[Snyk] Upgrade zod from 4.0.17 to 4.1.12

[miskaone]

Snyk has created this PR to upgrade zod from 4.0.17 to 4.1.12.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 45 versions ahead of your current version.

• The recommended version was released a month ago.

Release notes

Package name: zod

• 4.1.12 - 2025-10-06
  

  Commits:

  • 0b109c3 docs(ecosystem): add bupkis to the ecosystem section (#5237)
  • d22ec0d docs(ecosystem): add upfetch (#5238)
  • c56a4f6 docs(ecosystem): add eslint-plugin-zod-x (#5261)
  • a0abcc0 docs(metadata.mdx): fix a mistake in an example output (#5248)
  • 62bf4e4 fix(ZodError): prevent flatten() from crashing on 'toString' key (#5266)
  • 02a5840 refac(errors): Unify code structure and improve types (#5278)
  • 4b1922a docs(content/v4/index): fix zod version (#5289)
  • 3fcb20f Add frrm to ecosystem (#5292)
  • fda4c7c Make docs work without token
  • af44738 Fix lint
  • 77c3c9f Export bg.ts
  • 3b94610 v4.1.12
• 4.1.11 - 2025-09-20
  

  Commits:

  • 2bed4b3 4.1.11
• 4.1.10 - 2025-09-20
  

  Commits:

  • 7ffedd0 Fix shape caching (#5263)
  • 82cd717 v4.1.10
• 4.1.9 - 2025-09-16
  

  Commits:

  • a78716d Update zshy (#5249)
  • 923af80 Publish zod@4.1.9
• 4.1.8 - 2025-09-11
  

  Commits:

  • 36c4ee3 Switch back to weakmap
  • a1726d5 4.1.8
• 4.1.7 - 2025-09-11
  

  Commits:

  • 0cca351 Fix variable name inconsistency in coercion documentation (#5188)
  • aa78c27 Add copy/edit buttons
  • 76452d4 Update button txt
  • 937f73c Fix tsconfig issue in bench
  • 976b436 v4.1.6 (#5222)
  • 4309c61 Fix cidrv6 validation - cidrv6 should reject invalid strings with multiple slashes (#5196)
  • ef95a73 feat(locales): Add Lithuanian (lt) locale (#5210)
  • 3803f3f docs: update wrong contents in codeblocks in api.mdx (#5209)
  • 8a47d5c docs: update coerce example in api.mdx (#5207)
  • e87db13 feat(locales): Add Georgian (ka) locale (#5203)
  • c54b123 docs: adds @ traversable/zod and @ traversable/zod-test to v4 ecosystem (#5194)
  • c27a294 Fix two tiny grammatical errors in the docs. (#5193)
  • 23a2d66 docs: fix broken links in async refinements and transforms references (#5190)
  • 845a230 fix(locales): Add type name translations to Spanish locale (#5187)
  • 27f13d6 Improve regex precision and eliminate duplicates in regexes.ts (#5181)
  • a8a52b3 fix(v4): fix Khmer and Ukrainian locales (#5177)
  • 887e37c Update slugs
  • e1f1948 fix(v4): ensure array defaults are shallow-cloned (#5173)
  • 9f65038 docs(ecosystem): add DRZL; fix Prisma Zod Generator placement (#5215)
  • aa6f0f0 More fixes (#5223)
  • aab3356 4.1.7
• 4.1.6 - 2025-09-11
• 4.1.6-beta.1 - 2025-09-11
• 4.1.6-beta.0 - 2025-09-11
• 4.1.5 - 2025-08-28
  

  Commits:

  • 530415f Update docs
  • b7b081d Update z.function() type to support array input (#5170)
  • 780cf57 4.1.5
• 4.1.4 - 2025-08-27
  

  Commits:

  • 3291c61 fix(v4): toJSONSchema - wrong tuple with null output when targeting openapi-3.0 (#5156)
  • 23f41c7 test(v4): toJSONSchema - use validateOpenAPI30Schema in all relevant scenarios (#5163)
  • 0a09fd2 Update installation instructions
  • 4ea5fec 4.1.4
• 4.1.3 - 2025-08-26
  

  Commits:

  • 98ff675 Drop stringToBoolean
  • a410616 Fix typo
  • 0cf4589 fix(v4): toJSONSchema - add missing oneOf inside items in tuple conversion (#5146)
  • 8bf0c16 fix(v4): toJSONSchema tuple path handling for draft-7 with metadata IDs (#5152)
  • 5c5fa90 fix(v4): toJSONSchema - wrong record output when targeting openapi-3.0 (#5141)
  • 87b97cc docs(codecs): update example to use payloadSchema (#5150)
  • 309f358 fix(v4): toJSONSchema - output numbers with exclusive range correctly when targeting openapi-3.0 (#5139)
  • 1e71ca9 docs: fix refine fn to encode works properly (#5148)
  • a85ec3c fix(docs): correct example to use LooseDog instead of Dog (#5136)
  • 3e98274 4.1.3
• 4.1.2 - 2025-08-25
  

  Commits:

  • e45e61b Improve codec docs
  • 25a4c37 fix(v4): toJSONSchema - wrong record tuple output when targeting openapi-3.0 (#5145)
  • 0fa4f46 Use method form in codecs.mdx
  • 940383d Update JSON codec and docs
  • 3009fa8 4.1.2
• 4.1.1 - 2025-08-24
• 4.1.0 - 2025-08-23
• 4.1.0-canary.20250823T071728 - 2025-08-23
• 4.1.0-canary.20250823T071040 - 2025-08-23
• 4.1.0-canary.20250823T064644 - 2025-08-23
• 4.1.0-canary.20250821T014930 - 2025-08-21
• 4.1.0-canary.20250821T014902 - 2025-08-21
• 4.1.0-canary.20250813T051310 - 2025-08-13
• 4.1.0-canary.20250806T002637 - 2025-08-06
• 4.1.0-canary.20250806T000520 - 2025-08-06
• 4.1.0-canary.20250804T184334 - 2025-08-04
• 4.1.0-canary.20250804T184136 - 2025-08-04
• 4.1.0-canary.20250730T094657 - 2025-07-30
• 4.1.0-canary.20250730T051934 - 2025-07-30
• 4.1.0-canary.20250729T081926 - 2025-07-29
• 4.1.0-canary.20250729T053738 - 2025-07-29
• 4.1.0-canary.20250729T053029 - 2025-07-29
• 4.1.0-canary.20250729T005826 - 2025-07-29
• 4.1.0-canary.20250725T001018 - 2025-07-25
• 4.1.0-canary.20250724T211341 - 2025-07-24
• 4.1.0-canary.20250723T222937 - 2025-07-23
• 4.1.0-canary.20250723T221600 - 2025-07-23
• 4.1.0-canary.20250723T215716 - 2025-07-23
• 4.1.0-canary.20250723T214008 - 2025-07-23
• 4.1.0-canary.20250711T201420 - 2025-07-11
• 4.1.0-canary.20250711T200924 - 2025-07-11
• 4.1.0-canary.20250711T052917 - 2025-07-11
• 4.1.0-canary.20250710T223408 - 2025-07-10
• 4.1.0-canary.20250710T200141 - 2025-07-10
• 4.1.0-canary.20250710T005838 - 2025-07-10
• 4.1.0-canary.20250710T002006 - 2025-07-10
• 4.1.0-canary.20250709T185023 - 2025-07-09
• 4.0.17 - 2025-08-09

from zod GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-upgrade-1fcb24dcf8495bafdeca85ab6ee62d93

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull Request Overview

This PR updates the Zod validation library dependency from version ^4.0.17 to ^4.1.12. However, both versions reference non-existent releases of Zod, as the library has not yet released a 4.x version series.

• Updated Zod package version in package.json
• Updated corresponding lock file entries

Reviewed Changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
frontend/package.json	Updates Zod dependency version specification
frontend/package-lock.json	Updates resolved version, URL, and integrity hash for Zod package

Files not reviewed (1)

• frontend/package-lock.json: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[cloudflare-workers-and-pages]

Deploying supabase-configurator with    Cloudflare Pages

Latest commit:	6e30dc5
Status:	✅  Deploy successful!
Preview URL:	https://a786099d.supabase-configurator.pages.dev
Branch Preview URL:	https://snyk-upgrade-1fcb24dcf8495ba.supabase-configurator.pages.dev

View logs