js
js copied to clipboard
fix(deps): update dependency zod to v3.22.3 [security]
This PR contains the following updates:
Package | Change | Age | Adoption | Passing | Confidence |
---|---|---|---|---|---|
zod (source) | 3.21.4 -> 3.22.3 |
GitHub Vulnerability Alerts
CVE-2023-4316
Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.
Release Notes
colinhacks/zod (zod)
v3.22.3
Commits:
-
1e23990
Commit -
9bd3879
docs: remove obsolete text about readonly types (#2676) -
f59be09
clarify datetime ISO 8601 (#2673) -
64dcc8e
Update sponsors -
18115a8
Formatting -
28c1927
Update sponsors -
ad2ee9c
2718 Updated Custom Schemas documentation example to use type narrowing (#2778) -
ae0f7a2
docs: update ref to discriminated-unions docs (#2485) -
2ba00fe
[2609] fix ReDoS vulnerability in email regex (#2824) -
1e61d76
3.22.3
v3.22.2
Commits:
-
13d9e6b
Fix lint -
0d49f10
docs: add typeschema to ecosystem (#2626) -
8e4af7b
X to Zod: add app.quicktype.io (#2668) -
792b3ef
Fix superrefine types
v3.22.1
Commits:
Fix handing of this
in ZodFunction schemas. The parse logic for function schemas now requires the Reflect
API.
const methodObject = z.object({
property: z.number(),
method: z.function().args(z.string()).returns(z.number()),
});
const methodInstance = {
property: 3,
method: function (s: string) {
return s.length + this.property;
},
};
const parsed = methodObject.parse(methodInstance);
parsed.method("length=8"); // => 11 (8 length + 3 property)
v3.22.0
ZodReadonly
This release introduces ZodReadonly
and the .readonly()
method on ZodType
.
Calling .readonly()
on any schema returns a ZodReadonly
instance that wraps the original schema. The new schema parses all inputs using the original schema, then calls Object.freeze()
on the result. The inferred type is also marked as readonly
.
const schema = z.object({ name: string }).readonly();
type schema = z.infer<typeof schema>;
// Readonly<{name: string}>
const result = schema.parse({ name: "fido" });
result.name = "simba"; // error
The inferred type uses TypeScript's built-in readonly types when relevant.
z.array(z.string()).readonly();
// readonly string[]
z.tuple([z.string(), z.number()]).readonly();
// readonly [string, number]
z.map(z.string(), z.date()).readonly();
// ReadonlyMap<string, Date>
z.set(z.string()).readonly();
// ReadonlySet<Promise<string>>
Commits:
-
6dad907
Comments -
56ace68
Fix deno test -
3809d54
Add superforms -
d1ad522
Add transloadit -
a3bb701
Testing on Typescript 5.0 (#2221) -
51e14be
docs: update deprecated link (#2219) -
a263814
fixed Datetime & IP TOC links -
502384e
docs: add mobx-zod-form to form integrations (#2299) -
a8be450
docs: Addzocker
to Ecosystem section (#2416) -
15de22a
Allow subdomains and hyphens inZodString.email
(#2274) -
00f5783
Addzod-openapi
to ecosystem (#2434) -
0a17340
docs: fix minor typo (#2439) -
60a2134
Add masterborn -
0a90ed1
chore: moveexports.types
field to first spot @ package.json. (#2443) -
67f35b1
docs: allow Zod to be used in dev tools at site (#2432) -
6795c57
Fix not working Deno doc link. (#2428) -
37e9c55
Generalize uuidRegex -
0969950
adds ctx to preprocess (#2426) -
af08390
fix: super refinement function types (#2420) -
36fef58
Make email regex reasonable (#2157) -
f627d14
Document canary -
e06321c
docs: add tapiduck to API libraries (#2410) -
11e507c
docs: add ts as const example in zod enums (#2412) -
5427565
docs: add zod-fixture to mocking ecosystem (#2409) -
d3bf7e6
docs: addzodock
to mocking ecosystem (#2394) -
2270ae5
remove "as any" casts in createZodEnum (#2332) -
00bdd0a
fix proto pollution vulnerability (#2239) -
a3c5256
Fix error_handling unrecognized_keys example -
4f75cbc
Adds getters to Map for key + value (#2356) -
ca7b032
FMC (#2346) -
6fec8bd
docs: fix typo in link fragment (#2329) -
16f90bd
Update README.md -
2c80250
Update readme -
eaf64e0
Update sponsors -
c576311
Update readme -
5e23b4f
Add*.md
pattern to prettier (#2476) -
898dced
Revamp tests -
6309322
Update test runners -
c0aece1
Add vitest config -
73a5610
Update script -
8d8e1a2
Fix deno test bug -
9eb2508
Clean up configs -
cfbc7b3
Fix root jest config -
8677f68
docs(comparison-yup): Yup added partial() and deepPartial() in v1 (#2603) -
fb00edd
docs: add VeeValidate form library for Vue.js (#2578) -
ab8e717
docs: fix typo in z.object (#2570) -
d870407
docs: fix incomplete Records example (#2579) -
5adae24
docs: add conform form integration (#2577) -
8b8ab3e
Update README.md (#2562) -
6aab901
fix typo test name (#2542) -
81a89f5
Update nullish documentation to correct chaining order (#2457) -
78a4090
docs: update comparison withruntypes
(#2536) -
1ecd624
Fix prettier -
981d4b5
Add ZodReadonly (#2634) -
fba438c
3.22.0
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.