Zod is a TypeScript-first schema declaration and validation library renowned for its static type inference. Comparing versions 1.11.17 and 1.11.16 reveals subtle yet potentially impactful changes for developers. While both versions share the same core functionality, dependencies, development dependencies (like jest, tslint, typescript, and prettier), license (MIT), repository, and author information, differences emerge in the distribution details.
Version 1.11.17 was released on May 2, 2021, a week after version 1.11.16 released on April 25, 2021. The newer version shows a smaller unpacked size of 292133 bytes compared to the previous version's 314351 bytes, suggesting possible code optimizations or the removal of unnecessary files.
For developers, this could translate to a slightly smaller bundle size when using Zod in their projects, potentially improving load times for client-side applications. The number of files included in the package remains constant at 126. This difference in unpacked size, while seemingly minor, could incorporate bug fixes, performance improvements, or internal refactorings, making the newer version generally preferable. Users should review the changelog (available on the project's GitHub repository) to understand the specific changes included in version 1.11.17. Upgrading to the latest patch version is generally recommended to benefit from stability improvements and bug fixes. Zod provides a powerful and type-safe approach to data validation in TypeScript projects.
All the vulnerabilities related to the version 1.11.17 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
