Zod 1.11.11 and 1.11.10 are closely related versions of the popular TypeScript-first schema declaration and validation library, designed to provide static type inference, improving the reliability and maintainability of your code. While both versions share the same core description and development dependencies, a few key distinctions might influence a developer's choice.
The most obvious difference is the version property itself. A bump from 1.11.10 to 1.11.11 generally indicates a patch release that includes bug fixes or minor improvements. It's essential for developers to check the changelog on the official repository to understand the specifics fixed in the new version. The releaseDate confirms that version 1.11.11 was released a month later, on November 29, 2020.
The repository URL differs slightly, featuring "colinhacks" in 1.11.11 and "vriad" in 1.11.10 before the name of the Github repo. This potentially signals a change in the organizational structure or ownership of the project. Also, the author's email address reflects corresponding change from "colin@vriad.com" to "colin@colinhacks.com". This detail suggests a potential shift in the project's core team or maintainer.
Furthermore, the dist object shows that version 1.11.11 has a larger unpackedSize of 308122 compared to 280029 in 1.11.10, and also a higher filecount of 123 vs. 122, suggesting added functionality or internal code changes, which also justifies the need to check the changelog. For developers, upgrading to 1.11.11 could offer bug fixes or performance gains, potentially requiring minimal code adjustments. However, examining the changelog and testing remain crucial to ensure seamless integration and prevent unexpected issues. Zod is useful for type definitions and type validations.
All the vulnerabilities related to the version 1.11.11 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
