Zod is a TypeScript-first schema declaration and validation library, renowned for its static type inference capabilities. Comparing versions 1.6.0 and 1.5.0 reveals subtle yet important changes that affect developers using this library. Both versions share identical development dependencies, including testing frameworks like Jest and ts-jest, linting tools like TSLint, and code formatters like Prettier ensuring code quality and consistency. Crucially the peer dependencies remain identical suggesting no breaking changes requiring updated tooling. Both versions come with the same MIT license and link to the same GitHub repository, assuring continuity and open-source access.
The main difference lies in the released version with the newer 1.6.0 improving upon version 1.5.0. The size of the library has slightly increased, with unpackedSize going from 222847 to 226106. This increase indicates minor code additions or modifications, potentially including new features, bug fixes, or performance enhancements. Published about six days apart, version 1.6.0 likely addresses immediate feedback or incorporates small iterative improvements to enhance the developer experience. Users upgrading to 1.6.0 can expect the same core functionality with possibly improved stability and potentially minor additions without major breaking changes. The file count remained stable at 127 between the two versions hinting to small content changes rather than architectural refactorings.
All the vulnerabilities related to the version 1.6.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
