Zod, a TypeScript-first schema declaration and validation library designed for static type inference, saw a minor update from version 3.0.1 to 3.0.2 on May 20, 2021. While both versions share identical development dependencies, including testing frameworks like Jest and TypeScript-related tools such as ts-node, @rollup/plugin-typescript, and various ESLint plugins for code quality, a few subtle differences exist. Both releases emphasize developer experience, providing robust type safety and a streamlined approach to data validation within TypeScript projects.
The core functionality and developer tooling remained consistent. This means functionalities like schema definition, parsing, and validation stayed intact. The updated version (3.0.2) has a slightly smaller unpacked size (444,927 bytes compared to 444,994 bytes in 3.0.1), suggesting potential minor optimizations or adjustments in the compiled code. The releaseDate also shows that version 3.0.2 was released approximately 2 hours after 3.0.1.
For developers using Zod, this update likely includes minor bug fixes or performance improvements that don't introduce breaking changes. Users can upgrade from 3.0.1 to 3.0.2 with confidence, anticipating a smoother experience without needing to refactor existing code. The library continues to be MIT licensed and actively maintained by Colin McDonnell, with funding available through GitHub Sponsors.
All the vulnerabilities related to the version 3.0.2 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
