Zod version 3.3.0 represents a minor iteration over the previous stable release, version 3.2.0, of this TypeScript-first schema declaration and validation library. Both versions maintain the core functionality of providing developers with a robust and type-safe way to define and validate data structures in their TypeScript applications. They offer static type inference, reducing the need for manual type annotations and enhancing code maintainability.
A key difference between the two versions lies in the distribution package details. Version 3.3.0 has a fileCount of 55 and an unpackedSize of 539232 bytes, whereas version 3.2.0 has a fileCount of 43 and an unpackedSize of 543113 bytes. This suggests that version 3.3.0 might have refined or added more individual files, potentially for better organization or splitting of concerns, while slightly reducing the overall unpacked size. Developers should examine the changelog for more detailed insights.
The core set of devDependencies remains consistent between the two versions, indicating a stable development environment. This includes tools like Jest for testing, ESLint for linting, Rollup for bundling, and TypeScript itself for type checking. Libraries like @typescript-eslint/parser and eslint-plugin-unused-imports further solidify the commitment to code quality and best practices. For developers already using Zod, upgrading from 3.2.0 to 3.3.0 will likely be a smooth transition. New users can benefit from the mature ecosystem and tooling.
All the vulnerabilities related to the version 3.3.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
