using Growl, this means that version 1.8.1 is the preferred choice due to its potential bug fixes. Since the jump in version number is minimal, developers upgrading from 1.8.0 to 1.8.1 should not expect drastic changes in the API or functionality. Integrating Growl into a Node.js project involves a simple installation via npm ("npm install growl") and then calling the growl function with the desired notification message and options. The repository details remain the same for both versions, indicating the same source code base managed on GitHub.
All the vulnerabilities related to the version 1.8.1 of the package
Growl before 1.10.0 vulnerable to Command Injection
Affected versions of growl do not properly sanitize input prior to passing it into a shell command, allowing for arbitrary command execution.
Update to version 1.10.0 or later.
