New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: update zod to 3.22.4 #563
chore: update zod to 3.22.4 #563
Conversation
@adithyaakrishna is attempting to deploy a commit to the Documenso Team Team on Vercel. A member of the Team first needs to authorize it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you also upgrade them across the other packages? I think since a recent commit there were a few other packages that have zod now.
@dguyen Yes sure, will send a commit for that too :) |
048023c
to
2e845d9
Compare
@dguyen Done, I updated |
What was the reason for upgrading next-auth? We prefer to try stay away from unnecessary updates since they generally break things and requires testing. In this case I think upgrading Zod only is fine since there's a vulnerability. |
@dguyen Makes sense, I have reverted the change to |
ca154b5
to
5fd2e52
Compare
Signed-off-by: Adithya Krishna <aadithya794@gmail.com>
Signed-off-by: Adithya Krishna <aadithya794@gmail.com>
Signed-off-by: Adithya Krishna <aadithya794@gmail.com>
Something in the package lock file is breaking the build. When I delete it and re-run everything it works. Could you undo everything, and do the Zod upgrade incrementally so the package lock file is correctly updated? |
Signed-off-by: Adithya Krishna <aadithya794@gmail.com>
3be42a9
to
ac5af71
Compare
@dguyen Fixed it :) |
Cheers 👍 /tip 25 |
🎉🎈 @adithyaakrishna has been awarded $25! 🎈🎊 |
* chore: updated zod Signed-off-by: Adithya Krishna <aadithya794@gmail.com> --------- Signed-off-by: Adithya Krishna <aadithya794@gmail.com>
Description:
3.22.4
as the previous versions had ReDoS vulnerabilityMore Info: colinhacks/zod#2824 and colinhacks/zod#2609