deps: bump zod from 3.25.76 to 4.0.2 in the dependencies-major group

[dependabot]

Bumps the dependencies-major group with 1 update: zod.

Updates zod from 3.25.76 to 4.0.2

Release notes

Sourced from zod's releases.

v4.0.1

Commits:

• 91c9ca6385bef38278605294498af06c89b9aa68 fix: cleanup _idmap of $ZodRegistry (#4837)
• 9cce1c5779aea32d00226a931a7f67d3e2529d58 docs: fix typo in flattenError example on error-formatting page (#4819) (#4833)
• a3560aeb6c3a8675a932601be79cfae897eec9d9 v3.25.76 (#4838)
• 50606616c0d291caf3210a7521da51271b918333 Release 3.25.76
• 7baee4e17f86f4017e09e12b0acdee36a5b1c087 Update index.mdx (#4831)
• 06172bf37693840e917a5446159503a299e8b4a0 docs: add zod2md to zodToXConverters (#4835)
• 30e2f3e127073c276ed5a9ac990ebbc5d8e1a76a Update docs
• b748b914d9a0c52e57bfb682dcf587e79e2a7f2e Add zod-openapi libraries to v4 (#4829)
• 990e03bae12a9b1bc6817e3dbdf337cb3cd87ce2 Update core.mdx (#4746)
• e7f20c2c761f924b1182b65eed49c9235822fa16 Fix treeifyError type for branded primitives. Add test. Closes #4840 (#4843)
• 79d4d80e3b47f04752c5c281077b53f889551441 v4.0.0 (#4844)
• 00a17088a2efae79ec8609caf9417ba10b2afe78 Remove JSR from release.yml
• 7c4c83c5f421e3d4d65fed79491628723821eee4 Update mime docs
• a7bd58a6d35c5af0cb7301b1c2722bd60b5baa1b Remove when from params
• e8990165094117e87fb9d04fae7d1a0f60506842 Support format in z.templateLiteral
• b259211157ec62299d7e2fad005827979d087b21 4.0.1

v4.0.0-beta

Zod 4 is now in beta.

• Release notes
• Migration guide

The repo now contains three separate packages:

• zod
• @zod/mini: a tree-shakable variant of Zod.
• @zod/core: a library that implements logic/parsers shared between zod and @zod/mini.

During the beta period:

• zod — published continuously to zod@next , e.g. [email protected]
• @zod/mini — published continuously to @zod/mini@next , e.g. @zod/[email protected]
• @zod/core — published to latest in the v.0x version range (initial development in semver)

To install/upgrade:

npm upgrade zod@next
npm install @zod/mini@next
npm install @zod/core

A note on versioning

For simplicity, additional beta will be continuously released as additional commits are made to the v4 branch.

After the beta:

... (truncated)

Commits

• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
arcjet-js-example	Ready	Preview	Comment	Oct 15, 2025 3:11am

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	zod@​3.25.76 ⏵ 4.1.12	+1

View full report

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Looks like zod is updatable in another way, so this is no longer needed.