[Snyk] Upgrade zod from 3.19.1 to 3.24.3

[eriklopess]

Snyk has created this PR to upgrade zod from 3.19.1 to 3.24.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 127 versions ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ZOD-5925617	696	Proof of Concept

Release notes

Package name: zod

• 3.24.3 - 2025-04-16
  

  Main feature: massive tsc performance improvement in .extend() courtesy of @ Andarist: #4150

  Commits:

  • de1f090 Switch to featured sponsors (#4001)
  • eea05ae Fix headers (#4003)
  • 446644f Tweak feature layout (#4008)
  • 1d6e1cb docs(README): add GQLoom to tools and integrations section (#3995)
  • e2b9a5f Update feature (#4009)
  • 0b5d29e Feature Mintlify (#4014)
  • 47dbb2d Update mintlify feature (#4015)
  • 69d8436 Add Clerk fellowship mention (#4020)
  • 850871d Fix table format
  • f204123 WIP (#4028)
  • 5041dfa WIP (#4045)
  • cb2b857 docs: add TanStack Form to Ecosystem/Form integrations (#4055)
  • 099fe85 docs: add oRPC to Ecosystem (#4042)
  • b999b4b docs: Remove outdated doc 'avoid coercions that throw uncaught errors' (#4005)
  • 19c6d2e docs: update README_KO (#4025)
  • 1061293 WIP (#4060)
  • 07ff0da Update link
  • 4c7d8e5 Update Fern art/link (#4062)
  • 91dcd30 removed unnecessary console logs (#4059)
  • 859ad24 Update alt tag for Retool and Stainless URL (#4071)
  • 220aeda Fix images
  • b865062 update readme.md with zod-csv library (#4021)
  • 0615af8 Fix formatting
  • 12e5866 Add zod 4 beta anno (#4081)
  • faac697 Fix CI
  • 8cca93b Fix CI
  • d114394 Added FullProduct.dev to 'Powered by Zod' in Ecosystem section (#4131)
  • a801ddd Fix broken logo link (#3974)
  • 8fc309a Add packages/docs
  • bfd0913 Remove packages/docs
  • 3e602d4 Optimize extendShape (#4150)
  • 06db7f8 3.24.3
  • a18d25b add back packages/docs
• 3.24.2 - 2025-02-11
  

  Notes

  Support asynchronous checks in z.custom() .

  const customSchema = z.custom<number>(async (x) => {
    return typeof x === "number";
  });

  Commits:

  • cdcf9d4 Bump rollup from 2.79.1 to 2.79.2 (#3895)
  • a2ad370 Bump find-my-way from 8.2.0 to 8.2.2 (#3897)
  • 0e02d66 Bump nanoid from 3.3.7 to 3.3.8 (#3896)
  • 96be65f Bump cross-spawn from 7.0.3 to 7.0.6 (#3882)
  • f7ad261 Bump micromatch from 4.0.7 to 4.0.8 (#3748)
  • d724620 Add zod-struct to utilities for Zod (#3921)
  • 6b96cfd Update README.md (#3949)
  • e376cda Add Courier to README (#3961)
  • 8a099de Add CodeRabbit to sponsors (#3975)
  • 587d160 WIP (#3976)
  • 9d3af2e Add CodeRabbit at Platinum (#3981)
  • eedeb4b docs(X to Zod): Update url for runtyping (#3971)
  • 706f49f fix: redirect url to correct url (#3939)
  • 7365b7d docs: translate README to Korean (#3934)
  • b7e173d Format
  • 1dd44a0 Support async z.custom
  • e308703 v3.24.2
• 3.24.1 - 2024-12-11
  

  Commits:

  • 0c6cbbd Undeprecate .nonempty()
  • 4e219d6 Bump min TS version to 5.0
  • 65adeea v3.24.1
• 3.24.0 - 2024-12-10
  

  Implement @ standard-schema/spec

  This is the first version of Zod to implement the Standard Schema spec. This is a new community effort among several validation library authors to implement a common interface, with the goal of simplifying the process of integrating schema validators with the rest of the ecosystem. Read more about the project and goals here.

  z.string().jwt()

  Thanks to @ Mokshit06 and @ Cognition-Labs for this contribution!

  To verify that a string is a valid 3-part JWT.

  z.string().jwt();
  

  ⚠️ This does not verify your JWT cryptographically! It merely ensures its in the proper format. Use a library like jsonwebtoken to verify the JWT signature, parse the token, and read the claims.

  To constrain the JWT to a specific algorithm:

  z.string().jwt({ alg: "RS256" });

  z.string().base64url()

  Thank you to @ marvinruder!

  To complement the JWT validation, Zod 3.24 implements a standalone .base64url() string validation API. (The three elements of JWTs are base64url-encoded JSON strings.)

  z.string().base64url()

  This functionality is available along the standard z.string().base64() validator added in Zod 3.23.

  z.string().cidr()

  Thanks to @ wataryooou for their work on this!

  A validator for CIDR notation for specifying IP address ranges, e.g. 192.24.12.0/22.

  z.string().cidr()

  To specify an IP version:

  z.string().cidr({ version: "v4" })
  z.string().cidr({ version: "v6" })

  ---

  View the full diff from 3.23.8: v3.23.8...v3.24.0

  • 294f54f Update README_ZH.md about Discriminated unions (#3493)
  • 1247caf Add Kubb as X-to-Zod community tool (#3508)
  • 62b7842 Update default branch
  • c6bc80d Fix issue #3582 : ULID should be case insensitive (#3593)
  • a5b9dc3 docs: add zod-schema-faker to ecosystem (#3605)
  • 9818d0e Add zod-sockets (#3609)
  • 7173d0b Add drizzle-zod library to X to Zod README.md section (#3648)
  • c5a4edc Add 'schemql' in Powered by Zod (#3800)
  • 85916b3 docs: add zod-form-renderer to form integration docs (#3697)
  • 51f1dc3 docs: add unplugin-environment in powered by zod (#3778)
  • 8e74db3 fix: ipv6 regex validation (#3513)
  • 1f4f0da refactor: rename ip version types (#3755)
  • f487d74 Remove faulty ip test case
  • 48f1c47 docs: Remove invalid semicolon in ERROR_HANDLING.md (#3857)
  • 1d0a4b9 fix: bigint coerce crash (#3822)
  • 14dceaa Add API library (#3814)
  • f82f817 feat: z.string.cidr() - support CIDR notation (#3820)
  • 71a0c33 docs: add info on unqualified local datetime strings (#3760)
  • b85686a Add support for base64url strings (#3712)
  • 6407bed Allow creation of discriminated unions with a readonly array of options (#3535)
  • 3755146 Remove createParams cascade from .array() (#3530)
  • 963386d Fix lint
  • 69a1798 Implement Standard Schema spec (#3850)
  • c1dd537 Adds frrm package to documentation (#3818)
  • b68c05f feat: Add JWT string validator (#3893)
• 3.24.0-canary.20241210T065401 - 2024-12-10
• 3.24.0-canary.20241210T060351 - 2024-12-10
• 3.24.0-canary.20241210T025401 - 2024-12-10
• 3.24.0-canary.20241210T025031 - 2024-12-10
• 3.24.0-canary.20241107T043915 - 2024-11-07
• 3.24.0-canary.20241016T212913 - 2024-10-16
• 3.24.0-canary.20241016T212839 - 2024-10-16
• 3.24.0-canary.20240701T200529 - 2024-07-01
• 3.24.0-canary.20240629T005127 - 2024-06-29
• 3.24.0-canary.20240523T174819 - 2024-05-23
• 3.24.0-canary.20240508T190620 - 2024-05-08
• 3.24.0-canary.20240507T181513 - 2024-05-07
• 3.24.0-canary.20240502T210128 - 2024-05-02
• 3.24.0-canary.20240429T193647 - 2024-04-29
• 3.24.0-canary.20240429T193306 - 2024-04-29
• 3.24.0-canary.20240423T173108 - 2024-04-23
• 3.23.8 - 2024-05-08
  

  Commits:

  • 0f4d403 Add Bronze logos (#3470)
  • 1968731 Tweak tiers (#3471)
  • eda7df3 Change RefinementCtx to interface
  • ca42965 v3.23.8
• 3.23.7 - 2024-05-07
  

  Commits:

  • 29d2ea2 Add copper
  • d969423 Fix #3437: extendShape erases JSDoc property documentation (#3463)
  • 2239ff3 Add social crow
  • f985b5b 3.23.7
• 3.23.6 - 2024-05-03
  

  Commits:

  • bc0095a Test on latest node
  • 6e5699a Lint on latest node
  • 1f466d9 describe how one can protect from cyclical objects starting an infini… (#3447)
  • 3fed6f2 Add zod playground link (#3454)
  • 04e1f37 Fixed freezing async ZodReadonly results (#3457)
  • b87e59d Update sponsor tiers (#3453)
  • 1438861 Add copper tier (

[netlify]

✅ Deploy Preview for poetic-kelpie-5e4f8b ready!

Name	Link
🔨 Latest commit	e3141c4
🔍 Latest deploy log	https://app.netlify.com/sites/poetic-kelpie-5e4f8b/deploys/6822f74002936f00080f8547
😎 Deploy Preview	https://deploy-preview-138--poetic-kelpie-5e4f8b.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.