Zod is a TypeScript-first schema declaration and validation library renowned for its static type inference, providing developers with a robust and efficient way to ensure data integrity within their applications. Comparing versions 3.8.2 and 3.8.1 reveals subtle yet important distinctions. Both versions share the same core functionality and developer dependencies such as Jest for testing, Rollup for bundling, and ESLint for code linting.
A notable difference lies in the typescript version specified as a dev dependency. Version 3.8.2 relaxes the exact version requirement to 4.3, while 3.8.1 specifically uses ^4.3.2. This looseness in 3.8.2 might provide more flexibility for developers using TypeScript, allowing them to use any patch version within the 4.3 series. There's also a minor change in unpackedSize of the package, possibly due to small code optimizations between the versions.
Given the minor version increment, the updates in 3.8.2 likely involve bug fixes, performance improvements, or minor feature enhancements that don't break existing APIs. For developers already using Zod, upgrading to 3.8.2 is generally recommended to benefit from these improvements. Always consult the official Zod changelog and test your application after upgrading any dependency. Both versions maintain the MIT license and are funded through GitHub Sponsors, encouraging community contributions and ensuring long-term maintainability.
All the vulnerabilities related to the version 3.8.2 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
