Zod, a TypeScript-first schema declaration and validation library, released version 1.0.4, building upon the foundation laid by version 1.0.2. Both versions share identical descriptions, developer (Colin McDonnell), license (MIT) and repository details. Both versions have same number of files. The core functionality of type inference and schema validation remains consistent, ensuring developers can confidently define and validate data structures within their TypeScript projects in a type-safe manner.
A key difference lies in the unpacked size. Version 1.0.4 sees a slight decrease in unpacked size, from 44142 to 44056, suggesting minor optimizations or refactoring that potentially improve performance or reduce the library's footprint. However, this small difference is unlikely to be noticeable in most real-world scenarios.
More importantly, the release dates highlight the recency of version 1.0.4, released on March 12, 2020, compared to version 1.0.2, which arrived on March 9, 2020. This short gap indicates that version 1.0.4 likely contains bug fixes, small enhancements, or perhaps address specific edge cases identified after the 1.0.2 release. Developers using Zod should therefore prefer version 1.0.4 for the latest improvements. While the dependency list remains empty in both versions, highlighting Zod's lightweight nature. The changes are not groundbreaking, but developers should consider upgrading to version 1.0.4 to benefit from a potentially more stable and refined experience when defining and validating their data schemas in TypeScript.
All the vulnerabilities related to the version 1.0.4 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
