v4.0.0-beta

Zod 4 is now in beta.

• Release notes
• Migration guide

The repo now contains three separate packages:

• zod
• @zod/mini: a tree-shakable variant of Zod.
• @zod/core: a library that implements logic/parsers shared between zod and @zod/mini.

During the beta period:

• zod — published continuously to zod@next , e.g. [email protected]
• @zod/mini — published continuously to @zod/mini@next , e.g. @zod/[email protected]
• @zod/core — published to latest in the v.0x version range (initial development in semver)

To install/upgrade:

npm upgrade zod@next
npm install @zod/mini@next
npm install @zod/core

A note on versioning

For simplicity, additional beta will be continuously released as additional commits are made to the v4 branch.

After the beta:

• stable versions of zod and @zod/mini will be released as 4.0.0. They will remain version-locked moving forward. They will be pinned to a specific @zod/core version.
• @zod/core will be released as 1.0.0. It will not be version-locked to zod and @zod/mini. This gives those libraries the freedom to evolve their APIs independent of @zod/core. Moreover, @zod/core will likely serve as the underpinning for additional libraries in the future, so it may implement/modify code that isn't used by either zod or @zod/mini.

v3.24.2

Notes

Support asynchronous checks in z.custom() .

const customSchema = z.custom<number>(async (x) => {
  return typeof x === "number";
});

Commits:

• cdcf9d4 Bump rollup from 2.79.1 to 2.79.2 (#3895)
• a2ad370 Bump find-my-way from 8.2.0 to 8.2.2 (#3897)
• 0e02d66 Bump nanoid from 3.3.7 to 3.3.8 (#3896)
• 96be65f Bump cross-spawn from 7.0.3 to 7.0.6 (#3882)
• f7ad261 Bump micromatch from 4.0.7 to 4.0.8 (#3748)
• d724620 Add zod-struct to utilities for Zod (#3921)
• 6b96cfd Update README.md (#3949)
• e376cda Add Courier to README (#3961)
• 8a099de Add CodeRabbit to sponsors (#3975)
• 587d160 WIP (#3976)
• 9d3af2e Add CodeRabbit at Platinum (#3981)
• eedeb4b docs(X to Zod): Update url for runtyping (#3971)
• 706f49f fix: redirect url to correct url (#3939)
• 7365b7d docs: translate README to Korean (#3934)
• b7e173d Format
• 1dd44a0 Support async z.custom
• e308703 v3.24.2

v3.24.1

Commits:

• 0c6cbbd Undeprecate .nonempty()
• 4e219d6 Bump min TS version to 5.0
• 65adeea v3.24.1

v3.24.0

Implement @standard-schema/spec

This is the first version of Zod to implement the Standard Schema spec. This is a new community effort among several validation library authors to implement a common interface, with the goal of simplifying the process of integrating schema validators with the rest of the ecosystem. Read more about the project and goals here.

z.string().jwt()

Thanks to @Mokshit06 and @Cognition-Labs for this contribution!

To verify that a string is a valid 3-part JWT.

z.string().jwt();

⚠️ This does not verify your JWT cryptographically! It merely ensures its in the proper format. Use a library like jsonwebtoken to verify the JWT signature, parse the token, and read the claims.

To constrain the JWT to a specific algorithm:

z.string().jwt({ alg: "RS256" });

z.string().base64url()

Thank you to @marvinruder!

To complement the JWT validation, Zod 3.24 implements a standalone .base64url() string validation API. (The three elements of JWTs are base64url-encoded JSON strings.)

z.string().base64url()

This functionality is available along the standard z.string().base64() validator added in Zod 3.23.

z.string().cidr()

Thanks to @wataryooou for their work on this!

A validator for CIDR notation for specifying IP address ranges, e.g. 192.24.12.0/22.

z.string().cidr()

To specify an IP version:

z.string().cidr({ version: "v4" })
z.string().cidr({ version: "v6" })

---

View the full diff from 3.23.8: v3.23.8...v3.24.0

• 294f54f Update README_ZH.md about Discriminated unions (#3493)
• 1247caf Add Kubb as X-to-Zod community tool (#3508)
• 62b7842 Update default branch
• c6bc80d Fix issue #3582 : ULID should be case insensitive (#3593)
• a5b9dc3 docs: add zod-schema-faker to ecosystem (#3605)
• 9818d0e Add zod-sockets (#3609)
• 7173d0b Add drizzle-zod library to X to Zod README.md section (#3648)
• c5a4edc Add 'schemql' in Powered by Zod (#3800)
• 85916b3 docs: add zod-form-renderer to form integration docs (#3697)
• 51f1dc3 docs: add unplugin-environment in powered by zod (#3778)
• 8e74db3 fix: ipv6 regex validation (#3513)
• 1f4f0da refactor: rename ip version types (#3755)
• f487d74 Remove faulty ip test case
• 48f1c47 docs: Remove invalid semicolon in ERROR_HANDLING.md (#3857)
• 1d0a4b9 fix: bigint coerce crash (#3822)
• 14dceaa Add API library (#3814)
• f82f817 feat: z.string.cidr() - support CIDR notation (#3820)
• 71a0c33 docs: add info on unqualified local datetime strings (#3760)
• b85686a Add support for base64url strings (#3712)
• 6407bed Allow creation of discriminated unions with a readonly array of options (#3535)
• 3755146 Remove createParams cascade from .array() (#3530)
• 963386d Fix lint
• 69a1798 Implement Standard Schema spec (#3850)
• c1dd537 Adds frrm package to documentation (#3818)
• b68c05f feat: Add JWT string validator (#3893)

v3.23.8

Commits:

• 0f4d403 Add Bronze logos (#3470)
• 1968731 Tweak tiers (#3471)
• eda7df3 Change RefinementCtx to interface
• ca42965 v3.23.8

v3.23.7

Commits:

• 29d2ea2 Add copper
• d969423 Fix #3437: extendShape erases JSDoc property documentation (#3463)
• 2239ff3 Add social crow
• f985b5b 3.23.7

v3.23.6

Commits:

• bc0095a Test on latest node
• 6e5699a Lint on latest node
• 1f466d9 describe how one can protect from cyclical objects starting an infini… (#3447)
• 3fed6f2 Add zod playground link (#3454)
• 04e1f37 Fixed freezing async ZodReadonly results (#3457)
• b87e59d Update sponsor tiers (#3453)
• 1438861 Add copper tier (#3460)
• ce3711e add VSCode dev container support and documenation
• 93b480b v3.23.6

v3.23.5

Commits:

• 110b821 Update README_ZH.md (#3433)
• c1910bd Made ZodEnum take readonly string array (#3444)
• 541a862 3.23.5

v3.23.4

Commits:

• 157b18d Add 3.23 announcement
• aedf93f Revert change to default Input
• 45107f7 v3.23.4

v3.23.3

Commits:

• 103d243 3.23.3