chore(deps): update dev dependencies (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@prisma/nextjs-monorepo-workaround-plugin (source)	^5.15.0 -> ^6.0.0
@types/chroma-js (source)	^2.4.4 -> ^3.0.0
@types/react (source)	18.3.18 -> 19.0.4
@types/react-dom (source)	18.3.5 -> 19.0.2
dotenv-cli	^7.4.2 -> ^8.0.0
eslint-plugin-testing-library	^6.0.1 -> ^7.0.0
jsdom	^25.0.0 -> ^26.0.0
prisma (source)	5.22.0 -> 6.2.1

---

Release Notes

prisma/prisma (@​prisma/nextjs-monorepo-workaround-plugin)

v6.2.1

Compare Source

Today we are releasing the 6.2.1 patch release to address an issue with some of the omitApi preview feature checks having been accidentally omitted when making the feature GA. Now it is fully functional without the preview feature flag.

Changes

• https://github.com/prisma/prisma/pull/25997

v6.2.0

Compare Source

Today we're releasing Prisma ORM version 6.2.0 🎉

🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

We have a number of new features in this version, including support for json and enum fields in SQLite, a new updateManyAndReturn function, support for ULID values, as well as the promotion of the omit feature from Preview to Generally Availability.

Highlights

Excluding fields via omit is now production-ready

Our number one requested feature is out of Preview and Generally Available. In 6.2.0, you no longer need to add omitApi to your list of Preview features:

generator client {
  provider        = "prisma-client-js"
- previewFeatures = ["omitApi"]
}

As a refresher: omit allows you to exclude certain fields from being returned in the results of your Prisma Client queries.

You can either do this locally, on a per-query level:

const result = await prisma.user.findMany({
  omit: {
    password: true,
  },
});

Or globally, to ensure a field is excluded from all queries of a certain model:

const prisma = new PrismaClient({
  omit: {
    user: {
      password: true
    }
  }
})

// The password field is excluded in all queries, including this one
const user = await prisma.user.findUnique({ where: { id: 1 } })

For more information on omit, be sure to check our documentation.

json and enum fields in SQLite

Previous to this version, you could not define json and enum fields in your Prisma schema when using SQLite. The respective GitHub issues have been among the most popular ones in our repo, so with our new approach to open-source governance, we finally got to work and implemented these.

Working with JSON and Enum fields works similarly to other database providers, here’s an example:

datasource db {
  provider = "sqlite"
  url      = "file:./dev.db"
}

model User {
  id   Int    @​id @​default(autoincrement())
  name String
  role Role  
  data Json
}

enum Role {
  Customer
  Admin 
}

Support for auto-generated ULID values

Similar to cuid2 support released in ORM version 6.0.0, we are now adding support for Universally Unique Lexicographically Sortable Identifiers (or short: ULIDs 😄) in version 6.2.0. A ULID value is a 26-character alphanumeric string, e.g. 01GZ0GZ3XARH8ZP44A7TQ2W4ZD.

With this new feature, you can now create records with auto-generated ULID values for String fields:

model User {
  id String @​id @​default(ulid())  
}

New batch function: updateManyAndReturn

updateMany allows you to update many records in your database, but it only returns the count of the affected rows, not the resulting rows themselves. With updateManyAndReturn you are now able to achieve this:

const users = await prisma.user.updateManyAndReturn({
  where: {
    email: {
      contains: 'prisma.io',
    }
  },
  data: {
    role: 'ADMIN'
  }
})

This call to updateManyAndReturn will now return the actual records that have been updated in the query:

[{
  id: 22,
  name: 'Alice',
  email: '[email protected]',
  profileViews: 0,
  role: 'ADMIN',
  coinflips: []
}, {
  id: 23,
  name: 'Bob',
  email: '[email protected]',
  profileViews: 0,
  role: 'ADMIN',
  coinflips: []
}]

Please note that like createManyAndReturn, updateManyAndReturn is only supported in PostgreSQL, CockroachDB, and SQLite.

Fixed runtime error in Node.js v23

While not officially supported, we understand that a lot of you like to be on the latest Node.js version — so we fixed an error that only occurred on Node.js 23. Happy coding ✌️

Prisma is hiring 🤝

Join us at Prisma to work on the most popular TypeScript ORM and other exciting products like the first serverless database built on unikernels!

We currently have two open roles in our Engineering team:

• Senior Software Engineer (Prisma ORM)
• Senior Software Engineer (Prisma Data Platform)

If these don’t fit, you can still check out our jobs page and send a general application.

v6.1.0

Compare Source

Today we're releasing Prisma ORM version 6.1.0

In this version our tracing Preview feature is being graduated to GA!

Highlights

Tracing goes GA

The tracing Preview feature is now stable. You now no longer have to include tracing in your set of enabled preview features.

generator client {
   provider        = "prisma-client-js"
-  previewFeatures = ["tracing"]
}

We have also changed some of the spans generated by Prisma Client. Previously, a trace would report the following spans:

prisma:client:operation
prisma:client:serialize
prisma:engine
prisma:engine:connection
prisma:engine:db_query
prisma:engine:serialize

Now, the following are reported:

prisma:client:operation
prisma:client:serialize
prisma:engine:query
prisma:engine:connection
prisma:engine:db_query
prisma:engine:serialize
prisma:engine:response_json_serialization

Additionally, we have made a few changes to our dependencies:

• @opentelemetry/api is now a peer dependency instead of a regular dependency
• registerInstrumentations in @opentelemetry/instrumentation is now re-exported by @prisma/instrumentation

After upgrading to Prisma ORM 6.1.0 you will need to add @opentelemetry/api to your dependencies if you haven't already:

npm install @​opentelemetry/api

You will also no longer need to have @opentelemetry/instrumentation if you only use registerInstrumentations. In this case you can import registerInstrumentations from @prisma/instrumentation

- import { PrismaInstrumentation } from '@​prisma/instrumentation'
+ import { PrismaInstrumentation, registerInstrumentations } from '@​prisma/instrumentation'

Mutli-line comments in Prisma Schema Language (PSL)

Comments can now be defined as multi-line in your Prisma schema! Comments can use the existing format:

// this is a schema comment

or can now also use our multi-line format:

/*
 * this is a multi-line comment
 * You can add in all you want here
 * Keep typing and this comment will keep on going
 */

Bug fixes

Tracing related

As we're moving our tracing preview to GA, a number of issues have been resolved. Here are a few highlights:

• Tests for tracing expanded and improved
• Issues with Elastic APM addressed
• Issues with Datadog tracer addressed
• Prisma Client now respects suppressTracing

Other issues

We also have a number of other issues that were resolved outside of our tracing feature.

• Resolved type issues with the PrismaNeonHTTP adapter
• findUnique returns null when used instead of Promise.all
• Resolved an issue with the latest version of Alpine Linux

Fixes and improvements

Prisma

• Tracing: Detailed report and profiling informations
• Prisma Client Request Tracing Integration
• Instrumentation error in production: TypeError: parentTracer.getSpanLimits is not a function
• Prisma is using the internal Span constructor
• Prisma Client doesn't put all OTEL trace spans under one parent span
• Prisma trace has unaccounted time
• prisma:engine spans do not respect suppressTracing()
• tracing: engine spans don't pass through Sampler
• Add tests for tracing and different ways to open the first connection (including internal spans)
• Tracing: Long trailing delay in prisma:client:operation
• prisma:engine spans are missing when there are multiple new PrismaClient() invocations
• parentTracer.getSpanLimits is not a function
• Support tracers not derived from opentelemetry-sdk-trace-base (e.g. Datadog tracer)
• traceparent comments with multiple SQL statements
• Make @prisma/instrumentation dependencies peer dependencies
• Make sure db.statement attribute doesn't include the traceparent comment
• [Instrumentation] registerInstrumentations uses the global provider instead of the one passed in
• Instrumentation: Problems in working with Elastic APM
• PrismaNeonHTTP adapter breaks on some types e.g. timestamp
• Promise.all() returns null with findUnique()
• Alpine Linux 3.21: Prisma failed to detect the libssl/openssl version to use

Prisma Client

• Tracing operation duration bug under stress test
• @prisma/instrumentation Type Error: 'InstrumentionNodeModuleDefintion' is not generic

v6.0.1

Compare Source

Today we are releasing the 6.0.1 patch release to address an issue with using Prisma Client generated in a custom output path with Next.js.

Changes

• Revert "type": "commonjs" addition in generated package.json

v6.0.0

Compare Source

We’re excited to share the Prisma ORM v6 release today 🎉

As this is a major release, it includes a few breaking changes that may affect your application. Before upgrading, we recommend that you check out our upgrade guide to understand the impact on your application.

If you want to have an overview of what we accomplished since v5, check out our announcement blog post: Prisma 6: Better Performance, More Flexibility & Type-Safe SQL.

🌟 Help us spread the word about Prisma by starring the repo ☝️ or posting on X about the release.

Breaking changes

⚠️ This section contains a list of breaking changes. If you upgrade your application to Prisma ORM v6 without addressing these, your application is going to break! For detailed upgrade instructions, check out the upgrade guide. ⚠️ 

Minimum supported Node.js versions

The new minimum supported Node.js versions for Prisma ORM v6 are:

• for Node.js 18 the minimum supported version is 18.18.0
• for Node.js 20 the minimum supported version is 20.9.0
• for Node.js 22 the minimum supported version is 22.11.0

There is no official support for Node.js <18.18.0, 19, 21, 23.

Minimum supported TypeScript version

The new minimum supported TypeScript version for Prisma ORM v6 is: 5.1.0.

Schema change for implicit m-n relations on PostgreSQL

If you're using PostgreSQL and are defining implicit many-to-many relations in your Prisma schema, Prisma ORM maintains the relation table for you under the hood. This relation table has A and B columns to represent the tables of the models that are part of this relation.

Previous versions of Prisma ORM used to create a unique index on these two columns. In Prisma v6, this unique index is changing to a primary key in order to simplify for the default replica identity behaviour.

If you're defining implicit m-n relations in your Prisma schema, the next migration you'll create will contain ALTER TABLE statements for all the relation tables that belong to these relations.

Full-text search on PostgreSQL

The fullTextSearch Preview feature is promoted to General Availability only for MySQL. This means that if you're using PostgreSQL and currently make use of this Preview feature, you now need to use the new fullTextSearchPostgres Preview feature.

Usage of Buffer

Prisma v6 replaces the usage of Buffer with Uint8Array to represent fields of type Bytes. Make sure to replace all your occurrences of the Buffer type with the new Uint8Array.

Removed NotFoundError

In Prisma v6, we removed the NotFoundError in favor of PrismaClientKnownRequestError with error code P2025 in findUniqueOrThrow() and findFirstOrThrow(). If you've relied on catching NotFoundError instances in your code, you need to adjust the code accordingly.

New keywords that can't be used as model names: async, await, using

With this release, you can't use async, await and using as model names any more.

---

⚠️ For detailed upgrade instructions, check out the upgrade guide. ⚠️ 

Preview features promoted to General Availability

In this release, we are promoting a number of Preview features to General Availability.

fullTextIndex

If you use the full-text index feature in your app, you can now remove fullTextIndex from the previewFeatures in your Prisma schema:

generator client {
  provider        = "prisma-client-js"
- previewFeatures = ["fullTextIndex"]
}

fullTextSearch

If you use the full-text search feature with MySQL in your app, you can now remove fullTextSearch from the previewFeatures in your Prisma schema:

generator client {
  provider        = "prisma-client-js"
- previewFeatures = ["fullTextSearch"]
}

If you are using it with PostgreSQL, you need to update the name of the feature flag to fullTextSearchPostgres:

generator client {  
  provider        = "prisma-client-js"
- previewFeatures = ["fullTextSearch"]  
+ previewFeatures = ["fullTextSearchPostgres"]
}

New features

We are also releasing new features with this release:

• cuid2() support
• Include unused enum definitions in prisma generate's output
• Improved compatibility with Deno 2

Company news

🚀 Prisma Postgres is free during Early Access

In case you missed it: We recently launched Prisma Postgres, a serverless database with zero cold starts, a generous free tier, connection pooling, real-time events, and a lot more! It’s entirely free during the Early Access phase, try it now!

✨ Let us know what you think of Prisma ORM

We're always trying to improve! If you've recently used Prisma ORM, we'd appreciate hearing your thoughts about your experience via this 2min survey.

entropitor/dotenv-cli (dotenv-cli)

v8.0.0

Compare Source

Improve expansion of configs https://github.com/entropitor/dotenv-cli/pull/101

This might break some configs so it's a major release. In general, you can upgrade without issues.

testing-library/eslint-plugin-testing-library (eslint-plugin-testing-library)

v7.1.1

Compare Source

Bug Fixes

• use valid config type for supporting both ESLint v8 and v9 (#​976) (d8e44b2)

v7.1.0

Compare Source

Features

• add config for Svelte (#​973) (fc118c7)

v7.0.0

Compare Source

You can follow the migration guide to v7.

BREAKING CHANGES

• Requires Node@^18.18.0 || ^20.9.0 || >=21.1.0
• Requires ESLint ^8.57.0, or ^9.0.0

Features

• Full support for ESLint v9 (v8 still compatible) and typescript-eslint v8

Co-authored-by: @​MichaelDeBoey

jsdom/jsdom (jsdom)

v26.0.0

Compare Source

Breaking change: canvas peer dependency requirement has been upgraded from v2 to v3. (sebastianwachter)

Other changes:

• Added AbortSignal.any(). (jdbevan)
• Added initial support for form-associated custom elements, in particular making them labelable and supporting the ElementInternals labels property. The form-associated callbacks are not yet supported. (hesxenon)
• Updated whatwg-url, adding support for URL.parse().
• Updated cssstyle and rrweb-cssom, to improve CSS parsing capabilities.
• Updated nwsapi, improving CSS selector matching.
• Updated parse5, fixing a bug around <noframes> elements and HTML entity decoding.
• Fixed JSDOM.fromURL() to properly reject the returned promise if the server redirects to an invalid URL, instead of causing an uncaught exception.

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.