Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade @prisma/client from 5.12.0 to 5.14.0 #303

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

lryanle
Copy link
Owner

@lryanle lryanle commented Jun 4, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade @prisma/client from 5.12.0 to 5.14.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 153 versions ahead of your current version.

  • The recommended version was released on 21 days ago.

Release notes
Package name: @prisma/client
  • 5.14.0 - 2024-05-14

    Today, we are excited to share the 5.14.0 stable release 🎉

    🌟 Help us spread the word about Prisma by starring the repo ☝️ or posting on X about the release. 🌟

    Highlights

    Share your feedback about Prisma ORM

    We want to know how you like working with Prisma ORM in your projects! Please take our 2min survey and let us know what you like or where we can improve 🙏

    createManyAndReturn()

    We’re happy to announce the availability of a new, top-level Prisma Client query: createManyAndReturn(). It works similarly to createMany() but uses a RETURNING clause in the SQL query to retrieve the records that were just created.

    Here’s an example of creating multiple posts and then immediately returning those posts.

    const postBodies = req.json()['posts']

    const posts = prisma.post.createManyAndReturn({
    data: postBodies
    });

    return posts

    Additionally,createManyAndReturn() supports the same options as findMany(), such as the ability to return only specific fields.

    const postBodies = req.json()['posts']

    const postTitles = prisma.post.createManyAndReturn({
    data: postBodies,
    select: {
    title: true,
    },
    });

    return postTitles

    Full documentation for this feature can be found in the Prisma Client API Reference.

    Note: Because createManyAndReturn() uses the RETURNING clause, it is only supported by PostgreSQL, CockroachDB, and SQLite databases. At this time, relationLoadStrategy: join is not supported in createManyAndReturn() queries.

    MongoDB performance improvements

    Previously, Prisma ORM suffered from performance issues when using the in operator or when including related models in queries against a MongoDB database. These queries were translated by the Prisma query engine in such a way that indexes were skipped and collection scans were used, leading to slower queries especially on large datasets.

    With 5.14.0, Prisma ORM now rewrites queries to use a combination of $or and $eq operators, leading to dramatic performance increases for queries that include in operators or relation loading.

    Fixes and improvements

    Prisma Client

    Prisma Migrate

    Language tools (e.g. VS Code)

    Company news

    Prisma Changelog

    Curious about all things Prisma? Be sure to check out the Prisma Changelog for updates across Prisma's products, including ORM, Accelerate, and Pulse!

    New product announcement: Prisma Optimize

    With this release, we are excited to introduce a new Prisma product. We’re calling it “Optimize” because that’s what it does! Let your favorite ORM also help you debug the performance of your application.

    Check out our announcement blog post for more details, including a demo video.

    Credits

    Huge thanks to @ pranayat, @ yubrot, @ skyzh, @ anuraaga, @ gutyerrez, @ avallete, @ ceddy4395, @ Kayoshi-dev for helping!

  • 5.14.0-integration-static-wasm-worker-loader.5 - 2024-05-13
  • 5.14.0-integration-static-wasm-worker-loader.4 - 2024-05-08
  • 5.14.0-integration-static-wasm-worker-loader.3 - 2024-04-30
  • 5.14.0-integration-static-wasm-worker-loader.2 - 2024-04-30
  • 5.14.0-integration-static-wasm-worker-loader.1 - 2024-04-30
  • 5.14.0-integration-schema-files-resolver.10 - 2024-05-14
  • 5.14.0-integration-schema-files-resolver.9 - 2024-05-14
  • 5.14.0-integration-schema-files-resolver.8 - 2024-05-10
  • 5.14.0-integration-schema-files-resolver.7 - 2024-05-10
  • 5.14.0-integration-schema-files-resolver.6 - 2024-05-08
  • 5.14.0-integration-schema-files-resolver.5 - 2024-05-08
  • 5.14.0-integration-schema-files-resolver.4 - 2024-05-08
  • 5.14.0-integration-schema-files-resolver.3 - 2024-05-07
  • 5.14.0-integration-schema-files-resolver.2 - 2024-05-07
  • 5.14.0-integration-schema-files-resolver.1 - 2024-05-06
  • 5.14.0-integration-engines-5-14-0-26-text-comp-multi-20f7cb6cf71d1ee66be7363748ca983d326e9db1.1 - 2024-05-14
  • 5.14.0-integration-engines-5-14-0-22-integration-rust-1-78-wasm-fc926224322c04c61c76032c9985a1d4fdfee13f.2 - 2024-05-10
  • 5.14.0-integration-engines-5-14-0-22-integration-rust-1-78-wasm-fc926224322c04c61c76032c9985a1d4fdfee13f.1 - 2024-05-10
  • 5.14.0-integration-engines-5-14-0-19-fix-ds-url-rn-03c57ba9ba8eea9dfcf11c5382fdb6822d5aa3d2.1 - 2024-05-10
  • 5.14.0-integration-engines-5-14-0-10-feat-create-many-and-return-31c187d29db487fb54d6bb593a851d2f9e5687a6.2 - 2024-05-02
  • 5.14.0-integration-engines-5-14-0-10-feat-create-many-and-return-31c187d29db487fb54d6bb593a851d2f9e5687a6.1 - 2024-05-02
  • 5.14.0-integration-engines-5-14-0-1-integration-vitess-constraint-fix-ca251465b6b966a5b9f61c3a8077ef99275ca330.2 - 2024-04-23
  • 5.14.0-integration-engines-5-14-0-1-integration-vitess-constraint-fix-ca251465b6b966a5b9f61c3a8077ef99275ca330.1 - 2024-04-23
  • 5.14.0-dev.77 - 2024-05-14
  • 5.14.0-dev.76 - 2024-05-13
  • 5.14.0-dev.75 - 2024-05-13
  • 5.14.0-dev.74 - 2024-05-13
  • 5.14.0-dev.72 - 2024-05-13
  • 5.14.0-dev.71 - 2024-05-13
  • 5.14.0-dev.70 - 2024-05-13
  • 5.14.0-dev.69 - 2024-05-13
  • 5.14.0-dev.68 - 2024-05-13
  • 5.14.0-dev.67 - 2024-05-10
  • 5.14.0-dev.66 - 2024-05-10
  • 5.14.0-dev.65 - 2024-05-08
  • 5.14.0-dev.64 - 2024-05-08
  • 5.14.0-dev.63 - 2024-05-08
  • 5.14.0-dev.62 - 2024-05-08
  • 5.14.0-dev.61 - 2024-05-08
  • 5.14.0-dev.60 - 2024-05-08
  • 5.14.0-dev.59 - 2024-05-08
  • 5.14.0-dev.58 - 2024-05-08
  • 5.14.0-dev.57 - 2024-05-08
  • 5.14.0-dev.56 - 2024-05-08
  • 5.14.0-dev.55 - 2024-05-08
  • 5.14.0-dev.54 - 2024-05-07
  • 5.14.0-dev.53 - 2024-05-07
  • 5.14.0-dev.52 - 2024-05-07
  • 5.14.0-dev.51 - 2024-05-06
  • 5.14.0-dev.50 - 2024-05-06
  • 5.14.0-dev.49 - 2024-05-06
  • 5.14.0-dev.48 - 2024-05-03
  • 5.14.0-dev.47 - 2024-05-03
  • 5.14.0-dev.46 - 2024-05-02
  • 5.14.0-dev.44 - 2024-05-02
  • 5.14.0-dev.43 - 2024-05-02
  • 5.14.0-dev.42 - 2024-05-02
  • 5.14.0-dev.41 - 2024-05-02
  • 5.14.0-dev.40 - 2024-05-02
  • 5.14.0-dev.39 - 2024-05-02
  • 5.14.0-dev.38 - 2024-05-02
  • 5.14.0-dev.36 - 2024-05-02
  • 5.14.0-dev.35 - 2024-05-01
  • 5.14.0-dev.34 - 2024-04-30
  • 5.14.0-dev.33 - 2024-04-30
  • 5.14.0-dev.32 - 2024-04-30
  • 5.14.0-dev.31 - 2024-04-30
  • 5.14.0-dev.30 - 2024-04-30
  • 5.14.0-dev.28 - 2024-04-30
  • 5.14.0-dev.27 - 2024-04-30
  • 5.14.0-dev.26 - 2024-04-30
  • 5.14.0-dev.25 - 2024-04-30
  • 5.14.0-dev.24 - 2024-04-30
  • 5.14.0-dev.23 - 2024-04-29
  • 5.14.0-dev.22 - 2024-04-26
  • 5.14.0-dev.21 - 2024-04-26
  • 5.14.0-dev.20 - 2024-04-26
  • 5.14.0-dev.19 - 2024-04-26
  • 5.14.0-dev.18 - 2024-04-26
  • 5.14.0-dev.16 - 2024-04-25
  • 5.14.0-dev.14 - 2024-04-25
  • 5.14.0-dev.13 - 2024-04-25
  • 5.14.0-dev.12 - 2024-04-24
  • 5.14.0-dev.11 - 2024-04-24
  • 5.14.0-dev.9 - 2024-04-24
  • 5.14.0-dev.6 - 2024-04-24
  • 5.14.0-dev.5 - 2024-04-24
  • 5.14.0-dev.4 - 2024-04-24
  • 5.14.0-dev.3 - 2024-04-24
  • 5.14.0-dev.2 - 2024-04-24
  • 5.14.0-dev.1 - 2024-04-24
  • 5.13.0 - 2024-04-23

    Today, we are excited to share the 5.13.0 stable release 🎉

    🌟 Help us spread the word about Prisma by starring the repo or posting on X about the release.

    Highlights

    omit fields from Prisma Client queries (Preview)

    We’re excited to announce Preview support for the omit option within the Prisma Client query options. The highly-requested omit feature now allows you to exclude fields that you don’t want to retrieve from the database on a per-query basis.

    By default, when a query returns records, the result includes all scalar fields of the models defined in the Prisma schema. select can be used to return specific fields, while omit can now be used to exclude specific fields. omit lives at the same API level and works on all of the same Prisma Client model queries as select. Note, however, that omit and select are mutually exclusive. In other words, you can’t use both in the same query.

    To get started using omit, enable the omitApi Preview feature in your Prisma schema:

    // schema.prisma
    generator client {
      provider        = "prisma-client-js"
      previewFeatures = ["omitApi"]
    }

    Be sure to re-generate Prisma Client afterwards:

    npx prisma generate

    Here is an example of using omit:

    // Includes all fields except password
    await prisma.user.findMany({
      omit: {
       password: true
      },
    })

    Here is an example of using omit with include:

    // Includes all user fields except user's password and title of user's posts
    await prisma.user.findMany({
      omit: {
       password: true
      },
      include: {
        posts: {
          omit: {
            title: true
          },
        },
      },
    })
    Expand to view the example Prisma schema
    model User {
    id Int @ id @ default(autoincrement())
    email String @ unique
    name String?
    password String
    posts Post[]
    }

    model Post {
    id Int @ id @ default(autoincrement())
    title String
    author User @ relation(fields: [authorId], references: [id])
    authorId Int
    }

    Many users have requested a global implementation of omit. This request will be accommodated in the future. In the meantime, you can follow the issue here.

    📣 Share your feedback: omitApi Preview feature

    📚 Documentation: omit - Prisma Client API Reference

    Fixes and improvements

    Prisma Migrate

    Prisma Client

    Credits

    Huge thanks to @ ospfranco, @ pranayat, @ yubrot, @ skyzh, @ anuraaga, @ yehonatanz, @ arthurfiorette, @ elithrar, @ tockn, @ Kuhave, @ obiwac for helping!

  • 5.13.0-integration-help-promo.3 - 2024-04-22
  • 5.13.0-integration-help-promo.2 - 2024-04-22
  • 5.13.0-integration-help-promo.1 - 2024-04-22
  • 5.13.0-integration-exclude.2 - 2024-04-12
  • 5.13.0-integration-exclude.1 - 2024-04-12
  • 5.13.0-integration-engines-5-13-0-9-integration-multi-prisma-fmt-bfd6805a8c6880cd0161f6e57189b9fb8c6bcc7f.2 - 2024-04-09
  • 5.13.0-integration-engines-5-13-0-9-integration-multi-prisma-fmt-bfd6805a8c6880cd0161f6e57189b9fb8c6bcc7f.1 - 2024-04-09
  • 5.13.0-integration-engines-5-13-0-8-feat-exclude-selection-4dcfb875515e5fb2f92a6d294ae5a27098f97dd7.1 - 2024-04-09
  • 5.13.0-integration-engines-5-13-0-4-integration-c-abi-47890da9156681a133402e7b4a5a3e27b8095ee1.1 - 2024-04-05
  • 5.13.0-integration-engines-5-13-0-3-feat-exclude-selection-e76495825e7475c1f31801a6b5e233caa6edebb8.1 - 2024-04-04
  • 5.13.0-integration-engines-5-13-0-19-feat-d1-compatible-sqlite-migration-61ede41e91f79e295f2ed2d4734286808784eb2e.1 - 2024-04-12
  • 5.13.0-integration-engines-5-13-0-18-feat-exclude-selection-567a3e894bb45c200d072d568ea64adc3d8afb94.1 - 2024-04-11
  • 5.13.0-integration-engines-5-13-0-17-feat-get-config-multi-file-be6e6284945aad03ebe0292e0e1aa8174e499d0b.1 - 2024-04-11
  • 5.13.0-integration-engines-5-13-0-12-integration-multi-prisma-fmt-be1faff81ac8a57f8b2be5368d18c61807f5a295.2 - 2024-04-10
  • 5.13.0-integration-engines-5-13-0-12-integration-multi-prisma-fmt-be1faff81ac8a57f8b2be5368d18c61807f5a295.1 - 2024-04-10
  • 5.13.0-integration-engines-5-13-0-10-feat-exclude-selection-0e36efc9f3b5aa64f9d3911568b7280ae9c4505d.1 - 2024-04-09
  • 5.13.0-integration-diff-output.8 - 2024-04-04
  • 5.13.0-integration-diff-output.7 - 2024-04-04
  • 5.13.0-integration-diff-output.6 - 2024-04-03
  • 5.13.0-integration-diff-output.3 - 2024-04-03
  • 5.13.0-integration-diff-output.2 - 2024-04-03
  • 5.13.0-integration-diff-output.1 - 2024-04-03
  • 5.13.0-dev.37 - 2024-04-22
  • 5.13.0-dev.36 - 2024-04-22
  • 5.13.0-dev.35 - 2024-04-22
  • 5.13.0-dev.34 - 2024-04-22
  • 5.13.0-dev.33 - 2024-04-14
  • 5.13.0-dev.31 - 2024-04-12
  • 5.13.0-dev.30 - 2024-04-11
  • 5.13.0-dev.29 - 2024-04-11
  • 5.13.0-dev.28 - 2024-04-11
  • 5.13.0-dev.27 - 2024-04-10
  • 5.13.0-dev.26 - 2024-04-10
  • 5.13.0-dev.25 - 2024-04-10
  • 5.13.0-dev.24 - 2024-04-10
  • 5.13.0-dev.23 - 2024-04-10
  • 5.13.0-dev.22 - 2024-04-09
  • 5.13.0-dev.21 - 2024-04-09
  • 5.13.0-dev.20 - 2024-04-09
  • 5.13.0-dev.19 - 2024-04-08
  • 5.13.0-dev.18 - 2024-04-08
  • 5.13.0-dev.17 - 2024-04-05
  • 5.13.0-dev.16 - 2024-04-05
  • 5.13.0-dev.15 - 2024-04-05
  • 5.13.0-dev.14 - 2024-04-05
  • 5.13.0-dev.13 - 2024-04-04
  • 5.13.0-dev.12 - 2024-04-04
  • 5.13.0-dev.11 - 2024-04-03
  • 5.13.0-dev.10 - 2024-04-03
  • 5.13.0-dev.9 - 2024-04-03
  • 5.13.0-dev.8 - 2024-04-03
  • 5.13.0-dev.6 - 2024-04-03
  • 5.13.0-dev.5 - 2024-04-03
  • 5.13.0-dev.4 - 2024-04-03
  • 5.13.0-dev.3 - 2024-04-03
  • 5.13.0-dev.2 - 2024-04-03
  • 5.13.0-dev.1 - 2024-04-03
  • 5.12.1 - 2024-04-04

    Today, we are issuing the 5.12.1 patch release to fix two small problems with our new Cloudflare D1 support.

    Fixes in Prisma CLI

    Windows-only fix for new D1 specific flags for migrate diff and db pull

    The flags --from-local-d1 and --to-local-d1 for migrate diff and --local-d1 to db pull we added in 5.12.0 were not working as expected when running on Windows only. This is now fixed.

    📚 Documentation: Deploying a Cloudflare worker with D1 and Prisma ORM

    New option for migrate diff: -o or --output

    We added a new parameter --output to migrate diff that can be used to provide a filename into which the output of the command will be written. This is particularly useful for Windows users, using PowerShell, as using > to write into a file creates a UTF-16 LE file that can not be read by wrangler d1 migrations apply. Using this new option, this problem can be avoided:

    npx prisma migrate diff --script --from-empty --to-schema-datamodel ./prisma/schema.prisma --output ./schema.sql

    Related issues:

  • 5.12.1-dev.2 - 2024-04-04
  • 5.12.1-dev.1 - 2024-04-03
  • 5.12.0 - 2024-04-02

    Today, we are excited to share the 5.12.0 stable release 🎉

    🌟 Help us spread the word about Prisma by starring the repo or posting on X about the release.

    Highlights

    Cloudflare D1 (Preview)

    This release brings Preview support for Cloudflare D1 with Prisma ORM 🥳

    D1 is Cloudflare’s SQLite database that can be used when deploying applications with Cloudflare.

    When using Prisma ORM with D1, you can continue to: model your database with Prisma schema language, specify sqlite as your database provider in your Prisma schema, and interact with your database using Prisma Client.

    To use Prisma ORM and D1 on Cloudflare Workers or Cloudflare Pages, you need to set sqlite as your database provider and use the @ prisma/adapter-d1 database adapter via the driverAdapters Preview feature, released back in version 5.4.0.

    Here is an example of sending a query to your D1 database using Prisma Client in your Worker:

    // src/index.ts file
    import { PrismaClient } from '@ prisma/client'
    import { PrismaD1 } from '@ prisma/adapter-d1'

    // Add the D1Database to the Env interface
    export interface Env {
    // This must match the binding name defined in your wrangler.toml configuration
    DB: D1Database
    }

    export default {
    async fetch(
    request: Request,
    env: Env,
    ctx: ExecutionContext
    ): Promise<Response> {
    // Make sure the database name matches the binding name in wrangler.toml and Env interface
    const adapter = new PrismaD1(env.DB)
    // Instantiate PrismaClient using the PrismaD1 driver adapter
    const prisma = new PrismaClient({ adapter })

    <span class="pl-k">const</span> <span class="pl-s1">users</span> <span class="pl-c1">=</span> <span class="pl-k">await</span> <span class="pl-s1">prisma</span><span class="pl-kos">.</span><span class="pl-c1">user</span><span class="pl-kos">.</span><span class="pl-en">findMany</span><span class="pl-kos">(</span><span class="pl-kos">)</span>
    <span class="pl-k">const</span> <span class="pl-s1">result</span> <span class="pl-c1">=</span> <span class="pl-smi">JSON</span><span class="pl-kos">.</span><span class="pl-en">stringify</span><span class="pl-kos">(</span><span class="pl-s1">users</span><span class="pl-kos">)</span>
    <span class="pl-k">return</span> <span class="pl-k">new</span> <span class="pl-smi">Response</span><span class="pl-kos">(</span><span class="pl-s1">result</span><span class="pl-kos">)</span>
    

    },
    }

    📚 Documentation: D1 Documentation

    ✍️ Blog post: Build Applications at the Edge with Prisma ORM & Cloudflare D1 (Preview)

    📣 Share your feedback: D1 Driver Adapter

    🚀 Example project: Deploy a Cloudflare Worker with D1

    createMany() for SQLite

    Bringing support for createMany() in SQLite has been a long-awaited feature

    createMany() is a method on Prisma Client, released back in version 2.16.0, that lets you insert multiple records into your database at once. This can be really useful when seeding your database or inserting bulk data.

    Here is an example of using createMany() to create new users:

    const users = await prisma.user.createMany({
      data: [
        { name: 'Sonali', email: 'sonali@prisma.io' },
        { name: 'Alex', email: 'alex@prisma.io' },
        { name: 'Yewande', email: 'yewande@prisma.io' },
        { name: 'Angelina', email: 'angelina@prisma.io' },
      ],
    })

    Before this release, if you wanted to perform bulk inserts with SQLite, you would have most likely used $queryRawUnsafe to execute raw SQL queries. But now you don’t have to go through all that trouble 🙂

    With SQLite, createMany() works exactly the same way from an API standpoint as it does with other databases except it does not support the skipDuplicates option. At the behavior level, SQLite will split createMany() entries into multiple INSERT queries when the model in your schema contains fields with attributes like @ default(dbgenerated()) or @ default(autoincrement()) and when the fields are not consistently provided with values across the entries.

    📚Documentation: createMany() - Prisma Client API Reference

    Fixes and Improvements

    Prisma Client

    Credits

    Huge thanks to @ yubrot, @ skyzh, @ anuraaga, @ onichandame, @ LucianBuzzo, @ RobertCraigie, @ arthurfiorette, @ elithrar for helping!

from @prisma/client GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Snyk has automatically assigned this pull request, set who gets assigned.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade @prisma/client from 5.12.0 to 5.14.0.

See this package in npm:
@prisma/client

See this project in Snyk:
https://app.snyk.io/org/lryanle/project/5b60c99c-75ea-4ce3-8b20-9bfefab000f5?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

vercel bot commented Jun 4, 2024

Deployment failed with the following error:

The value for maxDuration must be between 1 second and 60 seconds, in order to increase this limit upgrade your plan: https://vercel.com/pricing

@lryanle lryanle self-assigned this Jun 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants