🚨 [security] [cli] Update zod 3.21.4 → 3.22.3 (minor) #511
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ zod (3.21.4 → 3.22.3) · Repo · Changelog
Security Advisories 🚨
🚨 Zod denial of service vulnerability
Release Notes
3.22.2
3.22.1
3.22.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 71 commits:
3.22.3
[2609] fix ReDoS vulnerability in email regex (#2824)
docs: update ref to discriminated-unions docs (#2485)
2718 Updated Custom Schemas documentation example to use type narrowing (#2778)
Update sponsors
Formatting
Update sponsors
clarify datetime ISO 8601 (#2673)
docs: remove obsolete text about readonly types (#2676)
Commit
Fix superrefine types
X to Zod: add app.quicktype.io (#2668)
docs: add typeschema to ecosystem (#2626)
Fix lint
3.22.1
Initial prototype fix for issue #2651 (#2652)
3.22.0
Add ZodReadonly (#2634)
Fix prettier
docs: update comparison with `runtypes` (#2536)
Update nullish documentation to correct chaining order (#2457)
fix typo test name (#2542)
Update README.md (#2562)
docs: add conform form integration (#2577)
docs: fix incomplete Records example (#2579)
docs: fix typo in z.object (#2570)
docs: add VeeValidate form library for Vue.js (#2578)
docs(comparison-yup): Yup added partial() and deepPartial() in v1 (#2603)
Fix root jest config
Clean up configs
Fix deno test bug
Update script
Add vitest config
Update test runners
Revamp tests
Add `*.md` pattern to prettier (#2476)
Update readme
Update sponsors
Update readme
Update README.md
docs: fix typo in link fragment (#2329)
FMC (#2346)
Adds getters to Map for key + value (#2356)
Fix error_handling unrecognized_keys example
fix proto pollution vulnerability (#2239)
remove "as any" casts in createZodEnum (#2332)
docs: add `zodock` to mocking ecosystem (#2394)
docs: add zod-fixture to mocking ecosystem (#2409)
docs: add ts as const example in zod enums (#2412)
docs: add tapiduck to API libraries (#2410)
Document canary
Make email regex reasonable (#2157)
fix: super refinement function types (#2420)
adds ctx to preprocess (#2426)
Generalize uuidRegex
Fix not working Deno doc link. (#2428)
docs: allow Zod to be used in dev tools at site (#2432)
chore: move `exports.types` field to first spot @ package.json. (#2443)
Add masterborn
docs: fix minor typo (#2439)
Add `zod-openapi` to ecosystem (#2434)
Allow subdomains and hyphens in `ZodString.email` (#2274)
docs: Add `zocker` to Ecosystem section (#2416)
docs: add mobx-zod-form to form integrations (#2299)
fixed Datetime & IP TOC links
docs: update deprecated link (#2219)
Testing on Typescript 5.0 (#2221)
Add transloadit
Add superforms
Fix deno test
Comments
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase
.All Depfu comment commands