Zod is a TypeScript-first schema declaration and validation library, renowned for its static type inference, simplifying data validation in TypeScript projects. Comparing versions 3.11.3 and 3.11.4, developers will find minimal changes, primarily reflected in the dist section of the package metadata. Specifically, version 3.11.4 exhibits a slightly larger unpacked size of 512083 bytes compared to 3.11.3's 510483 bytes; a difference of 1600 bytes. The file count remains consistent at 53 for both versions. The release dates indicate a small gap in time between the releases, with version 3.11.4 being published shortly after 3.11.3, both on the same day. Beyond these minor variations, the core dependencies, development dependencies, licensing, repository details, author information, and funding avenues remain identical. For developers using Zod, this suggests that upgrading from 3.11.3 to 3.11.4 is likely a low-risk endeavor, though it's always advisable to review the changelog for any potential bug fixes or performance enhancements that may not be immediately apparent from the package metadata alone. The unchanged development dependencies imply no internal tooling changes that would impact the development experience.
All the vulnerabilities related to the version 3.11.4 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
