[Snyk] Upgrade @prisma/client from 5.7.0 to 5.16.0 #43
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade @prisma/client from 5.7.0 to 5.16.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 915 versions ahead of your current version.
The recommended version was released on 22 days ago.
Release notes
Package name: @prisma/client
🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟
Highlights
Omit model fields globally
With Prisma ORM 5.16.0 we’re more than happy to announce that we’re expanding the
omitApi
Preview feature to also include the ability to omit fields globally.When the Preview feature is enabled, you’re able to define fields to omit when instantiating Prisma Client.
You’re also able to omit fields from multiple models and multiple fields from the same model
With both local and global
omit
, you now have the flexibility to completely remove sensitive fields while also tailoring individual queries. If you need the ability to generally omit a field except in a specific query, you can also overwrite a global omit locallyomit: {
user: {
// password is omitted globally.
password: true,
},
},
});
const userWithPassword = await prisma.user.findUnique({
omit: { password: false }, // omit now false, so password is returned
where: { id: 1 },
});
Changes to
prismaSchemaFolder
In
5.15.0
we released theprismaSchemaFolder
Preview feature, allowing you to create multiple Prisma Schema files in aprisma/schema
directory. We’ve gotten a lot of great feedback and are really excited with how the community has been using the feature.To continue improving our multi-file schema support, we have a few breaking changes to the
prismaSchemaFolder
feature:prismaSchemaFolder
feature, a path is now relative to the file it is defined in rather than relative to theprisma/schema
folder. This means that if you have a generator block in/project/prisma/schema/config/generator.prisma
with anoutput
of./foo
the output will be resolved to/project/prisma/schema/config/foo
rather than/project/prisma/foo
. The path to a SQLite file will be resolved in the same manner.prisma/schema
as well asprisma/schema.prisma
. Our initial implementation looked for a.prisma
file first and would ignore theschema
folder if it exists. This is now an error.Changes to
fullTextSearch
In order to improve our full-text search implementation we have made a breaking change to the
fullTextSearch
Preview feature.Previously, when the feature was enabled we updated the
<Model>OrderByWithRelationInput
TypeScript type with the<Model>OrderByWithRelationAndSearchRelevanceInput
type. However, we have noted that there are no cases where relational ordering is needed but search relevance is not. Thus, we have decided to remove the<Model>OrderByWithRelationAndSearchRelevanceInput
naming and only use the<Model>OrderByWithRelationInput
naming.Fixes and improvements
Prisma
Prisma has no exported member named OrderByWithRelationInput. Did you mean OrderByWithAggregationInput?
prisma generate
@ prisma/adapter-pg
modifies node-postgres global type parsersdb pull
fails with[libs\user-facing-errors\src\quaint.rs:136:18] internal error: entered unreachable code
on invalid credentialsLanguage tools (e.g. VS Code)
Prisma Engines
Credits
Huge thanks to @ key-moon, @ pranayat, @ yubrot, @ skyzh, @ brian-dlee, @ mydea, @ nickcarnival, @ eruditmorina, @ nzakas, @ gutyerrez, @ avallete, @ ceddy4395, @ Kayoshi-dev, @ yehonatanz for helping!
Today, we are issuing the
5.15.1
patch release.Fixes in Prisma Client
ConnectionError(Timed out during query execution.)
during seedingConnectionError(Timed out during query execution.)
error when usingPromise.all
for SQLitePromise.all()
/ concurrentToday, we are excited to share the
5.15.0
stable release 🎉🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟
Highlights
Multi-File Prisma Schema support
Prisma ORM 5.15.0 features support for multi-file Prisma Schema in Preview.
This closes a long standing issue and does so in a clean and easy to migrate way.
To get started:
prismaSchemaFolder
Preview feature by including it in thepreviewFeatures
field of yourgenerator
.provider = "postgresql"
url = env("DATABASE_URL")
}
generator client {
provider = "prisma-client-js"
previewFeatures = ["prismaSchemaFolder"]
}
schema
subdirectory under yourprisma
directory.schema.prisma
into this directory.You are now set up with a multi-file Prisma Schema! Add as many or as few
.prisma
files to the newprisma/schema
directory.When running commands where a Prisma Schema file is expected to be provided, you can now define a Prisma Schema directory. This includes Prisma CLI commands that use the
--schema
option as well as defining schema viapackage.json
Our tooling has also been updated to handle multiple Prisma Schema files. This includes our Visual Studio Code extension and tools like database introspection, which will deposit new models in a
introspected.prisma
file. Existing models will be updated in the file they are found.To learn more, please refer to our official documentation and announcement blog post. If you try out
prismaSchemaFolder
, please let us know!Interesting Bug Fixes
Fix for PostgreSQL prepared statement caching for raw queries
This release fixes a nasty bug with the caching of prepared statements in raw Prisma Client queries that affected PostgreSQL when you ran the same SQL statement with differently typed paramters. This should not fail any more.
Fix for SQL Server introspection of (deprecated)
CREATE DEFAULT
Our Introspection logic crashed on encountering certain multi-line
CREATE DEFAULT
, a deprecated way to define defaults in SQL Server. As many SQL Server users are working with established databases, this happened frequently enough that we now explicitly ignore these defaults instead of crashing.Fix for Cloudflare D1’s lower parameter limit
Cloudflare’s D1 has a lower parameter limit than local SQLite, which caused bigger queries to fail. We adapted that limit to the D1 default for
@ prisma/adapter-d1
, which will avoid such failures.Fix for Cloudflare D1’s different
PRAGMA
supportOur generated migration SQL for SQLite did not always work for Cloudflare D1, because of differences in the supported pragmas. We adapted the SQL to work in both local SQLite and Cloudflare D1.
Fixes and improvements
Prisma Migrate
Result::unwrap()
on anErr
value: "Couldn't parse default value:create default [dbo].[member_notification_cancel_flags] as 0\r\n
"Result::unwrap()
on anErr
value: "Couldn't parse default value:create default d_password as 'D,73'
"DEFAULT
sResult::unwrap()
on anErr
value: "Couldn't parse default value:\r\ncreate default D_BIT_OFF\r\nas 0\r\n
"Result::unwrap()
on anErr
value: "Couldn't parse default value in SQL ServerError: [libs\sql-schema-describer\src\mssql.rs:336:30] called
Result::unwrap()on an
Errvalue: "Couldn't parse default value: [...]
Result::unwrap()
on anErr
value: "Couldn't parse default value:\r\ncreate default [va_nulla] as 0\r\n
"db pull
can't parse script setting default valuePrisma Client
22P03
. Message:db error: ERROR: incorrect binary data format in bind parameter 1
incorrect binary data format in bind parameter 1
incorrect binary data format in bind parameter x
)_count
leads to errorwarn(prisma-client) This is the 10th instance of Prisma Client being started.
warning in Edge (and potentially) other envs)incorrect binary data format in bind parameter 6
Inconsistent column data: Unexpected conversion failure from Number to BigInt
error when using@prisma/adapter-pg
Int
switched to beingInt32
for MongoDBLanguage tools (e.g. VS Code)
Generate
codelens fails on WindowsCredits
Huge thanks to @ pranayat, @ yubrot, and @ skyzh for helping!
Today, we are excited to share the
5.14.0
stable release 🎉🌟 Help us spread the word about Prisma by starring the repo ☝️ or posting on X about the release. 🌟
Highlights
Share your feedback about Prisma ORM
We want to know how you like working with Prisma ORM in your projects! Please take our 2min survey and let us know what you like or where we can improve 🙏
createManyAndReturn()
We’re happy to announce the availability of a new, top-level Prisma Client query:
createManyAndReturn()
. It works similarly tocreateMany()
but uses aRETURNING
clause in the SQL query to retrieve the records that were just created.Here’s an example of creating multiple posts and then immediately returning those posts.
const posts = prisma.post.createManyAndReturn({
data: postBodies
});
return posts
Additionally,
createManyAndReturn()
supports the same options asfindMany()
, such as the ability to return only specific fields.const postTitles = prisma.post.createManyAndReturn({
data: postBodies,
select: {
title: true,
},
});
return postTitles
Full documentation for this feature can be found in the Prisma Client API Reference.
Note: Because
createManyAndReturn()
uses theRETURNING
clause, it is only supported by PostgreSQL, CockroachDB, and SQLite databases. At this time,relationLoadStrategy: join
is not supported increateManyAndReturn()
queries.MongoDB performance improvements
Previously, Prisma ORM suffered from performance issues when using the
in
operator or when including related models in queries against a MongoDB database. These queries were translated by the Prisma query engine in such a way that indexes were skipped and collection scans were used, leading to slower queries especially on large datasets.With 5.14.0, Prisma ORM now rewrites queries to use a combination of
$or
and$eq
operators, leading to dramatic performance increases for queries that includein
operators or relation loading.Fixes and improvements
Prisma Client
createMany()
should return the created recordstake
on many-to-one relationshipinclude
for relationsfindMany()
query execution within
include
query slowonDelete: SetNull
prisma init --with-model
@ opentelemetry/*
dependenciesThe required connected records were not found.
when using indicesPrisma Migrate
dbgenerated()
still breaking forUnsupported()
typesshadowDatabaseUrl
is identical tourl
(ordirectUrl
)PRAGMA foreign_key_check;
Language tools (e.g. VS Code)
Company news
Prisma Changelog
Curious about all things Prisma? Be sure to check out the Prisma Changelog for updates across Prisma's products, including ORM, Accelerate, and Pulse!
New product announcement: Prisma Optimize
With this release, we are excited to introduce a new Prisma product. We’re calling it “Optimize” because that’s what it does! Let your favorite ORM also help you debug the performance of your application.
Check out our announcement blog post for more details, including a demo video.
Credits
Huge thanks to @ pranayat, @ yubrot, @ skyzh, @ anuraaga, @ gutyerrez, @ avallete, @ ceddy4395, @ Kayoshi-dev for helping!