[Snyk] Upgrade zod from 3.17.10 to 3.22.1 #448

JonasLang-dev · 2023-09-06T00:32:18Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade zod from 3.17.10 to 3.22.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 43 versions ahead of your current version.
The recommended version was released 21 days ago, on 2023-08-15.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-MONGOOSE-5777721	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-JSON5-3182856	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
Information Exposure SNYK-JS-MONGODB-5871303	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: zod

3.22.1 - 2023-08-15

Commits:

Fix handing of this in ZodFunction schemas. The parse logic for function schemas now requires the Reflect API.

const methodObject = z.object({
  property: z.number(),
  method: z.function().args(z.string()).returns(z.number()),
});
const methodInstance = {
  property: 3,
  method: function (s: string) {
    return s.length + this.property;
  },
};
const parsed = methodObject.parse(methodInstance);
parsed.method("length=8"); // => 11 (8 length + 3 property)

932cc47 Initial prototype fix for issue #2651 (#2652)
0a055e7 3.22.1

3.22.0 - 2023-08-14
Read more
3.22.0-canary.20230814T192256 - 2023-08-14
3.22.0-canary.20230731T015307 - 2023-07-31
3.22.0-canary.20230623T202513 - 2023-06-23
3.22.0-canary.20230623T192520 - 2023-06-23
3.22.0-canary.20230623T190933 - 2023-06-23
3.22.0-canary.20230522T011705 - 2023-05-22
3.22.0-canary.20230522T010750 - 2023-05-22
3.22.0-canary.20230521T235850 - 2023-05-21
3.22.0-canary.20230521T234056 - 2023-05-21
3.22.0-canary.20230521T230556 - 2023-05-21
3.22.0-canary.20230521T230122 - 2023-05-21
3.22.0-canary.20230521T223947 - 2023-05-21
3.22.0-canary.20230517T164447 - 2023-05-17
3.22.0-canary.20230307T060555 - 2023-03-07
3.22.0-canary.20230307T044506 - 2023-03-07
3.22.0-canary.20230306T212237 - 2023-03-06
3.22.0-canary.20230306T210748 - 2023-03-06
3.22.0-canary.20230305T095251 - 2023-03-05
3.22.0-canary.20230305T095130 - 2023-03-05
3.22.0-canary.20230305T093342 - 2023-03-05
3.22.0-canary.20230305T093225 - 2023-03-05
3.22.0-canary.20230305T082229 - 2023-03-05
3.21.5-alpha.0 - 2023-06-04
3.21.4 - 2023-03-07
Commits:
- 22f3cc6 3.21.4
3.21.3 - 2023-03-06
Commits:
- 14c08d8 added more .pipe examples
- 006e652 Fix npm canary action paths pattern (#2148)
- bdcff0f Remove logging in tests
- a5830c6 Reverted #1564
- c458381 Fix tests
- 2db0dca 3.21.3
3.21.2 - 2023-03-06
Commits:
- b276d71 Improve typings in generics
- 4d016b7 Improve type inference in generics
- f9895ab Improve types inside generic functions
- ac0135e Pass input into catchValue
3.21.1 - 2023-03-06
Features

Support for ULID validation
```
z.string().ulid();
```
Commits:
- 4f89461 Prettier
- bd6527a Update deps
- 126c77b added toLowerCase and toUpperCase back in for v3.21.0
- 1749657 Update README.md
- dabe63d updated z.custom example again :D
- 6b8f655 docs: improve cn readme (#2143)
- 9012dc7 add .includes(value, options?) @ ZodString. (#1887)
- 67b981e Make safeParse().error a getter
- 346fde0 3.21.0-canary.20230304T235951
- b50d871 Add canary release CI
- b20cca2 Fix canary
- f7f5c50 Move action to .github/workflows
- f01fa0e Try to fix canary CI
- f5e8067 No git tag
- 5b304ae No dry run
- 20df80e Add tsc compilation test
- ead93d3 Document .pipe()
- d8e8653 Update headers
- 03c0ab1 Cache the evaluation of ParseInputLazyPath.path() for a moderate perf improvement (#2137)
- e7b3b7b Improve string docs
- 83478f5 Remove zod dep
- 2f1868d Specify paths for canary
- e599966 Add sponsors
- 950bd17 Tweak x.custom example
- 728e56a Close #2127
- 64883e4 feat: z.string().ulid() - add support for ulids (#2049)
- e0d709b 3.20.1
- 9c33194 Remove comments, clean up utils
- 942e2db Fix tests
3.21.0 - 2023-03-04
Read more
3.20.6 - 2023-02-09
Commits:
- e693919 3.20.6
3.20.5 - 2023-02-08
Commits:
- e71c7be Fix extract/exclude type error
3.20.4 - 2023-02-08
3.20.4-beta.0 - 2023-02-08
3.20.3 - 2023-02-08
3.20.2 - 2022-12-12
3.20.1 - 2022-12-12
3.20.0 - 2022-12-12
3.20.0-beta.0 - 2022-12-04
3.19.1 - 2022-09-11
3.19.0 - 2022-09-06
3.19.0-beta.0 - 2022-09-06
3.18.0 - 2022-08-09
3.17.10 - 2022-07-22

from zod GitHub release notes

Commit messages

Package name: zod

0a055e7 3.22.1
932cc47 Initial prototype fix for issue #2651 (#2652)
fba438c 3.22.0
981d4b5 Add ZodReadonly (#2634)
1ecd624 Fix prettier
78a4090 docs: update comparison with `runtypes` (#2536)
81a89f5 Update nullish documentation to correct chaining order (#2457)
6aab901 fix typo test name (#2542)
8b8ab3e Update README.md (#2562)
5adae24 docs: add conform form integration (#2577)
d870407 docs: fix incomplete Records example (#2579)
ab8e717 docs: fix typo in z.object (#2570)
fb00edd docs: add VeeValidate form library for Vue.js (#2578)
8677f68 docs(comparison-yup): Yup added partial() and deepPartial() in v1 (#2603)
cfbc7b3 Fix root jest config
9eb2508 Clean up configs
8d8e1a2 Fix deno test bug
73a5610 Update script
c0aece1 Add vitest config
6309322 Update test runners
898dced Revamp tests
5e23b4f Add `*.md` pattern to prettier (#2476)
c576311 Update readme
eaf64e0 Update sponsors

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade zod from 3.17.10 to 3.22.1. See this package in npm: https://www.npmjs.com/package/zod See this project in Snyk: https://app.snyk.io/org/supercutcat/project/08ca081a-fcbb-4842-9424-5da4c249c304?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade zod from 3.17.10 to 3.22.1 #448

[Snyk] Upgrade zod from 3.17.10 to 3.22.1 #448

JonasLang-dev commented Sep 6, 2023

Commits:

Commits:

Commits:

Commits:

Features

Commits:

Commits:

Commits:

[Snyk] Upgrade zod from 3.17.10 to 3.22.1 #448

Are you sure you want to change the base?

[Snyk] Upgrade zod from 3.17.10 to 3.22.1 #448

Conversation

JonasLang-dev commented Sep 6, 2023

Snyk has created this PR to upgrade zod from 3.17.10 to 3.22.1.

Commits:

Commits:

Commits:

Commits:

Features

Commits:

Commits:

Commits: