Zod, a TypeScript-first schema declaration and validation library, released version 3.3.1 shortly after 3.3.0, both maintaining the core promise of static type inference. Examining the package metadata reveals subtle differences geared towards optimization. While both versions share identical development dependencies, including tools like Jest for testing, Rollup for bundling, and ESLint for code linting, the key distinction lies within the packaged distribution. Version 3.3.1 boasts a significantly smaller unpacked size of 447,886 bytes compared to version 3.3.0's 539,232 bytes. This reduction in size suggests potential improvements in code optimization, dead code elimination, or more efficient bundling techniques employed during the build process. This is very important for developers because a lighter library translates to faster download times,reduced install times and possibly faster runtime performance. Although the features and API remain consistent, developers upgrading to 3.3.1 can expect a leaner package without sacrificing functionality. Both versions were released on the same day, indicating the 3.3.1 likely addresses a small but important bug fix or optimization identified shortly after the 3.3.0 release. Given the identical feature set, migrating to 3.3.1 is highly recommended for the improved efficiency and minimized footprint making it a smoother ride in modern applications.
All the vulnerabilities related to the version 3.3.1 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
