Zod is a TypeScript-first schema declaration and validation library designed to provide robust static type inference, streamlining data validation within TypeScript projects. Comparing versions 1.9.2 and 1.9.1, developers will find largely similar functionality, indicated by identical dependency configurations for testing and development environments. Both versions rely on tools like Jest for testing, TSLint and Prettier for code quality, and TypeScript for type checking. The core development dependencies remain consistent suggesting maintenance of the existing feature set rather than the introduction of new functionalities in version 1.9.2.
A key difference lies in the distribution metadata, specifically the unpackedSize. Version 1.9.2 presents a slightly smaller footprint at 254704 bytes compared to 1.9.1's 256178 bytes. This reduction, although marginal, could signal minor optimizations or code cleanup within the library. The versions also have substantially different releaseDate with only one day difference, meaning that the expected amount of work is expectedly very small. Given the negligible changes, upgrading from 1.9.1 to 1.9.2 represents a low-risk update, primarily offering potential improvements in bundle size, even though minimal. For developers already using Zod, this update is recommended, whereas new users can safely adopt either version as their entry point to leveraging schema validation and type inference.
All the vulnerabilities related to the version 1.9.2 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
