Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade: , next, tailwind-merge, tailwindcss #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

GabsBaquie
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

@prisma/client
from 5.18.0 to 5.19.0 | 76 versions ahead of your current version | 22 days ago
on 2024-08-27
next
from 14.2.5 to 14.2.7 | 2 versions ahead of your current version | 22 days ago
on 2024-08-27
tailwind-merge
from 2.4.0 to 2.5.2 | 18 versions ahead of your current version | a month ago
on 2024-08-12
tailwindcss
from 3.4.7 to 3.4.10 | 3 versions ahead of your current version | a month ago
on 2024-08-13

Release notes
Package name: @prisma/client
  • 5.19.0 - 2024-08-27

    Today, we are excited to share the 5.19.0 stable release 🎉

    🌟 Help us spread the word about Prisma by starring the repo or posting on X about the release. 🌟

    Highlights

    Introducing TypedSQL

    TypedSQL is a brand new way to interact with your database from Prisma Client. After enabling the typedSql Preview feature, you’re able to write SQL queries in a new sql subdirectory of your prisma directory. These queries are then checked by Prisma during using the new --sql flag of prisma generate and added to your client for use in your code.

    To get started with TypedSQL:

    1. Make sure that you have the latest version of prisma and @ prisma/client installed:

      npm install -D prisma@latest
      npm install @ prisma/client@latest
      
    2. Enable the typedSql Preview feature in your Prisma Schema.

         generator client {
           provider = "prisma-client-js"
           previewFeatures = ["typedSql"]
         }
      
    3. Create a sql subdirectory of your prisma directory.

      mkdir -p prisma/sql
      
    4. You can now add .sql files to the sql directory! Each file can contain one sql query and the name must be a valid JS identifier. For this example, say you had the file getUsersWithPosts.sql with the following contents:

      SELECT u.id, u.name, COUNT(p.id) as "postCount"
      FROM "User" u
      LEFT JOIN "Post" p ON u.id = p."authorId"
      GROUP BY u.id, u.name
    5. Import your SQL query into your code with the @ prisma/client/sql import:

      import { PrismaClient } from '@ prisma/client'
      import { getUsersWithPosts } from '@prisma/client/sql'

      const prisma = new PrismaClient()

      const usersWithPostCounts = await prisma.$queryRawTyped(getUsersWithPosts)
      console.log(usersWithPostCounts)

    There’s a lot more to talk about with TypedSQL. We think that the combination of the high-level Prisma Client API and the low-level TypedSQL will make for a great developer experience for all of our users.

    To learn more about behind the “why” of TypedSQL be sure to check out our announcement blog post.

    For docs, check out our new TypedSQL section.

    Bug fixes

    Driver adapters and D1

    A few issues with our driverAdapters Preview feature and Cloudflare D1 support were resolved via prisma/prisma-engines#4970 and #24922

    • Mathematic operations such as max, min, eq, etc in queries when using Cloudflare D1.
    • Resolved issues when comparing BigInt IDs when relationMode="prisma" was enabled and Cloudflare D1 was being used.

    Joins

    • #23742 fixes Prisma Client not supporting deeply nested some clauses when the relationJoins Preview feature was enabled.

    MongoDB

    The MongoDB driver for Rust (that our query engine users under the hood) had behavior that prioritized IPv4 connections over IPv6 connections. In IPv6-only environments, this could lead to significant "cold starts" where the query engine had to wait for IPv4 to fail before the driver would try IPv6.

    With help from the MongoDB team, this has been resolved. The driver will now try IPv4 and IPv6 connections in parallel and then move forward with the first response. This should prevent cold start issues that have been seen with MongoDB in Prisma Accelerate.

    Thank you to the MongoDB team!

    Join us

    Looking to make an impact on Prisma in a big way? We're now hiring engineers for the ORM team!

    • Senior Engineer (TypeScript): This person will be primarily working on the TypeScript side and evolving our Prisma client. Rust knowledge (or desire to learn Rust) is a plus.
    • Senior Engineer (Rust): This person will be focused on the prisma-engines Rust codebase. TypeScript knowledge (or, again, a desire to learn) is a plus.

    Credits

    Huge thanks to @ mcuelenaere, @ pagewang0, @ Druue, @ key-moon, @ Jolg42, @ pranayat, @ ospfranco, @ yubrot, @ skyzh for helping!

  • 5.19.0-integration-feat-typed-sql.26 - 2024-08-23
  • 5.19.0-integration-feat-typed-sql.25 - 2024-08-23
  • 5.19.0-integration-feat-typed-sql.24 - 2024-08-23
  • 5.19.0-integration-feat-typed-sql.23 - 2024-08-23
  • 5.19.0-integration-feat-typed-sql.22 - 2024-08-23
  • 5.19.0-integration-feat-typed-sql.21 - 2024-08-22
  • 5.19.0-integration-feat-typed-sql.20 - 2024-08-22
  • 5.19.0-integration-feat-typed-sql.19 - 2024-08-22
  • 5.19.0-integration-feat-typed-sql.18 - 2024-08-22
  • 5.19.0-integration-feat-typed-sql.17 - 2024-08-22
  • 5.19.0-integration-feat-typed-sql.16 - 2024-08-22
  • 5.19.0-integration-feat-typed-sql.15 - 2024-08-22
  • 5.19.0-integration-feat-typed-sql.14 - 2024-08-22
  • 5.19.0-integration-feat-typed-sql.13 - 2024-08-21
  • 5.19.0-integration-feat-typed-sql.12 - 2024-08-21
  • 5.19.0-integration-feat-typed-sql.11 - 2024-08-21
  • 5.19.0-integration-feat-typed-sql.10 - 2024-08-21
  • 5.19.0-integration-feat-typed-sql.9 - 2024-08-21
  • 5.19.0-integration-feat-typed-sql.8 - 2024-08-20
  • 5.19.0-integration-feat-typed-sql.7 - 2024-08-20
  • 5.19.0-integration-feat-typed-sql.6 - 2024-08-08
  • 5.19.0-integration-feat-typed-sql.5 - 2024-08-07
  • 5.19.0-integration-feat-typed-sql.4 - 2024-08-07
  • 5.19.0-integration-feat-typed-sql.3 - 2024-08-07
  • 5.19.0-integration-feat-typed-sql.2 - 2024-08-07
  • 5.19.0-integration-feat-typed-sql.1 - 2024-08-07
  • 5.19.0-integration-engines-5-19-0-9-integration-fix-planetscale-transactions-6b0a78a8af3fae4debef82ff443972dff0807722.2 - 2024-08-12
  • 5.19.0-integration-engines-5-19-0-9-integration-fix-planetscale-transactions-6b0a78a8af3fae4debef82ff443972dff0807722.1 - 2024-08-12
  • 5.19.0-integration-engines-5-19-0-32-integration-fix-planetscale-transactions-c83aea2de749622725d37b2125922e2b83ac349c.2 - 2024-08-26
  • 5.19.0-integration-engines-5-19-0-32-integration-fix-planetscale-transactions-c83aea2de749622725d37b2125922e2b83ac349c.1 - 2024-08-26
  • 5.19.0-integration-engines-5-19-0-3-integration-fix-d1-int64-3fe108cb35159b6838b9365ea06876b999e37136.2 - 2024-08-08
  • 5.19.0-integration-engines-5-19-0-3-integration-fix-d1-int64-3fe108cb35159b6838b9365ea06876b999e37136.1 - 2024-08-08
  • 5.19.0-integration-engines-5-19-0-29-integration-build-rs-version-34ac31986ed851ada6e3c142e76db8fdb839a8f0.2 - 2024-08-24
  • 5.19.0-integration-engines-5-19-0-29-integration-build-rs-version-34ac31986ed851ada6e3c142e76db8fdb839a8f0.1 - 2024-08-24
  • 5.19.0-integration-engines-5-19-0-28-integration-enum-mapped-values-ba87944c8b88a1e7b2255a110274d540df6bb831.2 - 2024-08-24
  • 5.19.0-integration-engines-5-19-0-28-integration-enum-mapped-values-ba87944c8b88a1e7b2255a110274d540df6bb831.1 - 2024-08-24
  • 5.19.0-integration-engines-5-19-0-25-feat-typed-sql-nullability-860858bb818708261f36cd05bc915e603aae5004.1 - 2024-08-20
  • 5.19.0-integration-engines-5-19-0-22-integration-mongodb-ipv6-fix-a6fed372778795b60d9899578c11319bc19597ac.2 - 2024-08-20
  • 5.19.0-integration-engines-5-19-0-22-integration-mongodb-ipv6-fix-a6fed372778795b60d9899578c11319bc19597ac.1 - 2024-08-20
  • 5.19.0-integration-engines-5-19-0-21-feat-typed-sql-nullability-e696c9149500a73fbefedf5b0edb3f085ff90515.1 - 2024-08-19
  • 5.19.0-integration-engines-5-19-0-20-integration-mongodb-ipv6-fix-52a7684de6884ddf5b7e91ac5f37254a02a69774.2 - 2024-08-15
  • 5.19.0-integration-engines-5-19-0-20-integration-mongodb-ipv6-fix-52a7684de6884ddf5b7e91ac5f37254a02a69774.1 - 2024-08-15
  • 5.19.0-integration-engines-5-19-0-2-integration-fix-d1-int64-e5ebd17c4a7f6a855bd0d3594e1c593542db3061.2 - 2024-08-07
  • 5.19.0-integration-engines-5-19-0-2-integration-fix-d1-int64-e5ebd17c4a7f6a855bd0d3594e1c593542db3061.1 - 2024-08-07
  • 5.19.0-integration-engines-5-19-0-18-feat-typed-sql-nullability-c4dc3c5083115b65abe4436e4ec6e1c8c2afbecd.1 - 2024-08-14
  • 5.19.0-integration-engines-5-19-0-17-feat-typed-sql-nullability-4b818550ffc9da4e66541525cca08569a58a78e2.1 - 2024-08-14
  • 5.19.0-integration-engines-5-19-0-16-feat-typed-sql-nullability-c79c3569f88658b971ff948a55aff64ff3a4e4bf.1 - 2024-08-14
  • 5.19.0-integration-engines-5-19-0-15-integration-fix-planetscale-transactions-cc0baab23c1961e4f06f2114b9cf252e99ac90f5.2 - 2024-08-14
  • 5.19.0-integration-engines-5-19-0-15-integration-fix-planetscale-transactions-cc0baab23c1961e4f06f2114b9cf252e99ac90f5.1 - 2024-08-14
  • 5.19.0-integration-engines-5-19-0-14-feat-typed-sql-nullability-29abebce25f4e6c26673d18598de307337325b86.1 - 2024-08-13
  • 5.19.0-integration-engines-5-19-0-13-feat-typed-sql-nullability-7d01fb5b13f6e0f51384fe689b7e9ace5a504565.1 - 2024-08-13
  • 5.19.0-integration-engines-5-19-0-11-integration-fix-planetscale-transactions-5154993b5b25464fff0c724fe47c547aa076c73a.2 - 2024-08-12
  • 5.19.0-integration-engines-5-19-0-11-integration-fix-planetscale-transactions-5154993b5b25464fff0c724fe47c547aa076c73a.1 - 2024-08-12
  • 5.19.0-integration-engines-5-19-0-10-integration-fix-planetscale-transactions-630e1df957c8431ec5989ee7188545730681ae49.2 - 2024-08-12
  • 5.19.0-integration-engines-5-19-0-10-integration-fix-planetscale-transactions-630e1df957c8431ec5989ee7188545730681ae49.1 - 2024-08-12
  • 5.19.0-integration-engines-5-19-0-1-integration-fix-d1-int64-61431bbd9716f47de3f303a09ece9b370da04142.2 - 2024-08-06
  • 5.19.0-integration-engines-5-19-0-1-integration-fix-d1-int64-61431bbd9716f47de3f303a09ece9b370da04142.1 - 2024-08-06
  • 5.19.0-dev.18 - 2024-08-26
  • 5.19.0-dev.17 - 2024-08-24
  • 5.19.0-dev.16 - 2024-08-23
  • 5.19.0-dev.15 - 2024-08-23
  • 5.19.0-dev.14 - 2024-08-23
  • 5.19.0-dev.13 - 2024-08-21
  • 5.19.0-dev.12 - 2024-08-20
  • 5.19.0-dev.11 - 2024-08-19
  • 5.19.0-dev.10 - 2024-08-16
  • 5.19.0-dev.9 - 2024-08-16
  • 5.19.0-dev.8 - 2024-08-13
  • 5.19.0-dev.7 - 2024-08-12
  • 5.19.0-dev.6 - 2024-08-12
  • 5.19.0-dev.5 - 2024-08-12
  • 5.19.0-dev.4 - 2024-08-12
  • 5.19.0-dev.3 - 2024-08-09
  • 5.19.0-dev.2 - 2024-08-09
  • 5.19.0-dev.1 - 2024-08-07
  • 5.18.0 - 2024-08-06

    🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

    Highlights

    Native support for UUIDv7

    Previous to this release, the Prisma Schema function uuid() did not accept any arguments and created a UUIDv4 ID. While sufficient in many cases, UUIDv4 has a few drawbacks, namely that it is not temporally sortable.

    UUIDv7 attempts to resolve this issue, making it easy to temporally sort your database rows by ID!

    To support this, we’ve updated the uuid() function in Prisma Schema to accept an optional, integer argument. Right now, the only valid values are 4 and 7, with 4 being the default.

    model User {
    id String @id @default(uuid()) // defaults to 4
    name String
    }

    model User {
    id String @id @default(uuid(4)) // same as above, but explicit
    name String
    }

    model User {
    id String @id @default(uuid(7)) // will use UUIDv7 instead of UUIDv4
    name String
    }

    Bug squashing

    We’ve squashed a number of bugs this release, special thanks to everyone who helped us! A few select highlights are:

    Fixes and improvements

    Prisma

    Language tools (e.g. VS Code)

    Share your feedback about Prisma ORM

    We want to know how you like working with Prisma ORM in your projects! Please take our 2min survey and let us know what you like or where we can improve 🙏

    Credits

    Huge thanks to @ mcuelenaere, @ pagewang0, @ Druue, @ key-moon, @ Jolg42, @ pranayat, @ ospfranco, @ yubrot, @ skyzh, @ haaawk for helping!

from @prisma/client GitHub release notes
Package name: next
  • 14.2.7 - 2024-08-27

    Note

    This release is backporting bug fixes. It does not include all pending features/changes on canary.

    Core Changes

    • Revert "chore: externalize undici for bundling" (#65727)
    • Refactor internal routing headers to use request meta (#66987)
    • fix(next): add cross origin in react dom preload (#67423)
    • build: upgrade edge-runtime (#67565)
    • GTM dataLayer parameter should take an object, not an array of strings (#66339)
    • fix: properly patch lockfile against swc bindings (#66515)
    • Add deployment id header for rsc payload if present (#67255)
    • Update font data (#68639)
    • fix i18n data pathname resolving (#68947)
    • pages router: ensure x-middleware-cache is respected (#67734)
    • Fix bad modRequest in flight entry manifest #68888
    • Reject next image urls in image optimizer #68628
    • Fix hmr assetPrefix escaping and reuse logic from other files #67983

    Credits

    Huge thanks to @ kjugi, @ huozhi, @ ztanner, @ SukkaW, @ marlier, @ Kikobeats, @ syi0808, @ ijjk, and @ samcx for helping!

  • 14.2.6 - 2024-08-21
  • 14.2.5 - 2024-07-10
from next GitHub release notes
Package name: tailwind-merge
  • 2.5.2 - 2024-08-12

    Sorry for all the bugs today!

    Bug Fixes

    Full Changelog: v2.5.1...v2.5.2

    Thanks to @ brandonmcconnell, @ manavm1990, @ langy, @ jamesreaco and @ jamaluddinrumi for sponsoring tailwind-merge! ❤️

  • 2.5.2-dev.a9aa5911cc624d0ddd2ee81bcce00b932a437aea - 2024-08-30
  • 2.5.2-dev.a72f2f474fbba41c9940d3c9737cd3ad431d68da - 2024-08-12
  • 2.5.2-dev.9a68667c3a6710512dedcee4e74cbd60dbe57f38 - 2024-09-02
  • 2.5.2-dev.34753fec69281e1f001a4129b6518b2e589eb28f - 2024-08-18
  • 2.5.2-dev.1bed05d40bc8f053548fb85c40eeaac60e0234ef - 2024-08-18
  • 2.5.2-dev.0c74ac3cababfa706594629e5244995535ca70a1 - 2024-08-18
  • 2.5.1 - 2024-08-12

    Bug Fixes

    • Fix space at beginning of input causing infinite loop by @ dcastil in #457

    Full Changelog: v2.5.0...v2.5.1

    Thanks to @ brandonmcconnell, @ manavm1990, @ langy, @ jamesreaco and @ jamaluddinrumi for sponsoring tailwind-merge! ❤️

  • 2.5.1-dev.c795f4bcf2ef5a80b735db30d20f96b49a14ae57 - 2024-08-12
  • 2.5.1-dev.a9ebe22aaea320d0894ce4255eaffcb6b2d1a649 - 2024-08-12
  • 2.5.1-dev.0f0f53e1b3d930b21560eea24b467e0870854f52 - 2024-08-12
  • 2.5.1-dev.056b2a31bf7d9244aa97cc859e110bdbae6723e5 - 2024-08-12
  • 2.5.0 - 2024-08-11

    New Features

    Bug Fixes

    • Fix bg-opacity arbitrary percentages not being recognized properly by @ dcastil in #451

    Full Changelog: v2.4.0...v2.5.0

    Thanks to @ brandonmcconnell, @ manavm1990, @ langy and @ jamesreaco for sponsoring tailwind-merge! ❤️

  • 2.5.0-dev.bceb688b56d9e901493eb53cbb236c6767b27818 - 2024-08-11
  • 2.5.0-dev.b42e5961db46b205575bf54414d4f00a9ed81c23 - 2024-08-11
  • 2.5.0-dev.80d01a1abb4d048841c8757da10bb9c0e5c441c8 - 2024-08-12
  • 2.5.0-dev.41e589bb317c8203857f9293af64c6c9cbf3ddf7 - 2024-08-12
  • 2.5.0-dev.0ba31f3c3d64f1f4c334d97ec569d6a2ece5c759 - 2024-08-11
  • 2.4.0 - 2024-07-07

    New Features

    • Allow hooking into class parsing logic (experimental) by @ dcastil in #444
      • There is no info to this in the docs because this is experimental, but there is a new experimentalParseClassName property in the config that allows you to customize how tailwind-merge recognizes classes. If you're interested, you can read how to use it in the inline JSDocs and subscribe to #385 for upcoming more powerful low-level functionality.
    • Create security policy by @ dcastil in #439
      • Added documentation on how to report potential vulnerabilities
    • Avoid @ babel/runtime dependency by @ dcastil in #431
      • Now no dependencies in tailwind-merge anymore. This dependency was only used in the tailwind-merge/es5 bundle anyway which I don't optimize for.

    Documentation

    Other

    • Added GitHub Action that adds context-v2 label to every issue, discussion and PR by @ Pritam1211 in #434
    • Replace size-limit action with own metrics-report action by @ dcastil in #433

    Full Changelog: v2.3.0...v2.4.0

    Thanks to @ brandonmcconnell, @ manavm1990, @ langy, @ jamesreaco and @ microsoft for sponsoring tailwind-merge! ❤️

from tailwind-merge GitHub release notes
Package name: tailwindcss
  • 3.4.10 - 2024-08-13

    Fixed

    • Bump versions of plugins in the Standalone CLI (#14185)
  • 3.4.9 - 2024-08-08

    Fixed

    • No longer warns when broad glob patterns are detecting vendor folders
  • 3.4.8 - 2024-08-07

    Fixed

    • Fix minification when using nested CSS (#14105)
    • Warn when broad glob patterns are used in the content configuration (#14140)
  • 3.4.7 - 2024-07-25

    Fixed

    • Fix class detection in Slim templates with attached attributes and ID (#14019)
    • Ensure attribute values in data-* and aria-* modifiers are always quoted in the generated CSS (#14037)
from tailwindcss GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade:
  - @prisma/client from 5.18.0 to 5.19.0.
    See this package in npm: https://www.npmjs.com/package/@prisma/client
  - next from 14.2.5 to 14.2.7.
    See this package in npm: https://www.npmjs.com/package/next
  - tailwind-merge from 2.4.0 to 2.5.2.
    See this package in npm: https://www.npmjs.com/package/tailwind-merge
  - tailwindcss from 3.4.7 to 3.4.10.
    See this package in npm: https://www.npmjs.com/package/tailwindcss

See this project in Snyk:
https://app.snyk.io/org/gabsbaquie/project/da5193b4-a94d-4d89-bf80-9b8e1c23e415?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

vercel bot commented Sep 18, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
nation-sound-front ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 18, 2024 6:27am

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants