[Snyk] Upgrade: , , drizzle-orm, lucide-react

[stilt0n]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

@libsql/client
from 0.6.2 to 0.10.0 | 6 versions ahead of your current version | 22 days ago
on 2024-08-26
@vercel/remix
from 2.8.1-patch.2 to 2.11.2 | 12 versions ahead of your current version | a month ago
on 2024-08-15
drizzle-orm
from 0.30.10 to 0.33.0 | 97 versions ahead of your current version | a month ago
on 2024-08-08
lucide-react
from 0.373.0 to 0.436.0 | 57 versions ahead of your current version | 23 days ago
on 2024-08-25

Release notes

Package name: @libsql/client

• 0.10.0 - 2024-08-26
  

  0.10.0

• 0.9.0 - 2024-08-09
  

  release 0.9 & update libsql to 0.4

• 0.8.1 - 2024-08-03
  

  0.8.1

• 0.8.0 - 2024-07-30
  

  0.8.0

• 0.8.0-pre.1 - 2024-07-18
  

  0.8.0-pre.1

• 0.7.0 - 2024-06-25
  

  0.7.0

• 0.6.2 - 2024-06-01
  

  0.6.1

from @libsql/client GitHub release notes

Package name: @vercel/remix

• 2.11.2 - 2024-08-15
• 2.11.1 - 2024-08-05
• 2.11.0 - 2024-08-01
• 2.10.3 - 2024-07-23
• 2.10.2 - 2024-07-11
• 2.10.0 - 2024-06-27
• 2.9.2 - 2024-05-10
• 2.9.2-patch.2 - 2024-05-10
• 2.9.2-patch.1 - 2024-05-10
• 2.9.1 - 2024-04-29
• 2.9.0 - 2024-04-23
• 2.8.1 - 2024-03-07
• 2.8.1-patch.2 - 2024-03-15

from @vercel/remix GitHub release notes

Package name: drizzle-orm

• 0.33.0 - 2024-08-08
  

  Breaking changes (for some of postgres.js users)

  Bugs fixed for this breaking change

  • [BUG]: jsonb always inserted as a json string when using postgres-js
  • [BUG]: jsonb type on postgres implement incorrectly

  As we are doing with other drivers, we've changed the behavior of PostgreSQL-JS to pass raw JSON values, the same as you see them in the database. So if you are using the PostgreSQL-JS driver and passing data to Drizzle elsewhere, please check the new behavior of the client after it is passed to Drizzle.

  We will update it to ensure it does not override driver behaviors, but this will be done as a complex task for everything in Drizzle in other releases

  If you were using postgres-js with jsonb fields, you might have seen stringified objects in your database, while drizzle insert and select operations were working as expected.

  You need to convert those fields from strings to actual JSON objects. To do this, you can use the following query to update your database:

  if you are using jsonb:

  update table_name
  set jsonb_column = (jsonb_column #>> '{}')::jsonb;

  if you are using json:

  update table_name
  set json_column = (json_column #>> '{}')::json;

  We've tested it in several cases, and it worked well, but only if all stringified objects are arrays or objects. If you have primitives like strings, numbers, booleans, etc., you can use this query to update all the fields

  if you are using jsonb:

  UPDATE table_name
  SET jsonb_column = CASE
      -- Convert to JSONB if it is a valid JSON object or array
      WHEN jsonb_column #>> '{}' LIKE '{%' OR jsonb_column #>> '{}' LIKE '[%' THEN
          (jsonb_column #>> '{}')::jsonb
      ELSE
          jsonb_column
  END
  WHERE
      jsonb_column IS NOT NULL;

  if you are using json:

  UPDATE table_name
  SET json_column = CASE
      -- Convert to JSON if it is a valid JSON object or array
      WHEN json_column #>> '{}' LIKE '{%' OR json_column #>> '{}' LIKE '[%' THEN
          (json_column #>> '{}')::json
      ELSE
          json_column
  END
  WHERE json_column IS NOT NULL;

  If nothing works for you and you are blocked, please reach out to me @ AndriiSherman. I will try to help you!

  Bug Fixes

  • [BUG]: boolean mode not working with prepared statements (bettersqlite) - thanks @ veloii
  • [BUG]: isTable helper function is not working - thanks @ hajek-raven
  • [BUG]: Documentation is outdated on inArray and notInArray Methods - thanks @ RemiPeruto
• 0.33.0-ff1dcd9 - 2024-09-03
• 0.33.0-f7ddd08 - 2024-08-22
• 0.33.0-f71baf7 - 2024-08-15
• 0.33.0-efd821d - 2024-09-05
• 0.33.0-daeed1e - 2024-09-04
• 0.33.0-d496e6f - 2024-09-06
• 0.33.0-d11d7bb - 2024-09-11
• 0.33.0-cd1f68c - 2024-09-07
• 0.33.0-cd0b1a2 - 2024-09-11
• 0.33.0-c6528ed - 2024-09-09
• 0.33.0-c5d1196 - 2024-09-03
• 0.33.0-bddd952 - 2024-08-16
• 0.33.0-b921e79 - 2024-08-29
• 0.33.0-ad58316 - 2024-09-04
• 0.33.0-ab3b46d - 2024-09-02
• 0.33.0-8db0aa4 - 2024-08-27
• 0.33.0-8cf7a61 - 2024-09-05
• 0.33.0-8948f19 - 2024-08-28
• 0.33.0-8944ef1 - 2024-09-06
• 0.33.0-87d7704 - 2024-08-26
• 0.33.0-86140ad - 2024-09-09
• 0.33.0-807aa5b - 2024-09-02
• 0.33.0-7bea25c - 2024-09-06
• 0.33.0-766f76f - 2024-08-27
• 0.33.0-7469abe - 2024-09-06
• 0.33.0-6fbcf46 - 2024-09-14
• 0.33.0-6386ea9 - 2024-08-14
• 0.33.0-626cc95 - 2024-08-23
• 0.33.0-6205f01 - 2024-08-08
• 0.33.0-5be80aa - 2024-09-02
• 0.33.0-5b9600e - 2024-09-02
• 0.33.0-540bab9 - 2024-09-05
• 0.33.0-50ebd0a - 2024-08-30
• 0.33.0-4c4912d - 2024-08-23
• 0.33.0-417b0fa - 2024-08-27
• 0.33.0-4045fbc - 2024-08-23
• 0.33.0-3e27645 - 2024-09-03
• 0.33.0-3c3ccca - 2024-09-04
• 0.33.0-38d6dab - 2024-08-12
• 0.33.0-30e7661 - 2024-08-26
• 0.33.0-277e6de - 2024-09-06
• 0.33.0-25af8ee - 2024-08-27
• 0.33.0-1a5913a - 2024-08-26
• 0.33.0-1321cf9 - 2024-09-04
• 0.33.0-12ef143 - 2024-08-27
• 0.33.0-0ced1ab - 2024-08-23
• 0.32.2 - 2024-08-05
  
  • Fix AWS Data API type hints bugs in RQB
  • Fix set transactions in MySQL bug - thanks @ roguesherlock
  • Add forwaring dependencies within useLiveQuery, fixes #2651 - thanks @ anstapol
  • Export additional types from SQLite package, like AnySQLiteUpdate - thanks @ veloii
• 0.32.2-df9e596 - 2024-08-07
• 0.32.2-d486e9b - 2024-08-07
• 0.32.2-cd71182 - 2024-08-07
• 0.32.2-6234cbf - 2024-08-06
• 0.32.2-22df170 - 2024-08-07
• 0.32.1 - 2024-07-23
  
  • Fix typings for indexes and allow creating indexes on 3+ columns mixing columns and expressions - thanks @ lbguilherme!
  • Added support for "limit 0" in all dialects - closes #2011 - thanks @ sillvva!
  • Make inArray and notInArray accept empty list, closes #1295 - thanks @ RemiPeruto!
  • fix typo in lt typedoc - thanks @ dalechyn!
  • fix wrong example in README.md - thanks @ 7flash!
• 0.32.1-848e136 - 2024-07-25
• 0.32.1-3d4e79a - 2024-08-01
• 0.32.0 - 2024-07-10
  

  Release notes for drizzle-orm@0.32.0 and drizzle-kit@0.23.0

  It's not mandatory to upgrade both packages, but if you want to use the new features in both queries and migrations, you will need to upgrade both packages

  New Features

  🎉 MySQL $returningId() function

  MySQL itself doesn't have native support for RETURNING after using INSERT. There is only one way to do it for primary keys with autoincrement (or serial) types, where you can access insertId and affectedRows fields. We've prepared an automatic way for you to handle such cases with Drizzle and automatically receive all inserted IDs as separate objects

  import { boolean, int, text, mysqlTable } from 'drizzle-orm/mysql-core';

  const usersTable = mysqlTable('users', {
  id: int('id').primaryKey(),
  name: text('name').notNull(),
  verified: boolean('verified').notNull().default(false),
  });

  const result = await db.insert(usersTable).values([{ name: 'John' }, { name: 'John1' }]).$returningId();
  // ^? { id: number }[]

  Also with Drizzle, you can specify a primary key with $default function that will generate custom primary keys at runtime. We will also return those generated keys for you in the $returningId() call

  import { varchar, text, mysqlTable } from 'drizzle-orm/mysql-core';
  import { createId } from '@ paralleldrive/cuid2';

  const usersTableDefFn = mysqlTable('users_default_fn', {
  customId: varchar('id', { length: 256 }).primaryKey().$defaultFn(createId),
  name: text('name').notNull(),
  });

  const result = await db.insert(usersTableDefFn).values([{ name: 'John' }, { name: 'John1' }]).$returningId();
  // ^? { customId: string }[]

  If there is no primary keys -> type will be {}[] for such queries

  🎉 PostgreSQL Sequences

  You can now specify sequences in Postgres within any schema you need and define all the available properties

  Example

  import { pgSchema, pgSequence } from "drizzle-orm/pg-core";

  // No params specified
  export const customSequence = pgSequence("name");

  // Sequence with params
  export const customSequence = pgSequence("name", {
  startWith: 100,
  maxValue: 10000,
  minValue: 100,
  cycle: true,
  cache: 10,
  increment: 2
  });

  // Sequence in custom schema
  export const customSchema = pgSchema('custom_schema');

  export const customSequence = customSchema.sequence("name");

  🎉 PostgreSQL Identity Columns

  Source: As mentioned, the serial type in Postgres is outdated and should be deprecated. Ideally, you should not use it. Identity columns are the recommended way to specify sequences in your schema, which is why we are introducing the identity columns feature

  Example

  import { pgTable, integer, text } from 'drizzle-orm/pg-core'

  export const ingredients = pgTable("ingredients", {
  id: integer("id").primaryKey().generatedAlwaysAsIdentity({ startWith: 1000 }),
  name: text("name").notNull(),
  description: text("description"),
  });

  You can specify all properties available for sequences in the .generatedAlwaysAsIdentity() function. Additionally, you can specify custom names for these sequences

  PostgreSQL docs reference.

  🎉 PostgreSQL Generated Columns

  You can now specify generated columns on any column supported by PostgreSQL to use with generated columns

  Example with generated column for tsvector

  Note: we will add tsVector column type before latest release

  import { SQL, sql } from "drizzle-orm";
  import { customType, index, integer, pgTable, text } from "drizzle-orm/pg-core";

  const tsVector = customType<{ data: string }>({
  dataType() {
  return "tsvector";
  },
  });

  export const test = pgTable(
  "test",
  {
  id: integer("id").primaryKey().generatedAlwaysAsIdentity(),
  content: text("content"),
  contentSearch: tsVector("content_search", {
  dimensions: 3,
  }).generatedAlwaysAs(
  (): SQL => sqlto_tsvector('english', <span class="pl-s1"><span class="pl-kos">${</span><span class="pl-s1">test</span><span class="pl-kos">.</span><span class="pl-c1">content</span><span class="pl-kos">}</span></span>)
  ),
  },
  (t) => ({
  idx: index("idx_content_search").using("gin", t.contentSearch),
  })
  );

  In case you don't need to reference any columns from your table, you can use just sql template or a string

  export const users = pgTable("users", {
    id: integer("id"),
    name: text("name"),
    generatedName: text("gen_name").generatedAlwaysAs(sql`hello world!`),
    generatedName1: text("gen_name1").generatedAlwaysAs("hello world!"),
  }),

  🎉 MySQL Generated Columns

  You can now specify generated columns on any column supported by MySQL to use with generated columns

  You can specify both stored and virtual options, for more info you can check MySQL docs

  Also MySQL has a few limitation for such columns usage, which is described here

  Drizzle Kit will also have limitations for push command:

  1. You can't change the generated constraint expression and type using push. Drizzle-kit will ignore this change. To make it work, you would need to drop the column, push, and then add a column with a new expression. This was done due to the complex mapping from the database side, where the schema expression will be modified on the database side and, on introspection, we will get a different string. We can't be sure if you changed this expression or if it was changed and formatted by the database. As long as these are generated columns and push is mostly used for prototyping on a local database, it should be fast to drop and create generated columns. Since these columns are generated, all the data will be restored

  2. generate should have no limitations

  Example

  export const users = mysqlTable("users", {
    id: int("id"),
    id2: int("id2"),
    name: text("name"),
    generatedName: text("gen_name").generatedAlwaysAs(
      (): SQL => sql`${schema2.users.name} || 'hello'`,
      { mode: "stored" }
    ),
    generatedName1: text("gen_name1").generatedAlwaysAs(
      (): SQL => sql`${schema2.users.name} || 'hello'`,
      { mode: "virtual" }
    ),
  }),

  In case you don't need to reference any columns from your table, you can use just sql template or a string in .generatedAlwaysAs()

  🎉 SQLite Generated Columns

  You can now specify generated columns on any column supported by SQLite to use with generated columns

  You can specify both stored and virtual options, for more info you can check SQLite docs

  Also SQLite has a few limitation for such columns usage, which is described here

  Drizzle Kit will also have limitations for push and generate command:

  1. You can't change the generated constraint expression with the stored type in an existing table. You would need to delete this table and create it again. This is due to SQLite limitations for such actions. We will handle this case in future releases (it will involve the creation of a new table with data migration).

  2. You can't add a stored generated expression to an existing column for the same reason as above. However, you can add a virtual expression to an existing column.

  3. You can't change a stored generated expression in an existing column for the same reason as above. However, you can change a virtual expression.

  4. You can't change the generated constraint type from virtual to stored for the same reason as above. However, you can change from stored to virtual.

  New Drizzle Kit features

  🎉 Migrations support for all the new orm features

  PostgreSQL sequences, identity columns and generated columns for all dialects

  🎉 New flag --force for drizzle-kit push

  You can auto-accept all data-loss statements using the push command. It's only available in CLI parameters. Make sure you always use it if you are fine with running data-loss statements on your database

  🎉 New migrations flag prefix

  You can now customize migration file prefixes to make the format suitable for your migration tools:

  • index is the default type and will result in 0001_name.sql file names;
  • supabase and timestamp are equal and will result in 20240627123900_name.sql file names;
  • unix will result in unix seconds prefixes 1719481298_name.sql file names;
  • none will omit the prefix completely;

  Example: Supabase migrations format

  import { defineConfig } from "drizzle-kit";

  export default defineConfig({
  dialect: "postgresql",
  migrations: {
  prefix: 'supabase'
  }
  });

  
  


• 
  0.32.0-e7cf338 - 2024-06-25
  


• 
  0.32.0-d0d6436 - 2024-06-27
  


• 
  0.32.0-af7ce99 - 2024-06-17
  


• 
  0.32.0-aaf764c - 2024-07-09
  


• 
  0.32.0-85c8008 - 2024-06-24
  


• 
  0.32.0-857ba54 - 2024-06-11
  


• 
  0.32.0-81cb794 - 2024-06-22
  


• 
  0.32.0-7721c7c - 2024-06-22
  


• 
  0.32.0-7612dda - 2024-07-09
  


• 
  0.32.0-5cc2ae0 - 2024-06-27
  


• 
  0.32.0-4ed01aa - 2024-06-12
  


• 
  0.32.0-0fdaa9e - 2024-06-25
  


• 
  0.32.0-0d48b64 - 2024-06-07
  


• 
  0.32.0-0a6885d - 2024-06-13
  


• 
  0.32.0-55471 - 2024-06-12
  


• 
  0.31.4 - 2024-07-08
  

  • Mark prisma clients package as optional - thanks @ Cherry
• 0.31.3 - 2024-07-08
  

  Bug fixed

  • 🛠️ Fixed RQB behavior for tables with same names in different schemas
  • 🛠️ Fixed [BUG]: Mismatched type hints when using RDS Data API - #2097

  New Prisma-Drizzle extension

  import { PrismaClient } from '@ prisma/client';
  import { drizzle } from 'drizzle-orm/prisma/pg';
  import { User } from './drizzle';

  const prisma = new PrismaClient().$extends(drizzle());
  const users = await prisma.$drizzle.select().from(User);

  For more info, check docs: https://orm.drizzle.team/docs/prisma

• 0.31.3-a90773c - 2024-07-08
• 0.31.2 - 2024-06-07
• 0.31.2-f9f4c2e - 2024-06-09
• 0.31.2-ee089d9 - 2024-07-06
• 0.31.2-c59440c - 2024-06-09
• 0.31.2-bd14b3f - 2024-06-07
• 0.31.2-b59e0a5 - 2024-06-11
• 0.31.2-b59b8f5 - 2024-07-08
• 0.31.2-b1c8d15 - 2024-06-09
• 0.31.2-aaea9bd - 2024-06-27
• 0.31.2-86ec973 - 2024-06-07
• 0.31.2-5b29cb4 - 2024-06-06
• 0.31.1 - 2024-06-04
• 0.31.1-7a4cc2d - 2024-06-04
• 0.31.1-26a7171 - 2024-05-30
• 0.31.0 - 2024-05-31
• 0.31.0-ef463e5 - 2024-05-29
• 0.31.0-e64a96d - 2024-05-22
• 0.31.0-c7963ca - 2024-05-23
• 0.31.0-a70b6ea - 2024-05-25
• 0.31.0-7a05232 - 2024-05-23
• 0.31.0-6df4b83 - 2024-05-29
• 0.31.0-61bc749 - 2024-05-30
• 0.30.10 - 2024-05-01

from drizzle-orm GitHub release notes

Package name: lucide-react

• 0.436.0 - 2024-08-25
  

  Modified Icons 🔨

  • backpack (#2406) by @ jguddas
• 0.435.0 - 2024-08-23
  

  Modified Icons 🔨

  • milestone (#2281) by @ jguddas
  • signpost (#2281) by @ jguddas
• 0.434.0 - 2024-08-23
  

  New icons 🎨

  • volume-off (#2378) by @ karsa-mistmere

  Modified Icons 🔨

  • file-volume (#2378) by @ karsa-mistmere
  • volume-1 (#2378) by @ karsa-mistmere
  • volume-2 (#2378) by @ karsa-mistmere
  • volume-x (#2378) by @ karsa-mistmere
  • volume (#2378) by @ karsa-mistmere
• 0.433.0 - 2024-08-23
  

  New icons 🎨

  • trending-up-down (#2372) by @ Alportan

  Fixes Lucide Solid

  • Fixed compilation issues when starting up Vite Dev server by @ ericfennis in #2375
• 0.432.0 - 2024-08-23
  

  New icons 🎨

  • chart-gantt (#2392) by @ jguddas

  Modified Icons 🔨

  • contact-round (#2391) by @ jguddas
  • contact (#2391) by @ jguddas
• 0.429.0 - 2024-08-21
• 0.428.0 - 2024-08-16
• 0.427.0 - 2024-08-09
• 0.426.0 - 2024-08-08
• 0.425.0 - 2024-08-08
• 0.424.0 - 2024-08-02
• 0.423.0 - 2024-08-02
• 0.422.0 - 2024-08-02
• 0.421.0 - 2024-08-02
• 0.420.0 - 2024-08-02
• 0.419.0 - 2024-08-01
• 0.418.0 - 2024-07-31
• 0.417.0 - 2024-07-28
• 0.416.0 - 2024-07-25
• 0.415.0 - 2024-07-25
• 0.414.0 - 2024-07-22
• 0.413.0 - 2024-07-22
• 0.412.0 - 2024-07-20
• 0.411.0 - 2024-07-19
• 0.410.0 - 2024-07-19
• 0.409.0 - 2024-07-19
• 0.408.0 - 2024-07-12 ...