Zod version 3.7.0 represents a minor update over the previous stable version, 3.6.1, in this TypeScript-first schema declaration and validation library. While the core functionality remains consistent, there are subtle but noteworthy changes for developers. Both versions share the same development dependencies, including tools for testing (Jest, ts-jest), linting (ESLint, Prettier), bundling (Rollup), and TypeScript support (ts-node, typescript). The license, repository, author, and funding information are also identical, ensuring continuity for users.
The key difference lies in the distribution specifics. Version 3.7.0 has a slightly smaller unpacked size (464677 bytes) compared to 3.6.1 (467023 bytes), suggesting potential optimizations in the bundled code or a reduction in overall package size. Both versions contain the same number of files. These updates are typically focused on internal improvements like bug fixes, performance enhancements, and refinements to the type definitions, which may not be immediately apparent but contribute to a smoother developer experience.
Developers choosing between these versions should opt for the latest (3.7.0) to benefit from the most recent improvements and potentially reduced bundle sizes. While the changes may seem minor, incorporating the latest version ensures compatibility with the newest TypeScript features and best practices, contributing to a more maintainable and efficient codebase. Users should consult the official Zod changelog on Github/npmjs for detailed release notes to understand the specific changes.
All the vulnerabilities related to the version 3.7.0 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
