Zod version 3.0.0 represents a significant upgrade from version 1.11.17, showcasing a clear shift in the project's tooling and development practices. While both versions offer TypeScript-first schema declaration and validation with static type inference, the newer version embraces a more modern and comprehensive development environment. The most notable difference lies in the devDependencies. Version 3.0.0 boasts an extensive suite of tools, including ESLint, Rollup, and crucial plugins for import sorting, unused import detection, and TypeScript-specific linting rules. This highlights a commitment to code quality, consistency, and modern bundling practices. In contrast, version 1.11.17 relies on TSLint, an older linting tool, and lacks the sophisticated tooling apparent in the newer release.
Another key change is the introduction of Husky and lint-staged in v3.0.0, indicating the implementation of git hooks for automated code formatting and linting before commits. This ensures a cleaner and more consistent codebase. Furthermore, the inclusion of dependency-cruiser suggests an effort to visualize and manage dependencies for better architectural understanding. Developers choosing version 3.0.0 benefit from improved code quality, a more robust development workflow, and access to modern tooling. The upgrade to TypeScript 4.2.4 also unlocks the latest language features and performance optimizations. The smaller unpacked size in v3.0.0 despite increased features could suggest better optimization during build and packaging and a more efficient artifact. This represents a more mature and developer-friendly experience compared to older versions.
All the vulnerabilities related to the version 3.0.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
