Zod, a TypeScript-first schema declaration and validation library, released version 3.13.3 shortly after 3.13.2. Both offer static type inference, simplifying data validation in TypeScript projects. The key difference lies in their dependencies: version 3.13.2 had no declared runtime dependencies, while version 3.13.3 introduces a runtime dependency on tslib.
For developers, this means that while upgrading to 3.13.3, your project will now require tslib as a runtime dependency. While minimal in size, it's essential to ensure that tslib is included in your project's bundle or is otherwise available in the runtime environment. This inclusion is crucial for compatibility and prevents runtime errors.
Beyond this dependency change, both versions share the same development dependencies, including vital tools like Jest for testing, ESLint for code linting, and Rollup for bundling. The description, license, repository, author, and funding information remain consistent across both versions. Moreover, metadata like the file count within distributed tarball, remains the same indicating no major structural modifications. The 'unpackedSize' of 3.13.3 has a slight increase of 303 bytes. Both versions are recent and offer tools to efficiently validate and perform schema management in TypeScript. Make sure to include tslib to you project when you upgrade to 3.13.3.
All the vulnerabilities related to the version 3.13.3 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
