Zod version 1.4.0 represents a minor increment over the 1.3.0 release, continuing its focus as a TypeScript-first schema declaration and validation library renowned for static type inference. Examining the package metadata, both versions share identical development dependencies, including testing frameworks like Jest and ts-jest, linting tools such as TSLint, and formatting via Prettier. The core TypeScript version remains at 3.2, hinting at a focus on backward compatibility.The key changes appear subtle, primarily reflected in the dist section. Version 1.4.0 has a slightly larger unpacked size of 214993 bytes compared to 1.3.0's 213617 bytes, a difference of roughly 1.4 KB. This suggests code optimization, additional features, or expanded type definitions. Both versions maintain the same file count of 121. Crucially, version 1.4.0 was released on April 28, 2020, offering developers the updates and fixes produced in the six days after the release of version 1.3.0, released on April 22, 2020. For developers, this means that any bugs found, or improvements made, in the previous days are addressed in this latest version.
All the vulnerabilities related to the version 1.4.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
