Bump zod from 3.25.76 to 4.1.12 #26
Conversation
dependabot
bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
✨🔮 The Orb has been consulted. I will peer into the diffs and whisper my findings. Until the whisper arrives, a fragment of haiku emerges: Zod bumps in diff0, |
![diff0-agent[bot]](https://avatars.githubusercontent.com/in/2044610?s=60&v=4){kind=small}
There was a problem hiding this comment.
🤖 AI Code Review (Summary Only)
Found 8 issue(s):
🔴 bug (critical) in packages/analytics/package.json:16
Breaking major version upgrade from zod@3.25.28 to zod@4.1.12. Zod v4 introduces breaking changes that may cause runtime errors if the codebase relies on v3 APIs.
🔴 bug (critical) in packages/sandbox/package.json:12
Breaking major version upgrade from zod@3.25.28 to zod@4.1.12. This package was using v3 and is now jumping to v4 which has breaking changes.
🟠 bug (high) in pnpm-lock.yaml:10
Inconsistent Zod versions detected in the lockfile. Both zod@3.25.76 and zod@4.1.11 and zod@4.1.12 are present, which can lead to multiple instances of Zod in the bundle and type conflicts.
🟡 performance (medium) in pnpm-lock.yaml
Multiple versions of Zod (3.25.76, 4.1.11, 4.1.12) present in dependency tree will increase bundle size and potentially cause runtime issues due to duplicate code.
🟢 security (low) in pnpm-lock.yaml:1607
Deprecated package detected: @opentelemetry/exporter-jaeger@2.1.0. While not directly related to this PR, the lockfile shows a deprecated dependency that should be addressed.
🟡 suggestion (medium) in apps/web/package.json
Minor version bump from 4.1.11 to 4.1.12. While this is safer, ensure that patch notes are reviewed for any behavioral changes.
🟡 suggestion (medium) in packages/ai/package.json
AI package updated from 4.1.11 to 4.1.12. This package likely has critical validation logic for AI inputs/outputs.
🟠 suggestion (high) in ROOT
No test coverage or validation checks visible in this PR. Major version upgrades (v3 to v4) require comprehensive testing.
Inline positions unavailable. Powered by diff0 AI
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/zod-4.1.12
branch
from
19573d3 to
0dc7f07
Compare
Bumps [zod](https://github.com/colinhacks/zod) from 3.25.76 to 4.1.12. - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v3.25.76...v4.1.12) --- updated-dependencies: - dependency-name: zod dependency-version: 4.1.12 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/zod-4.1.12
branch
from
0dc7f07 to
ca32893
Compare
Bumps zod from 3.25.76 to 4.1.12.
Release notes
Sourced from zod's releases.
... (truncated)
Commits
3b94610v4.1.1277c3c9fExport bg.tsaf44738Fix lintfda4c7cMake docs work without token3fcb20fAdd frrm to ecosystem (#5292)4b1922adocs(content/v4/index): fix zod version (#5289)02a5840refac(errors): Unify code structure and improve types (#5278)62bf4e4fix(ZodError): prevent flatten() from crashing on 'toString' key (#5266)a0abcc0docs(metadata.mdx): fix a mistake in an example output (#5248)c56a4f6docs(ecosystem): addeslint-plugin-zod-x(#5261)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)