From 237ab4cafcc954f768951f32c0d2675568594ceb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 13:05:13 -0800 Subject: [PATCH] chore(deps): Bump zod from 3.23.0 to 3.24.1 in /experimenter (#11953) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [zod](https://github.com/colinhacks/zod) from 3.23.0 to 3.24.1.
Release notes

Sourced from zod's releases.

v3.24.1

Commits:

v3.24.0

Implement @standard-schema/spec

This is the first version of Zod to implement the Standard Schema spec. This is a new community effort among several validation library authors to implement a common interface, with the goal of simplifying the process of integrating schema validators with the rest of the ecosystem. Read more about the project and goals here.

z.string().jwt()

Thanks to @​Mokshit06 and @​Cognition-Labs for this contribution!

To verify that a string is a valid 3-part JWT.

z.string().jwt();

⚠️ This does not verify your JWT cryptographically! It merely ensures its in the proper format. Use a library like jsonwebtoken to verify the JWT signature, parse the token, and read the claims.

To constrain the JWT to a specific algorithm:

z.string().jwt({ alg: "RS256" });

z.string().base64url()

Thank you to @​marvinruder!

To complement the JWT validation, Zod 3.24 implements a standalone .base64url() string validation API. (The three elements of JWTs are base64url-encoded JSON strings.)

z.string().base64url()

This functionality is available along the standard z.string().base64() validator added in Zod 3.23.

z.string().cidr()

Thanks to @​wataryooou for their work on this!

A validator for CIDR notation for specifying IP address ranges, e.g. 192.24.12.0/22.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by colinhacks, a new releaser for zod since your current version.


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zod&package-manager=npm_and_yarn&previous-version=3.23.0&new-version=3.24.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- experimenter/experimenter/nimbus-ui/package.json | 2 +- experimenter/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/experimenter/experimenter/nimbus-ui/package.json b/experimenter/experimenter/nimbus-ui/package.json index 7be24f205f..fd20782794 100644 --- a/experimenter/experimenter/nimbus-ui/package.json +++ b/experimenter/experimenter/nimbus-ui/package.json @@ -68,7 +68,7 @@ "vega": "5.22.0", "vega-embed": "^6.21.0", "vega-lite": "^4.17.0", - "zod": "^3.23.0" + "zod": "^3.24.1" }, "devDependencies": { "@mozilla/nimbus-schemas": "^2024.12.2", diff --git a/experimenter/yarn.lock b/experimenter/yarn.lock index 5804bf3b70..b4b5ce82c8 100644 --- a/experimenter/yarn.lock +++ b/experimenter/yarn.lock @@ -20548,10 +20548,10 @@ zen-observable@0.8.15, zen-observable@^0.8.0, zen-observable@^0.8.14: resolved "https://registry.yarnpkg.com/zen-observable/-/zen-observable-0.8.15.tgz#96415c512d8e3ffd920afd3889604e30b9eaac15" integrity sha512-PQ2PC7R9rslx84ndNBZB/Dkv8V8fZEpk83RLgXtYd0fwUgEjseMn1Dgajh2x6S8QbZAFa9p2qVCEuYZNgve0dQ== -zod@^3.23.0: - version "3.23.0" - resolved "https://registry.yarnpkg.com/zod/-/zod-3.23.0.tgz#a25dab5052702834233e0041e9dd8b6a8480e744" - integrity sha512-OFLT+LTocvabn6q76BTwVB0hExEBS0IduTr3cqZyMqEDbOnYmcU+y0tUAYbND4uwclpBGi4I4UUBGzylWpjLGA== +zod@^3.24.1: + version "3.24.1" + resolved "https://registry.yarnpkg.com/zod/-/zod-3.24.1.tgz#27445c912738c8ad1e9de1bea0359fa44d9d35ee" + integrity sha512-muH7gBL9sI1nciMZV67X5fTKKBLtwpZ5VBp1vsOQzj1MhrBZ4wlVCm3gedKZWLp0Oyel8sIGfeiz54Su+OVT+A== zwitch@^1.0.0: version "1.0.5"