Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade drizzle-orm from 0.30.10 to 0.33.0 #3

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

eronisking
Copy link
Owner

@eronisking eronisking commented Oct 12, 2024

snyk-top-banner

Snyk has created this PR to upgrade drizzle-orm from 0.30.10 to 0.33.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 97 versions ahead of your current version.

  • The recommended version was released on 2 months ago.

Release notes
Package name: drizzle-orm
  • 0.33.0 - 2024-08-08

    Breaking changes (for some of postgres.js users)

    Bugs fixed for this breaking change

    As we are doing with other drivers, we've changed the behavior of PostgreSQL-JS to pass raw JSON values, the same as you see them in the database. So if you are using the PostgreSQL-JS driver and passing data to Drizzle elsewhere, please check the new behavior of the client after it is passed to Drizzle.

    We will update it to ensure it does not override driver behaviors, but this will be done as a complex task for everything in Drizzle in other releases

    If you were using postgres-js with jsonb fields, you might have seen stringified objects in your database, while drizzle insert and select operations were working as expected.

    You need to convert those fields from strings to actual JSON objects. To do this, you can use the following query to update your database:

    if you are using jsonb:

    update table_name
    set jsonb_column = (jsonb_column #>> '{}')::jsonb;

    if you are using json:

    update table_name
    set json_column = (json_column #>> '{}')::json;

    We've tested it in several cases, and it worked well, but only if all stringified objects are arrays or objects. If you have primitives like strings, numbers, booleans, etc., you can use this query to update all the fields

    if you are using jsonb:

    UPDATE table_name
    SET jsonb_column = CASE
        -- Convert to JSONB if it is a valid JSON object or array
        WHEN jsonb_column #>> '{}' LIKE '{%' OR jsonb_column #>> '{}' LIKE '[%' THEN
            (jsonb_column #>> '{}')::jsonb
        ELSE
            jsonb_column
    END
    WHERE
        jsonb_column IS NOT NULL;

    if you are using json:

    UPDATE table_name
    SET json_column = CASE
        -- Convert to JSON if it is a valid JSON object or array
        WHEN json_column #>> '{}' LIKE '{%' OR json_column #>> '{}' LIKE '[%' THEN
            (json_column #>> '{}')::json
        ELSE
            json_column
    END
    WHERE json_column IS NOT NULL;

    If nothing works for you and you are blocked, please reach out to me @ AndriiSherman. I will try to help you!

    Bug Fixes

  • 0.33.0-ff1dcd9 - 2024-09-03
  • 0.33.0-f7ddd08 - 2024-08-22
  • 0.33.0-f71baf7 - 2024-08-15
  • 0.33.0-efd821d - 2024-09-05
  • 0.33.0-daeed1e - 2024-09-04
  • 0.33.0-d496e6f - 2024-09-06
  • 0.33.0-d11d7bb - 2024-09-11
  • 0.33.0-cd1f68c - 2024-09-07
  • 0.33.0-cd0b1a2 - 2024-09-11
  • 0.33.0-c6528ed - 2024-09-09
  • 0.33.0-c5d1196 - 2024-09-03
  • 0.33.0-bddd952 - 2024-08-16
  • 0.33.0-b921e79 - 2024-08-29
  • 0.33.0-ad58316 - 2024-09-04
  • 0.33.0-ab3b46d - 2024-09-02
  • 0.33.0-8db0aa4 - 2024-08-27
  • 0.33.0-8cf7a61 - 2024-09-05
  • 0.33.0-8948f19 - 2024-08-28
  • 0.33.0-8944ef1 - 2024-09-06
  • 0.33.0-87d7704 - 2024-08-26
  • 0.33.0-86140ad - 2024-09-09
  • 0.33.0-807aa5b - 2024-09-02
  • 0.33.0-7bea25c - 2024-09-06
  • 0.33.0-766f76f - 2024-08-27
  • 0.33.0-7469abe - 2024-09-06
  • 0.33.0-6fbcf46 - 2024-09-14
  • 0.33.0-6386ea9 - 2024-08-14
  • 0.33.0-626cc95 - 2024-08-23
  • 0.33.0-6205f01 - 2024-08-08
  • 0.33.0-5be80aa - 2024-09-02
  • 0.33.0-5b9600e - 2024-09-02
  • 0.33.0-540bab9 - 2024-09-05
  • 0.33.0-50ebd0a - 2024-08-30
  • 0.33.0-4c4912d - 2024-08-23
  • 0.33.0-417b0fa - 2024-08-27
  • 0.33.0-4045fbc - 2024-08-23
  • 0.33.0-3e27645 - 2024-09-03
  • 0.33.0-3c3ccca - 2024-09-04
  • 0.33.0-38d6dab - 2024-08-12
  • 0.33.0-30e7661 - 2024-08-26
  • 0.33.0-277e6de - 2024-09-06
  • 0.33.0-25af8ee - 2024-08-27
  • 0.33.0-1a5913a - 2024-08-26
  • 0.33.0-1321cf9 - 2024-09-04
  • 0.33.0-12ef143 - 2024-08-27
  • 0.33.0-0ced1ab - 2024-08-23
  • 0.32.2 - 2024-08-05
    • Fix AWS Data API type hints bugs in RQB
    • Fix set transactions in MySQL bug - thanks @ roguesherlock
    • Add forwaring dependencies within useLiveQuery, fixes #2651 - thanks @ anstapol
    • Export additional types from SQLite package, like AnySQLiteUpdate - thanks @ veloii
  • 0.32.2-df9e596 - 2024-08-07
  • 0.32.2-d486e9b - 2024-08-07
  • 0.32.2-cd71182 - 2024-08-07
  • 0.32.2-6234cbf - 2024-08-06
  • 0.32.2-22df170 - 2024-08-07
  • 0.32.1 - 2024-07-23
    • Fix typings for indexes and allow creating indexes on 3+ columns mixing columns and expressions - thanks @ lbguilherme!
    • Added support for "limit 0" in all dialects - closes #2011 - thanks @ sillvva!
    • Make inArray and notInArray accept empty list, closes #1295 - thanks @ RemiPeruto!
    • fix typo in lt typedoc - thanks @ dalechyn!
    • fix wrong example in README.md - thanks @ 7flash!
  • 0.32.1-848e136 - 2024-07-25
  • 0.32.1-3d4e79a - 2024-08-01
  • 0.32.0 - 2024-07-10
  • 0.32.0-e7cf338 - 2024-06-25
  • 0.32.0-d0d6436 - 2024-06-27
  • 0.32.0-af7ce99 - 2024-06-17
  • 0.32.0-aaf764c - 2024-07-09
  • 0.32.0-85c8008 - 2024-06-24
  • 0.32.0-857ba54 - 2024-06-11
  • 0.32.0-81cb794 - 2024-06-22
  • 0.32.0-7721c7c - 2024-06-22
  • 0.32.0-7612dda - 2024-07-09
  • 0.32.0-5cc2ae0 - 2024-06-27
  • 0.32.0-4ed01aa - 2024-06-12
  • 0.32.0-0fdaa9e - 2024-06-25
  • 0.32.0-0d48b64 - 2024-06-07
  • 0.32.0-0a6885d - 2024-06-13
  • 0.32.0-55471 - 2024-06-12
  • 0.31.4 - 2024-07-08
  • 0.31.3 - 2024-07-08
  • 0.31.3-a90773c - 2024-07-08
  • 0.31.2 - 2024-06-07
  • 0.31.2-f9f4c2e - 2024-06-09
  • 0.31.2-ee089d9 - 2024-07-06
  • 0.31.2-c59440c - 2024-06-09
  • 0.31.2-bd14b3f - 2024-06-07
  • 0.31.2-b59e0a5 - 2024-06-11
  • 0.31.2-b59b8f5 - 2024-07-08
  • 0.31.2-b1c8d15 - 2024-06-09
  • 0.31.2-aaea9bd - 2024-06-27
  • 0.31.2-86ec973 - 2024-06-07
  • 0.31.2-5b29cb4 - 2024-06-06
  • 0.31.1 - 2024-06-04
  • 0.31.1-7a4cc2d - 2024-06-04
  • 0.31.1-26a7171 - 2024-05-30
  • 0.31.0 - 2024-05-31
  • 0.31.0-ef463e5 - 2024-05-29
  • 0.31.0-e64a96d - 2024-05-22
  • 0.31.0-c7963ca - 2024-05-23
  • 0.31.0-a70b6ea - 2024-05-25
  • 0.31.0-7a05232 - 2024-05-23
  • 0.31.0-6df4b83 - 2024-05-29
  • 0.31.0-61bc749 - 2024-05-30
  • 0.30.10 - 2024-05-01
from drizzle-orm GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Description by Korbit AI

What change is being made?

Upgrade the drizzle-orm package from version 0.30.10 to 0.33.0 in the package.json file.

Why are these changes being made?

This upgrade is being made to incorporate the latest features, improvements, and bug fixes provided in the newer version of drizzle-orm. Keeping dependencies up-to-date ensures better performance, security, and compatibility with other packages.

Is this description stale? Ask me to generate a new description by commenting /korbit-generate-pr-description

Snyk has created this PR to upgrade drizzle-orm from 0.30.10 to 0.33.0.

See this package in npm:
drizzle-orm

See this project in Snyk:
https://app.snyk.io/org/eronisking-hso7fnmS6QFvqxa9Qhojsf/project/ab2dc777-4546-4f99-a301-85e4df5acc67?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

stackblitz bot commented Oct 12, 2024

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

Copy link

korbit-ai bot commented Oct 12, 2024

👋 I'm here to help you review your pull request. When you're ready for me to perform a review, you can comment anywhere on this pull request with this command: /korbit-review.

As a reminder, here are some helpful tips on how we can collaborate together:

  • To have me re-scan your pull request, simply re-invoke the /korbit-review command in a new comment.
  • You can interact with me by tagging @korbit-ai in any conversation in your pull requests.
  • On any comment I make on your code, please leave a 👍 if it is helpful and a 👎 if it is unhelpful. This will help me learn and improve as we work together
  • Lastly, to learn more, check out our Docs.

Copy link

[Snyk] Upgrade drizzle-orm from 0.30.10 to 0.33.0

Generated at commit: 4acd1c3fb6fa9efbfb0f4c867bca06f2b0ec4194

🚨 Report Summary

Severity Level Results
Contracts Critical
High
Medium
Low
Note
Total
0
0
0
0
0
0
Dependencies Critical
High
Medium
Low
Note
Total
0
0
0
0
0
0

For more details view the full report in OpenZeppelin Code Inspector

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
2 participants