feat(zod): better support zod@4.x.x

[dinwwwh]

Summary by CodeRabbit

• New Features

  • None.

• Refactor

  • Updated all Zod imports to namespace imports for consistency.
  • Simplified Zod schema method usage (e.g., z.string().email() to z.email(), z.string().uuid() to z.uuid(), z.string().url() to z.url()).
  • Enhanced file validation with explicit MIME types using z.file().mime([...]).
  • Separated OpenAPI schema example registration into an external JSON schema registry.
  • Switched to an experimental Zod-to-JSON schema converter imported from a new module path.
  • Relaxed error shape assertions in client tests for more flexible validation.

• Documentation

  • Updated documentation and code examples to reflect new import styles and schema usage.
  • Adjusted example snippets to align with updated validation patterns and registry usage.
  • Removed or updated language annotations in code blocks for improved clarity.

• Chores

  • Upgraded Zod dependency to version ^4.0.5 across all packages and playgrounds.
  • Removed unused dependencies and restructured TypeScript configuration files for better project setup.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
orpc	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jul 13, 2025 9:47am

[coderabbitai]

Walkthrough

This update standardizes Zod imports across the codebase, switching from named imports (import { z } from 'zod') to namespace imports (import * as z from 'zod'). It also updates the usage and import paths for the Zod-to-JSON schema converter, favoring an experimental version from @orpc/zod/zod4. Several schema definitions are refactored for clarity and alignment with Zod v4 features.

Changes

Files/Paths	Change Summary
All *.ts, *.md files using Zod	Changed Zod import from named to namespace style (import * as z from 'zod').
Files importing Zod-to-JSON schema converter (@orpc/zod)	Updated to import experimental_ZodToJsonSchemaConverter from @orpc/zod/zod4 and aliased as ZodToJsonSchemaConverter.
Multiple schema files (e.g., schemas/planet.ts, schemas/user.ts in playgrounds and packages)	Refactored file and URL validation (e.g., use of z.file().mime([...]), z.url(), z.email()).
Schema files previously using oz.openapi and inline examples	Removed oz.openapi wrapper; schemas now registered with examples via experimental_JSON_SCHEMA_REGISTRY.add().
Documentation and code examples	Updated code snippets to reflect new import styles and schema definitions.
package.json files across packages and playgrounds	Upgraded Zod dependency to ^4.0.5 (from various v3 versions); removed zod-to-json-schema where applicable.
tsconfig.json and related config files in playgrounds	Updated or removed TypeScript configuration files for improved clarity and compatibility.
Zod-related source and test files in packages/zod/src	Changed imports to use 'zod/v3' subpath for type imports; removed cross-checks with zod-to-json-schema in tests.
Test and helper files across packages	Standardized Zod import style; adjusted test logic for updated schema and converter usage.

Sequence Diagram(s)

sequenceDiagram
    participant Developer
    participant Zod
    participant JSON_SCHEMA_REGISTRY
    participant ZodToJsonSchemaConverter

    Developer->>Zod: import * as z from 'zod'
    Developer->>Zod: Define schemas (z.object, z.file, z.url, z.email, etc.)
    Developer->>JSON_SCHEMA_REGISTRY: add(schema, {examples})
    Developer->>ZodToJsonSchemaConverter: import experimental version
    ZodToJsonSchemaConverter->>Zod: Convert schemas to JSON Schema

Loading

Possibly related PRs

• unnoq/orpc#206: Comprehensive rewrite of @orpc/zod including restructuring of the converter and test suites; both PRs involve modifications to Zod-to-JSON schema converter usage and imports.
• unnoq/orpc#748: Introduces a smart coercion plugin using JSON Schema converters, including the Zod-to-JSON schema converter; related through shared focus on schema converter usage.
• unnoq/orpc#605: Fixes a typo in the .mime([...]) method call in OpenAPI docs, directly related to this PR's update of file schema validation to use explicit MIME types.

Suggested labels

size:XXL

Poem

🐇
Hopping through the code, I see,
Zod imports unified, as neat as can be!
From named to namespace, all in a row,
Experimental converters now steal the show.
Schemas and examples, refactored with care—
This bunny loves a codebase so fair!
🌱

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 42a0ff3 and e40db82.

📒 Files selected for processing (2)

• apps/content/docs/openapi/openapi-specification.md (4 hunks)
• packages/zod/README.md (3 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• apps/content/docs/openapi/openapi-specification.md
• packages/zod/README.md

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: publish-commit
• GitHub Check: lint
• GitHub Check: Analyze (javascript-typescript)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[gemini-code-assist]

Summary of Changes

Hello @unnoq, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces comprehensive support for Zod v4 throughout the project. It involves upgrading the Zod dependency, adapting the codebase to Zod v4's new API, and enhancing the OpenAPI integration to leverage Zod v4's capabilities for schema generation and example handling. The changes ensure compatibility with the latest Zod version while modernizing the validation and schema definition practices across the monorepo.

Highlights

• Zod v4 Upgrade: The core change is the upgrade of the Zod dependency to version 4 across the entire monorepo, ensuring compatibility with the latest Zod features and improvements.
• API Modernization: The codebase has been updated to leverage Zod v4's new API, including namespace imports (import * as z from 'zod'), new top-level utility functions (z.prettifyError, z.flattenError), and dedicated schema types (z.uuid(), z.email(), z.file(), z.url()). This replaces older patterns like z.string().uuid() or z.instanceof(File).
• Enhanced OpenAPI Integration: The @orpc/zod package now utilizes experimental_ZodToJsonSchemaConverter and experimental_JSON_SCHEMA_REGISTRY to provide robust OpenAPI schema generation and example registration specifically for Zod v4 schemas, replacing the previous oz.openapi methods.
• Internal Zod Package Refinement: The @orpc/zod package has been refactored to align with Zod v4's internal changes, including a migration from the external zod-to-json-schema library to an internal conversion logic, and adjusting internal type imports to zod/v3 where necessary for compatibility.
• Documentation and Playground Alignment: All relevant documentation and playground examples have been updated to reflect the Zod v4 API changes and best practices, ensuring consistency and ease of use for developers.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[pkg-pr-new]

More templates

• @orpc/astro-playground
• @orpc/browser-extension-playground
• @orpc/cloudflare-worker-playground
• @orpc/contract-first-playground
• @orpc/electron-playground
• @orpc/nest-playground
• @orpc/next-playground
• @orpc/nuxt-playground
• @orpc/solid-start-playground
• @orpc/svelte-kit-playground
• @orpc/tanstack-start-playground

@orpc/arktype

npm i https://pkg.pr.new/@orpc/arktype@760

@orpc/client

npm i https://pkg.pr.new/@orpc/client@760

@orpc/contract

npm i https://pkg.pr.new/@orpc/contract@760

@orpc/experimental-durable-event-iterator

npm i https://pkg.pr.new/@orpc/experimental-durable-event-iterator@760

@orpc/hey-api

npm i https://pkg.pr.new/@orpc/hey-api@760

@orpc/json-schema

npm i https://pkg.pr.new/@orpc/json-schema@760

@orpc/nest

npm i https://pkg.pr.new/@orpc/nest@760

@orpc/openapi

npm i https://pkg.pr.new/@orpc/openapi@760

@orpc/openapi-client

npm i https://pkg.pr.new/@orpc/openapi-client@760

@orpc/react

npm i https://pkg.pr.new/@orpc/react@760

@orpc/react-query

npm i https://pkg.pr.new/@orpc/react-query@760

@orpc/server

npm i https://pkg.pr.new/@orpc/server@760

@orpc/shared

npm i https://pkg.pr.new/@orpc/shared@760

@orpc/solid-query

npm i https://pkg.pr.new/@orpc/solid-query@760

@orpc/standard-server

npm i https://pkg.pr.new/@orpc/standard-server@760

@orpc/standard-server-aws-lambda

npm i https://pkg.pr.new/@orpc/standard-server-aws-lambda@760

@orpc/standard-server-fetch

npm i https://pkg.pr.new/@orpc/standard-server-fetch@760

@orpc/standard-server-node

npm i https://pkg.pr.new/@orpc/standard-server-node@760

@orpc/standard-server-peer

npm i https://pkg.pr.new/@orpc/standard-server-peer@760

@orpc/svelte-query

npm i https://pkg.pr.new/@orpc/svelte-query@760

@orpc/tanstack-query

npm i https://pkg.pr.new/@orpc/tanstack-query@760

@orpc/trpc

npm i https://pkg.pr.new/@orpc/trpc@760

@orpc/valibot

npm i https://pkg.pr.new/@orpc/valibot@760

@orpc/vue-colada

npm i https://pkg.pr.new/@orpc/vue-colada@760

@orpc/vue-query

npm i https://pkg.pr.new/@orpc/vue-query@760

@orpc/zod

npm i https://pkg.pr.new/@orpc/zod@760

commit: e40db82

[gemini-code-assist]

Code Review

This pull request introduces comprehensive support for Zod v4. The changes are extensive, touching documentation, tests, package dependencies, and implementation files across the repository to adopt the new Zod v4 APIs and conventions. I've identified a critical issue with the peerDependencies version for zod in packages/zod/package.json, and a potential bug in one of the playground examples where number coercion was removed, which could lead to runtime errors. Addressing these points will help ensure the quality and correctness of the release.

[coderabbitai]

Actionable comments posted: 14

🔭 Outside diff range comments (2)

packages/zod/src/converter.components.test.ts (1)

1-11: Getter inside the Zod shape causes a TDZ / self-reference risk

const User = z.object({
  …
  get parents(): any {          // getter executes immediately
    return z.array(User).optional()
  },
})

When z.object enumerates the shape, it invokes the getter, but User is still in its temporal-dead-zone, so at runtime this throws a ReferenceError.
Use a z.lazy instead:

-  get parents(): any {
-    return z.array(User).optional()
-  },
+  parents: z.lazy(() => z.array(User)).optional(),

This avoids the TDZ and is clearer for Zod tooling.

packages/zod/package.json (1)

45-56: Tighten peerDependencies.zod to v4-only support

Your package imports exclusively from zod/v3, which only exists in Zod v4’s compatibility layer. Allowing consumers to install Zod 3.x (via >=3.25.0) will lead to ERR_MODULE_NOT_FOUND at runtime.

Please update packages/zod/package.json accordingly:

  "peerDependencies": {
-   "zod": ">=3.25.0"
+   "zod": "^4.0.0"
  },

After making this change, verify that your CI still passes (with your existing devDependency on zod@^4.0.5).

♻️ Duplicate comments (5)

packages/zod/src/custom-json-schema.test-d.ts (1)

1-1: Same import issue as above

See earlier note about the zod/v3 sub-path & switch to namespace import.

packages/zod/src/coercer.test.ts (1)

1-2: Repeat of the /v3 import concern

Please address the same resolution & style issues noted in the first comment.

playgrounds/contract-first/src/schemas/auth.ts (1)

4-4: Consistent email validation pattern across playgrounds.

The change from z.string().email() to z.email() is consistent with similar updates in other playground files (nuxt, solid-start, svelte-kit). This pattern suggests it's a valid Zod v4 feature, but verification of the syntax is still recommended.

playgrounds/browser-extension/entrypoints/background/schemas/auth.ts (1)

4-4: Same verification needed as in electron auth schema.

This uses the same z.email() pattern that needs verification for Zod v4 compatibility.

playgrounds/nest/src/schemas/auth.ts (1)

4-4: Consistent with other auth schemas.

This follows the same pattern as the other auth schema files. The z.email() usage still needs the same verification mentioned in other files.

🧹 Nitpick comments (7)

apps/content/package.json (1)

41-42: Add "zod": "^4.0.5" – OK, but consider workspace protocol for consistency.

Most internal packages use workspace refs ("workspace:*") for first-party deps, but external libs like zod are pinned. If you later symlink zod via the workspace, switching to "workspace:^4.0.5" will avoid duplicate installs.

packages/client/package.json (1)

73-74: Potential peer dependency leak

The client package often ships validators that execute in the browser. Treating zod as a pure dev dependency risks bundlers tree-shaking it out. Consider either:

1. Move to "dependencies", or
2. Declare "peerDependencies": { "zod": ">=4" } to enforce that host applications install a compatible copy.

playgrounds/electron/package.json (1)

34-38: Electron bundle size watch-out

Zod v4’s ESM build is ~30 % larger than v3. For the Electron preload & renderer bundles this can inflate startup time. If size becomes an issue, consider enabling esbuild ‑-drop:debugger or ship a custom treeshake config.

packages/client/tests/helpers.ts (1)

5-5: Namespace import: good, but remember tree-shaking

Switching to a single * as z import is fine, but note that bundlers like ESBuild/Rollup cannot treeshake unused Zod sub-schemas from a namespace import. In test code this is negligible, but in production helpers consider:

import { object, string, number, file } from 'zod'

to keep bundle size small.

packages/zod/README.md (1)

89-89: Consider documenting the experimental nature of the converter.

While the migration to experimental_ZodToJsonSchemaConverter is consistent with the codebase changes, consider adding a note in the documentation that this is an experimental API for Zod v4 to set proper user expectations.

playgrounds/electron/tsconfig.json (1)

14-16: Consider the implications of disabling strict TypeScript checks.

Disabling noImplicitReturns, noUnusedLocals, and noUnusedParameters reduces type safety and code quality enforcement. These were likely disabled to accommodate existing code, but consider re-enabling them incrementally.

-    "noImplicitReturns": false,
-    "noUnusedLocals": false,
-    "noUnusedParameters": false,
+    "noImplicitReturns": true,
+    "noUnusedLocals": true,
+    "noUnusedParameters": true,

packages/zod/src/converter.test.ts (1)

383-383: Update test description to match actual class name.

The test description references zodToJsonSchemaConverter.convert but should reference ZodToJsonSchemaConverter.convert to match the actual class name.

-])('zodToJsonSchemaConverter.convert %#', ({ schema, input, output = input }) => {
+])('ZodToJsonSchemaConverter.convert %#', ({ schema, input, output = input }) => {

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between de7ca70 and 59e3d05.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (107)

• README.md (2 hunks)
• apps/content/docs/advanced/validation-errors.md (8 hunks)
• apps/content/docs/client/error-handling.md (1 hunks)
• apps/content/docs/client/event-iterator.md (1 hunks)
• apps/content/docs/client/server-side.md (4 hunks)
• apps/content/docs/contract-first/define-contract.md (2 hunks)
• apps/content/docs/error-handling.md (1 hunks)
• apps/content/docs/file-upload-download.md (1 hunks)
• apps/content/docs/getting-started.md (1 hunks)
• apps/content/docs/openapi/getting-started.md (2 hunks)
• apps/content/docs/openapi/integrations/implement-contract-in-nest.md (1 hunks)
• apps/content/docs/openapi/openapi-specification.md (4 hunks)
• apps/content/docs/openapi/plugins/openapi-reference.md (1 hunks)
• apps/content/docs/plugins/hibernation.md (1 hunks)
• apps/content/docs/server-action.md (3 hunks)
• apps/content/examples/openai-streaming.md (1 hunks)
• apps/content/package.json (1 hunks)
• apps/content/shared/planet.ts (1 hunks)
• packages/arktype/src/converter.test.ts (1 hunks)
• packages/client/package.json (1 hunks)
• packages/client/tests/helpers.ts (2 hunks)
• packages/contract/package.json (1 hunks)
• packages/contract/src/event-iterator.test.ts (1 hunks)
• packages/contract/src/schema-utils.test.ts (1 hunks)
• packages/contract/src/schema.test-d.ts (1 hunks)
• packages/contract/tests/helpers.ts (1 hunks)
• packages/contract/tests/shared.ts (1 hunks)
• packages/json-schema/package.json (1 hunks)
• packages/json-schema/src/smart-coercion-plugin.test.ts (1 hunks)
• packages/nest/package.json (1 hunks)
• packages/nest/src/implement.test.ts (1 hunks)
• packages/openapi/package.json (1 hunks)
• packages/openapi/src/openapi-generator.test.ts (1 hunks)
• packages/openapi/src/plugins/openapi-reference.test.ts (1 hunks)
• packages/openapi/src/schema-converter.test.ts (1 hunks)
• packages/react-query/package.json (1 hunks)
• packages/react/package.json (1 hunks)
• packages/react/src/action-form.test.ts (1 hunks)
• packages/react/src/hooks/server-action.test-d.ts (1 hunks)
• packages/server/README.md (1 hunks)
• packages/server/src/builder.test-d.ts (1 hunks)
• packages/server/src/builder.test.ts (1 hunks)
• packages/server/src/error.test.ts (1 hunks)
• packages/server/src/procedure-client.test.ts (1 hunks)
• packages/server/src/procedure-decorated.test.ts (1 hunks)
• packages/server/src/procedure-utils.test.ts (1 hunks)
• packages/shared/package.json (1 hunks)
• packages/solid-query/package.json (1 hunks)
• packages/svelte-query/package.json (1 hunks)
• packages/tanstack-query/package.json (1 hunks)
• packages/trpc/package.json (1 hunks)
• packages/trpc/src/to-orpc-router.test.ts (1 hunks)
• packages/valibot/src/converter.test.ts (1 hunks)
• packages/zod/README.md (3 hunks)
• packages/zod/package.json (2 hunks)
• packages/zod/src/coercer.test.ts (1 hunks)
• packages/zod/src/coercer.ts (1 hunks)
• packages/zod/src/converter.components.test.ts (1 hunks)
• packages/zod/src/converter.test.ts (2 hunks)
• packages/zod/src/converter.ts (1 hunks)
• packages/zod/src/custom-json-schema.test-d.ts (1 hunks)
• packages/zod/src/custom-json-schema.test.ts (1 hunks)
• packages/zod/src/custom-json-schema.ts (1 hunks)
• packages/zod/src/schemas/base.ts (1 hunks)
• packages/zod/src/schemas/blob.ts (1 hunks)
• packages/zod/src/schemas/file.ts (1 hunks)
• packages/zod/src/schemas/regexp.ts (1 hunks)
• packages/zod/src/schemas/url.ts (1 hunks)
• playgrounds/astro/package.json (1 hunks)
• playgrounds/astro/src/pages/api/[...rest].ts (1 hunks)
• playgrounds/astro/src/router/planet.ts (1 hunks)
• playgrounds/astro/src/router/sse.ts (1 hunks)
• playgrounds/astro/src/schemas/auth.ts (1 hunks)
• playgrounds/astro/src/schemas/planet.ts (2 hunks)
• playgrounds/astro/src/schemas/user.ts (1 hunks)
• playgrounds/browser-extension/entrypoints/background/router/planet.ts (1 hunks)
• playgrounds/browser-extension/entrypoints/background/router/sse.ts (1 hunks)
• playgrounds/browser-extension/entrypoints/background/schemas/auth.ts (1 hunks)
• playgrounds/browser-extension/entrypoints/background/schemas/planet.ts (2 hunks)
• playgrounds/browser-extension/entrypoints/background/schemas/user.ts (1 hunks)
• playgrounds/browser-extension/package.json (1 hunks)
• playgrounds/cloudflare-worker/package.json (1 hunks)
• playgrounds/cloudflare-worker/worker/dos/chat-room.ts (1 hunks)
• playgrounds/contract-first/package.json (1 hunks)
• playgrounds/contract-first/src/contract/planet.ts (1 hunks)
• playgrounds/contract-first/src/contract/sse.ts (1 hunks)
• playgrounds/contract-first/src/main.ts (1 hunks)
• playgrounds/contract-first/src/schemas/auth.ts (1 hunks)
• playgrounds/contract-first/src/schemas/planet.ts (2 hunks)
• playgrounds/contract-first/src/schemas/user.ts (1 hunks)
• playgrounds/electron/package.json (1 hunks)
• playgrounds/electron/src/main/router/planet.ts (1 hunks)
• playgrounds/electron/src/main/router/sse.ts (1 hunks)
• playgrounds/electron/src/main/schemas/auth.ts (1 hunks)
• playgrounds/electron/src/main/schemas/planet.ts (2 hunks)
• playgrounds/electron/src/main/schemas/user.ts (1 hunks)
• playgrounds/electron/tsconfig.json (1 hunks)
• playgrounds/electron/tsconfig.web.json (0 hunks)
• playgrounds/nest/package.json (1 hunks)
• playgrounds/nest/src/contract/planet.ts (1 hunks)
• playgrounds/nest/src/contract/sse.ts (1 hunks)
• playgrounds/nest/src/reference/reference.service.ts (1 hunks)
• playgrounds/nest/src/schemas/auth.ts (1 hunks)
• playgrounds/nest/src/schemas/planet.ts (2 hunks)
• playgrounds/nest/src/schemas/user.ts (1 hunks)
• playgrounds/nest/tsconfig.json (1 hunks)
• playgrounds/next/package.json (1 hunks)

⛔ Files not processed due to max files limit (35)

• playgrounds/next/src/app/actions.ts
• playgrounds/next/src/app/api/[[...rest]]/route.ts
• playgrounds/next/src/router/planet.ts
• playgrounds/next/src/router/sse.ts
• playgrounds/next/src/schemas/auth.ts
• playgrounds/next/src/schemas/planet.ts
• playgrounds/next/src/schemas/user.ts
• playgrounds/nuxt/package.json
• playgrounds/nuxt/server/router/planet.ts
• playgrounds/nuxt/server/router/sse.ts
• playgrounds/nuxt/server/routes/api/[...].ts
• playgrounds/nuxt/server/schemas/auth.ts
• playgrounds/nuxt/server/schemas/planet.ts
• playgrounds/nuxt/server/schemas/user.ts
• playgrounds/solid-start/package.json
• playgrounds/solid-start/src/router/planet.ts
• playgrounds/solid-start/src/router/sse.ts
• playgrounds/solid-start/src/routes/api/[...rest].ts
• playgrounds/solid-start/src/schemas/auth.ts
• playgrounds/solid-start/src/schemas/planet.ts
• playgrounds/solid-start/src/schemas/user.ts
• playgrounds/svelte-kit/package.json
• playgrounds/svelte-kit/src/router/planet.ts
• playgrounds/svelte-kit/src/router/sse.ts
• playgrounds/svelte-kit/src/routes/api/[...rest]/+server.ts
• playgrounds/svelte-kit/src/schemas/auth.ts
• playgrounds/svelte-kit/src/schemas/planet.ts
• playgrounds/svelte-kit/src/schemas/user.ts
• playgrounds/tanstack-start/package.json
• playgrounds/tanstack-start/src/router/planet.ts
• playgrounds/tanstack-start/src/router/sse.ts
• playgrounds/tanstack-start/src/routes/api/$.ts
• playgrounds/tanstack-start/src/schemas/auth.ts
• playgrounds/tanstack-start/src/schemas/planet.ts
• playgrounds/tanstack-start/src/schemas/user.ts

💤 Files with no reviewable changes (1)

• playgrounds/electron/tsconfig.web.json

🧰 Additional context used

🧬 Code Graph Analysis (9)

playgrounds/electron/src/main/schemas/auth.ts (1)

playgrounds/browser-extension/entrypoints/background/schemas/auth.ts (1)

• CredentialSchema (3-6)

playgrounds/browser-extension/entrypoints/background/schemas/auth.ts (1)

playgrounds/electron/src/main/schemas/auth.ts (1)

• CredentialSchema (3-6)

playgrounds/contract-first/src/schemas/auth.ts (3)

playgrounds/nuxt/server/schemas/auth.ts (1)

• CredentialSchema (3-6)

playgrounds/solid-start/src/schemas/auth.ts (1)

• CredentialSchema (3-6)

playgrounds/svelte-kit/src/schemas/auth.ts (1)

• CredentialSchema (3-6)

playgrounds/browser-extension/entrypoints/background/schemas/planet.ts (1)

playgrounds/electron/src/main/schemas/planet.ts (2)

• UpdatePlanetSchema (14-19)
• PlanetSchema (21-27)

playgrounds/electron/src/main/schemas/planet.ts (1)

playgrounds/browser-extension/entrypoints/background/schemas/planet.ts (2)

• UpdatePlanetSchema (14-19)
• PlanetSchema (21-27)

playgrounds/browser-extension/entrypoints/background/schemas/user.ts (1)

playgrounds/electron/src/main/schemas/user.ts (4)

• NewUser (4-4)
• NewUserSchema (7-11)
• User (5-5)
• UserSchema (23-27)

playgrounds/contract-first/src/schemas/user.ts (3)

playgrounds/nuxt/server/schemas/user.ts (4)

• NewUser (4-4)
• NewUserSchema (7-11)
• User (5-5)
• UserSchema (23-27)

playgrounds/svelte-kit/src/schemas/user.ts (4)

• NewUser (4-4)
• NewUserSchema (7-11)
• User (5-5)
• UserSchema (23-27)

playgrounds/solid-start/src/schemas/user.ts (4)

• NewUser (4-4)
• NewUserSchema (7-11)
• User (5-5)
• UserSchema (23-27)

playgrounds/electron/src/main/schemas/user.ts (1)

playgrounds/browser-extension/entrypoints/background/schemas/user.ts (4)

• NewUser (4-4)
• NewUserSchema (7-11)
• User (5-5)
• UserSchema (23-27)

playgrounds/contract-first/src/schemas/planet.ts (3)

playgrounds/nuxt/server/schemas/planet.ts (2)

• UpdatePlanetSchema (14-19)
• PlanetSchema (21-27)

playgrounds/solid-start/src/schemas/planet.ts (2)

• UpdatePlanetSchema (14-19)
• PlanetSchema (21-27)

playgrounds/svelte-kit/src/schemas/planet.ts (2)

• UpdatePlanetSchema (14-19)
• PlanetSchema (21-27)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: publish-commit
• GitHub Check: lint
• GitHub Check: Analyze (javascript-typescript)

🔇 Additional comments (107)

playgrounds/nest/tsconfig.json (1)

17-17: Playground declarations aren’t consumed—keeping "declaration": false is safe
We’ve verified:

• No package.json “types” fields reference playgrounds/nest/dist.
• No other tsconfig.json extends playgrounds/nest/tsconfig.json.
• This folder is example-only and not published as a library.

You can leave "declaration": false enabled to speed up builds without impacting downstream consumers.

packages/svelte-query/package.json (1)

50-50: Version bump without matching path aliases

devDependencies.zod → ^4.0.5, yet several packages now import from 'zod/v3'.
If /v3 is not exported by zod@4, local unit tests will pass (because they run inside the monorepo with path mappings) but published consumers will break.

Ensure that:
• /v3 is covered by a exports sub-path in every published package.json, or
• All internal code switches to the canonical zod entry-point.

packages/trpc/package.json (1)

45-48: Confirm zod@^4.0.5 availability and devDependency placement

zod@^4.0.5 is published under the “latest” dist-tag, and our search shows only test files import it (no runtime imports in packages/trpc/src). Keeping zod in devDependencies is correct.

playgrounds/contract-first/package.json (1)

21-24: Zod v4.0.5 is available on npm
Confirmed with npm view zod@4.0.5 version returning 4.0.5. Safe to merge.

packages/react/package.json (1)

54-57: DevDependency Scope Confirmed – No Zod Runtime Imports in @orpc/react

A grep over packages/react/src (excluding all test files) returned zero zod imports. There’s no runtime reference to Zod in the published code, so it’s only used for development/testing. Keeping Zod under devDependencies is correct.

packages/shared/package.json (1)

40-44: All Zod imports are in test files — devDependency is correct
The only occurrence of Zod in packages/shared/src is in object.test.ts, so there’s no runtime usage. Keeping Zod in devDependencies is appropriate.

packages/react-query/package.json (1)

49-52: Check the ripple effect of the Zod v4 upgrade.

Upgrading to a new major of Zod is breaking. Although it appears only in devDependencies here, several workspace packages list Zod as a peer / direct dependency. Please verify:

1. No package still pins ^3.*.
2. Generated typings / runtime code that rely on legacy enums (z.enum) or .nonstrict() APIs compile and pass tests under v4.
3. Lock-file is re-hoisted so that only one Zod version is installed (avoids duplicate bundles for consumers).

A quick smoke-test can prevent downstream build failures.

playgrounds/electron/src/main/router/sse.ts (1)

2-2: Import style LGTM.

The switch to namespace import (* as z) matches the new project guideline and keeps intellisense intact.

playgrounds/nest/src/contract/planet.ts (1)

1-1: Consistent Zod import adopted.

Nothing else changed; contract typings remain unaffected.

packages/react/src/hooks/server-action.test-d.ts (1)

3-3: Import update acknowledged.

Type-level tests still compile; no further action needed.

playgrounds/cloudflare-worker/worker/dos/chat-room.ts (1)

3-3: Namespace import looks good.

No functional differences introduced.

packages/zod/src/schemas/base.ts (1)

1-1: Importing from the v3 sub-path is OK, but be mindful of mixed runtimes

zod/v3 is exposed by Zod v4 purely for backwards-compatibility. Relying on v3 types while the rest of the repo runs v4 at runtime can easily lead to subtle mismatches (e.g. _def structure changes across majors). Make sure:

1. There is no runtime call site that mixes v3 objects with v4 ones.
2. Your bundler / tsconfig is set to resolve the zod/v3 export condition (Node ≥ 18 or an ESM-aware bundler).

If both points are covered, the change looks fine.

playgrounds/astro/package.json (1)

29-29: Double-check that every workspace depends on the same Zod major

"zod": "^4.0.5" is added here, but several packages still import from zod/v3. Yarn/PNPM will hoist only one copy of Zod; if any workspace accidentally keeps a caret-range of ^3, you will get duplicate copies or peer-dep warnings.

Search the repo for \"zod\": \"^3 to avoid version skew.

packages/zod/src/schemas/regexp.ts (1)

1-3: custom import aligns with v3 API – good catch

zod/v3 still exposes custom, which was removed in v4, so the switch keeps the helper working without code changes.

playgrounds/astro/src/router/sse.ts (1)

2-2: Import style change is correct and consistent with the v4 migration.

Nothing else to flag here.

packages/contract/src/schema-utils.test.ts (1)

3-3: Namespace import switch LGTM.

The test file now aligns with the unified import pattern.

packages/server/src/builder.test.ts (1)

3-3: Import updated successfully.

No functional impact; existing usages (z.void(), etc.) remain valid under Zod v4.

packages/nest/package.json (1)

74-74: Version bump to Zod v4 acknowledged.

Ensure any Nest-specific pipes or filters that relied on v3 behaviour have corresponding updates/tests.

packages/openapi/package.json (1)

77-78: Double-check whether zod is required at runtime

If any helpers in @orpc/openapi transform Zod schemas dynamically (e.g. zod → openapi conversion on the server) then zod must live in "dependencies", not "devDependencies".
Please audit the package imports and adjust to avoid runtime MODULE_NOT_FOUND in consumer projects.

packages/json-schema/package.json (1)

44-45: Align dependency type with actual usage

The JSON-schema adapter primarily converts Zod schemas during build time; if that assumption is correct, keeping zod in devDependencies is fine. Otherwise shift it to runtime as in previous comments.

packages/zod/src/schemas/url.ts (1)

1-4: No change needed: ‘zod/v3’ imports are intentional for v3 compatibility

The repository is designed to support both Zod v3 and v4:

• In packages/zod/package.json, “zod” is a peer dependency (>= 3.25.0) and the default entrypoint (exports “.”) targets v3 via zod/v3.
• A separate “./zod4” entrypoint exists for consumers using Zod v4.

All of the schema files under packages/zod/src import from zod/v3 by design to maintain v3 compatibility. Switching them to a namespace import from zod would break the v3 stub and defeat the dual‐entrypoint strategy.

No modifications are required here.

Likely an incorrect or invalid review comment.

playgrounds/cloudflare-worker/package.json (1)

24-28: Double-check v4 runtime compatibility of Zod in the Worker environment

Jumping from the latest v3 line to ^4.0.5 is a major change that may introduce breaking API shifts (e.g., refined error maps, changed .parseAsync behaviour). Cloudflare Workers run on a restricted V8 isolate; ensure any optional Node-specific polyfills added by Zod v4 are not pulled in, and that all Worker-side schema parsing remains green (unit + e2e).

If everything is green, no further action required.

playgrounds/next/package.json (1)

26-30: Confirm Next.js migration guides for Zod v4 validation middleware

Next.js examples frequently rely on z.object({}) for route handlers / tRPC procedures. Verify that all playground API routes were bumped to the new namespace-import style and that any removed v3 helpers (z.string().email() → z.email()) were updated; otherwise the dev server will crash on first request.

playgrounds/browser-extension/entrypoints/background/router/sse.ts (1)

2-2: LGTM – import style now matches the repo-wide convention

The namespace import avoids tree-shaking pitfalls seen with import { z }, and no other changes were introduced.

packages/zod/src/coercer.ts (1)

26-28: No action needed: zod/v3 sub-path is officially exported in Zod v4.0.5

The npm view zod@4.0.5 exports output confirms that ./v3 is exposed:

{
  "types": "./v3/index.d.cts",
  "import": "./v3/index.js",
  "require": "./v3/index.cjs",
  "@zod/source": "./src/v3/index.ts"
}

Therefore the import in packages/zod/src/coercer.ts can remain:

} from 'zod/v3'
import { guard, isObject } from '@orpc/shared'
import { ZodFirstPartyTypeKind } from 'zod/v3'

packages/solid-query/package.json (1)

50-51: zod bumped to ^4.0.5 only in devDependencies – check transitive runtime usage

If any compiled files inside @orpc/solid-query perform a runtime require('zod'), consumers will need zod as a peer dependency, not just dev. Please audit the source; if the import is purely type-level, leave as-is, otherwise promote to peerDependencies.

playgrounds/browser-extension/package.json (1)

32-33: Mirror dependency strategy with playground bundlers

The playground ships bundled output, so zod sitting in devDependencies is usually fine. Just double-check that Vite/WXT doesn’t externalise zod (in which case it must be a prod dependency).

apps/content/examples/openai-streaming.md (1)

16-17: Nice switch to namespace import

import * as z from 'zod' keeps tree-shaking intact and matches the new repo-wide convention. 👍

apps/content/docs/client/event-iterator.md (1)

15-15: LGTM! Import style updated for Zod v4 compatibility.

The change from named import to namespace import aligns with the PR objective and maintains consistent usage throughout the documentation.

packages/contract/tests/helpers.ts (1)

1-1: LGTM! Zod import standardized for v4 compatibility.

The namespace import change is consistent with the codebase-wide update and maintains all existing functionality.

packages/valibot/src/converter.test.ts (1)

2-2: LGTM! Import updated for consistency across the codebase.

The namespace import change aligns with the Zod v4 migration and maintains all test functionality.

playgrounds/electron/src/main/router/planet.ts (1)

2-2: LGTM! Zod import updated for v4 compatibility.

The namespace import change is consistent with the codebase-wide migration and preserves all router functionality.

apps/content/docs/openapi/integrations/implement-contract-in-nest.md (1)

73-73: LGTM! Documentation example updated for Zod v4 compatibility.

The namespace import change ensures documentation examples align with the new codebase standard while maintaining all functionality.

apps/content/docs/error-handling.md (1)

55-55: Import style update reads well

Doc snippet now mirrors the new namespace-import convention adopted across the codebase. Nothing else to flag.

apps/content/shared/planet.ts (1)

1-1: Confirm compiler settings for namespace import

import * as z from 'zod' relies on your TS module-resolution settings (e.g. esModuleInterop: false, module: ESNext). Just double-check that downstream builds/tests still resolve z.object() correctly—especially if any consumers compile with allowSyntheticDefaultImports.

packages/openapi/src/openapi-generator.test.ts (1)

3-3: LGTM – test updated to new import form

No behavioural changes introduced; test continues to use the same z API surface.

apps/content/docs/plugins/hibernation.md (1)

80-80: Docs aligned with import convention

Namespace import renders fine in the MDX snippet.

packages/server/src/procedure-utils.test.ts (1)

2-2: Import change acknowledged

Unit test compiles against the updated namespace import without side effects.

packages/server/README.md (1)

69-69: LGTM! Documentation updated to reflect new import standard.

The namespace import pattern aligns with the Zod v4 migration effort and improves consistency across the codebase documentation.

packages/server/src/procedure-decorated.test.ts (1)

1-1: Import standardization looks good.

The namespace import maintains compatibility while aligning with the project's Zod v4 migration strategy.

packages/arktype/src/converter.test.ts (1)

2-2: Consistent import standardization.

The namespace import maintains test functionality while following the project's new Zod import pattern.

packages/contract/src/schema.test-d.ts (1)

4-4: Type definition test import updated correctly.

The namespace import maintains TypeScript type inference behavior while standardizing the import pattern.

playgrounds/browser-extension/entrypoints/background/router/planet.ts (1)

2-2: Application code import standardized successfully.

The namespace import maintains full functionality while aligning with the Zod v4 migration strategy across the codebase.

packages/json-schema/src/smart-coercion-plugin.test.ts (1)

1-1: Consistent namespace import aligns with Zod v4

Switching to import * as z from 'zod' avoids the fragile named-export ({ z }) pattern and works seamlessly with both CJS/ESM bundles in v4. Looks good.

packages/openapi/src/schema-converter.test.ts (1)

1-1: Unified Zod import style

The namespace import keeps the test in sync with the project-wide v4 migration and prevents future type-check hiccups.

packages/contract/src/event-iterator.test.ts (1)

3-3: Namespace import is the correct choice for v4

Nothing else changes in the file; the new import builds fine and improves compatibility.

packages/react/src/action-form.test.ts (1)

2-2: Import updated for v4 compatibility

The namespace form is consistent and safe; no further action needed.

packages/server/src/procedure-client.test.ts (1)

2-2: Good move to import * as z

Keeps the large test suite aligned with Zod v4—LGTM.

packages/trpc/src/to-orpc-router.test.ts (1)

4-4: Namespace import aligns with new convention – looks good.
The switch to import * as z from 'zod' keeps the test in-sync with the project-wide v4 migration and compiles fine under both TS esModuleInterop settings.

playgrounds/astro/src/router/planet.ts (1)

2-2: Import style updated correctly.
No further action needed – all downstream references (z.object, z.number, …) remain valid.

packages/zod/src/converter.ts (1)

34-40: Verify that the zod/v3 sub-path resolves at runtime.

ZodFirstPartyTypeKind is used at runtime (switch statement), so bundlers / Node must be able to require('zod/v3'). This sub-path is available in recent Zod 4.x, but fails on 3.x and on older tooling that doesn’t honor the exports map.

If compatibility with both Zod 3 and 4 is expected, consider one of:

-import { ZodFirstPartyTypeKind } from 'zod/v3'
+import { ZodFirstPartyTypeKind } from 'zod'          // always present at runtime

or a defensive dynamic import fallback.

Please run the project with the intended Zod version and make sure the module resolution does not break when published.

packages/openapi/src/plugins/openapi-reference.test.ts (1)

2-2: Consistent namespace import – OK.
Matches the rest of the codebase; no issues spotted.

packages/contract/tests/shared.ts (1)

3-3: Import change acknowledged.
The file compiles and behaves the same; nothing else to flag.

playgrounds/contract-first/src/contract/sse.ts (1)

2-2: Consistent namespace import looks good.

The switch to import * as z from 'zod' matches the new v4-style across the codebase and keeps all subsequent z. references intact. No further action needed.

playgrounds/contract-first/src/contract/planet.ts (1)

1-1: Import update acknowledged.

Namespace import aligns with the repo-wide convention and doesn’t affect the existing logic. ✅

apps/content/docs/client/error-handling.md (1)

14-14: Doc snippet updated correctly.

The example now mirrors the code changes in src files, avoiding confusion for readers. Looks good.

packages/nest/src/implement.test.ts (1)

10-10: Test import switched to namespace – OK.

All usages of z remain valid; no other side-effects in the test suite. 👍

apps/content/docs/openapi/plugins/openapi-reference.md (1)

17-19: Converter import change makes sense.

Re-exporting the experimental converter under the old name maintains example clarity while pointing to the v4 module. No issues spotted.

packages/server/src/builder.test-d.ts (1)

14-14: LGTM – import style switch only

The change is purely cosmetic and aligns the test with the new namespace-import convention. No further action required.

apps/content/docs/contract-first/define-contract.md (1)

43-44: Docs compile snippets but drop type-only import – watch for Docusaurus/TS Playground

Both code blocks swap to import * as z from 'zod', which is correct for runtime.
If the docs playground previously relied on // @filename: index.ts style compilation, make sure the TypeScript service still resolves the esModuleInterop requirement (allowSyntheticDefaultImports=false scenario), otherwise the rendered playground will throw.

No code change needed, just flagging for the docs build step.

Also applies to: 81-82

packages/server/src/error.test.ts (1)

3-3: Import style updated – no functional impact

Change aligns with project-wide convention. Tests remain intact.

apps/content/docs/getting-started.md (1)

53-53: LGTM: Documentation updated to reflect new import pattern.

The change from named import to namespace import aligns with the Zod v4 standardization effort across the codebase.

playgrounds/nest/src/contract/sse.ts (1)

2-2: LGTM: Import standardization is consistent.

The namespace import change aligns with the codebase-wide standardization for Zod v4 support.

playgrounds/nest/src/reference/reference.service.ts (1)

2-2: Monitor experimental feature usage.

The switch to experimental_ZodToJsonSchemaConverter from @orpc/zod/zod4 is appropriate for Zod v4 support, but note that experimental features may have stability considerations for production use.

playgrounds/astro/src/schemas/auth.ts (2)

1-1: LGTM: Import standardization is consistent.

The namespace import change aligns with the codebase-wide standardization effort.

---

4-4: Email validator syntax confirmed

z.email() is the correct, preferred way to define an email schema in Zod v4. The code in playgrounds/astro/src/schemas/auth.ts is valid and no changes are needed.

playgrounds/contract-first/src/schemas/auth.ts (1)

1-1: LGTM: Import standardization is consistent.

The namespace import change aligns with the codebase-wide standardization effort.

playgrounds/electron/src/main/schemas/auth.ts (1)

1-1: LGTM: Import style updated for Zod v4 consistency.

The namespace import aligns with the codebase-wide migration to Zod v4.

playgrounds/browser-extension/entrypoints/background/schemas/auth.ts (1)

1-1: LGTM: Consistent import style migration.

The namespace import change aligns with the codebase-wide Zod v4 migration.

playgrounds/nest/src/schemas/auth.ts (1)

1-1: LGTM: Consistent migration pattern.

Excellent consistency across all auth schema files in the migration to namespace imports.

apps/content/docs/server-action.md (1)

16-16: LGTM: Documentation updated for Zod v4 consistency.

All code examples in the documentation have been properly updated to use namespace imports, ensuring they remain functional and consistent with the codebase migration.

Also applies to: 73-73, 140-140

apps/content/docs/client/server-side.md (1)

20-20: LGTM: Documentation examples updated consistently.

All Zod import statements have been properly migrated to namespace imports, maintaining consistency with the Zod v4 migration across the codebase.

Also applies to: 37-37, 54-54, 73-73

playgrounds/astro/src/pages/api/[...rest].ts (1)

4-4: Consistent migration approach across playgrounds.

The change maintains consistency with other playground files in the migration to the experimental ZodToJsonSchemaConverter. The aliasing approach ensures existing code continues to work.

packages/zod/README.md (1)

75-75: Good standardization of Zod import style.

The change from named import to namespace import (import * as z from 'zod') standardizes the import pattern across the codebase, improving consistency.

README.md (2)

71-71: Excellent import standardization in main documentation.

The change to namespace import style (import * as z from 'zod') ensures consistency between the main README and the rest of the codebase documentation.

---

180-180: Consistent experimental converter usage in main docs.

The migration to the experimental ZodToJsonSchemaConverter aligns with the broader Zod v4 migration effort and maintains consistency across all documentation.

apps/content/docs/openapi/getting-started.md (2)

51-51: Consistent Zod import pattern in user documentation.

The namespace import style aligns with the standardized pattern across the codebase and provides a consistent example for users following the getting started guide.

---

174-176: Clear multi-line import format for experimental converter.

The multi-line import format improves readability while maintaining consistency with the migration to the experimental ZodToJsonSchemaConverter from the zod4 subpath.

apps/content/docs/openapi/openapi-specification.md (2)

119-119: LGTM: Simplified email validation using Zod v4 API.

The change from z.string().email() to z.email() is a cleaner and more direct approach in Zod v4.

---

251-252: LGTM: Improved file validation with explicit MIME types.

The migration from oz.file().type(...) to z.file().mime([...]) provides better type safety and explicit MIME type validation, which is more robust than wildcard patterns.

apps/content/docs/file-upload-download.md (2)

20-20: LGTM: Consistent namespace import pattern.

The change to namespace import (import * as z from 'zod') is consistent with the v4 migration across the codebase.

---

23-23: LGTM: Proper Zod v4 file validation.

Using z.file() instead of z.instanceof(File) is the correct approach for file validation in Zod v4, providing better integration with the schema system.

playgrounds/browser-extension/entrypoints/background/schemas/planet.ts (3)

1-1: LGTM: Consistent namespace import.

The namespace import pattern aligns with the Zod v4 migration strategy across the codebase.

---

11-11: LGTM: Comprehensive image MIME type validation.

The explicit MIME type list ['image/png', 'image/jpeg', 'image/webp', 'image/svg+xml', 'image/gif'] provides robust validation for common web image formats, which is more precise than the previous wildcard approach.

Also applies to: 18-18

---

25-25: LGTM: Simplified URL validation.

Using z.url() instead of z.string().url() is a cleaner API in Zod v4.

playgrounds/electron/src/main/schemas/planet.ts (1)

1-1: LGTM: Consistent schema updates across playgrounds.

The changes are identical to the browser extension playground, maintaining consistency in:

• Namespace import pattern
• Comprehensive image MIME type validation
• Simplified URL validation with z.url()

This consistency across playgrounds is excellent for maintainability.

Also applies to: 11-11, 18-18, 25-25

apps/content/docs/advanced/validation-errors.md (3)

19-19: LGTM: Consistent namespace import pattern.

The namespace import changes are consistent with the Zod v4 migration across the documentation.

Also applies to: 58-58, 110-110

---

89-90: LGTM: Simplified UUID validation.

Using z.uuid() instead of z.string().uuid() is a cleaner API in Zod v4.

Also applies to: 123-123

---

34-35: No changes needed: z.prettifyError() and z.flattenError() are the correct Zod v4 APIs
Both methods are the recommended way to format ZodError instances in Zod v4 (replacing the old error.flatten()), so the existing snippets at lines 34–35 (and similarly at 71–72 and 139–140) are accurate.

playgrounds/nest/src/schemas/user.ts (1)

1-37: Excellent migration to Zod v4 patterns!

The changes successfully implement the v4 migration by:

• Standardizing to namespace imports (import * as z from 'zod')
• Using the experimental JSON schema registry from @orpc/zod/zod4
• Simplifying email validation to z.email()
• Separating schema definitions from example metadata

The implementation is clean and follows consistent patterns across the codebase.

playgrounds/browser-extension/entrypoints/background/schemas/user.ts (1)

1-37: Consistent migration pattern implemented correctly.

This file follows the same v4 migration pattern as other playground files, maintaining consistency across the codebase. All changes align with the Zod v4 conventions.

playgrounds/astro/src/schemas/user.ts (1)

1-37: Migration implemented consistently.

The Zod v4 migration is applied correctly with the same pattern as other playground files, ensuring consistency across the entire codebase.

playgrounds/contract-first/src/schemas/planet.ts (3)

1-1: Import standardization applied correctly.

The namespace import for Zod aligns with the v4 migration pattern used throughout the codebase.

---

11-11: File validation migration implemented properly.

The transition from oz.file().type('image/*') to z.file().mime([...]) with explicit MIME types is well-executed. The comprehensive list of image MIME types (image/png, image/jpeg, image/webp, image/svg+xml, image/gif) provides better type safety and clarity.

Also applies to: 18-18

---

25-25: URL validation simplified correctly.

The change from z.string().url() to z.url() follows Zod v4 conventions and provides more direct validation.

playgrounds/contract-first/src/schemas/user.ts (1)

1-37: Complete and consistent v4 migration.

This file completes the migration pattern seen across all playground user schemas. The implementation maintains consistency and follows all Zod v4 conventions properly.

playgrounds/astro/src/schemas/planet.ts (3)

1-1: LGTM! Namespace import aligns with Zod v4 migration.

The change from named import to namespace import (import * as z from 'zod') is consistent with the broader migration pattern across the codebase.

---

11-11: Verify MIME type coverage for image validation.

The explicit MIME type list is more secure than wildcards, but ensure all required image formats are covered. The current list includes PNG, JPEG, WebP, SVG, and GIF.

Consider if additional formats like AVIF or TIFF should be included based on your application requirements.

Also applies to: 18-18

---

25-25: LGTM! URL validation simplification is appropriate.

The change from z.string().url() to z.url() leverages Zod's direct URL validator, which is cleaner and more semantic.

playgrounds/electron/tsconfig.json (1)

2-18: LGTM! TypeScript configuration consolidation looks well-structured.

The configuration consolidation and explicit compiler options provide better control over the build process. The path mapping and module resolution settings are appropriate for an Electron application.

playgrounds/electron/src/main/schemas/user.ts (2)

9-9: LGTM! Email validation simplification is appropriate.

The change from z.string().email() to z.email() leverages Zod's direct email validator, which is more semantic and aligns with v4 patterns.

Also applies to: 26-26

---

13-21: LGTM! Separation of examples from schema definitions improves modularity.

The external registration of examples via the JSON schema registry provides better separation of concerns and makes schemas more focused on validation logic.

Also applies to: 29-37

playgrounds/nest/src/schemas/planet.ts (4)

1-1: LGTM! Consistent namespace import pattern.

The namespace import aligns with the migration pattern used across other playground files.

---

11-11: LGTM! Consistent MIME type specification across playgrounds.

The explicit MIME type list matches the pattern used in other playground files, maintaining consistency across the codebase.

Also applies to: 18-18

---

25-25: LGTM! URL validation simplification is consistent.

The change to z.url() matches the pattern used in other schema files.

---

15-15: No breaking change: schemas consistently use z.number()

Searches across all service and client schema definitions did not find any use of z.coerce.number(). Every UpdatePlanetSchema and PlanetSchema defines id as

z.number().int().min(1)

and all router, OpenAPI handlers, and client contracts expect numeric id values. Removing coercion has no effect—no endpoints were accepting string-encoded numbers.

packages/zod/src/converter.test.ts (1)

11-15: LGTM! Test structure simplification improves maintainability.

Removing the ignoreZodToJsonSchema flag and external library comparison simplifies the test structure and focuses on testing the internal converter implementation.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

📢 Thoughts on this report? Let us know!

[Copilot]

Pull Request Overview

This PR upgrades Zod from v3 to v4 across the entire codebase, adapting to the new API changes and schema methods.

Key Changes:

• Updated all Zod imports to use namespace imports (import * as z from 'zod')
• Migrated to Zod v4's native schema methods (e.g., z.email(), z.url(), z.file().mime([...]))
• Replaced custom OpenAPI schema wrapper with external JSON schema registry approach

Reviewed Changes

Copilot reviewed 143 out of 144 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
All schema files (user.ts, planet.ts, auth.ts)	Updated to use native Zod v4 methods and namespace imports
All router/handler files	Updated imports to namespace style
All package.json files	Upgraded Zod dependency from ^3.25.76 to ^4.0.5
packages/zod/src/*	Updated internal imports to use 'zod/v3' compatibility layer
Configuration files	Simplified TypeScript configurations and removed unused dependencies

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

Comments suppressed due to low confidence (3)