Upgrading Prisma Next to 0.8.0

[calvinbrewer]

Summary by CodeRabbit

Release Notes

• Chores

  • Updated Prisma Next framework and tooling dependencies from 0.6.0-dev.8 to 0.8.0, including SQL runtime, adapters, drivers, PostgreSQL support, contracts, and CLI across all packages and examples.

• Tests

  • Updated test helper context configuration to support runtime scope initialization.

[changeset-bot]

🦋 Changeset detected

Latest commit: f2aca22

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages

Name	Type
@cipherstash/prisma-next	Minor
@cipherstash/prisma-next-example	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Warning

Rate limit exceeded

@calvinbrewer has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 47 minutes and 57 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c77ba161-bd43-4b67-a806-ff63acb6da4a

📥 Commits

Reviewing files that changed from the base of the PR and between e1f8537 and f2aca22.

📒 Files selected for processing (1)

• .changeset/prisma-next-upgrade-to-0-8.md

📝 Walkthrough

Walkthrough

This PR upgrades Prisma Next dependencies from 0.6.0-dev.8 to 0.8.0 across example and package manifests, adapts the cell codec factory to handle pre-encoded string inputs in the new runtime execution pattern, and updates test helpers to set the middleware context scope to 'runtime'.

Changes

Prisma Next 0.8.0 and Runtime Execution

Layer / File(s)	Summary
Dependency version upgrades to 0.8.0 examples/prisma/package.json, packages/prisma-next/package.json	All @prisma-next/* packages in dependencies and devDependencies updated from 0.6.0-dev.8 to 0.8.0.
Cell codec runtime execution adaptation packages/prisma-next/src/execution/cell-codec-factory.ts	CipherstashCellCodec.encode adds an early return for string inputs (pre-encoded by middleware in the 0.8.0 runtime pattern), bypassing envelope and ciphertext checks for that case.
Test context runtime scope updates packages/prisma-next/test/abort.test.ts, packages/prisma-next/test/bulk-encrypt-middleware.test.ts	Test helpers makeMiddlewareCtx and createCtx now set scope: 'runtime' in the returned SqlMiddlewareContext to match the new runtime execution contract.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 A hop, a skip, to 0.8.0,
Dependencies dance in perfect flow,
Codecs now see strings pre-encoded,
Test scopes set to 'runtime', noted,
The stack hops forward, clean and bright! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main change: upgrading Prisma Next to version 0.8.0, which is accurately reflected across all modified files (package.json updates and code adjustments for compatibility).
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch prisma-next-0-8-0

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/prisma-next/src/execution/cell-codec-factory.ts`:
- Around line 144-146: The encode branch in the encode function currently
returns any string value verbatim (checked via `if (typeof value === 'string')
return value;`), which allows raw/malformed strings to bypass envelope safety;
change this to validate that `value` matches the expected composite-literal
shape `eql_v2_encrypted(...)` (use a strict check/regex for the
`eql_v2_encrypted` envelope format) and only return the string if it passes that
validation, otherwise throw or return an error/encode-path fallback so raw
strings cannot be passed through unchecked; update the `encode` function's
`value` handling accordingly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 59209334-1f07-47ea-a29f-e54dc97f6e4e

📥 Commits

Reviewing files that changed from the base of the PR and between 526e4b4 and e1f8537.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (5)

• examples/prisma/package.json
• packages/prisma-next/package.json
• packages/prisma-next/src/execution/cell-codec-factory.ts
• packages/prisma-next/test/abort.test.ts
• packages/prisma-next/test/bulk-encrypt-middleware.test.ts

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Fail closed on raw-string passthrough in encode.

Line 144 currently accepts any string unchanged. That should be constrained to the expected eql_v2_encrypted composite-literal shape; otherwise malformed/raw values can bypass the envelope-path safety checks.

Suggested fix

-    if (typeof value === 'string') {
-      return value;
-    }
+    if (typeof value === 'string') {
+      const trimmed = value.trim();
+      if (!trimmed.startsWith('(') || !trimmed.endsWith(')')) {
+        throw runtimeError(
+          'RUNTIME.ENCODE_FAILED',
+          `cipherstash ${this.descriptor.codecId}: expected middleware-produced eql_v2_encrypted composite literal, got raw string input.`,
+          {
+            codecId: this.descriptor.codecId,
+            reason: 'cipherstash-invalid-wire-literal',
+          },
+        );
+      }
+      return value;
+    }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/prisma-next/src/execution/cell-codec-factory.ts` around lines 144 -
146, The encode branch in the encode function currently returns any string value
verbatim (checked via `if (typeof value === 'string') return value;`), which
allows raw/malformed strings to bypass envelope safety; change this to validate
that `value` matches the expected composite-literal shape
`eql_v2_encrypted(...)` (use a strict check/regex for the `eql_v2_encrypted`
envelope format) and only return the string if it passes that validation,
otherwise throw or return an error/encode-path fallback so raw strings cannot be
passed through unchecked; update the `encode` function's `value` handling
accordingly.