Zod version 3.17.5 is a minor release over 3.17.4, primarily focusing on internal improvements and adjustments, rather than introducing breaking changes or significantly altering the API experienced by developers. Both versions share the same core description: a TypeScript-first schema declaration and validation library with static type inference, emphasizing their utility in creating robust and type-safe applications.
Examining the package.json data, the dependencies field remains empty and the devDependencies are identical indicating that the underlying development tooling and testing frameworks stay consistent, highlighting the project's commitment to stability. Key tools like typescript, eslint, jest, and rollup remain at the same versions, suggesting a continuous refinement of existing features instead of wide adoption of groundbreaking functionalities.
The most notable difference lies in the dist section. Version 3.17.5 reports a slightly larger unpacked size (462321 Bytes) compared to 3.17.4 (455897 Bytes). This small growth potentially reflects minor code additions, bug fixes, or optimizations within the library's source code. In addition, the package of the newest version was released only ~35min after the previous one, indicating some problem required a bugfix. Developers upgrading from 3.17.4 to 3.17.5 can anticipate that this will contain a small bugfix and will be a drop-in replacement, ensuring consistent validation logic and type safety in their TypeScript projects.
All the vulnerabilities related to the version 3.17.5 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
