[Snyk] Upgrade zod from 3.17.10 to 3.23.0

[JonasLang-dev]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade zod from 3.17.10 to 3.23.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 103 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2024-04-21.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-MONGOOSE-5777721	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ZOD-5925617	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Information Exposure SNYK-JS-MONGODB-5871303	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NODEMAILER-6219989	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: zod

• 3.23.0 - 2024-04-21
  Read more
• 3.23.0-canary.20240421T221346 - 2024-04-21
• 3.23.0-canary.20240421T220206 - 2024-04-21
• 3.23.0-canary.20240420T221414 - 2024-04-20
• 3.23.0-canary.20240418T224529 - 2024-04-18
• 3.23.0-canary.20240418T011308 - 2024-04-18
• 3.23.0-canary.20240418T003146 - 2024-04-18
• 3.23.0-canary.20240417T235146 - 2024-04-17
• 3.23.0-canary.20240417T010051 - 2024-04-17
• 3.23.0-canary.20240417T001802 - 2024-04-17
• 3.23.0-canary.20240416T233020 - 2024-04-16
• 3.23.0-canary.20240416T232324 - 2024-04-16
• 3.23.0-canary.20240416T231453 - 2024-04-16
• 3.23.0-canary.20240416T230918 - 2024-04-16
• 3.23.0-canary.20240416T222410 - 2024-04-16
• 3.23.0-canary.20240416T210423 - 2024-04-16
• 3.23.0-canary.20240416T204849 - 2024-04-16
• 3.23.0-canary.20240416T201354 - 2024-04-16
• 3.23.0-canary.20240416T195939 - 2024-04-16
• 3.23.0-canary.20240416T051357 - 2024-04-16
• 3.23.0-canary.20240414T000556 - 2024-04-14
• 3.23.0-canary.20240413T085656 - 2024-04-13
• 3.23.0-canary.20240413T011400 - 2024-04-13
• 3.23.0-canary.20240412T032517 - 2024-04-12
• 3.23.0-canary.20240412T023718 - 2024-04-12
• 3.23.0-canary.20240409T033359 - 2024-04-09
• 3.23.0-canary.20240409T032832 - 2024-04-09
• 3.23.0-canary.20240408T222819 - 2024-04-08
• 3.23.0-canary.20240407T005829 - 2024-04-07
• 3.23.0-canary.20240404T043228 - 2024-04-04
• 3.23.0-canary.20240322T225818 - 2024-03-22
• 3.23.0-canary.20240321T233535 - 2024-03-21
• 3.23.0-canary.20240321T225632 - 2024-03-21
• 3.23.0-canary.20240321T224206 - 2024-03-21
• 3.23.0-canary.20240321T200145 - 2024-03-21
• 3.23.0-canary.20240321T195738 - 2024-03-21
• 3.23.0-canary.20240319T231349 - 2024-03-19
• 3.23.0-canary.20240315T001949 - 2024-03-15
• 3.23.0-canary.20240314T051637 - 2024-03-14
• 3.23.0-canary.20240314T051126 - 2024-03-14
• 3.23.0-canary.20240222T232722 - 2024-02-22
• 3.23.0-canary.20240215T003902 - 2024-02-15
• 3.23.0-canary.20240215T003817 - 2024-02-15
• 3.23.0-canary.20240214T232812 - 2024-02-14
• 3.23.0-canary.20231004T224911 - 2023-10-04
• 3.23.0-canary.20231004T215233 - 2023-10-04
• 3.23.0-canary.20231004T213259 - 2023-10-04
• 3.23.0-canary.20231004T210301 - 2023-10-04
• 3.23.0-canary.20231003T200509 - 2023-10-03
• 3.23.0-canary.20231003T183640 - 2023-10-03
• 3.23.0-canary.20231003T183317 - 2023-10-03
• 3.23.0-canary.20230815T194608 - 2023-08-15
• 3.23.0-canary.20230815T194013 - 2023-08-15
• 3.23.0-beta.2 - 2024-04-18
• 3.23.0-beta.1 - 2024-04-18
• 3.23.0-beta.0 - 2024-04-18
  Read more
• 3.22.5 - 2024-04-18
• 3.22.4 - 2023-10-04
  

  Commits:

  • d931ea3 Lint
  • 8e634bd Fix prettier
  • 4018d88 docs: add @ sanity-typed/zod to ecosystem (#2731)
  • 15ba5a4 docs: add zod-sandbox to README ecosystem links (#2707)
  • 699ccae Export jsdoc with @ deprecated when building (#2717)
  • dfe3719 Fix sanity-typed links (#2840)
  • cd7991e fix ulid regex (#2225)
  • 7cb4ba2 Remove stalebot
  • 9340fd5 Lazy emojiRegex
  • e7a9b9b 3.22.4
• 3.22.3 - 2023-10-03
  

  Commits:

  • 1e23990 Commit
  • 9bd3879 docs: remove obsolete text about readonly types (#2676)
  • f59be09 clarify datetime ISO 8601 (#2673)
  • 64dcc8e Update sponsors
  • 18115a8 Formatting
  • 28c1927 Update sponsors
  • ad2ee9c 2718 Updated Custom Schemas documentation example to use type narrowing (#2778)
  • ae0f7a2 docs: update ref to discriminated-unions docs (#2485)
  • 2ba00fe [2609] fix ReDoS vulnerability in email regex (#2824)
  • 1e61d76 3.22.3
• 3.22.2 - 2023-08-19
  

  Commits:

  • 13d9e6b Fix lint
  • 0d49f10 docs: add typeschema to ecosystem (#2626)
  • 8e4af7b X to Zod: add app.quicktype.io (#2668)
  • 792b3ef Fix superrefine types
• 3.22.1 - 2023-08-15
  

  Commits:

  Fix handing of this in ZodFunction schemas. The parse logic for function schemas now requires the Reflect API.

  const methodObject = z.object({
    property: z.number(),
    method: z.function().args(z.string()).returns(z.number()),
  });
  const methodInstance = {
    property: 3,
    method: function (s: string) {
      return s.length + this.property;
    },
  };
  const parsed = methodObject.parse(methodInstance);
  parsed.method("length=8"); // => 11 (8 length + 3 property)

  • 932cc47 Initial prototype fix for issue #2651 (#2652)
  • 0a055e7 3.22.1
• 3.22.0 - 2023-08-14
  Read more
• 3.22.0-canary.20230814T192256 - 2023-08-14
• 3.22.0-canary.20230731T015307 - 2023-07-31
• 3.22.0-canary.20230623T202513 - 2023-06-23
• 3.22.0-canary.20230623T192520 - 2023-06-23
• 3.22.0-canary.20230623T190933 - 2023-06-23
• 3.22.0-canary.20230522T011705 - 2023-05-22
• 3.22.0-canary.20230522T010750 - 2023-05-22
• 3.22.0-canary.20230521T235850 - 2023-05-21
• 3.22.0-canary.20230521T234056 - 2023-05-21
• 3.22.0-canary.20230521T230556 - 2023-05-21
• 3.22.0-canary.20230521T230122 - 2023-05-21
• 3.22.0-canary.20230521T223947 - 2023-05-21
• 3.22.0-canary.20230517T164447 - 2023-05-17
• 3.22.0-canary.20230307T060555 - 2023-03-07
• 3.22.0-canary.20230307T044506 - 2023-03-07
• 3.22.0-canary.20230306T212237 - 2023-03-06
• 3.22.0-canary.20230306T210748 - 2023-03-06
• 3.22.0-canary.20230305T095251 - 2023-03-05
• 3.22.0-canary.20230305T095130 - 2023-03-05
• 3.22.0-canary.20230305T093342 - 2023-03-05
• 3.22.0-canary.20230305T093225 - 2023-03-05
• 3.22.0-canary.20230305T082229 - 2023-03-05
• 3.21.5-alpha.0 - 2023-06-04
• 3.21.4 - 2023-03-07
  

  Commits:

  • 22f3cc6 3.21.4
• 3.21.3 - 2023-03-06
  

  Commits:

  • 14c08d8 added more .pipe examples
  • 006e652 Fix npm canary action paths pattern (#2148)
  • bdcff0f Remove logging in tests
  • a5830c6 Reverted #1564
  • c458381 Fix tests
  • 2db0dca 3.21.3
• 3.21.2 - 2023-03-06
  

  Commits:

  • b276d71 Improve typings in generics
  • 4d016b7 Improve type inference in generics
  • f9895ab Improve types inside generic functions
  • ac0135e Pass input into catchValue
• 3.21.1 - 2023-03-06
• 3.21.0 - 2023-03-04
• 3.20.6 - 2023-02-09
• 3.20.5 - 2023-02-08
• 3.20.4 - 2023-02-08
• 3.20.4-beta.0 - 2023-02-08
• 3.20.3 - 2023-02-08
• 3.20.2 - 2022-12-12
• 3.20.1 - 2022-12-12
• 3.20.0 - 2022-12-12
• 3.20.0-beta.0 - 2022-12-04
• 3.19.1 - 2022-09-11
• 3.19.0 - 2022-09-06
• 3.19.0-beta.0 - 2022-09-06
• 3.18.0 - 2022-08-09
• 3.17.10 - 2022-07-22

from zod GitHub release notes

Commit messages

Package name: zod

• 39a588a Zod v3.23 (#3424)
• 2199854 Fix provenance, update action versions
• 8a5075e Clear playground
• 6c6161f Publish with Provenance (#3426)
• 8b8734d docs: correct typo (#3425)
• 890556e TS compilation perf: faster objectUtil.addQuestionMarks (#2845)
• 42c5dc7 Add PR template
• f4175b3 Update docs
• 4fbafc1 Add Scalar to sponsors
• 7d1197c Make input type equal to output type in z.custom
• 78e5cde Clean up docs
• 579ecb2 Update ZodType generics
• b9d59d2 docs: add `orval` to "X to Zod" ecosystems (#3397)
• 27daef7 Faster ipv4 parsing (#3413)
• 0ca48b2 feat: Add support for ISO-8601 Durations (#3265)
• 8d0a4b3 Use leap year regex
• 30bcf8e Add datetime benchmark
• 35f0a38 Disallow hour-only offsets
• c54e109 Adds base64 string validation (#3047)
• 8835cd3 Make depcruise pass (#3037)
• 907e5f2 Fix regex in cuid2 validation to be what cuid2 library expects (#2961)
• b2ed20c Allow external validators in z.custom
• 9894ce3 fix: escape hyphen in regex (#3286)
• bfdfe5c fix: emails with single quotes not being validated (#2889)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs