[Snyk] Upgrade @prisma/client from 5.14.0 to 5.19.1 #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade @prisma/client from 5.14.0 to 5.19.1. See this package in npm: @prisma/client See this project in Snyk: https://app.snyk.io/org/davidebukali/project/7fafc13f-5878-4b06-a9a1-ab176fcbc864?utm_source=github&utm_medium=referral&page=upgrade-pr
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade @prisma/client from 5.14.0 to 5.19.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 410 versions ahead of your current version.
The recommended version was released on a month ago.
Release notes
Package name: @prisma/client
Today, we are issuing the
5.19.1patch release.What's Changed
We've fixed the following issues:
Full Changelog: 5.19.0...5.19.x, prisma/prisma-engines@5.19.0...5.19.x
Today, we are excited to share the
5.19.0stable release 🎉🌟 Help us spread the word about Prisma by starring the repo or posting on X about the release. 🌟
Highlights
Introducing TypedSQL
TypedSQL is a brand new way to interact with your database from Prisma Client. After enabling the
typedSqlPreview feature, you’re able to write SQL queries in a newsqlsubdirectory of yourprismadirectory. These queries are then checked by Prisma during using the new--sqlflag ofprisma generateand added to your client for use in your code.To get started with TypedSQL:
Make sure that you have the latest version of
prismaand@ prisma/clientinstalled:Enable the
typedSqlPreview feature in your Prisma Schema.Create a
sqlsubdirectory of yourprismadirectory.You can now add
.sqlfiles to thesqldirectory! Each file can contain one sql query and the name must be a valid JS identifier. For this example, say you had the filegetUsersWithPosts.sqlwith the following contents:Import your SQL query into your code with the
@ prisma/client/sqlimport:import { getUsersWithPosts } from '@prisma/client/sql'
const prisma = new PrismaClient()
const usersWithPostCounts = await prisma.$queryRawTyped(getUsersWithPosts)
console.log(usersWithPostCounts)
There’s a lot more to talk about with TypedSQL. We think that the combination of the high-level Prisma Client API and the low-level TypedSQL will make for a great developer experience for all of our users.
To learn more about behind the “why” of TypedSQL be sure to check out our announcement blog post.
For docs, check out our new TypedSQL section.
Bug fixes
Driver adapters and D1
A few issues with our
driverAdaptersPreview feature and Cloudflare D1 support were resolved via prisma/prisma-engines#4970 and #24922max,min,eq, etc in queries when using Cloudflare D1.BigIntIDs whenrelationMode="prisma"was enabled and Cloudflare D1 was being used.Joins
someclauses when therelationJoinsPreview feature was enabled.MongoDB
The MongoDB driver for Rust (that our query engine users under the hood) had behavior that prioritized IPv4 connections over IPv6 connections. In IPv6-only environments, this could lead to significant "cold starts" where the query engine had to wait for IPv4 to fail before the driver would try IPv6.
With help from the MongoDB team, this has been resolved. The driver will now try IPv4 and IPv6 connections in parallel and then move forward with the first response. This should prevent cold start issues that have been seen with MongoDB in Prisma Accelerate.
Thank you to the MongoDB team!
Join us
Looking to make an impact on Prisma in a big way? We're now hiring engineers for the ORM team!
prisma-enginesRust codebase. TypeScript knowledge (or, again, a desire to learn) is a plus.Credits
Huge thanks to @ mcuelenaere, @ pagewang0, @ Druue, @ key-moon, @ Jolg42, @ pranayat, @ ospfranco, @ yubrot, @ skyzh for helping!
🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟
Highlights
Native support for UUIDv7
Previous to this release, the Prisma Schema function
uuid()did not accept any arguments and created a UUIDv4 ID. While sufficient in many cases, UUIDv4 has a few drawbacks, namely that it is not temporally sortable.UUIDv7 attempts to resolve this issue, making it easy to temporally sort your database rows by ID!
To support this, we’ve updated the
uuid()function in Prisma Schema to accept an optional, integer argument. Right now, the only valid values are4and7, with4being the default.id String @id @default(uuid()) // defaults to 4
name String
}
model User {
id String @id @default(uuid(4)) // same as above, but explicit
name String
}
model User {
id String @id @default(uuid(7)) // will use UUIDv7 instead of UUIDv4
name String
}
Bug squashing
We’ve squashed a number of bugs this release, special thanks to everyone who helped us! A few select highlights are:
prismaSchemaFolder.Json[]fields will now return[]instead ofnullwhen accessed through a join using therelationJoinsPreview feature.Fixes and improvements
Prisma
Language tools (e.g. VS Code)
Share your feedback about Prisma ORM
We want to know how you like working with Prisma ORM in your projects! Please take our 2min survey and let us know what you like or where we can improve 🙏
Credits
Huge thanks to @ mcuelenaere, @ pagewang0, @ Druue, @ key-moon, @ Jolg42, @ pranayat, @ ospfranco, @ yubrot, @ skyzh, @ haaawk for helping!
🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟
Highlights
VSCode extension improvements
We’re happy to introduce some cool new features that will make your experience with the Prisma VSCode extension even better!
Find references across schema files
The ability to hop between references of a given symbol is really useful in application code and now with the introduction of multi-file schema, we think it’s the perfect time to bring this feature to the VSCode extension!
With the 5.17.0 release, you’ll now have the ability to use the native “find references” feature to find any usage of a given symbol
Added context on hover
When hovering over a symbol that references a view, type, enum, or any other block with multiple values, you’ll now see a handy pop out that shows what is in that block at a glance.
Additional quick fixes
We’ve taken some fixes made by the
prisma formatcli command and made them quick fixes available to the VSCode Extension. Now, when you have forget a back relation or relation scalar field, you’ll now see in real time what is wrong and have the option to fix it via the extension.QueryRaw performance improvements
We’ve changed the response format of
queryRawto decrease its average size which reduces serialization CPU overhead.When querying large data sets, we expect you to see improved memory usage and up to 2x performance improvements.
Fixes and improvements
Prisma Client
This is the 10th instance of Prisma Client being started. Make sure this is intentional.warningPrisma
Language tools (e.g. VS Code)
Credits
Huge thanks to @ key-moon, @ pranayat, @ yubrot, @ skyzh for helping!
Today, we are issuing the 5.16.2 patch release to fix an issue in Prisma client.
Fix in Prisma Client
Today, we are issuing the 5.16.1 patch release to fix an issue in Prisma client.
Fix in Prisma Client
🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟
Highlights
Omit model fields globally
With Prisma ORM 5.16.0 we’re more than happy to announce that we’re expanding the
omitApiPreview feature to also include the ability to omit fields globally.When the Preview feature is enabled, you’re able to define fields to omit when instantiating Prisma Client.
You’re also able to omit fields from multiple models and multiple fields from the same model
With both local and global
omit, you now have the flexibility to completely remove sensitive fields while also tailoring individual queries. If you need the ability to generally omit a field except in a specific query, you can also overwrite a global omit locallyomit: {
user: {
// password is omitted globally.
password: true,
},
},
});
const userWithPassword = await prisma.user.findUnique({
omit: { password: false }, // omit now false, so password is returned
where: { id: 1 },
});
Changes to
prismaSchemaFolderIn
5.15.0we released theprismaSchemaFolderPreview feature, allowing you to create multiple Prisma Schema files in aprisma/schemadirectory. We’ve gotten a lot of great feedback and are really excited with how the community has been using the feature.To continue improving our multi-file schema support, we have a few breaking changes to the
prismaSchemaFolderfeature:prismaSchemaFolderfeature, a path is now relative to the file it is defined in rather than relative to theprisma/schemafolder. This means that if you have a generator block in/project/prisma/schema/config/generator.prismawith anoutputof./foothe output will be resolved to/project/prisma/schema/config/foorather than/project/prisma/foo. The path to a SQLite file will be resolved in the same manner.prisma/schemaas well asprisma/schema.prisma. Our initial implementation looked for a.prismafile first and would ignore theschemafolder if it exists. This is now an error.Changes to
fullTextSearchIn order to improve our full-text search implementation we have made a breaking change to the
fullTextSearchPreview feature.Previously, when the feature was enabled we updated the
<Model>OrderByWithRelationInputTypeScript type with the<Model>OrderByWithRelationAndSearchRelevanceInputtype. However, we have noted that there are no cases where relational ordering is needed but search relevance is not. Thus, we have decided to remove the<Model>OrderByWithRelationAndSearchRelevanceInputnaming and only use the<Model>OrderByWithRelationInputnaming.Fixes and improvements
Prisma
Prisma has no exported member named OrderByWithRelationInput. Did you mean OrderByWithAggregationInput?prisma generate@ prisma/adapter-pgmodifies node-postgres global type parsersdb pullfails with[libs\user-facing-errors\src\quaint.rs:136:18] internal error: entered unreachable codeon invalid credentialsLanguage tools (e.g. VS Code)