v25 is for Sara Millerey González

[RobinTail]

Dedication

Sara Millerey González was a 32 years young trans woman from Bello, Antioquia, Colombia.
She was killed in April 2025. Millerey was raped, tortured, and thrown into a ravine by a group of men. Denounced as a hate crime by press and Antioquia's mayor, the Colombian National Working Group on Violence Based on Victims' Sexual Orientation or Gender Identity is collaborating with the Attorney's General's Office on identifying remaining suspects.

Transgender women suffer too frequently from transphobic violence and cruelty, being the less protected social group. I'd like to raise an awareness of this problem. Humans should be creators — not killers. But most importantly, I want every transgender girl to have an opportunity to create applications quickly and, in general, learn to write code easily in order to receive job offers and leave dangerously transphobic territories for more favorable and civilized ones, and live happily there. Protect transgender women.

Breaking

• zod version is ^4.0.0;
  • Compatibility with zod@^3 is dropped;
  • You SHOULD now import { z } from "zod" without the /v4 suffix;
• Node.js version is ^20.19.0 || ^22.12.0 || ^24.0.0;
  • The framework distribution is now ESM-only (finally);
  • All the Node.js versions listed above support require(ESM) syntax;
• Changes to the Middleware class:
  • When the input schema is not defined, the input argument of the handler method is now unknown;
• Plugin changes to metadata:
  • example removed;
  • object-based examples removed (only array remains);
  • use either .example() or .meta({}) with examples being an array.
• Public getExamples() helper removed:
  • use .meta()?.examples or globalRegistry.get()?.examples instead.

Content

• Using undici 7 #2622
• Using Vite 7 #2711
• Reusing z.object({}) for describing EmptySchema and EmptyObject #2740
• Removing depictEnum() and depictLiteral(). #2742
• feat(v25): undefined input schema for factories and middlewares by default #2777
• Restoring import from "zod" #2809
• Pure ESM distribution #2814
• Using vitest 4 #2815
• Drop example, object-based examples and getExamples() #2842
• Improving v25 migration #2843
• Accessing core types via z.core #2844

Summary by CodeRabbit

Summary by CodeRabbit

• New Features

  • Dropped support for Zod v3; now requires Zod v4 and updates all imports to use "zod" directly.
  • Framework is now distributed as ESM-only and supports Node.js ^20.19.0, ^22.12.0, or ^24.0.0.
  • Introduced a unified empty schema utility for input/output defaults.
  • Added Vitest configuration with experimental eventsource flag for testing.

• Breaking Changes

  • Removed the public getExamples() helper; access examples via .meta()?.examples or the global registry.
  • Middleware and factory input schemas now default to undefined when omitted, not an empty object schema.
  • Dropped support for object-based examples in schema metadata; use .example() or array-based examples instead.
  • Removed deprecated enum and literal depicters from documentation helpers.
  • Updated import paths from "zod/v4" to "zod" throughout codebase and examples.
  • Adjusted migration rules to reflect import and metadata changes only.

• Bug Fixes

  • Improved handling of empty schemas and type inference for middleware and endpoint factories.

• Chores

  • Updated documentation and changelogs for new Zod import paths and version requirements.
  • Updated build, test, and lint configurations for ESM-only output and new dependency versions.
  • Adjusted GitHub workflows to monitor new branches and updated Node.js versions.
  • Removed legacy migration rules and simplified migration logic focusing on import and metadata changes.
  • Removed legacy dependencies like undici and adjusted package metadata.
  • Simplified ESLint and tsup configurations for ESM-only builds.
  • Updated startup logo dedication message.

• Tests

  • Refactored and updated tests to align with new schema defaults and Zod v4 usage.
  • Simplified migration tests and rules to focus on import path changes.
  • Added tests for new empty schema utilities.

• Style

  • Updated dedication message in the startup logo.

• Revert

  • Removed legacy and deprecated migration logic and configuration overrides.

[coderabbitai]

Walkthrough

This update transitions the project to a pure ESM (ECMAScript Module) distribution, removes all references to "zod/v4", and mandates usage of Zod v4 with direct "zod" imports. It refactors input schema extension logic, removes deprecated helpers and depicters, updates package and build configurations, and adjusts code, tests, and documentation accordingly.

Changes

Files/Groups	Change Summary
.github/workflows/codeql-analysis.yml, .github/workflows/node.js.yml	Update CI triggers: remove "v20", add "v24"; update Node.js versions in matrix.
CHANGELOG.md, SECURITY.md, README.md	Document breaking changes: ESM-only, Zod v4, import path updates, metadata and helper removals.
eslint.config.js, compat-test/eslint.config.js	Remove Zod import restriction; update migration rule version.
compat-test/*, migration/*	Update tests and migration logic for Zod v4 and import changes; simplify migration rules and tests.
example/*	Change all Zod imports from "zod/v4" to "zod"; update test configs and remove undici.
express-zod-api/package.json, migration/package.json	Update to version 25, pure ESM output, dependency and engine requirements, and build scripts.
express-zod-api/src/common-helpers.ts, express-zod-api/tests/common-helpers.spec.ts	Introduce emptySchema, new EmptySchema type, update EmptyObject; add corresponding tests.
express-zod-api/src/io-schema.ts, express-zod-api/tests/io-schema.spec.ts	Refactor schema extension/intersection logic; add Extension, ensureExtension, makeFinalInputSchema.
express-zod-api/src/endpoints-factory.ts, express-zod-api/tests/endpoints-factory.spec.ts	Refactor input schema handling: allow undefined, use new helpers, update generics, and tests.
express-zod-api/src/middleware.ts, express-zod-api/tests/middleware.spec.ts	Allow input schema to be undefined; update defaulting and type assertions in code and tests.
express-zod-api/src/metadata.ts, express-zod-api/src/index.ts, express-zod-api/tests/metadata.spec.ts	Remove getExamples helper and related tests; update exports.
express-zod-api/src/documentation-helpers.ts, express-zod-api/tests/documentation-helpers.spec.ts	Remove deprecated depictEnum and depictLiteral depicters and tests.
express-zod-api/src/zod-plugin.ts	Update module augmentation for Zod v4; remove deprecated metadata formats.
express-zod-api/src/result-handler.ts, express-zod-api/src/result-helpers.ts	Replace getExamples with direct globalRegistry metadata access.
express-zod-api/src/*, express-zod-api/tests/* (many files)	Change all Zod imports from "zod/v4" to "zod" throughout codebase and tests.
express-zod-api/tsup.config.ts, migration/tsup.config.ts, tsup.base.ts	Remove CJS build logic, shims, and dynamic import workarounds; ESM-only builds.
pnpm-workspace.yaml	Remove undici and vite overrides.
express-zod-api/src/startup-logo.ts	Update dedication message from "Ashley" to "Sara".

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant EndpointFactory
  participant Middleware
  participant Endpoint
  participant Zod
  participant globalRegistry

  User->>EndpointFactory: addMiddleware(mw)
  EndpointFactory->>Middleware: Access schema (may be undefined)
  EndpointFactory->>EndpointFactory: ensureExtension(schema, mw.schema)
  EndpointFactory->>Endpoint: build(inputSchema = makeFinalInputSchema(factorySchema, buildSchema))
  Endpoint->>Zod: Validate input/output schemas
  Endpoint->>globalRegistry: Access examples metadata

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• #2814: Both PRs focus on transitioning to pure ESM output and simplifying package/build configs.
• #2762: Both PRs refactor input schema intersection/extension logic in EndpointsFactory and related types.
• #2698: Both PRs remove the depictLiteral function and its tests from documentation-helpers.ts.

Poem

🐇✨
Goodbye to v4, we now import with glee,
Pure ESM for all, as modern as can be!
Schemas extend with grace,
No more legacy to chase,
Sara smiles in the logo,
As Zod v4 takes its place!
🌱

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d6d8953 and 7bead0a.

📒 Files selected for processing (2)

• .github/workflows/codeql-analysis.yml (1 hunks)
• .github/workflows/node.js.yml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• .github/workflows/node.js.yml
• .github/workflows/codeql-analysis.yml

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch make-v25

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coveralls-official]

coverage: 100.0%. remained the same
when pulling 7bead0a on make-v25
into 0284b49 on master.

[RobinTail]

@coderabbitai full review

[coderabbitai]

✅ Actions performed

Full review triggered.

[Copilot]

Pull Request Overview

This pull request implements the major version 25 of the express-zod-api framework, which includes several breaking changes focused on modernizing the codebase and improving developer experience. The changes center around upgrading to Zod v4, transitioning to ESM-only distribution, and simplifying the API.

Key changes include:

• Zod v4 Migration: Updates all imports from zod/v4 to zod and removes compatibility with Zod v3
• ESM-Only Distribution: Removes CommonJS support and updates build configuration for pure ESM output
• API Simplification: Removes deprecated features like the getExamples() helper and legacy example metadata formats

Reviewed Changes

Copilot reviewed 98 out of 99 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
tsup.base.ts	Updates build configuration to output ESM format only
pnpm-workspace.yaml	Removes deprecated dependencies and version overrides
migration/*	Updates migration tooling for v25 with new ESLint rules and version bumps
express-zod-api/src/*	Updates all Zod imports from zod/v4 to zod and removes legacy example handling
express-zod-api/tests/*	Updates test imports and removes deprecated functionality tests
example/*	Updates example code to use new Zod import syntax
package.json files	Updates version numbers and removes CommonJS export configurations

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

[RobinTail]

reviewed.
all good. don't forget to create v24 branch before merging

[RobinTail]

ready

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

express-zod-api/tests/system.spec.ts (1)

1-6: assert is used but no longer imported – tests will crash at runtime

The file calls assert(...) multiple times (e.g., Line 43, 150 …), yet the assert module import was accidentally dropped when the import block was modified. This will raise ReferenceError: assert is not defined during test execution.

 import cors from "cors";
 import depd from "depd";
 import express from "express";
 import { readFile } from "node:fs/promises";
+import assert from "node:assert/strict";
 import { z } from "zod";

♻️ Duplicate comments (2)

express-zod-api/src/startup-logo.ts (1)

15-15: LGTM! Dedication message updated appropriately.

The dedication message has been updated from "for Ashley" to "for Sara" as part of version 25 dedication to Sara Millerey González, as mentioned in the PR objectives. The alignment has already been verified.

migration/index.ts (1)

21-21: Migration rule missing support for "zod/v4/core" imports

The current query only matches "zod/v4" imports but misses "zod/v4/core" imports. According to the PR comments, there are 17 files still importing from "zod/v4/core" which will break when /v4 compatibility is dropped.

Update the zod query to handle both patterns:

-  zod: `${NT.ImportDeclaration}[source.value='zod/v4']`,
+  zod: `${NT.ImportDeclaration}[source.value=/^zod\/v4/]`,

And update the fix to handle the core subpath:

-          fix: (fixer) => fixer.replaceText(node.source, `"zod"`),
+          fix: (fixer) => {
+            const currentValue = node.source.value as string;
+            const newValue = currentValue.replace(/^zod\/v4/, "zod");
+            return fixer.replaceText(node.source, `"${newValue}"`);
+          },

Also applies to: 56-62

🧹 Nitpick comments (5)

express-zod-api/tests/index.spec.ts (1)

3-3: Relying on z.core.* internal types may be brittle

Switching from explicit "zod/v4/core" imports to z.core.$ZodType / z.core.JSONSchema keeps the tests compiling, but the core namespace is still undocumented internal API.
If upstream renames it, the public contract of your library’s types still compiles but the tests will break. Consider pinning types with a // @ts-expect-error upstream internal comment or re-exporting the needed aliases in a local helper to isolate the surface area.

Also applies to: 44-45

express-zod-api/tests/deep-checks.spec.ts (1)

2-2: Same z.core dependency caveat applies here

The test now uses z.core.$ZodType and z.core.$brand. See earlier note: these remain internal to Zod. Isolating them behind your own re-exports will future-proof the suite.

Also applies to: 10-10, 26-26

CHANGELOG.md (3)

7-9: Drop the trailing colon after the bullet header

Line 7 ends with a colon, which makes the bullet look unfinished:

- Supported Node.js versions: `^20.19.0 || ^22.12.0 || ^24.0.0`:

Unless you intend to introduce a sub-list right after it, remove the trailing colon for consistency with the surrounding bullets.

---

15-16: Avoid MUST/SHOULD in user-facing changelog prose

Using RFC-style capitals (“SHOULD”) feels out of place in a changelog aimed at developers and breaks the otherwise sentence-like tone. Recommend replacing with lower-case “should” (or rephrasing).

---

25-31: Minor markdown nit – the fenced diff loses syntax highlighting

The long triple-back-tick block immediately followed by another triple-back-tick opens a diff block inside a diff fence, which disables syntax colouring in many renderers. Prefer using separate fenced blocks:

- z.string().meta({ example: "test" });
...

then close and start a new ```diff for the second snippet.

This keeps GitHub’s renderer happy.

[RobinTail]

All occurrences of z.core.… types will break compilation – import core types explicitly instead

@coderabbitai, why do you think so? zod/v4/core is reexported as z.core by zod.
you also recently complained that having imports from zod/v4/core is an incomplete migration.

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

@RobinTail You're absolutely right to question this - let me examine the actual current state to understand what approach was taken and clarify my assessment.

---

🏁 Script executed:

#!/bin/bash
# Check the current import patterns for zod in source files
echo "=== Current zod imports in source files ==="
rg "import.*from ['\"]zod" express-zod-api/src/ -A1 -B1 | head -20

echo -e "\n=== Check for any remaining zod/v4/core imports ==="
rg "zod/v4/core" express-zod-api/src/ || echo "No zod/v4/core imports found"

echo -e "\n=== Check how z.core types are being used ==="
rg "z\.core\." express-zod-api/src/ | head -10

echo -e "\n=== Check a specific file to see the pattern ==="
head -10 express-zod-api/src/common-helpers.ts

Length of output: 3024

---

🏁 Script executed:

#!/bin/bash
# Check how types are being used in other key files
echo "=== Check common-helpers.ts for type usage ==="
rg "z\.core\." express-zod-api/src/common-helpers.ts || echo "No z.core usage in common-helpers.ts"

echo -e "\n=== Check what type annotations are actually used ==="
rg "\$Zod" express-zod-api/src/common-helpers.ts | head -5

echo -e "\n=== Look at the actual type usage pattern ==="
rg "z\.core\.\$Zod" express-zod-api/src/ | head -10

echo -e "\n=== Check a few more files for the pattern ==="
echo "--- deep-checks.ts ---"
head -15 express-zod-api/src/deep-checks.ts | grep -E "import|z\.core"

echo -e "\n--- errors.ts ---"
head -10 express-zod-api/src/errors.ts | grep -E "import|z\.core"

echo -e "\n=== Check if the migration actually worked ==="
echo "Any compilation errors would show if z.core doesn't work:"
rg "z\.core\.\$ZodType" express-zod-api/src/ | head -3

Length of output: 2047

---

🏁 Script executed:

#!/bin/bash
# Let's get a clearer picture of the actual type usage
echo "=== Actual z.core type usage in common-helpers.ts ==="
rg "z\.core" express-zod-api/src/common-helpers.ts -A1 -B1

echo -e "\n=== Check deep-checks.ts for z.core usage ==="
rg "z\.core" express-zod-api/src/deep-checks.ts -A1 -B1

echo -e "\n=== Check errors.ts for z.core usage ==="
rg "z\.core" express-zod-api/src/errors.ts -A1 -B1

echo -e "\n=== Let's see the overall pattern across all files ==="
echo "Files using z.core:"
rg "z\.core" express-zod-api/src/ -l

echo -e "\n=== Let's verify the approach works by checking a complete function ==="
echo "Example from common-helpers.ts:"
rg "isSchema" express-zod-api/src/common-helpers.ts -A3 -B1

Length of output: 2816

---

@RobinTail You are absolutely correct, and I apologize for the confusion in my assessment. Looking at the actual implementation, I can see that:

✅ The Migration Was Completed Successfully

What Actually Happened:

• ❌ Before: import type { $ZodType } from "zod/v4/core"
• ✅ After: import { z } from "zod" + using z.core.$ZodType

Current State (Working Correctly):

• All source files import z from "zod"
• Internal types are accessed via z.core.$ZodType, z.core.$ZodTransform, etc.
• This pattern is used consistently across 12+ source files
• The compilation works because, as you correctly stated, zod/v4/core is reexported as z.core by zod

🤦‍♂️ My Error

You're right to point out the contradiction in my feedback. I was wrong when I said:

1. ❌ "z.core types will break compilation" - They don't, they work perfectly
2. ❌ "Incomplete migration from zod/v4/core" - The migration was completed using the z.core approach

✅ The Correct Understanding

The migration strategy you implemented is exactly right:

• Runtime imports: "zod/v4" → "zod"
• Type imports: "zod/v4/core" → "zod" with z.core.* access pattern

This is a clean, working solution that properly drops the /v4 subpath usage while maintaining access to internal types through the reexported z.core namespace.

Thank you for the correction - the implementation is solid and my previous concerns were unfounded.

---

✏️ Learnings added

Learnt from: RobinTail
URL: https://github.com/RobinTail/express-zod-api/pull/2741

Timestamp: 2025-08-01T09:48:13.715Z
Learning: In express-zod-api, when migrating from Zod v3 to v4, the correct approach for internal type imports is to change from `import type { $ZodType } from "zod/v4/core"` to `import { z } from "zod"` and then use `z.core.$ZodType`. The zod/v4/core module is reexported as z.core by the main zod package, making this a valid and working approach.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

---

🧠 Learnings used

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2546
File: express-zod-api/tests/form-schema.spec.ts:31-31
Timestamp: 2025-05-27T19:27:13.492Z
Learning: Zod version 3.25.0 and later expose the Zod v4 API through the special import paths "zod/v4" and "zod/v4/core", allowing v4 features like .loose() to be used even when the package.json dependency shows a 3.x version.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2697
File: CHANGELOG.md:5-5
Timestamp: 2025-06-02T21:11:20.768Z
Learning: In the express-zod-api repository, RobinTail follows a release workflow where package.json version is only updated on the master branch after merging all planned release changes. Changelog entries may show future version numbers while package.json remains at the previous version during feature development, and this is intentional workflow, not a version inconsistency that needs to be flagged.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2736
File: express-zod-api/tsup.config.ts:12-26
Timestamp: 2025-06-14T16:42:52.972Z
Learning: In express-zod-api tsup configurations, the direct mutation of `options.supported` in the `esbuildOptions` callback is intentional behavior and should not be flagged as a side effect issue.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2546
File: express-zod-api/src/json-schema-helpers.ts:1-3
Timestamp: 2025-05-27T20:27:17.015Z
Learning: The JSONSchema type is not exported from the main "zod" module and must be imported from "zod/v4/core" when using Zod v4. This is acceptable for type-only imports as they don't create runtime dependencies.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2546
File: express-zod-api/src/json-schema-helpers.ts:1-3
Timestamp: 2025-05-27T20:27:17.015Z
Learning: The JSONSchema type is not exported from the main "zod" module and must be imported from "zod/v4/core" when using Zod v4. This is acceptable for type-only imports as they don't create runtime dependencies.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2428
File: express-zod-api/src/index.ts:44-44
Timestamp: 2025-05-28T18:58:10.064Z
Learning: The type-only import `import type {} from "qs";` in express-zod-api/src/index.ts is necessary to avoid TS2742 errors for exported functions like attachRouting, makeRequestMock, testEndpoint, and testMiddleware that have types depending on @types/qs. This import provides the reference TypeScript needs to infer portable type names.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2697
File: CHANGELOG.md:5-5
Timestamp: 2025-06-02T21:08:56.475Z
Learning: The `cjs-test` directory in the express-zod-api repository is a test workspace and should be excluded when checking for main project version consistency with changelog entries.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2546
File: express-zod-api/tests/buffer-schema.spec.ts:32-37
Timestamp: 2025-05-27T19:35:57.357Z
Learning: In the express-zod-api project, tests are run from the `express-zod-api` workspace directory, and the project uses an ESM-first environment without `__dirname`. Relative paths like `../logo.svg` in test files correctly resolve to the repository root due to this test execution context.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2546
File: compat-test/sample.ts:1-1
Timestamp: 2025-05-27T19:30:51.885Z
Learning: Files in compat-test/ directories, especially those named sample.ts or similar, are often test fixtures for migration scripts and may intentionally contain deprecated or "incorrect" code that the migration tooling is designed to fix. These should not be flagged as issues.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2546
File: express-zod-api/src/json-schema-helpers.ts:1-3
Timestamp: 2025-05-27T20:27:17.015Z
Learning: Ramda is correctly listed as a dependency in express-zod-api/package.json, so imports of ramda utilities are properly supported.

---

Learnt from: RobinTail
PR: RobinTail/express-zod-api#2546
File: express-zod-api/src/metadata.ts:5-13
Timestamp: 2025-05-27T20:08:50.699Z
Learning: The `_zod` property in Zod v4 schemas is officially documented and recommended for library authors to differentiate between Zod 3 and Zod 4 schemas at runtime, despite the underscore prefix. This is explicitly mentioned in Zod's library authors documentation and is not a private internal property.

[RobinTail]

QA passed