chore(deps): bump zod from 3.25.76 to 4.1.12

[dependabot]

Bumps zod from 3.25.76 to 4.1.12.

Release notes

Sourced from zod's releases.

v4.1.12

Commits:

• 0b109c37c6b0b10e3901b56bcccb72e29a0b846f docs(ecosystem): add bupkis to the ecosystem section (#5237)
• d22ec0d26fab27151b0f1d1f98bffeaf8b011f57 docs(ecosystem): add upfetch (#5238)
• c56a4f6fab42c542b191228af61974b2328dc52f docs(ecosystem): add eslint-plugin-zod-x (#5261)
• a0abcc02900a4293dd4f30cd81580efcdd5230bb docs(metadata.mdx): fix a mistake in an example output (#5248)
• 62bf4e439e287e55c843245b49f8d34b1ad024ee fix(ZodError): prevent flatten() from crashing on 'toString' key (#5266)
• 02a584010ac92ac8a351632ae5aea3983a6f17d8 refac(errors): Unify code structure and improve types (#5278)
• 4b1922ad714e12dafaa83a40ec03275a39ac980c docs(content/v4/index): fix zod version (#5289)
• 3fcb20ff348e49aec70f45e0dca3de8a61450e77 Add frrm to ecosystem (#5292)
• fda4c7c2afbd7649261be1e7954f8c4d4de24a07 Make docs work without token
• af447384379faef28aa857fb53ef1da702c6d408 Fix lint
• 77c3c9f069a4cf168c0cbc58432803de887a6b1b Export bg.ts
• 3b946107b6c94b2ac8ff9fb451160c34dc4dd794 v4.1.12

v4.1.11

Commits:

• 2bed4b39760d8e4d678203b5c8fcaf24c182fc9f 4.1.11

v4.1.10

Commits:

• 7ffedd00169d8dc2e7cb7c6d878f29b03e05b3a3 Fix shape caching (#5263)
• 82cd717a0e7ee4e1737a783c7be278fa93fd8104 v4.1.10

v4.1.9

Commits:

• a78716d91da7649a61016b81c27f49fd9e79a81e Update zshy (#5249)
• 923af801fde9f033cfd7e0e753b421a554fe3be8 Publish [email protected]

v4.1.8

Commits:

• 36c4ee354d0c1f47b7311e49f6dd4b7a11de04f5 Switch back to weakmap
• a1726d53172ba52ecf90999df73778cf416264fd 4.1.8

v4.1.7

Commits:

• 0cca351c8b152d7c4113ab7c2a44675efb060677 Fix variable name inconsistency in coercion documentation (#5188)
• aa78c270f1b43f4665339f4b61e7cb88037b8c84 Add copy/edit buttons
• 76452d4119d800a722b692755c1168627bc95f0f Update button txt
• 937f73c90cac90bd3b99b12c792c289b50416510 Fix tsconfig issue in bench
• 976b43657d4aff6d47c73c1c86125623ea08752d v4.1.6 (#5222)
• 4309c61304daf40aab2124b5f513abe2b4df8637 Fix cidrv6 validation - cidrv6 should reject invalid strings with multiple slashes (#5196)
• ef95a73b6d33299743e5ff4f0645b98c1b0d6f72 feat(locales): Add Lithuanian (lt) locale (#5210)
• 3803f3f37168212f2178e8b8deceb7bad78ed904 docs: update wrong contents in codeblocks in api.mdx (#5209)

... (truncated)

Commits

• 3b94610 v4.1.12
• 77c3c9f Export bg.ts
• af44738 Fix lint
• fda4c7c Make docs work without token
• 3fcb20f Add frrm to ecosystem (#5292)
• 4b1922a docs(content/v4/index): fix zod version (#5289)
• 02a5840 refac(errors): Unify code structure and improve types (#5278)
• 62bf4e4 fix(ZodError): prevent flatten() from crashing on 'toString' key (#5266)
• a0abcc0 docs(metadata.mdx): fix a mistake in an example output (#5248)
• c56a4f6 docs(ecosystem): add eslint-plugin-zod-x (#5261)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Updated the zod dependency to the latest major version (v4), aligning the app with current ecosystem standards and improvements.
  • This upgrade may subtly affect validation behavior and error messages; please verify flows that rely on schema validation.
  • No user-facing features added; functionality should remain consistent for typical use cases.

Walkthrough

Updated package.json to bump the zod dependency from ^3.25.76 to ^4.1.12. No other files or exports changed.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title clearly follows a conventional commit style to indicate a dependency update and explicitly names the package (zod) and version change from 3.25.76 to 4.1.12. It succinctly conveys the main change without extraneous details. This makes it immediately clear to reviewers and maintainers what this PR does.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.
Description Check	✅ Passed	The pull request description clearly and directly describes the changeset. The author states "Bumps zod from 3.25.76 to 4.1.12," which precisely matches the dependency update shown in the raw summary. The description is not vague or generic—it provides specific version numbers and includes detailed release notes and commits from the zod repository that explain the changes between these versions. The description is directly related to the changeset and conveys meaningful information about the update.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

package.json (1)

1-43: Fix the Biome formatting to unblock CI.

GitHub Actions failed with “Formatter would have printed content for package.json.” Please run the Biome formatter (e.g., npx biome format package.json or npm run lint:fix) and commit the formatted file so the pipeline passes.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 0364f39 and ce856aa.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🧰 Additional context used

🪛 GitHub Actions: PR Checks

package.json

[error] 9-15: Formatter would have printed content for package.json. Biome formatter would rewrite the file (formatting changes required).

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Confirm code is compatible with Zod v4.

This jumps from Zod 3.x to 4.x, which is a major release with breaking changes. Re-run the project’s type checks, tests, and any targeted validation around Zod usage to ensure nothing regressed.

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Install dependencies
npm ci

# Run type-check, lint, and tests to surface incompatibilities.
npm run lint:ts
npm run lint
npm test

Length of output: 523

---

Address Zod v4 breaking change
– src/frontegg-oauth-client.ts:207: the Zod API now requires 2–3 arguments (TS2554). Update this call to include the missing parameter(s).

🤖 Prompt for AI Agents

In package.json and in src/frontegg-oauth-client.ts around line 207 the Zod call
fails under Zod v4 because the function now requires 2–3 arguments (TS2554);
open src/frontegg-oauth-client.ts at line 207, identify the Zod invocation
flagged by the compiler, and update that call to pass the required second
argument (and third if applicable) according to Zod v4’s API — e.g., supply the
appropriate options or errorMap object and any necessary context/params with
correct types (consult Zod v4 docs), adjust imports/types if needed, and run
TypeScript to confirm the TS2554 error is resolved.