[Snyk] Upgrade zod from 3.22.4 to 3.23.7

[karlclement]

Snyk has created this PR to upgrade zod from 3.22.4 to 3.23.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 64 versions ahead of your current version.

• The recommended version was released on 21 days ago.

Release notes

Package name: zod

• 3.23.7 - 2024-05-07
  

  Commits:

  • 29d2ea2 Add copper
  • d969423 Fix #3437: extendShape erases JSDoc property documentation (#3463)
  • 2239ff3 Add social crow
  • f985b5b 3.23.7
• 3.23.6 - 2024-05-03
  

  Commits:

  • bc0095a Test on latest node
  • 6e5699a Lint on latest node
  • 1f466d9 describe how one can protect from cyclical objects starting an infini… (#3447)
  • 3fed6f2 Add zod playground link (#3454)
  • 04e1f37 Fixed freezing async ZodReadonly results (#3457)
  • b87e59d Update sponsor tiers (#3453)
  • 1438861 Add copper tier (#3460)
  • ce3711e add VSCode dev container support and documenation
  • 93b480b v3.23.6
• 3.23.5 - 2024-04-29
  

  Commits:

  • 110b821 Update README_ZH.md (#3433)
  • c1910bd Made ZodEnum take readonly string array (#3444)
  • 541a862 3.23.5
• 3.23.4 - 2024-04-23
  

  Commits:

  • 157b18d Add 3.23 announcement
  • aedf93f Revert change to default Input
  • 45107f7 v3.23.4
• 3.23.3 - 2024-04-22
  

  Commits:

  • 103d243 3.23.3
• 3.23.2 - 2024-04-22
  

  Commits:

  • c340558 Update protocol
  • ef588d0 Fix t3env
  • 9df70dd 3.23.2
• 3.23.1 - 2024-04-22
  

  This changes the default generics back to any to prevent breakages with common packager like @ hookform/resolvers:

  - class ZodType<Output = unknown, Def extends ZodTypeDef = ZodTypeDef, Input = unknown> {}
  + class ZodType<Output = any, Def extends ZodTypeDef = ZodTypeDef, Input = any> {}

  Commits:

  • 59f4872 Change unknown -> any for ZodType defaults
  • 2ff5ceb 3.23.1
• 3.23.0 - 2024-04-21
  

  Zod 3.23 is now available. This is the final 3.x release before Zod 4.0. To try it out:

  npm install zod

  Features

  z.string().date()

  Zod can now validate ISO 8601 date strings. Thanks @ igalklebanov! #1766

  const schema = z.string().date();
  schema.parse("2022-01-01"); // OK

  z.string().time()

  Zod can now validate ISO 8601 time strings. Thanks @ igalklebanov! #1766

  const schema = z.string().time();
  schema.parse("12:00:00"); // OK

  You can specify sub-second precision using the precision option:

  const schema = z.string().time({ precision: 3 });
  schema.parse("12:00:00.123"); // OK
  schema.parse("12:00:00.123456"); // Error
  schema.parse("12:00:00"); // Error

  z.string().duration()

  Zod can now validate ISO 8601 duration strings. Thanks @ mastermatt! #3265

  const schema = z.string().duration();
  schema.parse("P3Y6M4DT12H30M5S"); // OK

  Improvements to z.string().datetime()

  Thanks @ bchrobot #2522

  You can now allow unqualified (timezone-less) datetimes using the local: true flag.

  const schema = z.string().datetime({ local: true });
  schema.parse("2022-01-01T12:00:00"); // OK

  Plus, Zod now validates the day-of-month correctly to ensure no invalid dates (e.g. February 30th) pass validation. Thanks @ szamanr! #3391

  z.string().base64()

  Zod can now validate base64 strings. Thanks @ StefanTerdell! #3047

  const schema = z.string().base64();
  schema.parse("SGVsbG8gV29ybGQ="); // OK

  Improved discriminated unions

  The following can now be used as discriminator keys in z.discriminatedUnion():

  • ZodOptional
  • ZodNullable
  • ZodReadonly
  • ZodBranded
  • ZodCatch

  const schema = z.discriminatedUnion("type", [
    z.object({ type: z.literal("A").optional(), value: z.number() }),
    z.object({ type: z.literal("B").nullable(), value: z.string() }),
    z.object({ type: z.literal("C").readonly(), value: z.boolean() }),
    z.object({ type: z.literal("D").brand<"D">(), value: z.boolean() }),
    z.object({ type: z.literal("E").catch("E"), value: z.unknown() }),
  ]);

  Misc

  • feature: allow falsy error message by @ fernandollisboa in #3178
  • feature: add attribute message to enum validatiion by @ fernandollisboa in #3169

  Breaking changes

  There are no breaking changes to the public API of Zod. However some changes can impact ecosystem tools that rely on Zod internals.

  ZodFirstPartySchemaTypes

  Three new types have been added to the ZodFirstPartySchemaTypes union. This may impact some codegen libraries. #3247

  +  | ZodPipeline<any, any>
  +  | ZodReadonly<any>
  +  | ZodSymbol;

  Unrecognized keys in .pick() and .omit()

  This version fixes a bug where unknown keys were accidentally accepted in .pick() and omit(). This has been fixed, which could cause compiler errors in some user code. #3255

  z.object({ 
    name: z.string() 
  }).pick({
    notAKey: true // no longer allowed
  })

  Bugfixes and performance

  • Bugfix: Enum.extract/exclude should not remove error mapping by @ shaharke in #3240
  • Added latest stable Node and TypeScript versions to test matrix for up-to-date testing. by @ m10rten in #3278
  • Add types to ZodFirstPartySchemaTypes by @ MatthijsMud in #3247
  • fix: make input of .required() readonly by @ KATT in #3301
  • add never props to safe parse return types by @ schicks in #3295
  • Reporting errors of the preprocess that is the second property of object by @ yukukotani in #2912
  • Improve addQuestionMarks, fix #2184 by @ colinhacks in #3352
  • fix for njs by @ dvv in #3063
  • only look in src for bun test by @ rotu in #3038
  • Restrict .pick()/.omit() mask type to only known properties by @ petrovmiroslav in #3255
  • Make EnumValues generic by @ IlyaSemenov in #2338
  • perf: avoid unnecessary error maps by @ xuxucode in #2532
  • Bugfix: z.record().parse should not filter out undefined values by @ raik-casimiro in #3251
  • Use Set.has instead of Array.indexOf for enum comparison (perf improvement) by @ jmike in #2659
  • [2888] fix emails with single quotes failing validation by @ Mansehej in #2889
  • Bugfix: Commas are incorrectly allowed in email regex. by @ mokemoko in #3286
  • Fix regex in cuid2 validation to be what cuid2 library expects by @ etareduction in #2961
  • Make depcruise pass by @ rotu in #3037
  • Faster ipv4 parsing by @ colinhacks in #3413

  Docs and ecosystem

  • chore: add pastel package to ecosystem by @ jlarmstrongiv in #2949
  • added required styles. by @ Ansh101112 in #2955
  • Feature/better chinese translate by @ NWYLZW in #2988
  • Fix z.instanceof example by @ alexnault in #3003
  • Add documentation to Zod enum exclude/extract functions by @ shaharke in #3044
  • Add docs for coercing nullish values by @ rbuetzer in #3067
  • Adds zod-dev utility to eco-system section by @ schalkventer in #3113
  • Add zhttp library to docs by @ evertdespiegeleer in #3134
  • fixed Readme typo in NaNs example by @ RashJrEdmund in #3181
  • adds zod-config library to the ecosystem by @ alexmarqs in #3200
  • docs: update link and description of conform integration by @ g1eny0ung in #3238
  • Update README.md by @ yugmade13 in #3317
  • feat: overhaul generics section of readme to include more details on z.ZodTypeAny usage by @ braden-w in #3321
  • Fix small typos by @ mmorearty in #3336
  • docs: update Chinese docs and correct some of the typos by @ jiechen257 in #3338
  • docs: improve chinese readme by @ luckrnx09 in #3371
  • Add java-to-zod in X to Zod section by @ ivangreene in #3385
  • docs: add orval to "X to Zod" ecosystems by @ soartec-lab in #3397

  New Contributors

  • @ jlarmstrongiv made their first contribution in #2949
  • @ Ansh101112 made their first contribution in #2955
  • @ NWYLZW made their first contribution in #2988
  • @ alexnault made their first contribution in #3003
  • @ shaharke made their first contribution in #3044
  • @ rbuetzer made their first contribution in #3067
  • @ schalkventer made their first contribution in #3113
  • @ evertdespiegeleer made their first contribution in #3134
  • @ RashJrEdmund made their first contribution in #3181
  • @ alexmarqs made their first contribution in #3200
  • @ JonnyBurger made their first contribution in #3214
  • @ fernandollisboa made their first contribution in

[cloudflare-workers-and-pages]

Deploying squire-web with    Cloudflare Pages

Latest commit:	31d5929
Status:	✅  Deploy successful!
Preview URL:	https://c43b68a2.echolayer-web-sveltekit.pages.dev
Branch Preview URL:	https://snyk-upgrade-3e56a4718987982.echolayer-web-sveltekit.pages.dev

View logs

[ghost]

Hi there, Squire here! 👋

Here's what I can do today:

• /squire review - Call me to perform a review of this PR
• /squire clear - delete all comments Squire has left in this PR.
• /squire summary - I'll summarize the current state of the PR in a comment based on the latest commits.
• /squire update-description - I'll update the PR description with a summary of the current state of the PR based on the latest commits.
• /squire help - I'll remind you of all the commands I can do.

You can always clear and then run review again if you've committed more to get a fresh review.

For more info, including how to add our generated PR descriptions to a template, check out our docs: https://docs.squire.ai/

[ghost]

Pull request summary created by Squire AI

Summary

This pull request, automatically generated by Snyk, upgrades the zod package from version 3.22.4 to 3.23.7 in package.json. The upgrade addresses potential vulnerabilities or issues identified by Snyk, ensuring the project's dependencies remain secure and up-to-date. The intent behind this change is to maintain the project's security posture by keeping its dependencies current, as evidenced by the detailed reference to the Snyk project page.

a8eb317...31d5929

File Summary

File Changes

• package.json: Updated the zod package from version 3.22.4 to 3.23.7.

a8eb317...31d5929

[ghost]

Review completed by Squire AI

• 1 comments were added to this review.
• How did we do? 👍 👎

[ghost]

The import statement for titleize in DetailsTitle.svelte has a typo (titlelize). Correcting it to import titleize from 'titleize'; will ensure the module is properly imported.