fix(deps): update dependency zod to v3.22.3 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
zod (source)	3.21.4 -> 3.22.3

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2023-4316

Zod version 3.22.2 allows an attacker to perform a denial of service while validating emails.

---

Release Notes

colinhacks/zod (zod)

v3.22.3

Compare Source

Commits:

• 1e23990 Commit
• 9bd3879 docs: remove obsolete text about readonly types (#​2676)
• f59be09 clarify datetime ISO 8601 (#​2673)
• 64dcc8e Update sponsors
• 18115a8 Formatting
• 28c1927 Update sponsors
• ad2ee9c 2718 Updated Custom Schemas documentation example to use type narrowing (#​2778)
• ae0f7a2 docs: update ref to discriminated-unions docs (#​2485)
• 2ba00fe [2609] fix ReDoS vulnerability in email regex (#​2824)
• 1e61d76 3.22.3

v3.22.2

Compare Source

Commits:

• 13d9e6b Fix lint
• 0d49f10 docs: add typeschema to ecosystem (#​2626)
• 8e4af7b X to Zod: add app.quicktype.io (#​2668)
• 792b3ef Fix superrefine types

v3.22.1

Compare Source

Commits:

Fix handing of this in ZodFunction schemas. The parse logic for function schemas now requires the Reflect API.

const methodObject = z.object({
  property: z.number(),
  method: z.function().args(z.string()).returns(z.number()),
});
const methodInstance = {
  property: 3,
  method: function (s: string) {
    return s.length + this.property;
  },
};
const parsed = methodObject.parse(methodInstance);
parsed.method("length=8"); // => 11 (8 length + 3 property)

• 932cc47 Initial prototype fix for issue #​2651 (#​2652)
• 0a055e7 3.22.1

v3.22.0

Compare Source

ZodReadonly

This release introduces ZodReadonly and the .readonly() method on ZodType.

Calling .readonly() on any schema returns a ZodReadonly instance that wraps the original schema. The new schema parses all inputs using the original schema, then calls Object.freeze() on the result. The inferred type is also marked as readonly.

const schema = z.object({ name: string }).readonly();
type schema = z.infer<typeof schema>;
// Readonly<{name: string}>

const result = schema.parse({ name: "fido" });
result.name = "simba"; // error

The inferred type uses TypeScript's built-in readonly types when relevant.

z.array(z.string()).readonly();
// readonly string[]

z.tuple([z.string(), z.number()]).readonly();
// readonly [string, number]

z.map(z.string(), z.date()).readonly();
// ReadonlyMap<string, Date>

z.set(z.string()).readonly();
// ReadonlySet<Promise<string>>

Commits:

• 6dad907 Comments
• 56ace68 Fix deno test
• 3809d54 Add superforms
• d1ad522 Add transloadit
• a3bb701 Testing on Typescript 5.0 (#​2221)
• 51e14be docs: update deprecated link (#​2219)
• a263814 fixed Datetime & IP TOC links
• 502384e docs: add mobx-zod-form to form integrations (#​2299)
• a8be450 docs: Add zocker to Ecosystem section (#​2416)
• 15de22a Allow subdomains and hyphens in ZodString.email (#​2274)
• 00f5783 Add zod-openapi to ecosystem (#​2434)
• 0a17340 docs: fix minor typo (#​2439)
• 60a2134 Add masterborn
• 0a90ed1 chore: move exports.types field to first spot @​ package.json. (#​2443)
• 67f35b1 docs: allow Zod to be used in dev tools at site (#​2432)
• 6795c57 Fix not working Deno doc link. (#​2428)
• 37e9c55 Generalize uuidRegex
• 0969950 adds ctx to preprocess (#​2426)
• af08390 fix: super refinement function types (#​2420)
• 36fef58 Make email regex reasonable (#​2157)
• f627d14 Document canary
• e06321c docs: add tapiduck to API libraries (#​2410)
• 11e507c docs: add ts as const example in zod enums (#​2412)
• 5427565 docs: add zod-fixture to mocking ecosystem (#​2409)
• d3bf7e6 docs: add zodock to mocking ecosystem (#​2394)
• 2270ae5 remove "as any" casts in createZodEnum (#​2332)
• 00bdd0a fix proto pollution vulnerability (#​2239)
• a3c5256 Fix error_handling unrecognized_keys example
• 4f75cbc Adds getters to Map for key + value (#​2356)
• ca7b032 FMC (#​2346)
• 6fec8bd docs: fix typo in link fragment (#​2329)
• 16f90bd Update README.md
• 2c80250 Update readme
• eaf64e0 Update sponsors
• c576311 Update readme
• 5e23b4f Add *.md pattern to prettier (#​2476)
• 898dced Revamp tests
• 6309322 Update test runners
• c0aece1 Add vitest config
• 73a5610 Update script
• 8d8e1a2 Fix deno test bug
• 9eb2508 Clean up configs
• cfbc7b3 Fix root jest config
• 8677f68 docs(comparison-yup): Yup added partial() and deepPartial() in v1 (#​2603)
• fb00edd docs: add VeeValidate form library for Vue.js (#​2578)
• ab8e717 docs: fix typo in z.object (#​2570)
• d870407 docs: fix incomplete Records example (#​2579)
• 5adae24 docs: add conform form integration (#​2577)
• 8b8ab3e Update README.md (#​2562)
• 6aab901 fix typo test name (#​2542)
• 81a89f5 Update nullish documentation to correct chaining order (#​2457)
• 78a4090 docs: update comparison with runtypes (#​2536)
• 1ecd624 Fix prettier
• 981d4b5 Add ZodReadonly (#​2634)
• fba438c 3.22.0

---

Configuration

📅 Schedule: Branch creation - "" in timezone Europe/Paris, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock

➤ YN0000: ┌ Resolution step
➤ YN0002: │ @aws-sdk/token-providers@npm:3.523.0 doesn't provide @aws-sdk/credential-provider-node (pc9a53), requested by @aws-sdk/client-sso-oidc
➤ YN0002: │ @aws-sdk/token-providers@npm:3.525.0 doesn't provide @aws-sdk/credential-provider-node (pcac39), requested by @aws-sdk/client-sso-oidc
➤ YN0002: │ @lerna/version@npm:5.6.2 doesn't provide nx (p20b2d), requested by @nrwl/devkit
➤ YN0002: │ @shared/utils@workspace:shared/utils doesn't provide @swc/core (p28398), requested by @swc/jest
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react (p25b1e), requested by @reach/dialog
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react (p2322a), requested by @socialgouv/react-accessible-accordion
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react (pda81a), requested by react-feather
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react (pc8483), requested by react-tabs
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react (pae870), requested by styled-components
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react (p5018a), requested by use-onclickoutside
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react-dom (p7bd1d), requested by @reach/dialog
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react-dom (p315a7), requested by @socialgouv/react-accessible-accordion
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react-dom (p463ae), requested by styled-components
➤ YN0002: │ @socialgouv/cdtn-ui@npm:4.102.2 doesn't provide react-is (p5206e), requested by styled-components
➤ YN0002: │ @tiptap/starter-kit@npm:2.1.12 doesn't provide @tiptap/pm (p6560d), requested by @tiptap/core
➤ YN0002: │ @tiptap/starter-kit@npm:2.1.12 doesn't provide @tiptap/pm (p1fe9b), requested by @tiptap/extension-code-block
➤ YN0002: │ @tiptap/starter-kit@npm:2.1.12 doesn't provide @tiptap/pm (pda644), requested by @tiptap/extension-dropcursor
➤ YN0002: │ @tiptap/starter-kit@npm:2.1.12 doesn't provide @tiptap/pm (pa1b36), requested by @tiptap/extension-gapcursor
➤ YN0002: │ @tiptap/starter-kit@npm:2.1.12 doesn't provide @tiptap/pm (p6fff9), requested by @tiptap/extension-history
➤ YN0002: │ @tiptap/starter-kit@npm:2.1.12 doesn't provide @tiptap/pm (p85123), requested by @tiptap/extension-horizontal-rule
➤ YN0002: │ babel-plugin-styled-components@npm:2.1.4 [bb3ef] doesn't provide @babel/core (p6f303), requested by @babel/plugin-syntax-jsx
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @testing-library/dom (p3b203), requested by @testing-library/user-event
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (p76d20), requested by @tiptap-pro/extension-details-content
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (p17edc), requested by @tiptap-pro/extension-details-summary
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (pd7d9d), requested by @tiptap-pro/extension-details
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (pb6f97), requested by @tiptap/extension-link
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (p06ec2), requested by @tiptap/extension-placeholder
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (pb36e0), requested by @tiptap/extension-table-cell
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (pe4bdb), requested by @tiptap/extension-table-header
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (p2de94), requested by @tiptap/extension-table-row
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (p2e5c3), requested by @tiptap/extension-table
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide @tiptap/core (pbd616), requested by @tiptap/react
➤ YN0060: │ frontend@workspace:targets/frontend provides react (pf2b7a) with version 18.2.0, which doesn't satisfy what @reach/accordion and some of its descendants request
➤ YN0060: │ frontend@workspace:targets/frontend provides react (p6bbce) with version 18.2.0, which doesn't satisfy what @reach/dialog and some of its descendants request
➤ YN0060: │ frontend@workspace:targets/frontend provides react (p33600) with version 18.2.0, which doesn't satisfy what @reach/menu-button and some of its descendants request
➤ YN0060: │ frontend@workspace:targets/frontend provides react (pfc100) with version 18.2.0, which doesn't satisfy what @reach/visually-hidden requests
➤ YN0060: │ frontend@workspace:targets/frontend provides react (p90d1a) with version 18.2.0, which doesn't satisfy what react-sortable-hoc requests
➤ YN0060: │ frontend@workspace:targets/frontend provides react-dom (p19c5b) with version 18.2.0, which doesn't satisfy what @reach/accordion and some of its descendants request
➤ YN0060: │ frontend@workspace:targets/frontend provides react-dom (p3bf58) with version 18.2.0, which doesn't satisfy what @reach/dialog and some of its descendants request
➤ YN0060: │ frontend@workspace:targets/frontend provides react-dom (p9cf59) with version 18.2.0, which doesn't satisfy what @reach/menu-button and some of its descendants request
➤ YN0060: │ frontend@workspace:targets/frontend provides react-dom (p29f85) with version 18.2.0, which doesn't satisfy what @reach/visually-hidden requests
➤ YN0060: │ frontend@workspace:targets/frontend provides react-dom (pe4e63) with version 18.2.0, which doesn't satisfy what react-sortable-hoc requests
➤ YN0002: │ frontend@workspace:targets/frontend doesn't provide react-is (pd0ac5), requested by @reach/menu-button
➤ YN0060: │ ingester@workspace:targets/ingester provides typescript (p0efae) with version 5.4.3, which doesn't satisfy what ts-jest requests
➤ YN0000: │ Some peer dependencies are incorrectly met; run yarn explain peer-requirements <hash> for details, where <hash> is the six-letter p-prefixed code
➤ YN0000: └ Completed in 3s 138ms
➤ YN0000: ┌ Fetch step
➤ YN0035: │ @tiptap-pro/extension-details@npm:2.3.3: The remote server failed to provide the requested resource
➤ YN0035: │   Response Code: 403 (Forbidden)
➤ YN0035: │   Request Method: GET
➤ YN0035: │   Request URL: https://registry.tiptap.dev/@tiptap-pro/extension-details/-/extension-details-2.3.3.tgz
➤ YN0035: │ @tiptap-pro/extension-details-content@npm:2.3.3: The remote server failed to provide the requested resource
➤ YN0035: │   Response Code: 403 (Forbidden)
➤ YN0035: │   Request Method: GET
➤ YN0035: │   Request URL: https://registry.tiptap.dev/@tiptap-pro/extension-details-content/-/extension-details-content-2.3.3.tgz
➤ YN0035: │ @tiptap-pro/extension-details-summary@npm:2.3.3: The remote server failed to provide the requested resource
➤ YN0035: │   Response Code: 403 (Forbidden)
➤ YN0035: │   Request Method: GET
➤ YN0035: │   Request URL: https://registry.tiptap.dev/@tiptap-pro/extension-details-summary/-/extension-details-summary-2.3.3.tgz
➤ YN0013: │ 2204 packages were already cached, 7 had to be fetched
➤ YN0000: └ Completed in 5s 213ms
➤ YN0000: Failed with errors in 8s 361ms

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: yarn.lock

! Corepack is about to download https://repo.yarnpkg.com/3.6.4/packages/yarnpkg-cli/bin/yarn.js
/opt/containerbase/tools/corepack/0.34.4/24.10.0/node_modules/corepack/dist/lib/corepack.cjs:22053
    throw new Error(
          ^

Error: Server answered with HTTP 500 when performing the request to https://repo.yarnpkg.com/3.6.4/packages/yarnpkg-cli/bin/yarn.js; for troubleshooting help, see https://github.com/nodejs/corepack#troubleshooting
    at fetch (/opt/containerbase/tools/corepack/0.34.4/24.10.0/node_modules/corepack/dist/lib/corepack.cjs:22053:11)
    at process.processTicksAndRejections (node:internal/process/task_queues:105:5)
    at async fetchUrlStream (/opt/containerbase/tools/corepack/0.34.4/24.10.0/node_modules/corepack/dist/lib/corepack.cjs:22076:20)
    at async download (/opt/containerbase/tools/corepack/0.34.4/24.10.0/node_modules/corepack/dist/lib/corepack.cjs:22247:18)
    at async installVersion (/opt/containerbase/tools/corepack/0.34.4/24.10.0/node_modules/corepack/dist/lib/corepack.cjs:22343:55)
    at async Engine.ensurePackageManager (/opt/containerbase/tools/corepack/0.34.4/24.10.0/node_modules/corepack/dist/lib/corepack.cjs:22856:32)
    at async Engine.executePackageManagerRequest (/opt/containerbase/tools/corepack/0.34.4/24.10.0/node_modules/corepack/dist/lib/corepack.cjs:22967:25)
    at async Object.runMain (/opt/containerbase/tools/corepack/0.34.4/24.10.0/node_modules/corepack/dist/lib/corepack.cjs:23667:7)

Node.js v24.10.0

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud