chore(deps): update prisma monorepo to v4.12.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@prisma/client (source)	4.9.0 -> 4.12.0
prisma (source)	4.9.0 -> 4.12.0

---

Release Notes

prisma/prisma

v4.12.0

Compare Source

🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

Highlights

Introspection of Views SQL improvements (Preview)

The views Preview feature significantly improved this release: prisma db pull now reads the SQL query used to define a view and stores it in a .sql file in a views folder next to your Prisma schema.

Note: These .sql files are not yet used for creating or updating views during migrations yet. For now, we are only looking for feedback. Let us know if the introspected SQL files match the views picked up in your database and if the correct files were created in your filesystem.

We encourage you to leave feedback in this GitHub issue.

Improvements to JSON protocol (Early Preview)

In 4.11.0, we announced the jsonProtocol Preview feature which had some rough edges. This release improves the Preview feature by providing polished and helpful error messages from Prisma Client when something goes wrong. Here is an example error message:

We would appreciate it if you would try it out to help us polish the feature and move it to General Availability. Testing it requires little effort. Please also leave any feedback in this issue, or open a new one if you want to report a bug.

Prisma Client startup performance

In this release, we've improved the startup performance of Prisma Client. We're keen on improving the performance of Prisma Client. If you experience any problems with the startup performance, be sure to report them so that we can look into them.

Open Telemetry tracing and logging for Prisma Client for Data Proxy

This release adds support for Open Telemetry tracing (via the tracing Preview feature) and logging to Prisma Client for Data Proxy.

Fixes and improvements

Prisma Migrate

• Certain types of schema changes don't work with CockroachDB v22.2
• Completions: provided by engines break right at the start of a newline
• db pull fail with particular enum default value in column
• Unable to reset CockroachDB for table with foreign key relationship on v22.2.
• Introspection of SQLite views
• Changing the Column Type to Enum on a model throws an error
• Introspection of the view definition statement
• MySQL multi-value index removes the primary key on introspection

Prisma Client

• findUnique used with Promise.all returns null
• Missing PrismaPromise export after update from 4.9.0 to 4.11.0
• jsonProtocol doesn't query enum fields by default
• Prisma 4.11 breaks multilevel relation with compound primary keys (typings)
• 4.11.0: Unique constraint failed on the fields on query that worked in 4.10.1
• jsonProtocol Field/Enum is not included in the result of the findFirst/findMany function
• Too many records are returned in 4.11.0 when using nested include and @​unique field is null
• Objects with computed properties returned from an extended prisma client return true for any property name when calling hasOwn or hasOwnProperty on it

Language tools (e.g. VS Code)

• Completions: suggest type block for MongoDB
• Remove datasource completions

Credits

Huge thanks to @​KhooHaoYit, @​rintaun, @​ivan, @​art049 for helping!

📺 Join us for another "What's new in Prisma" live stream

Learn about the latest release and other news from the Prisma community by joining us for another "What's new in Prisma" live stream.

The stream takes place on YouTube on Thursday, March 30 at 5 pm Berlin | 8 am San Francisco.

v4.11.0

Compare Source

🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

Highlights

JSON protocol Early Preview

This release introduces an early Preview feature: JSON protocol.

During performance investigations and optimizations, we noticed that the existing implementation added a CPU and memory overhead that was especially noticeable for larger Prisma schemas. Therefore, we found an alternative way to express our queries without needing that overhead: JSON.

To try out the new protocol, enable the jsonProtocol Preview feature in your Prisma schema:

generator client {
  provider        = "prisma-client-js"  
  previewFeatures = ["jsonProtocol"]
}

Regenerate Prisma Client to use the new JSON protocol.

For environments or situations where it is not viable to enable the Preview feature flag to your Prisma schema file, we also added an environment variable that you can use to force the use of the JSON Protocol Preview feature: PRISMA_ENGINE_PROTOCOL=json.

Note: This is an early Preview feature with a significant limitation: Invalid input to Prisma Client will throw unpolished, internal errors that are less descriptive and user-friendly than our usual ones. We intend to improve these future releases. Using it with Data Proxy and Prisma Data Platform currently also leads to errors.

We expect using jsonProtocol to improve Prisma Client's startup performance significantly. This will likely have a more significant impact on applications with larger Prisma schemas.

We would appreciate your feedback on this feature on the following particularly:

1. Does using this preview feature introduce any regressions or problems in your application?
2. If not, how does it influence the performance of your application? Can you share before and after measurements?

For feedback, please comment on the GitHub feedback issue.

Introspection support for MySQL, SQL Server, and CockroachDB views

You can now run prisma db pull against your database to populate your Prisma schema with your views in MySQL, SQL Server, and CockroachDB.

To learn more, refer to our documentation on views introspection. Try it out and let us know your thoughts in this GitHub issue.

Prisma Client extensions improvements: raw query operations

This release adds support for extending top-level raw query operations.

const prisma = new PrismaClient().$extends({
  query: {
    // relational databases
    $queryRaw({ args, query, operation }) {
      // handle $queryRaw operation
      return query(args)
    },
    $executeRaw({ args, query, operation }) {
      // handle $executeRaw operation
      return query(args)
    },
    $queryRawUnsafe({ args, query, operation }) {
      // handle $queryRawUnsafe operation
      return query(args)
    },
    $executeRawUnsafe({ args, query, operation }) {
      // handle $executeRawUnsafe operation
      return query(args)
    },
    // MongoDB
    $runCommandRaw({ args, query, operation }) {
      // handle $runCommandRaw operation
      return query(args)
    },
  },
})

Webpack plugin for Next.js apps using Prisma in monorepo setups

If you've been using Prisma Client in a Next.js app in a monorepo setup, you might have seen this infamous error message:

Error: ENOENT: no such file or directory, open schema.prisma

We finally pinpointed the problem's source to the Next.js bundling step and opened an issue in the Next.js repository for Vercel to investigate and hopefully fix it.

In the meantime, we've created a workaround via a webpack plugin that makes sure your Prisma schema is copied to the correct location: @prisma/nextjs-monorepo-workaround-plugin.

To use the plugin, first install it:

npm install -D @​prisma/nextjs-monorepo-workaround-plugin

Import the plugin into your next.config.js file and use it in config.plugins:

const { PrismaPlugin } = require('@​prisma/nextjs-monorepo-workaround-plugin')
module.exports = {
  webpack: (config, { isServer }) => {
    if (isServer) {
      config.plugins = [...config.plugins, new PrismaPlugin()]
    }
    return config
  },
}

For further information, refer to our documentation to learn how to use it and open an issue if it doesn't work as expected.

Fixes and improvements

Prisma Client

• Prisma hangs when javascript is minified
• Issue with prisma failing to locate schema file in monorepo
• NextJS try to open "schema.prisma" at wrong path.
• pnpm workspace + nextjs: ENOENT: no such file or directory, open '...\.next\server\pages\api\schema.prisma'
• next.js ENOENT trying to open schema.prisma
• Error with custom output in NPM monorepo: Error: ENOENT: no such file or directory, open 'schema.prisma'
• Error with custom output in Turborepo using Blitz.js: Error: ENOENT: no such file or directory, open '<...>/schema.prisma'
• Upsert fails on Postgres with list column.
• Error received when connecting items in an existing one-to-many relationship on MySQL
• ENOENT with custom output and ESM module in NPM monorepo (including Nextjs): no such file or directory, open /.../schema.prisma...
• Setting ignoreEnvVarErrors: true Node API QE causes datasourceOverrides to be ignored
• PCE: Support query extensions for raw queries

Prisma Migrate

• sslaccept=accept_invalid_certs not working with mysql server 8.0.30
• Error 08S01 (1043) -> Bad Handshake. MySQL Connection with SSL certs
• Introspection of MySQL views
• Introspection of SQL Server views
• Introspection of CockroachDB views
• db pull: add new codes for introspection warnings for views in the CLI
• Figure out where getDMMF is used for validation
• Error when directUrl is prisma:// connection string
• 4.10.0, unexpected: errorCode: 'P1012' PrismaClientInitializationError: error: Environment variable not found: DATABASE_URL.
• Validation output is now always colored, also in CI
• Prisma Client falsely validates directUrl env var value, leading to validation error (Affects PDP/Data Proxy and normal Engine)
• Fix Postgres introspection of partition tables false positives on inherited tables
• Support openSUSE Tumbleweed
• Change validate to return Result<(), JsError> in Wasm module
• (internal): add unit tests for path-specific libssl version parsing

Credits

Huge thanks to @​KhooHaoYit, @​rintaun, @​ivan, @​Mini256, @​Lioness100, @​yukukotani, @​sandrewTx08, @​fubhy, @​zachtil, @​unflxw, @​Mosaab-Emam for helping!

📺 Join us for another "What's new in Prisma" live stream

Learn about the latest release and other news from the Prisma community by joining us for another "What's new in Prisma" live stream.

The stream takes place on YouTube on Thursday, March 2 at 5 pm Berlin | 8 am San Francisco.

v4.10.1

Compare Source

Today, we are issuing the 4.10.1 patch release.

Fixes in Prisma Client

• Prisma Client falsely validates directUrl env var value, leading to validation error (Affects PDP/Data Proxy and normal Engine)
• 4.10.0, unexpected: errorCode: 'P1012' PrismaClientInitializationError: error: Environment variable not found: DATABASE_URL.

v4.10.0

Compare Source

🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

Highlights

Improved CLI support for connection poolers

When working with connection poolers such as the Prisma Data Proxy, Accelerate or pgBouncer, it is necessary to use a different URL to connect to the database when using Prisma Client and Prisma Migrate.

We're introducing a new datasource property directUrl to improve this. When the directUrl property is present, the Prisma CLI will use it to connect to the database for tasks such as introspection and migrations.

### .env
### Connection to Prisma Data Proxy. Used by Prisma Client.
DATABASE_URL="prisma://__HOST__/?api_key=__KEY__"

### Connection to the database. Used for migrations and introspection.
DIRECT_URL="postgresql://__USER__:__PASSWORD__@​__HOST__:__PORT__/__DATABASE__"

// ./prisma/schema.prisma
generator client {
  provider = "prisma-client-js"
}

datasource db {
  provider  = "postgresql"
  url       = env("DATABASE_URL")
  directUrl = env("DIRECT_URL")
}

To learn more, refer to our documentation.

Introspection support for PostgreSQL views

We introduced initial support for database views in 4.9.0 with the addition of the view keyword. This release introduces introspection support for PostgreSQL views. You can run prisma db pull against your database to populate your Prisma schema with your views.

To learn more, refer to our documentation on views introspection. Try it out and let us know your thoughts in this GitHub issue.

Improved introspection for unsupported database functionality & partitioned tables

Currently, the Prisma Schema Language(PSL) does not cover the full feature sets of different database providers. For the unsupported database functionality, Prisma provides offers escape hatches like raw queries or manual editing of the migration files.

While we work on adding support for missing database functionality, e.g. database views, some of it is not fully-supported and the escape hatches fail. Objects that use unsupported properties might not be caught during introspection and raw queries might not work. Re-introspection may sometimes remove the information from the schema file and the generated migrations may be invalid or re-generate the same SQL repeatedly.

We're therefore fixing the defects and supporting the unsupported database functionalities Prisma currently doesn't support. We created a list of these features in this GitHub issue we would like to improve.

This release improves introspection support for partitioned tables in PostgreSQL and MySQL. Previously, Prisma would pick up the partitions as models and miss the actual main table. Prisma will now pick up the main table as a model, not the partitions.

If you're already using partitioned tables in your database, you can use prisma db pull to update your Prisma schema. If you're already using Prisma and want to partition a table in your database, you can:

1. Create a draft migration using prisma migrate dev --create-only
2. Update the draft migration with the SQL to partition the tables
3. Re-run prisma migrate dev to apply the draft migration to your database

Try it out and let us know what you think. If you run into an issue, feel free to create a bug report.

Smaller engine size used in Prisma CLI

In 4.8.0, we decreased the size of the engines by ~50%, which significantly impacted Prisma Client, especially in serverless environments.

In this release, we've reduced the size of Prisma CLI by removing the Introspection and Formatter engines. The introspection functionality is now served by the Migration Engine. A cross-platform Wasm module has entirely replaced the Formatter Engine. This reduces the overall installation size for Prisma CLI.

Fixes and improvements

Prisma Client

• Precompiled engine files for aarch64-unknown-linux-musl target (Alpine Linux on ARM, e.g. M1)
• Specify the generator to use for sharing schema files in different environments
• Implement getDmmf as Wasm module that could be used in Prisma CLI
• Client in interactive transaction is not extended
• Deeply nested objects aren't typed when clientExtensions is enabled
• Typescript issue on nested queries with clientExtensions feature

Prisma

• Introspection can't get composite primary key for partitioned table
• db pull adds redundant comment about ignored table
• Remove prisma-fmt formatter binary
• Diagnostics currently need to be manually written for Code Action tests
• OpenSSL on Node Alpine still not working after Prisma 4.8.0 on an ARM machine
• Improved error messages on system library detection
• Remove introspection-engine binary from CLI
• [Stopgap] Introspect partitioned tables better: Only introspect main table in a valid way, ignore partitions
• Regression: get-platform error for non-amd64 Alpine introduced in [email protected] prevents using custom Prisma engines
• Introspection of PostgreSQL views
• internal: use original distro and distro family in warning messages
• Failed to detect linux distro + Error: Unknown binaryTarget debian-openssl-0.0.x and no custom engine files were provided after upgrading from 4.8.1 to 4.9.0

Language tools (e.g. VS Code)

• Add VS Code quick fix / code action to phase out referentialIntegrity in favor of relationMode
• Auto completion of directUrl

Credits

Huge thanks to @​rintaun, @​ivan, @​Mini256, @​yukukotani, @​sandrewTx08 for helping!

📺 Join us for another "What's new in Prisma" live stream

Learn about the latest release and other news from the Prisma community by joining us for another "What's new in Prisma" live stream.

The stream takes place on YouTube on Thursday, February 9 at 5 pm Berlin | 8 am San Francisco.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[socket-security]

New dependency changes detected. Learn more about Socket for GitHub ↗︎

🚨 Potential security issues found in this pull request. To accept the risk, merge this PR and you will not be notified again.

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore [email protected]

📜 Install scripts

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Package	Script field	Source
[email protected] (added)	postinstall	package-lock.json, package.json

Pull request alert summary

Issue	Status
Install scripts	⚠️ 1 issue
Native code	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

📊 Modified Dependency Overview:

🚮 Removed packages: @prisma/[email protected], [email protected]