Zod is a TypeScript-first schema declaration and validation library designed to simplify data validation in TypeScript projects. Versions 1.7.0 and 1.6.2, both released on June 5, 2020, share similar characteristics, reflected in their identical dependencies including testing frameworks like Jest and Ts-Jest, linting tools such as TSLint and Prettier, and crucial development dependencies like TypeScript itself. Both versions are licensed under the MIT license, and authored by Colin McDonnell. Both versions also share the same number of files in the distributed package(127).
However, a key difference lies in the unpacked size of the packages. Version 1.7.0 exhibits an unpacked size of 238653 bytes, slightly larger than the 228307 bytes of version 1.6.2. This difference suggests that version 1.7.0 likely incorporates new features, bug fixes, or performance improvements that contribute to a larger footprint.
For developers considering Zod, this indicates an active development cycle focused on refining the library. Upgrading to version 1.7.0 offers access to the latest enhancements, which may include expanded schema types, improved validation logic, or optimized type inference. While the core development dependencies remain consistent, suggesting similar testing and code quality practices, the increased size warrants investigation into the specific changes to leverage the most recent updates of Zod's validation capabilities for robust and type-safe applications.
All the vulnerabilities related to the version 1.7.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
