[Snyk] Upgrade @prisma/client from 5.7.0 to 5.14.0 #40
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade @prisma/client from 5.7.0 to 5.14.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 737 versions ahead of your current version.
The recommended version was released on 21 days ago.
Release notes
Package name: @prisma/client
Today, we are excited to share the
5.14.0
stable release 🎉🌟 Help us spread the word about Prisma by starring the repo ☝️ or posting on X about the release. 🌟
Highlights
Share your feedback about Prisma ORM
We want to know how you like working with Prisma ORM in your projects! Please take our 2min survey and let us know what you like or where we can improve 🙏
createManyAndReturn()
We’re happy to announce the availability of a new, top-level Prisma Client query:
createManyAndReturn()
. It works similarly tocreateMany()
but uses aRETURNING
clause in the SQL query to retrieve the records that were just created.Here’s an example of creating multiple posts and then immediately returning those posts.
const posts = prisma.post.createManyAndReturn({
data: postBodies
});
return posts
Additionally,
createManyAndReturn()
supports the same options asfindMany()
, such as the ability to return only specific fields.const postTitles = prisma.post.createManyAndReturn({
data: postBodies,
select: {
title: true,
},
});
return postTitles
Full documentation for this feature can be found in the Prisma Client API Reference.
Note: Because
createManyAndReturn()
uses theRETURNING
clause, it is only supported by PostgreSQL, CockroachDB, and SQLite databases. At this time,relationLoadStrategy: join
is not supported increateManyAndReturn()
queries.MongoDB performance improvements
Previously, Prisma ORM suffered from performance issues when using the
in
operator or when including related models in queries against a MongoDB database. These queries were translated by the Prisma query engine in such a way that indexes were skipped and collection scans were used, leading to slower queries especially on large datasets.With 5.14.0, Prisma ORM now rewrites queries to use a combination of
$or
and$eq
operators, leading to dramatic performance increases for queries that includein
operators or relation loading.Fixes and improvements
Prisma Client
createMany()
should return the created recordstake
on many-to-one relationshipinclude
for relationsfindMany()
query execution within
include
query slowonDelete: SetNull
prisma init --with-model
@ opentelemetry/*
dependenciesThe required connected records were not found.
when using indicesPrisma Migrate
dbgenerated()
still breaking forUnsupported()
typesshadowDatabaseUrl
is identical tourl
(ordirectUrl
)PRAGMA foreign_key_check;
Language tools (e.g. VS Code)
Company news
Prisma Changelog
Curious about all things Prisma? Be sure to check out the Prisma Changelog for updates across Prisma's products, including ORM, Accelerate, and Pulse!
New product announcement: Prisma Optimize
With this release, we are excited to introduce a new Prisma product. We’re calling it “Optimize” because that’s what it does! Let your favorite ORM also help you debug the performance of your application.
Check out our announcement blog post for more details, including a demo video.
Credits
Huge thanks to @ pranayat, @ yubrot, @ skyzh, @ anuraaga, @ gutyerrez, @ avallete, @ ceddy4395, @ Kayoshi-dev for helping!
Today, we are excited to share the
5.13.0
stable release 🎉🌟 Help us spread the word about Prisma by starring the repo or posting on X about the release.
Highlights
omit
fields from Prisma Client queries (Preview)We’re excited to announce Preview support for the
omit
option within the Prisma Client query options. The highly-requestedomit
feature now allows you to exclude fields that you don’t want to retrieve from the database on a per-query basis.By default, when a query returns records, the result includes all scalar fields of the models defined in the Prisma schema.
select
can be used to return specific fields, whileomit
can now be used to exclude specific fields.omit
lives at the same API level and works on all of the same Prisma Client model queries asselect
. Note, however, thatomit
andselect
are mutually exclusive. In other words, you can’t use both in the same query.To get started using
omit
, enable theomitApi
Preview feature in your Prisma schema:Be sure to re-generate Prisma Client afterwards:
Here is an example of using
omit
:Here is an example of using
omit
withinclude
:Expand to view the example Prisma schema
id Int @ id @ default(autoincrement())
email String @ unique
name String?
password String
posts Post[]
}
model Post {
id Int @ id @ default(autoincrement())
title String
author User @ relation(fields: [authorId], references: [id])
authorId Int
}
Many users have requested a global implementation of
omit
. This request will be accommodated in the future. In the meantime, you can follow the issue here.📣 Share your feedback:
omitApi
Preview feature📚 Documentation:
omit
- Prisma Client API ReferenceFixes and improvements
Prisma Migrate
Prisma Client
upsert()
:Internal error: Attempted to serialize empty result.
upsert()
fails with "Attempted to serialize empty result."upsert()
:Internal error: Attempted to serialize empty result.
upsert()
:Internal error: Attempted to serialize empty result.
upsert()
:Internal error: Attempted to serialize empty result.
upsert()
:Internal error: Attempted to serialize empty result
upsert()
:Internal error: Attempted to serialize empty result.
Internal error: Attempted to serialize empty result.
onupsert()
forupdate
case in different databases (when usingrelationMode=prisma
explicitly or implicitly [MongoDB])upsert(): Internal error: Attempted to serialize empty result
whenrelationMode = "prisma"
is used✘ [ERROR] near "��": syntax error at offset 0
when runningwrangler d1 migrations apply
with Prisma generated migration (on Windows, using Powershell)Credits
Huge thanks to @ ospfranco, @ pranayat, @ yubrot, @ skyzh, @ anuraaga, @ yehonatanz, @ arthurfiorette, @ elithrar, @ tockn, @ Kuhave, @ obiwac for helping!
Today, we are issuing the
5.12.1
patch release to fix two small problems with our new Cloudflare D1 support.Fixes in Prisma CLI
Windows-only fix for new D1 specific flags for
migrate diff
anddb pull
The flags
--from-local-d1
and--to-local-d1
formigrate diff
and--local-d1
todb pull
we added in 5.12.0 were not working as expected when running on Windows only. This is now fixed.📚 Documentation: Deploying a Cloudflare worker with D1 and Prisma ORM
New option for
migrate diff
:-o
or--output
We added a new parameter
--output
tomigrate diff
that can be used to provide a filename into which the output of the command will be written. This is particularly useful for Windows users, using PowerShell, as using>
to write into a file creates a UTF-16 LE file that can not be read bywrangler d1 migrations apply
. Using this new option, this problem can be avoided:Related issues:
✘ [ERROR] near "��": syntax error at offset 0
when runningwrangler d1 migrations apply
with Prisma generated migration (on Windows, using PowerShell) #23702prisma migrate resolve --applied
not working on new project,migration ... could not be found.
Today, we are excited to share the
5.12.0
stable release 🎉🌟 Help us spread the word about Prisma by starring the repo or posting on X about the release.
Highlights
Cloudflare D1 (Preview)
This release brings Preview support for Cloudflare D1 with Prisma ORM 🥳
D1 is Cloudflare’s SQLite database that can be used when deploying applications with Cloudflare.
When using Prisma ORM with D1, you can continue to: model your database with Prisma schema language, specify
sqlite
as your database provider in your Prisma schema, and interact with your database using Prisma Client.To use Prisma ORM and D1 on Cloudflare Workers or Cloudflare Pages, you need to set
sqlite
as your database provider and use the@ prisma/adapter-d1
database adapter via thedriverAdapters
Preview feature, released back in version 5.4.0.Here is an example of sending a query to your D1 database using Prisma Client in your Worker:
import { PrismaClient } from '@ prisma/client'
import { PrismaD1 } from '@ prisma/adapter-d1'
// Add the D1Database to the Env interface
export interface Env {
// This must match the binding name defined in your wrangler.toml configuration
DB: D1Database
}
export default {
async fetch(
request: Request,
env: Env,
ctx: ExecutionContext
): Promise<Response> {
// Make sure the database name matches the binding name in wrangler.toml and Env interface
const adapter = new PrismaD1(env.DB)
// Instantiate PrismaClient using the PrismaD1 driver adapter
const prisma = new PrismaClient({ adapter })
},
}
📚 Documentation: D1 Documentation
✍️ Blog post: Build Applications at the Edge with Prisma ORM & Cloudflare D1 (Preview)
📣 Share your feedback: D1 Driver Adapter
🚀 Example project: Deploy a Cloudflare Worker with D1
createMany()
for SQLiteBringing support for
createMany()
in SQLite has been a long-awaited feature ⭐createMany()
is a method on Prisma Client, released back in version 2.16.0, that lets you insert multiple records into your database at once. This can be really useful when seeding your database or inserting bulk data.Here is an example of using
createMany()
to create new users:Before this release, if you wanted to perform bulk inserts with SQLite, you would have most likely used
$queryRawUnsafe
to execute raw SQL queries. But now you don’t have to go through all that trouble 🙂With SQLite,
createMany()
works exactly the same way from an API standpoint as it does with other databases except it does not support theskipDuplicates
option. At the behavior level, SQLite will splitcreateMany()
entries into multipleINSERT
queries when the model in your schema contains fields with attributes like@ default(dbgenerated())
or@ default(autoincrement())
and when the fields are not consistently provided with values across the entries.📚Documentation:
createMany()
- Prisma Client API ReferenceFixes and Improvements
Prisma Client
Decimal
data type and combining queries (batching)findUnique()
error out when the field is ofBoolean
typerelationJoins
MySQL converts nested Decimal to floatfindUnique()
node-postgres
(pg) errors with misleadingP2010 PrismaClientKnownRequestError
when using@prisma/adapter-pg
with SSL (?sslmode=require
)Credits
Huge thanks to @ yubrot, @ skyzh, @ anuraaga, @ onichandame, @ LucianBuzzo, @ RobertCraigie, @ arthurfiorette, @ elithrar for helping!
Today, we are excited to share the
5.11.0
stable release 🎉🌟 Help us spread the word about Prisma by starring the repo ☝️ or posting on X about the release.
Highlights
Edge function support for Cloudflare and Vercel (Preview)
We’re thrilled to announce that support for edge function deployments with Prisma ORM is now in Preview 🥳 As of this release, you can deploy your apps that are using Prisma ORM to:
In order to deploy to an edge function, you’ll need to use a compatible database driver (along with its Prisma driver adapter):
pg
driver (for traditional PostgreSQL databases)@ libsql/client
driver (for SQLite databases hosted via Turso)Check out our documentation to learn how you can deploy an edge function using any combination of supported edge function provider and database.
You can also read more about it in the announcement blog post!
Performance improvements in nested
create
operationsWith Prisma ORM, you can create multiple new records in nested queries, for example: