Today, I noticed that Angular adds its version information in the app-root as following:
<app-root _nghost-c0="" ng-version="5.2.0">
And even when I build in the production environment, it seems to be present. I don't know what's the main goal for adding that information there ? Isn't it a security issue to show the angular version publicly ? Thanks
Angular uses this attribute to tag the element that was used to bootstrap the application.
See also https://github.com/angular/angular/commit/a4de214e2be5048f1261d043cc467a5ecaa5c909
Hiding it would only be security by obscurity which is not security.