Zod version 3.22.0 introduces subtle but notable updates compared to its predecessor, 3.21.4, enhancing the developer experience for TypeScript schema validation. Both versions maintain Zod's core strength: providing a TypeScript-first approach to schema declaration and validation, complete with robust static type inference.
A key difference lies in the devDependencies. Version 3.22.0 upgrades @swc/core to ^1.3.66, @swc/jest to ^0.2.26, @babel/core to ^7.22.5, @babel/preset-env to ^7.22.5, @babel/preset-typescript to ^7.22.5, and uses babel-jest":"^29.5.0". These updates likely bring performance improvements and compatibility enhancements leveraging the latest features of the underlying tools. Specifically, the introduction of @swc can speed up the compilation, type checking and unit testing processes with the library. Version 3.22.0 doesn't use vitest anymore.
Furthermore, the unpacked size of version 3.22.0 is slightly larger (614565 bytes) than 3.21.4 (603699 bytes), suggesting potential additions or optimizations within the library's core. The release date also indicates a five-month gap between versions, suggesting accumulated refinements and bug fixes.
For developers, these updates translate to a more streamlined and efficient development workflow, especially concerning build times and test execution. While the core API remains consistent, upgrading to 3.22.0 ensures access to the latest tooling integrations and potential performance benefits. The updated testing dependencies also ensures code quality for developers due to robust unit testing in the library. This highlights Zod's commitment to staying current with the evolving JavaScript and TypeScript ecosystem.
All the vulnerabilities related to the version 3.22.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
