Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

The Angular 7.2.1 CLI release fixes a webpack-dev-server vulnerability, supports TypeScript 3.2 and Angular 7.2.0-rc.0

Save for later
  • 2 min read
  • 10 Jan 2019

article-image
Today, Minko Gechev, an engineer in the Angular team at Google announced the release of Angular CLI 7.2.1. This release fixes a webpack-dev-server vulnerability and also comes with support for multiselect list prompt, TypeScript 3.2, and Angular 7.2.0-rc.0.

https://twitter.com/mgechev/status/1083133079579897856

Understanding the webpack-dev-server vulnerability


The npm install command was showing the Missing Origin Validation vulnerability because webpack-dev-server versions before 3.1.10 are missing origin validation on the websocket server. A remote attacker can take advantage of this vulnerability to steal a developer’s code as the origin of requests to the websocket server, which is used for Hot Module Replacement (HMR) are not validated.

Other updates in Angular 7.2.1 CLI


Several updates and bug fixes were listed in the release notes of Angular CLI’s GitHub repository. Some of them are:

  • Support is added for multiselect list prompt
  • Support is added for TypeScript 3.2 and Angular 7.2.0-rc.0
  • Optimization options are updated
  • Warnings are added for overriding flags in arguments
  • lintFix is added to several other schematics
  • Unlock access to the largest independent learning library in Tech for FREE!
    Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
    Renews at $19.99/month. Cancel anytime
  • `resourcesOutputPath` is added to the schema to define where style resources will be placed, relative to outputPath.
  • The architect command project parsing is improved
  • Prompt support is added using Inquirer
  • Jobs API is added
  • Directly loading component templates is supported



Angular 7 is now stable

Unit testing Angular components and classes [Tutorial]

Setting up Jasmine for Unit Testing in Angular [Tutorial]