v3.24.0

Implement @standard-schema/spec

This is the first version of Zod to implement the Standard Schema spec. This is a new community effort among several validation library authors to implement a common interface, with the goal of simplifying the process of integrating schema validators with the rest of the ecosystem. Read more about the project and goals here.

z.string().jwt()

Thanks to @Mokshit06 and @Cognition-Labs for this contribution!

To verify that a string is a valid 3-part JWT.

z.string().jwt();

⚠️ This does not verify your JWT cryptographically! It merely ensures its in the proper format. Use a library like jsonwebtoken to verify the JWT signature, parse the token, and read the claims.

To constrain the JWT to a specific algorithm:

z.string().jwt({ alg: "RS256" });

z.string().base64url()

Thank you to @marvinruder!

To complement the JWT validation, Zod 3.24 implements a standalone .base64url() string validation API. (The three elements of JWTs are base64url-encoded JSON strings.)

z.string().base64url()

This functionality is available along the standard z.string().base64() validator added in Zod 3.23.

z.string().cidr()

Thanks to @wataryooou for their work on this!

A validator for CIDR notation for specifying IP address ranges, e.g. 192.24.12.0/22.

z.string().cidr()

To specify an IP version:

z.string().cidr({ version: "v4" })
z.string().cidr({ version: "v6" })

---

View the full diff from 3.23.8: v3.23.8...v3.24.0

• 294f54f Update README_ZH.md about Discriminated unions (#3493)
• 1247caf Add Kubb as X-to-Zod community tool (#3508)
• 62b7842 Update default branch
• c6bc80d Fix issue #3582 : ULID should be case insensitive (#3593)
• a5b9dc3 docs: add zod-schema-faker to ecosystem (#3605)
• 9818d0e Add zod-sockets (#3609)
• 7173d0b Add drizzle-zod library to X to Zod README.md section (#3648)
• c5a4edc Add 'schemql' in Powered by Zod (#3800)
• 85916b3 docs: add zod-form-renderer to form integration docs (#3697)
• 51f1dc3 docs: add unplugin-environment in powered by zod (#3778)
• 8e74db3 fix: ipv6 regex validation (#3513)
• 1f4f0da refactor: rename ip version types (#3755)
• f487d74 Remove faulty ip test case
• 48f1c47 docs: Remove invalid semicolon in ERROR_HANDLING.md (#3857)
• 1d0a4b9 fix: bigint coerce crash (#3822)
• 14dceaa Add API library (#3814)
• f82f817 feat: z.string.cidr() - support CIDR notation (#3820)
• 71a0c33 docs: add info on unqualified local datetime strings (#3760)
• b85686a Add support for base64url strings (#3712)
• 6407bed Allow creation of discriminated unions with a readonly array of options (#3535)
• 3755146 Remove createParams cascade from .array() (#3530)
• 963386d Fix lint
• 69a1798 Implement Standard Schema spec (#3850)
• c1dd537 Adds frrm package to documentation (#3818)
• b68c05f feat: Add JWT string validator (#3893)