Zod, a TypeScript-first schema declaration and validation library renowned for its static type inference, released version 3.3.2 shortly after 3.3.1. Both versions share the same core functionality and development dependencies, employing tools like Jest for testing, ESLint for linting, and Rollup for bundling. They also depend on the same suite of tools for static analysis, code style enforcement and support for Typescript. The key distinction lies in the updated dist metadata.
Version 3.3.2 features a slightly larger unpacked size of 451,100 bytes compared to version 3.3.1's 447,886 bytes. The file count remains constant at 55 files in both versions. Considering this and the very short period between releases—approximately 32 minutes— it can be inferred that version 3.3.2 likely addresses a small bug fix, performance tweak, or documentation update rather than introducing significant new features. For developers already using Zod, upgrading from 3.3.1 to 3.3.2 is advisable due to the potential for resolved issues. New users can confidently begin with either version, but 3.3.2 is the recommended choice to benefit from the latest improvements. Both versions provide a robust foundation for defining and validating data structures, leveraging TypeScript's type system for enhanced code safety and maintainability. As the difference in version size is minimal, the changes will likely not affect performance.
All the vulnerabilities related to the version 3.3.2 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
