[Snyk] Upgrade zod from 3.17.10 to 3.22.3 #455

JonasLang-dev · 2023-10-25T15:16:22Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade zod from 3.17.10 to 3.22.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 45 versions ahead of your current version.
The recommended version was released 22 days ago, on 2023-10-03.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-MONGOOSE-5777721	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ZOD-5925617	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-MONGODB-5871303	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: zod

3.22.3 - 2023-10-03
Commits:
- 1e23990 Commit
- 9bd3879 docs: remove obsolete text about readonly types (#2676)
- f59be09 clarify datetime ISO 8601 (#2673)
- 64dcc8e Update sponsors
- 18115a8 Formatting
- 28c1927 Update sponsors
- ad2ee9c 2718 Updated Custom Schemas documentation example to use type narrowing (#2778)
- ae0f7a2 docs: update ref to discriminated-unions docs (#2485)
- 2ba00fe [2609] fix ReDoS vulnerability in email regex (#2824)
- 1e61d76 3.22.3
3.22.2 - 2023-08-19
Commits:
- 13d9e6b Fix lint
- 0d49f10 docs: add typeschema to ecosystem (#2626)
- 8e4af7b X to Zod: add app.quicktype.io (#2668)
- 792b3ef Fix superrefine types

3.22.1 - 2023-08-15

Commits:

Fix handing of this in ZodFunction schemas. The parse logic for function schemas now requires the Reflect API.

const methodObject = z.object({
  property: z.number(),
  method: z.function().args(z.string()).returns(z.number()),
});
const methodInstance = {
  property: 3,
  method: function (s: string) {
    return s.length + this.property;
  },
};
const parsed = methodObject.parse(methodInstance);
parsed.method("length=8"); // => 11 (8 length + 3 property)

932cc47 Initial prototype fix for issue #2651 (#2652)
0a055e7 3.22.1

3.22.0 - 2023-08-14
Read more
3.22.0-canary.20230814T192256 - 2023-08-14
3.22.0-canary.20230731T015307 - 2023-07-31
3.22.0-canary.20230623T202513 - 2023-06-23
3.22.0-canary.20230623T192520 - 2023-06-23
3.22.0-canary.20230623T190933 - 2023-06-23
3.22.0-canary.20230522T011705 - 2023-05-22
3.22.0-canary.20230522T010750 - 2023-05-22
3.22.0-canary.20230521T235850 - 2023-05-21
3.22.0-canary.20230521T234056 - 2023-05-21
3.22.0-canary.20230521T230556 - 2023-05-21
3.22.0-canary.20230521T230122 - 2023-05-21
3.22.0-canary.20230521T223947 - 2023-05-21
3.22.0-canary.20230517T164447 - 2023-05-17
3.22.0-canary.20230307T060555 - 2023-03-07
3.22.0-canary.20230307T044506 - 2023-03-07
3.22.0-canary.20230306T212237 - 2023-03-06
3.22.0-canary.20230306T210748 - 2023-03-06
3.22.0-canary.20230305T095251 - 2023-03-05
3.22.0-canary.20230305T095130 - 2023-03-05
3.22.0-canary.20230305T093342 - 2023-03-05
3.22.0-canary.20230305T093225 - 2023-03-05
3.22.0-canary.20230305T082229 - 2023-03-05
3.21.5-alpha.0 - 2023-06-04
3.21.4 - 2023-03-07
Commits:
- 22f3cc6 3.21.4
3.21.3 - 2023-03-06
Commits:
- 14c08d8 added more .pipe examples
- 006e652 Fix npm canary action paths pattern (#2148)
- bdcff0f Remove logging in tests
- a5830c6 Reverted #1564
- c458381 Fix tests
- 2db0dca 3.21.3
3.21.2 - 2023-03-06
Commits:
- b276d71 Improve typings in generics
- 4d016b7 Improve type inference in generics
- f9895ab Improve types inside generic functions
- ac0135e Pass input into catchValue
3.21.1 - 2023-03-06
Read more
3.21.0 - 2023-03-04
Read more
3.20.6 - 2023-02-09
3.20.5 - 2023-02-08
3.20.4 - 2023-02-08
3.20.4-beta.0 - 2023-02-08
3.20.3 - 2023-02-08
3.20.2 - 2022-12-12
3.20.1 - 2022-12-12
3.20.0 - 2022-12-12
3.20.0-beta.0 - 2022-12-04
3.19.1 - 2022-09-11
3.19.0 - 2022-09-06
3.19.0-beta.0 - 2022-09-06
3.18.0 - 2022-08-09
3.17.10 - 2022-07-22

from zod GitHub release notes

Commit messages

Package name: zod

1e61d76 3.22.3
2ba00fe [2609] fix ReDoS vulnerability in email regex (#2824)
ae0f7a2 docs: update ref to discriminated-unions docs (#2485)
ad2ee9c 2718 Updated Custom Schemas documentation example to use type narrowing (#2778)
28c1927 Update sponsors
18115a8 Formatting
64dcc8e Update sponsors
f59be09 clarify datetime ISO 8601 (#2673)
9bd3879 docs: remove obsolete text about readonly types (#2676)
1e23990 Commit
792b3ef Fix superrefine types
8e4af7b X to Zod: add app.quicktype.io (#2668)
0d49f10 docs: add typeschema to ecosystem (#2626)
13d9e6b Fix lint
0a055e7 3.22.1
932cc47 Initial prototype fix for issue #2651 (#2652)
fba438c 3.22.0
981d4b5 Add ZodReadonly (#2634)
1ecd624 Fix prettier
78a4090 docs: update comparison with `runtypes` (#2536)
81a89f5 Update nullish documentation to correct chaining order (#2457)
6aab901 fix typo test name (#2542)
8b8ab3e Update README.md (#2562)
5adae24 docs: add conform form integration (#2577)