Zod, a TypeScript-first schema declaration and validation library renowned for its static type inference capabilities, released version 3.5.2 following version 3.5.1. Both versions share the same core functionality, providing developers with a robust and expressive way to define and validate data structures within their TypeScript applications. The developer tooling and dependencies remained consistent between these releases. Key dependencies like TypeScript, ESLint, Jest, and Rollup, along with various plugins and testing utilities (such as @types/jest, ts-jest and eslint-plugin-import), are identical, indicating a focus on maintaining a stable development environment.
While the core functionalities remain the same, subtle internal changes between the 3.5.1 and 3.5.2 are detectable. The unpacked size increased slightly, from 462613 bytes to 463379 bytes. This hints at internal code adjustments, potentially including bug fixes, performance enhancements, or minor feature tweaks even though the package dependencies appear unchanged. While not explicitly documented in the provided metadata, developers should consult the official Zod changelog or release notes on the GitHub repository to understand the specifics of these changes. The later release date of version 3.5.2, indicates a more recent iteration, potentially addressing issues discovered since the release of 3.5.1.
All the vulnerabilities related to the version 3.5.2 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
