forked from Gozargah/Marzban
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Upgrade zod from 3.22.4 to 3.23.6 #93
Open
Niraj-Dilshan
wants to merge
30
commits into
master
Choose a base branch
from
snyk-upgrade-381020285567fc38797d9422436e15e6
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
[Snyk] Upgrade zod from 3.22.4 to 3.23.6 #93
Niraj-Dilshan
wants to merge
30
commits into
master
from
snyk-upgrade-381020285567fc38797d9422436e15e6
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5663682 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5777683 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813745 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813746 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813750 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192 - https://snyk.io/vuln/SNYK-PYTHON-GRPCIO-5834443 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-PYDANTIC-5907722 - https://snyk.io/vuln/SNYK-PYTHON-PYDANTIC-5926694 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-REDIS-5291195 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-STARLETTE-5538332 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
…2a41d61c45b47 [Snyk] Fix for 20 vulnerabilities
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN12-GNUTLS28-6062100 - https://snyk.io/vuln/SNYK-DEBIAN12-OPENSSL-6048820 - https://snyk.io/vuln/SNYK-DEBIAN12-OPENSSL-6048820 - https://snyk.io/vuln/SNYK-DEBIAN12-PERL-6085273 - https://snyk.io/vuln/SNYK-DEBIAN12-ZLIB-6008963
…51e73e3368be3 [Snyk] Security upgrade python from 3.10-slim to 3.13-rc-slim
Bumps [redis](https://github.com/redis/redis-py) from 4.3.6 to 4.4.4. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v4.3.6...v4.4.4) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Snyk has created this PR to upgrade react-hook-form from 7.43.2 to 7.48.2. See this package in npm: https://www.npmjs.com/package/react-hook-form See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade react-datepicker from 4.10.0 to 4.21.0. See this package in npm: https://www.npmjs.com/package/react-datepicker See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade vite-tsconfig-paths from 4.0.5 to 4.2.1. See this package in npm: https://www.npmjs.com/package/vite-tsconfig-paths See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade apexcharts from 3.40.0 to 3.44.0. See this package in npm: https://www.npmjs.com/package/apexcharts See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6092044
…reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
…c17c0a53fe8db9 [Snyk] Security upgrade react-query from 3.39.3 to 4.0.0
…98c8018077a5e6 [Snyk] Security upgrade cryptography from 41.0.5 to 41.0.6
build(deps): bump redis from 4.3.6 to 4.4.4
…80351efb1c62afa30 [Snyk] Upgrade react-hook-form from 7.43.2 to 7.48.2
…bd7f6009199ea4f09 [Snyk] Upgrade react-datepicker from 4.10.0 to 4.21.0
…ccaeaed2150c2cd65 [Snyk] Upgrade vite-tsconfig-paths from 4.0.5 to 4.2.1
…370d1941a8b2d376e [Snyk] Upgrade apexcharts from 3.40.0 to 3.44.0
Snyk has created this PR to upgrade react-router-dom from 6.8.1 to 6.18.0. See this package in npm: https://www.npmjs.com/package/react-router-dom See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade @chakra-ui/react from 2.5.5 to 2.8.2. See this package in npm: https://www.npmjs.com/package/@chakra-ui/react See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade i18next-http-backend from 2.2.0 to 2.4.1. See this package in npm: https://www.npmjs.com/package/i18next-http-backend See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade react-i18next from 12.2.0 to 12.3.1. See this package in npm: https://www.npmjs.com/package/react-i18next See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade react-loading-skeleton from 3.1.1 to 3.3.1. See this package in npm: https://www.npmjs.com/package/react-loading-skeleton See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
…821691bb9b738929ca [Snyk] Upgrade react-router-dom from 6.8.1 to 6.18.0
…e8ac3da508e4c918ea [Snyk] Upgrade @chakra-ui/react from 2.5.5 to 2.8.2
…e5ead344994cc8720f [Snyk] Upgrade i18next-http-backend from 2.2.0 to 2.4.1
…eac0633048c4cb8450 [Snyk] Upgrade react-i18next from 12.2.0 to 12.3.1
…95d0c24a204a9ce794 [Snyk] Upgrade react-loading-skeleton from 3.1.1 to 3.3.1
Snyk has created this PR to upgrade zod from 3.22.4 to 3.23.6. See this package in npm: zod See this project in Snyk: https://app.snyk.io/org/niraj-dilshan/project/0b571b4b-68d2-405c-b488-037d409eee8b?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade zod from 3.22.4 to 3.23.6.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 63 versions ahead of your current version.
The recommended version was released on 22 days ago.
Release notes
Package name: zod
Commits:
Commits:
Commits:
Commits:
Commits:
This changes the default generics back to
any
to prevent breakages with common packager like@ hookform/resolvers
:Commits:
Zod 3.23 is now available. This is the final
3.x
release before Zod 4.0. To try it out:Features
z.string().date()
Zod can now validate ISO 8601 date strings. Thanks @ igalklebanov! #1766
z.string().time()
Zod can now validate ISO 8601 time strings. Thanks @ igalklebanov! #1766
You can specify sub-second precision using the
precision
option:z.string().duration()
Zod can now validate ISO 8601 duration strings. Thanks @ mastermatt! #3265
Improvements to
z.string().datetime()
Thanks @ bchrobot #2522
You can now allow unqualified (timezone-less) datetimes using the
local: true
flag.Plus, Zod now validates the day-of-month correctly to ensure no invalid dates (e.g. February 30th) pass validation. Thanks @ szamanr! #3391
z.string().base64()
Zod can now validate base64 strings. Thanks @ StefanTerdell! #3047
Improved discriminated unions
The following can now be used as discriminator keys in
z.discriminatedUnion()
:ZodOptional
ZodNullable
ZodReadonly
ZodBranded
ZodCatch
Misc
Breaking changes
There are no breaking changes to the public API of Zod. However some changes can impact ecosystem tools that rely on Zod internals.
ZodFirstPartySchemaTypes
Three new types have been added to the
ZodFirstPartySchemaTypes
union. This may impact some codegen libraries. #3247Unrecognized keys in
.pick()
and.omit()
This version fixes a bug where unknown keys were accidentally accepted in
.pick()
andomit()
. This has been fixed, which could cause compiler errors in some user code. #3255Bugfixes and performance
ZodFirstPartySchemaTypes
by @ MatthijsMud in #3247input
of.required()
readonly by @ KATT in #3301addQuestionMarks
, fix #2184 by @ colinhacks in #3352src
forbun test
by @ rotu in #3038Docs and ecosystem
zod-dev
utility to eco-system section by @ schalkventer in #3113orval
to "X to Zod" ecosystems by @ soartec-lab in #3397New Contributors