Zod, a TypeScript-first schema declaration and validation library, released version 3.2.0, building upon the foundation of its previous stable version, 3.1.0. Both versions share the same core description, offering static type inference for robust data validation. Key developer features, consistent across both releases, include the MIT license, a clearly defined repository, author information, and a funding link for supporting development.
Examining the developer dependencies, both versions maintain a similar stack, crucial for development and testing. We see versions for testing and linting tools, typescript plugins and configurations, and module bundlers.
The notable difference lies in the updated typescript version, bumped from 4.2.4 in 3.1.0 to 4.3.2 in 3.2.0. This update signals potential enhancements leveraging newer TypeScript features, potentially leading to improved type safety, performance, or developer experience when defining and validating schemas. Furthermore, there's a slight increase in fileCount from 42 to 43 and unpackedSize from 463077 to 543113 that suggests that the new version has added some functionality, fixes or improvements.
For developers, upgrading to Zod 3.2.0 ensures access to the latest TypeScript-compatible features and potential performance gains. While the core validation approach remains consistent, the updated TypeScript dependency could introduce subtle improvements beneficial for complex schema definitions. Consider reviewing the changelog for a comprehensive list of changes beyond dependency updates.
All the vulnerabilities related to the version 3.2.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
