chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@prisma/adapter-better-sqlite3 (source)	7.5.0 → 7.7.0			devDependencies	minor
@prisma/client (source)	7.5.0 → 7.7.0			devDependencies	minor
@prisma/client-v6 (source)	6.19.2 → 6.19.3			devDependencies	patch
@types/node (source)	24.12.0 → 24.12.2			devDependencies	patch
chromadb	3.4.0 → 3.4.3			dependencies	patch
convex (source)	1.34.0 → 1.35.1			devDependencies	minor
minimatch	10.2.4 → 10.2.5			overrides	patch
mongoose (source)	9.3.2 → 9.4.1			devDependencies	minor
pdm-project/setup-pdm	v4.4 → v4.5			action	minor
prisma (source)	7.5.0 → 7.7.0			devDependencies	minor
prisma-v6 (source)	6.19.2 → 6.19.3			devDependencies	patch
pypa/gh-action-pypi-publish	v1.13.0 → v1.14.0			action	minor
ts-jest (source)	29.4.6 → 29.4.9			devDependencies	patch

---

Release Notes

prisma/prisma (@​prisma/adapter-better-sqlite3)

v7.7.0

Compare Source

Today, we are excited to share the 7.7.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

prisma bootstrap command

A new prisma bootstrap command (#​29374, #​29424) sequences the full Prisma Postgres setup into a single interactive flow. It detects the current project state and runs only the steps that are needed:

1. Init or scaffold — In an empty directory, offers a choice of 10 starter templates (Next.js, Express, Hono, Fastify, Nuxt, SvelteKit, Remix, React Router 7, Astro, NestJS) from prisma-examples. In an existing project without a schema, runs prisma init.
2. Link — Authenticates via the browser and connects to a Prisma Postgres database. Skips if already linked.
3. Install dependencies — Detects the package manager and offers to install missing @prisma/client, prisma, and dotenv.
4. Migrate — Runs prisma migrate dev if the schema contains models.
5. Generate — Runs prisma generate.
6. Seed — Runs prisma db seed if a seed script is configured.

Each side-effecting step prompts for confirmation. Re-running the command skips already-completed steps.

Basic usage

npx prisma@latest bootstrap

With a starter template

npx prisma@latest bootstrap --template nextjs

Non-interactive (CI)

npx prisma@latest bootstrap --api-key "$PRISMA_API_KEY" --database "db_abc123"

Open roles at Prisma

Interested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that's right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

v7.6.0

Compare Source

Today, we are excited to share the 7.6.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

CLI

• Added a prisma postgres link command that connects a local project to a Prisma Postgres database. This is the first command in a new prisma postgres command group for managing Prisma Postgres databases directly from the CLI. (#​29352)

Driver Adapters

• @​prisma/adapter-pg: Added a statementNameGenerator option that accepts a custom prepared statement name generator to allow users to leverage pg statement caching (#​29395)
• @​prisma/adapter-pg: Added support for usage of connection strings directly in the constructor for improved ergonomics (#​29287)
• @​prisma/adapter-mariadb: Added a useTextProtocol option in the constructor to toggle between text and binary protocols (#​29392)

Bug Fixes

Prisma Client

• Disabled caching of createMany queries to avoid cache bloat and potential Node.js crashes in bulk operations (#​29382)
• Made NowGenerator lazy to avoid synchronous new Date() calls, fixing Next.js "dynamic usage" errors in cached components (#​28724)
• Fixed missing export of Get<Model>GroupByPayload type in the new prisma-client generator, making it accessible for TypeScript usage (#​29346)

CLI

• Added streaming parsing with automatic fallback to handle Prisma schemas that produce extremely large intermediate strings (>500MB) that hit V8's string limits (#​29377)

Driver Adapters

• @​prisma/adapter-pg: Relaxed the @types/pg version constraint to ^8.16.0 for compatibility with newer PostgreSQL type definitions (#​29390)
• @​prisma/adapter-pg: Corrected error handling for ColumnNotFound errors to correctly extract column names from both quoted and unquoted PostgreSQL error messages (#​29307)
• @​prisma/adapter-mariadb: Modified the adapter to disable mariadb statement caching by default to address a reported leak (#​29392)

Prisma Studio

We’re continuing our work to improve Prisma Studio with more features being added.

Dark Mode

Need we say more? You’ve all asked for it, and it’s back.

dark-mode-studio.mp4

Copy as markdown

Now, you can copy one or more rows as either CSV or Markdown

Multi-cell editing

This is big one, something that folks have been asking for. Now, it’s possible to edit multiple cells while inspecting your database. If you make any changes, you’ll be prompted to either save or discard them. This makes manually adding new rows much easier to accomplish.

Back relations

If your data references another table, Prisma Studio now links to the related records, making it easy to inspect them. This makes traversing your database much simpler.

CleanShot.2026-03-24.at.20.39.01.mp4

Generative SQL with AI

If you need to inspect your database, instead of manually writing the SQL you may need, you can use natural language and AI to generate the appropriate SQL statements.

CleanShot.2026-03-19.at.00.01.53.mp4

Open roles at Prisma

Interested in joining Prisma? We’re growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that’s right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

get-convex/convex-backend (convex)

v1.35.1

• Adds support for automatic preview deployments on Cloudflare Pages
• Removes a new API in useQuery that was accidentally included as part
  of the 1.35.0 release.

v1.35.0

• You can now create and select local deployments explicitly with the CLI:
  • npx convex deployment create local --select: initialize local development.
  • npx convex deployment select dev: switch to your cloud dev deployment.
  • npx convex deployment select local: switch back to your local deployment.
  • To run a single command on your local deployment, use --deployment local.
• npx convex deployment create now has a --expiration flag allowing you
  to create temporary dpeloyments.
• Components can now define HTTP routes in their own http.ts file.
  The routes exposed by a component are accessible through a URL prefix
  that isolates them from the other HTTP routes
  (e.g. app.use(component, { httpPrefix: "/foo" })).
• npx convex dev now supports a new --start flag that runs a command
  in parallel with the Convex dev server (e.g. npx convex dev --start 'vite').
  This new option can be used to simplify the dev command of most projects.
  This flag was previously called --run-sh, and used to not allow
  long-running commands; now, --run-sh is an alias of --start.
• Defaults non-interactive commands to target an anonymous deployment if one is
  not configured or specified by the deploy key. This enables coding agents to
  more easily develop without needing the CONVEX_AGENT_MODE env variable.
  By default, the CLI will avoid prompting in non-interactive terminals when
  possible.
• You can now develop against your anonymous local deployments even when logged
  in. You will be prompted to link the deployment to a project if the terminal
  is interactive.
• Enables npx convex deployment create when you don't yet have a project.
• You can now customize the list of AI agents npx convex ai-files installs
  skills for in the aiFiles.skills.agents field of convex.json
  (defaults to ["claude-code", "codex"]).
• Improved formatting of sizes in error messages.
• Changes the default codegen to use the component's ComponentApi type instead
  of static code generation for components in _generated/api.d.ts.
  To get the old behavior, set { "codegen": { "legacyComponentApi": true } }
  in convex.json.
• Fixed a bug where npx convex dev would not use the correct deployment
  after running npx convex deployment select.
• Improved the definition of the AnyDataModel type to support using
  default indexes (by_id, by_creation_time) in a typesafe way.

v1.34.1

• Hides the --yes flag on npx convex deploy to discourage YOLO agents being
  run in privileged environments from pushing to production.
• Improves client backoff strategy to reconnect more quickly. The changes in
  1.34.0 did not correctly reset backoff sufficiently after reconnect.
• AI files will not be installed by default in non-interactive environments.
• Disabling AI files is now tracked with an "enabled" flag in convex.json that
  hides nags for initial setup and updates when set to false.
• Fix ai-files re-prompting to install files on setup when they already exist.
• Fix local deployments returning stale credentials when ports change.

isaacs/minimatch (minimatch)

v10.2.5

Compare Source

Automattic/mongoose (mongoose)

v9.4.1

Compare Source

==================

• Revert "fix(setDefaultsOnInsert): run setters on default values during upsert" #​16218 #​16051

v9.4.0

Compare Source

==================

• perf(document+model): avoid parallel save error instantiation, simplify resetting atomics, streamline validation and collection handling
• feat(document): add $getChanges() alias, deprecate getChanges() #​15959 techcodie
• fix(schema): support toJSONSchema on unions #​16179
• fix(schema): implement validation for Union schemas and subdocuments techcodie
• fix(connection): snapshot Date in heartbeat handler and flush queue on recovery #​16183 andreialecu
• fix(model): use duck-typing with version check to validate the argument to useConnection() is actually a connection #​16098
• fix(setDefaultsOnInsert): run setters on default values during upsert #​16051 mahmoodhamdi
• fix(utils): properly compare Set objects in deepEqual KhanjarSingh
• fix(utils): wrap discriminator merge check in parentheses to fix precedence Necro-Rohan
• fix(schema): correct template literal in encryptionType error message Mridul012
• fix(schema): correct error when unsupported query operator with number #​16062
• fix(types): make MergeType and UnpackedIntersection distributive over union types techcodie
• types: add id to HydratedDocument virtuals by default unless explicitly set #​16178
• types(populate): use marker type to track populated vs depopulated type for perf
• types(populate): retain populated paths in toObject() and toJSON() unless depopulate: true set #​16085
• types(query): make TypeScript error on $and with unrecognized query operator
• chore: use TSTyche assertions mrazauskas
• docs(connection): remove references to useUnifiedTopology and fix backtick
• docs: fix typo 'retreiving' -> 'retrieving' in SchemaType getter JSDoc yogesh968
• docs: fix typos around 'retrieve' in schemaType and tests ayushshukla1807
• docs: fix typos in code comments Goldyvaiiii

v9.3.3

Compare Source

==================

• fix(schemaType): standardize to use MongooseError instead of plain Error #​16172 VIPAX-JIT
• types: make MergeType distributive to better support populate on models where the hydrated doc type is a union #​16101 #​16161
• docs: upgrade http:// links to https:// in connections.md #​16163 Puxhkar
• docs: fix typographical, grammatical errors & documentation clarity improvements #​16175 yogesh968
• docs: clarify multi-mongos support documentation for sharded clusters

pdm-project/setup-pdm (pdm-project/setup-pdm)

v4.5

Compare Source

What's Changed

• target node24 and allow the freethreaded version of Python to be chosen by @​strobecat in #​75

New Contributors

• @​strobecat made their first contribution in #​75

Full Changelog: pdm-project/setup-pdm@v4...v4.5

pypa/gh-action-pypi-publish (pypa/gh-action-pypi-publish)

v1.14.0

Compare Source

Audit your supply chain regularly!

✨ What's Changed

The main change in this release is that verbose and print-hash inputs are now on by default. This was contributed by @​whitequark💰 in #​397.

📝 Docs

@​woodruffw💰 updated the mentions of PEP 740 to stop implying that it might be experimental (it hasn't been for quite a while!) in #​388 and @​him2him2💰 brushed up some grammar in the README and SECURITY docs via #​395.

🛠️ Internal Updates

@​woodruffw💰 bumped sigstore and pypi-attestations in the lock file (#​391) and @​webknjaz💰 added infra for using type annotations in the project (#​381).

💪 New Contributors

• @​him2him2 made their first contribution in #​395
• @​whitequark made their first contribution in #​397

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.13.0...v1.14.0

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

🙏 Special Thanks to @​facutuesca💰 and @​woodruffw💰 for helping maintain this project when I can't!

💬 Discuss on Bluesky 🦋, on Mastodon 🐘 and on GitHub.

kulshekhar/ts-jest (ts-jest)

v29.4.9

Compare Source

v29.4.8

Compare Source

v29.4.7

Compare Source

Features

• support TypeScript v6 (eda517d)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
• Automerge
  • "after 9am and before 5pm Monday"

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: prisma/package-lock.json

npm warn Unknown env config "store". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm error code EOVERRIDE
npm error Override for minimatch@10.2.5 conflicts with direct dependency
npm error A complete log of this run can be found in: /runner/cache/others/npm/_logs/2026-04-10T04_56_07_658Z-debug-0.log

File name: mongoose/package-lock.json

npm warn Unknown env config "store". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm error code EOVERRIDE
npm error Override for minimatch@10.2.5 conflicts with direct dependency
npm error A complete log of this run can be found in: /runner/cache/others/npm/_logs/2026-04-10T04_56_09_304Z-debug-0.log