Zod version 3.11.6 is a minor patch release following closely after version 3.11.5, both iterations of this TypeScript-first schema declaration and validation library. Developers leveraging Zod for static type inference and runtime validation will find both versions functionally similar, sharing the same core set of dependencies and development tools. This includes essential packages like TypeScript for type checking, Jest for testing, Rollup for bundling, and ESLint for code linting.
The key difference between the two versions lies in the "dist" metadata. While the fileCount remains the same at 53, the unpackedSize of version 3.11.6 is slightly larger, registering at 513139 compared to 512122 in version 3.11.5. This indicates a tiny increase in the overall size of the unpacked library files, likely due to minor code adjustments, bug fixes, or documentation updates rather than a substantial feature addition. From a release date perspective, version 3.11.6 was published approximately 5 minutes after version 3.11.5 suggesting a hotfix or immediate correction as the root cause for the new release. Users are advised to upgrade to the latest patch version (3.11.6) to benefit from any potential bug fixes or minor improvements, ensuring the most stable and reliable experience with Zod. Given the minimal changes indicated, upgrading should present no breaking changes or compatibility concerns for existing Zod implementations.
All the vulnerabilities related to the version 3.11.6 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
