Zod is a TypeScript-first schema declaration and validation library, offering static type inference to ensure data integrity in your applications. Comparing versions 3.9.1 and 3.9.0 reveals subtle but potentially important distinctions for developers. Both versions feature the same core set of development dependencies, indicating a shared tooling and testing environment. This consistency ensures a stable development workflow, leveraging tools like Jest for testing, ESLint for code linting, and Rollup for bundling. The use of TypeScript and associated plugins like @typescript-eslint/parser and @typescript-eslint/eslint-plugin highlights the library's commitment to TypeScript.
The key difference lies in the dist object. Version 3.9.1 has a slightly smaller unpacked size of 495642 bytes compared to 3.9.0's 496143 bytes. This minor reduction could suggest optimizations or bug fixes related to the size, which might lead to slightly faster load times or reduced bundle sizes. The version 3.9.1 was released a bit later than the 3.9.0 as well. Given the rapid pace of JavaScript development, upgrading to the latest minor version (3.9.1) is generally recommended to benefit from these small improvements and also potential bug fixes. Before updating you should always double check the changelog to check the introduced functionalities and fixed bugs that could affect your code.
All the vulnerabilities related to the version 3.9.1 of the package
Zod denial of service vulnerability
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
