-
-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Upgrade drizzle-orm from 0.31.2 to 0.33.0 #1057
[Snyk] Upgrade drizzle-orm from 0.31.2 to 0.33.0 #1057
Conversation
Snyk has created this PR to upgrade drizzle-orm from 0.31.2 to 0.33.0. See this package in npm: drizzle-orm See this project in Snyk: https://app.snyk.io/org/nialljoemaher/project/8ac19f6c-c7f2-4720-acd1-09701979877c?utm_source=github&utm_medium=referral&page=upgrade-pr
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
Important Review skippedIgnore keyword(s) in the title. ⛔ Ignored keywords (1)
Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
Uh oh! @NiallJoeMaher, the image you shared is missing helpful alt text. Check your pull request body. Alt text is an invisible description that helps screen readers describe images to blind or low-vision users. If you are using markdown to display images, add your alt text inside the brackets of the markdown image. Learn more about alt text at Basic writing and formatting syntax: images on GitHub Docs. |
This is now done in #1054 |
Snyk has created this PR to upgrade drizzle-orm from 0.31.2 to 0.33.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 75 versions ahead of your current version.
The recommended version was released on 2 months ago.
Release notes
Package name: drizzle-orm
Breaking changes (for some of postgres.js users)
Bugs fixed for this breaking change
If you were using
postgres-js
withjsonb
fields, you might have seen stringified objects in your database, while drizzle insert and select operations were working as expected.You need to convert those fields from strings to actual JSON objects. To do this, you can use the following query to update your database:
if you are using jsonb:
if you are using json:
We've tested it in several cases, and it worked well, but only if all stringified objects are arrays or objects. If you have primitives like strings, numbers, booleans, etc., you can use this query to update all the fields
if you are using jsonb:
if you are using json:
If nothing works for you and you are blocked, please reach out to me @ AndriiSherman. I will try to help you!
Bug Fixes
AnySQLiteUpdate
- thanks @ veloiiRelease notes for
drizzle-orm@0.32.0
anddrizzle-kit@0.23.0
New Features
🎉 MySQL
$returningId()
functionMySQL itself doesn't have native support for
RETURNING
after usingINSERT
. There is only one way to do it forprimary keys
withautoincrement
(orserial
) types, where you can accessinsertId
andaffectedRows
fields. We've prepared an automatic way for you to handle such cases with Drizzle and automatically receive all inserted IDs as separate objectsconst usersTable = mysqlTable('users', {
id: int('id').primaryKey(),
name: text('name').notNull(),
verified: boolean('verified').notNull().default(false),
});
const result = await db.insert(usersTable).values([{ name: 'John' }, { name: 'John1' }]).$returningId();
// ^? { id: number }[]
Also with Drizzle, you can specify a
primary key
with$default
function that will generate custom primary keys at runtime. We will also return those generated keys for you in the$returningId()
callimport { createId } from '@ paralleldrive/cuid2';
const usersTableDefFn = mysqlTable('users_default_fn', {
customId: varchar('id', { length: 256 }).primaryKey().$defaultFn(createId),
name: text('name').notNull(),
});
const result = await db.insert(usersTableDefFn).values([{ name: 'John' }, { name: 'John1' }]).$returningId();
// ^? { customId: string }[]
🎉 PostgreSQL Sequences
You can now specify sequences in Postgres within any schema you need and define all the available properties
Example
// No params specified
export const customSequence = pgSequence("name");
// Sequence with params
export const customSequence = pgSequence("name", {
startWith: 100,
maxValue: 10000,
minValue: 100,
cycle: true,
cache: 10,
increment: 2
});
// Sequence in custom schema
export const customSchema = pgSchema('custom_schema');
export const customSequence = customSchema.sequence("name");
🎉 PostgreSQL Identity Columns
Source: As mentioned, the
serial
type in Postgres is outdated and should be deprecated. Ideally, you should not use it.Identity columns
are the recommended way to specify sequences in your schema, which is why we are introducing theidentity columns
featureExample
export const ingredients = pgTable("ingredients", {
id: integer("id").primaryKey().generatedAlwaysAsIdentity({ startWith: 1000 }),
name: text("name").notNull(),
description: text("description"),
});
You can specify all properties available for sequences in the
.generatedAlwaysAsIdentity()
function. Additionally, you can specify custom names for these sequencesPostgreSQL docs reference.
🎉 PostgreSQL Generated Columns
You can now specify generated columns on any column supported by PostgreSQL to use with generated columns
Example with generated column for
tsvector
import { customType, index, integer, pgTable, text } from "drizzle-orm/pg-core";
const tsVector = customType<{ data: string }>({
dataType() {
return "tsvector";
},
});
export const test = pgTable(
"test",
{
id: integer("id").primaryKey().generatedAlwaysAsIdentity(),
content: text("content"),
contentSearch: tsVector("content_search", {
dimensions: 3,
}).generatedAlwaysAs(
(): SQL => sql
to_tsvector('english', <span class="pl-s1"><span class="pl-kos">${</span><span class="pl-s1">test</span><span class="pl-kos">.</span><span class="pl-c1">content</span><span class="pl-kos">}</span></span>)
),
},
(t) => ({
idx: index("idx_content_search").using("gin", t.contentSearch),
})
);
In case you don't need to reference any columns from your table, you can use just
sql
template or astring
🎉 MySQL Generated Columns
You can now specify generated columns on any column supported by MySQL to use with generated columns
You can specify both
stored
andvirtual
options, for more info you can check MySQL docsAlso MySQL has a few limitation for such columns usage, which is described here
Drizzle Kit will also have limitations for
push
command:You can't change the generated constraint expression and type using
push
. Drizzle-kit will ignore this change. To make it work, you would need todrop the column
,push
, and thenadd a column with a new expression
. This was done due to the complex mapping from the database side, where the schema expression will be modified on the database side and, on introspection, we will get a different string. We can't be sure if you changed this expression or if it was changed and formatted by the database. As long as these are generated columns andpush
is mostly used for prototyping on a local database, it should be fast todrop
andcreate
generated columns. Since these columns aregenerated
, all the data will be restoredgenerate
should have no limitationsExample
In case you don't need to reference any columns from your table, you can use just
sql
template or astring
in.generatedAlwaysAs()
🎉 SQLite Generated Columns
You can now specify generated columns on any column supported by SQLite to use with generated columns
You can specify both
stored
andvirtual
options, for more info you can check SQLite docsAlso SQLite has a few limitation for such columns usage, which is described here
Drizzle Kit will also have limitations for
push
andgenerate
command:You can't change the generated constraint expression with the stored type in an existing table. You would need to delete this table and create it again. This is due to SQLite limitations for such actions. We will handle this case in future releases (it will involve the creation of a new table with data migration).
You can't add a
stored
generated expression to an existing column for the same reason as above. However, you can add avirtual
expression to an existing column.You can't change a
stored
generated expression in an existing column for the same reason as above. However, you can change avirtual
expression.You can't change the generated constraint type from
virtual
tostored
for the same reason as above. However, you can change fromstored
tovirtual
.New Drizzle Kit features
🎉 Migrations support for all the new orm features
PostgreSQL sequences, identity columns and generated columns for all dialects
🎉 New flag
--force
fordrizzle-kit push
You can auto-accept all data-loss statements using the push command. It's only available in CLI parameters. Make sure you always use it if you are fine with running data-loss statements on your database
🎉 New
migrations
flagprefix
You can now customize migration file prefixes to make the format suitable for your migration tools:
index
is the default type and will result in0001_name.sql
file names;supabase
andtimestamp
are equal and will result in20240627123900_name.sql
file names;unix
will result in unix seconds prefixes1719481298_name.sql
file names;none
will omit the prefix completely;Example: Supabase migrations format
export default defineConfig({
dialect: "postgresql",
migrations: {
prefix: 'supabase'
}
});
0.32.0-e7cf338 - 2024-06-25
0.32.0-d0d6436 - 2024-06-27
0.32.0-af7ce99 - 2024-06-17
0.32.0-aaf764c - 2024-07-09
0.32.0-85c8008 - 2024-06-24
0.32.0-857ba54 - 2024-06-11
0.32.0-81cb794 - 2024-06-22
0.32.0-7721c7c - 2024-06-22
0.32.0-7612dda - 2024-07-09
0.32.0-5cc2ae0 - 2024-06-27
0.32.0-4ed01aa - 2024-06-12
0.32.0-0fdaa9e - 2024-06-25
0.32.0-0d48b64 - 2024-06-07
0.32.0-0a6885d - 2024-06-13
0.32.0-55471 - 2024-06-12
0.31.4 - 2024-07-08
Bug fixed
New Prisma-Drizzle extension
import { drizzle } from 'drizzle-orm/prisma/pg';
import { User } from './drizzle';
const prisma = new PrismaClient().$extends(drizzle());
const users = await prisma.$drizzle.select().from(User);
For more info, check docs: https://orm.drizzle.team/docs/prisma
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: