Pug-loader versions 1.0.1 and 1.0.2 are very similar, both serving as loaders specifically designed to manage dependencies within Pug (formerly Jade) template files. Both versions share the same core functionality, described as loading dependencies for pug files, the same dependencies and dev dependencies. These are pug-walk for walking the Pug abstract syntax tree, pug-lexer for tokenizing Pug code, and pug-parser for parsing the token stream into an AST. Both releases are licensed under the MIT license and authored by ForbesLindesay. They are hosted on npm and accessible via the pugjs/pug-loader GitHub repository.
The key difference lies in their release dates. Version 1.0.1 was released on April 3rd, 2016, while version 1.0.2 followed on April 17th, 2016 – roughly two weeks apart. While there are no explicitly listed changes between the versions in the metadata, the developer community generally expects rapid version bumps like this to address bug fixes, minor performance improvements, or dependency updates that don't warrant a larger semantic version change. If you are experiencing issues with pug-loader 1.0.1 consider upgrading to version 1.0.2, as it potentially offers stability enhancements and minor refinements without introducing breaking API changes. Consider exploring the commit history between the releases for detailed information regarding the changes.
The are not vulnerabilities for the version 1.0.2 of the package pug-loader
