Zod version 1.10.0 introduces a subtle but potentially impactful update to the TypeScript schema declaration and validation library. Released shortly after version 1.9.2, the primary difference lies in the upgraded TypeScript version support. Zod 1.10.0 now requires TypeScript 3.3 or later, whereas the previous version, 1.9.2, supported TypeScript 3.2. This change could be important for developers working with newer TypeScript features and syntax, ensuring compatibility and potentially unlocking access to improved type checking and tooling.
Beyond the TypeScript version bump, both versions share the same core dependencies and development tooling, with packages like Jest for testing, TSLint for linting, and Prettier for code formatting remaining consistent. This indicates a focus on stability and continuous integration within the Zod project. The fileCount is the same on both versions, suggesting no new files were added. However, the unpackedSize increased slightly in version 1.10.0, suggesting some internal code changes or additions, even if the test suite, linting rules, and formatting remain the same.
Developers looking to leverage Zod for robust runtime validation and static type inference in their TypeScript projects should consider the TypeScript version requirement when choosing between versions. If your project already relies on TypeScript 3.3 or higher, 1.10.0 is the logical choice. Otherwise, sticking with 1.9.2 might be necessary until your project's TypeScript version is updated. Remember to note that both versions are quite old now so probably an update to a newer version would be advised.
All the vulnerabilities related to the version 1.10.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
