fix(deps): update dependency zod to v3.22.3 [security] - autoclosed

renovate[bot] commented 11 months ago

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
zod (source)	`3.21.4` -> `3.22.3`

GitHub Vulnerability Alerts

CVE-2023-4316

Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.

Release Notes

colinhacks/zod (zod)

### [`v3.22.3`](https://togithub.com/colinhacks/zod/releases/tag/v3.22.3) [Compare Source](https://togithub.com/colinhacks/zod/compare/v3.22.2...v3.22.3) ##### Commits: - [`1e23990`](https://togithub.com/colinhacks/zod/commit/1e23990bcdd33d1e81b31e40e77a031fcfd87ce1) Commit - [`9bd3879`](https://togithub.com/colinhacks/zod/commit/9bd3879b482f139fd03d5025813ee66a04195cdd) docs: remove obsolete text about readonly types ([#2676](https://togithub.com/colinhacks/zod/issues/2676)) - [`f59be09`](https://togithub.com/colinhacks/zod/commit/f59be093ec21430d9f32bbcb628d7e39116adf34) clarify datetime ISO 8601 ([#2673](https://togithub.com/colinhacks/zod/issues/2673)) - [`64dcc8e`](https://togithub.com/colinhacks/zod/commit/64dcc8e2b16febe48fa8e3c82c47c92643e6c9e3) Update sponsors - [`18115a8`](https://togithub.com/colinhacks/zod/commit/18115a8f128680b4526df58ce96deab7dce93b93) Formatting - [`28c1927`](https://togithub.com/colinhacks/zod/commit/28c19273658b164c53c149785fa7a8187c428ad4) Update sponsors - [`ad2ee9c`](https://togithub.com/colinhacks/zod/commit/ad2ee9ccf723c4388158ff6b8669c2a6cdc85643) 2718 Updated Custom Schemas documentation example to use type narrowing ([#2778](https://togithub.com/colinhacks/zod/issues/2778)) - [`ae0f7a2`](https://togithub.com/colinhacks/zod/commit/ae0f7a2c15e7741ee1b23c03a3bfb9acebd86551) docs: update ref to discriminated-unions docs ([#2485](https://togithub.com/colinhacks/zod/issues/2485)) - [`2ba00fe`](https://togithub.com/colinhacks/zod/commit/2ba00fe2377f4d53947a84b8cdb314a63bbd6dd4) \[2609] fix ReDoS vulnerability in email regex ([#2824](https://togithub.com/colinhacks/zod/issues/2824)) - [`1e61d76`](https://togithub.com/colinhacks/zod/commit/1e61d76cdec05de9271fc0df58798ddf9ce94923) 3.22.3 ### [`v3.22.2`](https://togithub.com/colinhacks/zod/releases/tag/v3.22.2) [Compare Source](https://togithub.com/colinhacks/zod/compare/v3.22.1...v3.22.2) ##### Commits: - [`13d9e6b`](https://togithub.com/colinhacks/zod/commit/13d9e6bda286cbd4c1b177171273695d8309e5de) Fix lint - [`0d49f10`](https://togithub.com/colinhacks/zod/commit/0d49f10b3c25a8e4cbb6534cc0773b195c56d06d) docs: add typeschema to ecosystem ([#2626](https://togithub.com/colinhacks/zod/issues/2626)) - [`8e4af7b`](https://togithub.com/colinhacks/zod/commit/8e4af7b56df6f2e3daf0dd825b986f1d963025ce) X to Zod: add app.quicktype.io ([#2668](https://togithub.com/colinhacks/zod/issues/2668)) - [`792b3ef`](https://togithub.com/colinhacks/zod/commit/792b3ef0d41c144cd10641c6966b98dae1222d82) Fix superrefine types ### [`v3.22.1`](https://togithub.com/colinhacks/zod/releases/tag/v3.22.1) [Compare Source](https://togithub.com/colinhacks/zod/compare/v3.22.0...v3.22.1) #### Commits: Fix handing of `this` in ZodFunction schemas. The parse logic for function schemas now requires the `Reflect` API. ```ts const methodObject = z.object({ property: z.number(), method: z.function().args(z.string()).returns(z.number()), }); const methodInstance = { property: 3, method: function (s: string) { return s.length + this.property; }, }; const parsed = methodObject.parse(methodInstance); parsed.method("length=8"); // => 11 (8 length + 3 property) ``` - [`932cc47`](https://togithub.com/colinhacks/zod/commit/932cc472d2e66430d368a409b8d251909d7d8d21) Initial prototype fix for issue [#2651](https://togithub.com/colinhacks/zod/issues/2651) ([#2652](https://togithub.com/colinhacks/zod/issues/2652)) - [`0a055e7`](https://togithub.com/colinhacks/zod/commit/0a055e726ac210ef6efc69aa70cd2491767f6060) 3.22.1 ### [`v3.22.0`](https://togithub.com/colinhacks/zod/releases/tag/v3.22.0) [Compare Source](https://togithub.com/colinhacks/zod/compare/v3.21.4...v3.22.0) #### `ZodReadonly` This release introduces `ZodReadonly` and the `.readonly()` method on `ZodType`. Calling `.readonly()` on any schema returns a `ZodReadonly` instance that wraps the original schema. The new schema parses all inputs using the original schema, then calls `Object.freeze()` on the result. The inferred type is also marked as `readonly`. ```ts const schema = z.object({ name: string }).readonly(); type schema = z.infer; // Readonly<{name: string}> const result = schema.parse({ name: "fido" }); result.name = "simba"; // error ``` The inferred type uses TypeScript's built-in readonly types when relevant. ```ts z.array(z.string()).readonly(); // readonly string[] z.tuple([z.string(), z.number()]).readonly(); // readonly [string, number] z.map(z.string(), z.date()).readonly(); // ReadonlyMap z.set(z.string()).readonly(); // ReadonlySet> ``` #### Commits: - [`6dad907`](https://togithub.com/colinhacks/zod/commit/6dad90785398885f7b058f5c0760d5ae5476b833) Comments - [`56ace68`](https://togithub.com/colinhacks/zod/commit/56ace682e4cc89132c034a3ae2c13b2d5b1a0115) Fix deno test - [`3809d54`](https://togithub.com/colinhacks/zod/commit/3809d54fc8c5dd0a0ce367bd2575fe3fdadf087d) Add superforms - [`d1ad522`](https://togithub.com/colinhacks/zod/commit/d1ad5221900af640bc3093a2fb0476ec0c94953e) Add transloadit - [`a3bb701`](https://togithub.com/colinhacks/zod/commit/a3bb701757127ffe05e773a2e449136b9b7efcb3) Testing on Typescript 5.0 ([#2221](https://togithub.com/colinhacks/zod/issues/2221)) - [`51e14be`](https://togithub.com/colinhacks/zod/commit/51e14beeab2f469fcbf18e3df44653e1643f5487) docs: update deprecated link ([#2219](https://togithub.com/colinhacks/zod/issues/2219)) - [`a263814`](https://togithub.com/colinhacks/zod/commit/a263814fc430db8d47430cd2884d2cea6b11c671) fixed Datetime & IP TOC links - [`502384e`](https://togithub.com/colinhacks/zod/commit/502384e56fe2b1f8173735df6c3b0d41bce04edc) docs: add mobx-zod-form to form integrations ([#2299](https://togithub.com/colinhacks/zod/issues/2299)) - [`a8be450`](https://togithub.com/colinhacks/zod/commit/a8be4500851923aa865e009fe9c2855e80482047) docs: Add `zocker` to Ecosystem section ([#2416](https://togithub.com/colinhacks/zod/issues/2416)) - [`15de22a`](https://togithub.com/colinhacks/zod/commit/15de22a3ba6144c7d8d2276e8e56174bcdfa7225) Allow subdomains and hyphens in `ZodString.email` ([#2274](https://togithub.com/colinhacks/zod/issues/2274)) - [`00f5783`](https://togithub.com/colinhacks/zod/commit/00f5783602ccbe423deb0dbd76ecf13a276bc54d) Add `zod-openapi` to ecosystem ([#2434](https://togithub.com/colinhacks/zod/issues/2434)) - [`0a17340`](https://togithub.com/colinhacks/zod/commit/0a17340e9fc4b909d10ca3687b6bc6454903ff21) docs: fix minor typo ([#2439](https://togithub.com/colinhacks/zod/issues/2439)) - [`60a2134`](https://togithub.com/colinhacks/zod/commit/60a21346086d32ca9f39efc2771f5db37c835c03) Add masterborn - [`0a90ed1`](https://togithub.com/colinhacks/zod/commit/0a90ed1461dafa62ff50ce0d5d5434fd4a2a4a20) chore: move `exports.types` field to first spot @ package.json. ([#2443](https://togithub.com/colinhacks/zod/issues/2443)) - [`67f35b1`](https://togithub.com/colinhacks/zod/commit/67f35b16692ca33fd48adfec9ae83b9514f8a4b7) docs: allow Zod to be used in dev tools at site ([#2432](https://togithub.com/colinhacks/zod/issues/2432)) - [`6795c57`](https://togithub.com/colinhacks/zod/commit/6795c574b1d34f6e95ae891f96d8b219b98ace92) Fix not working Deno doc link. ([#2428](https://togithub.com/colinhacks/zod/issues/2428)) - [`37e9c55`](https://togithub.com/colinhacks/zod/commit/37e9c550460e4edd144da90d903e878c119c5cc1) Generalize uuidRegex - [`0969950`](https://togithub.com/colinhacks/zod/commit/09699501ff6218b3b0a7e382eca3c02a8226ce13) adds ctx to preprocess ([#2426](https://togithub.com/colinhacks/zod/issues/2426)) - [`af08390`](https://togithub.com/colinhacks/zod/commit/af08390139cf9fd4fc9e398b60a39191bf224076) fix: super refinement function types ([#2420](https://togithub.com/colinhacks/zod/issues/2420)) - [`36fef58`](https://togithub.com/colinhacks/zod/commit/36fef58410f4b2c9e79edabae2fc567a4aee13a7) Make email regex reasonable ([#2157](https://togithub.com/colinhacks/zod/issues/2157)) - [`f627d14`](https://togithub.com/colinhacks/zod/commit/f627d14d3bfe3a680ac0d54705b2e63daa912aed) Document canary - [`e06321c`](https://togithub.com/colinhacks/zod/commit/e06321c15d22082e47c7c111a92ec7b3e104c644) docs: add tapiduck to API libraries ([#2410](https://togithub.com/colinhacks/zod/issues/2410)) - [`11e507c`](https://togithub.com/colinhacks/zod/commit/11e507c4d3bf4ad3ab2057a0122168ed0048a2c4) docs: add ts as const example in zod enums ([#2412](https://togithub.com/colinhacks/zod/issues/2412)) - [`5427565`](https://togithub.com/colinhacks/zod/commit/5427565c347a14056bc60e3ffd800b98753952bc) docs: add zod-fixture to mocking ecosystem ([#2409](https://togithub.com/colinhacks/zod/issues/2409)) - [`d3bf7e6`](https://togithub.com/colinhacks/zod/commit/d3bf7e60a8eb706c4c63a9a91fd66565b82883cf) docs: add `zodock` to mocking ecosystem ([#2394](https://togithub.com/colinhacks/zod/issues/2394)) - [`2270ae5`](https://togithub.com/colinhacks/zod/commit/2270ae563f7f14bed770f75d9c252880794fa71f) remove "as any" casts in createZodEnum ([#2332](https://togithub.com/colinhacks/zod/issues/2332)) - [`00bdd0a`](https://togithub.com/colinhacks/zod/commit/00bdd0a7ffdf495af14e67ae1396c85a282c38dd) fix proto pollution vulnerability ([#2239](https://togithub.com/colinhacks/zod/issues/2239)) - [`a3c5256`](https://togithub.com/colinhacks/zod/commit/a3c525658bc43edf40747a99b8f882d8d3d1e0c7) Fix error_handling unrecognized_keys example - [`4f75cbc`](https://togithub.com/colinhacks/zod/commit/4f75cbc682199a5411189f9cd9abba9af4924746) Adds getters to Map for key + value ([#2356](https://togithub.com/colinhacks/zod/issues/2356)) - [`ca7b032`](https://togithub.com/colinhacks/zod/commit/ca7b03222764496d72085b1178fa22f4a57fe579) FMC ([#2346](https://togithub.com/colinhacks/zod/issues/2346)) - [`6fec8bd`](https://togithub.com/colinhacks/zod/commit/6fec8bd3407f463f157522a3979b4d202870ba4c) docs: fix typo in link fragment ([#2329](https://togithub.com/colinhacks/zod/issues/2329)) - [`16f90bd`](https://togithub.com/colinhacks/zod/commit/16f90bd22b465aca9a1fbad09248d80aa93fd824) Update README.md - [`2c80250`](https://togithub.com/colinhacks/zod/commit/2c802507d92d2d2e15be959695b1de78b896bfcb) Update readme - [`eaf64e0`](https://togithub.com/colinhacks/zod/commit/eaf64e09ba1a87dd6bf348fb97061894a01242d2) Update sponsors - [`c576311`](https://togithub.com/colinhacks/zod/commit/c5763112e2912390f3317d738e4261fa8747494e) Update readme - [`5e23b4f`](https://togithub.com/colinhacks/zod/commit/5e23b4fae4715c7391f9ceb4369421a034851b4c) Add `*.md` pattern to prettier ([#2476](https://togithub.com/colinhacks/zod/issues/2476)) - [`898dced`](https://togithub.com/colinhacks/zod/commit/898dced470f1045b5469543abd2f427a713d93eb) Revamp tests - [`6309322`](https://togithub.com/colinhacks/zod/commit/6309322a28545e316299f8b9a36f43132d347300) Update test runners - [`c0aece1`](https://togithub.com/colinhacks/zod/commit/c0aece1672d1442d69ce1991142af8f16ed20ecb) Add vitest config - [`73a5610`](https://togithub.com/colinhacks/zod/commit/73a5610186c413872153e8dcac76c4c4f23dfe4e) Update script - [`8d8e1a2`](https://togithub.com/colinhacks/zod/commit/8d8e1a2d306cecaf3d8cb88f32fe3e130a834f9f) Fix deno test bug - [`9eb2508`](https://togithub.com/colinhacks/zod/commit/9eb2508fac78cc36faefd050e9616bb6d34814c1) Clean up configs - [`cfbc7b3`](https://togithub.com/colinhacks/zod/commit/cfbc7b3f6714ced250dd4053822faf472bf1828e) Fix root jest config - [`8677f68`](https://togithub.com/colinhacks/zod/commit/8677f688b0ab1bb5991e90744f46a15082772bd6) docs(comparison-yup): Yup added partial() and deepPartial() in v1 ([#2603](https://togithub.com/colinhacks/zod/issues/2603)) - [`fb00edd`](https://togithub.com/colinhacks/zod/commit/fb00edd04ca338b8d791a96dead161076538c6c2) docs: add VeeValidate form library for Vue.js ([#2578](https://togithub.com/colinhacks/zod/issues/2578)) - [`ab8e717`](https://togithub.com/colinhacks/zod/commit/ab8e71793431eeb163613007c134132e6c2ab078) docs: fix typo in z.object ([#2570](https://togithub.com/colinhacks/zod/issues/2570)) - [`d870407`](https://togithub.com/colinhacks/zod/commit/d870407a020f9518fbae662f9f48a9aba005a3e2) docs: fix incomplete Records example ([#2579](https://togithub.com/colinhacks/zod/issues/2579)) - [`5adae24`](https://togithub.com/colinhacks/zod/commit/5adae24e9b2fc98fc679defa8f78e4142d4c3451) docs: add conform form integration ([#2577](https://togithub.com/colinhacks/zod/issues/2577)) - [`8b8ab3e`](https://togithub.com/colinhacks/zod/commit/8b8ab3e79691ebafbb9aac3ce089eaf0dcd6d8fe) Update README.md ([#2562](https://togithub.com/colinhacks/zod/issues/2562)) - [`6aab901`](https://togithub.com/colinhacks/zod/commit/6aab9016873c12be08d19bcc097b3e5ba4c9d6fe) fix typo test name ([#2542](https://togithub.com/colinhacks/zod/issues/2542)) - [`81a89f5`](https://togithub.com/colinhacks/zod/commit/81a89f593f4d6b05f770bbb3ad0fc98075f468dd) Update nullish documentation to correct chaining order ([#2457](https://togithub.com/colinhacks/zod/issues/2457)) - [`78a4090`](https://togithub.com/colinhacks/zod/commit/78a409012a4dc34a455f5c4a7e028ca47c921e1b) docs: update comparison with `runtypes` ([#2536](https://togithub.com/colinhacks/zod/issues/2536)) - [`1ecd624`](https://togithub.com/colinhacks/zod/commit/1ecd6241ef97b33ce229b49f1346ffeee5d0ba74) Fix prettier - [`981d4b5`](https://togithub.com/colinhacks/zod/commit/981d4b5e272e7e35ff44a31fbb5e8e90594b1933) Add ZodReadonly ([#2634](https://togithub.com/colinhacks/zod/issues/2634)) - [`fba438c`](https://togithub.com/colinhacks/zod/commit/fba438cddea800b081a15aefc8b1efea2eccf7af) 3.22.0

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

changeset-bot[bot] commented 11 months ago

⚠️ No Changeset found

Latest commit: 70fb7cdc1da0ca2ed6b9a535dc0c58f64e20216a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

vercel[bot] commented 11 months ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
chirpy	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 3, 2023 10:44pm

devrsi0n / chirpy