Zod version 3.20.0 introduces updates and refinements to this TypeScript-first schema declaration and validation library, built with static type inference a key focus. Compared to the previous stable version, 3.19.1, several changes have been made. Notably, there are updates to the development dependencies showcasing efforts to stay current with the latest tooling. Jest sees an upgrade from version 27.5.1 to 29.3.1, while ts-jest also moves from 27.1.3 to 29.0.3. The TypeScript version used for development is also notably bumped from 4.1 to 4.5. This is potentially interesting for developers who use TypeScript since they might be able to use more recent features and fixes to their TypeScript code. Also, @types/jest has changed versions from 26.0.17 to 29.2.2, which can contain breaking changes and might need to be adjusted when using in your tests.
While the core dependencies remain empty, the updated devDependencies suggest improvements in testing, code quality, and build processes. The library now uses a more recent version of jest, improving the potential of the tests provided by the library. For developers using Zod, these updates signal a commitment to maintaining a modern and well-tested library. Furthermore, the unpackedSize in the distribution metadata increased from 482766 to 544272, which is a subtle but interesting difference which might indicate some changes to the packages provided with the library. Finally, note that the release date is different so there is definetely a version difference.
All the vulnerabilities related to the version 3.20.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
