zenstack

Features and Improvements

• Prisma V5 is supported! #581
• ZModel now supports database views (read-only, updatable views are not supported). #258
• Instead of rejecting the query, enhanced clients now set field to null if a nested optional to-one relation is requested but not readable. #586
• API layer (both RESTful and RPC-style) always use superjson for serialization. More details: RESTful RPC.
• Fixed OpenAPI plugin issue with Bytes type. #573
• Fixed issue with incorrect path generated on Windows environments #582
• Stricter type checking for binary expressions in ZModel #292

Breaking Changes

• The RPC-style API handler now wraps the query result into a "data" field. In addition, there can be a "meta" field in the response body containing serialization metadata. Please find more details here: https://zenstack.dev/docs/reference/server-adapters/api-handlers/rpc.

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-beta.8...v1.0.0-beta.10

Fixes and Improvements

• New option for ExpressJS server adapter to control whether the middleware should send a response or just compute it. Docs. #531
• Fixed invalid Prisma query generated when doing nested update for models with multiple ID fields #552
• Allow to use a custom fetch function when using SWR and TanStack Query hooks #542 #541
• Removed unnecessary peer dependencies to Prisma which caused Zod compilation issues when using pnpm #560
• Add type annotation to generated zod schemas to make tsc happy in pnpm workspace environment
• Add "interactiveTransactions" preview features flag when a low Prisma version (< 4.7.0) is detected #508
• Fixed problem that "_count" selection in find queries are not subject to "read" policy filtering

Breaking Changes

• When connecting two models (with create, update, etc. calls) with implicit many-to-many relationship, previously ZenStack didn't check if the model being connected passes "update" check. This is now tightened up. Please note that this only affects implicit many-to-many relationships.

Thanks @chemitaxis for the continuous contribution! 🙏🏻

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-beta.3...v1.0.0-beta.7

New Features

• [TRPC plugin] Improved typing for the generated routers #409
  The plugin can now generate extra helpers for improve typing of the trpc client side, so calling the CRUD routers now has the same experience as calling Prisma methods. E.g.:

  const post = trpc.post.findFirst({ include: { author: true } });
  

  The code above used to have a static typing of Post, although at runtime the data contains an author field. After applying the typing helper, the result is typed as Post & { author: User }.

  More details here: https://zenstack.dev/docs/reference/plugins/trpc#client-helpers

• [Data Validation] Model-level validation rules #477

  A new model-level attribute @@validate is introduced to express more complex data validation rules. You can use it to write rules that involve multiple fields and combine boolean expressions. A set of validation functions are also added to support various kinds of field validation in a complex rule.

  model Model {
      x Int
      y String
      @@validate(x > 0 && contains(y, 'foo'), 'my custom condition')
  }
  

  Field-level validation attributes (like @email, etc.) are also extended with an optional error message parameter.

  More details here: https://zenstack.dev/docs/reference/zmodel-language#model-level-validation-attributes

• [Zod Plugin] Generates zod schema for models, including validation rules #477

  In previous versions, @core/zod plugin only generated schemas for Prisma's CRUD input. It's got a renovation in this release and now generates three kinds of schemas:

  • models:
    Schemas for models, including flavors for full validation, create, and update. Data validation rules are included.
  • input:
    Schemas for Prisma CRUD method input. This is used by the trpc plugin to validate router input.
  • objects:
    Schemas for objects used by the "input" schemas. You usually don't need to use this.

  By default, the generated zod schemas are reexported through @zenstackhq/runtime/zod and can be directly imported and used.

  Error messages attached to validation rules are now carried over to the generated zod schemas. E.g.: email String @email('must be a valid email') is transformed to z.string().email('must be a valid email').

  Model-level validation rules written with @@validate are also supported and are transformed to z.refine. E.g., @@validate(x > 0 && contains(y, 'foo')) is transformed to z.object({...}).refine((value) => value.x > 0 && value.y?.includes('foo')).

Fixes and Improvements

• Fixed the bug that SWR hooks call into wrong endpoint
• tRPC plugin generated routers now support unchecked input types #499
• Fixed incorrect policy code generation when a single boolean field is used as policy expression #509
• Fixed issue about wrong reference resolution when there're enum fields with the same name #498
• Fixed parser error when true or false are used as declaration name prefix #522
• The REST API handler now returns the total count in the meta section for collection queries by @chemitaxis #527
• Added contribution guide

New Contributors

Welcome @chemitaxis to the contributor family!

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-beta.1...v1.0.0-beta.3

New Features

• Next.js server adapter now supports the new "app directory" routes of V13

Improvements and Fixes

• Support now() function in access policy rules #478
• Added missing parameters to @db.Decimal attribute
• Fixed wrong resource link in rest API handler #469
• Added generateModelActions config options to trpc plugin to control what CRUD actions to generate #460
• Improve error stack trace in proxied prisma methods #384
• Add option to log queries sent to Prisma: logPrismaQuery
• Put fields in base model on the top in generated Prisma schema
• Add prisma generate error output to telemetry for future improvements

Breaking Changes

• Signature change for the "enhancement" APIs (withPresets, withPolicy, withPassword, withOmit): grouped extra parameters into an options bag

New Contributors

• @Azzerty23 made their first contribution in https://github.com/zenstackhq/zenstack/pull/461

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-alpha.119...v1.0.0-beta.1

New Features

• Server API handler for RESTful style API

  Now ZenStack supports two styles of APIs: RPC (mirroring PrismaClient's query APIs) and RESTful (resource-centric API using JSON:API as transportation). When creating a server adapter, you can choose to use one of these handlers (defaults to RPC). Check out the documentation for more details.

  A big ❤️THANK YOU❤️ to @jawadst for initiating this effort and contributing code!

• OpenAPI specification generation for RESTful style API

  Related to the previous feature, the @zenstackhq/openapi plugin is also updated to support RESTful style API.

• Server adapter for SvelteKit

  The @zenstackhq/server/sveltekit module implements a SvelteKit server hook to provide an automatic RPC or RESTful style CRUD API. Check out the sample project here.

• New plugins: @zenstackhq/swr and @zenstackhq/tanstack-query

  These plugins generate client hooks targeting SWR and TanStack Query. The original @zenstackhq/react plugin will be deprecated in the future and replaced by these two new plugins. SWR plugin is for React only, and TanStack Query plugin supports React and Svelte today and will support Vue in the future.

  Sample projects:

  • SWR with Next.js
  • TanStack Query with Next.js
  • TanStack Query with SvelteKit

Fixes And Improvements

• Next.js server adapter is moved to @zenstackhq/server package. The original @zenstackhq/next package will be deprecated soon.
• Upgraded to Langium 1.2.0
• OpenAPI: component schema should be generated even if the model is marked as "@@openapi.ignore" #349
• Don't generate auxiliary fields when a model doesn't have any access policy #415
• ZModel: added supports to directUrl field in datasource declaration. This can be used to provide a separate database connection (usually without pooling) for migration.

Breaking Changes

• Plugin's output path handling is unified to be relative to the location of ZModel file. This wasn't implemented consistently previously. If you had ZModel residing in a non-root folder, you may need to adjust plugin output paths accordingly.

We're aiming to hit Beta for the next release!

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-alpha.114...v1.0.0-alpha.119

What's Changed

• Performance: avoid additional policy-checking db query when policy rules don't involve model fields
• Better VSCode formatting for ZModel files
• Better formatting for the generated schema.prisma file
• Allow more keywords to be used as declaration names #391
• Fixed the problem that zenstack auxiliary fields are not stripped from nested entities #386
• Added missing attribute parameters for "@@index", "@@unique" and "@@id" #390
• Fixed wrong validation error when relation foreign key is marked as "@id" instead of "@unique" #392
• Fixed deprecated import warning from "@prisma/client/runtime" package #312

Special thanks to @he-la, @potion-cellar, and @sidharthv96 for reporting multiple issues!

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-alpha.111...v1.0.0-alpha.114

New features

• Multi-schema file support
• Abstract model support
• Added support for Prisma's "Unsupported" types
• More flexible filter expressions in access policies #364

Improvements

• Better cli reporting of missing/invalid config file (by @potion-cellar)
• CLI execution speed is improved by roughly 30% - 40%
• Improved runtime performance by removing verbose log
• Zod plugin now generates an index.ts to reexport all schema objects #361
• Fixed deprecated cuid dependency
• Fixed zod typing for DateTime field (by @Xemah)
• Test environment cleanup

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-alpha.102...v1.0.0-alpha.110

What's Changed

• Fixed wrongly generated types for the groupBy and count hooks from the @zenstackhq/react plugin
• Fixed CLI checking for plugin setting fields when object syntax is used (reported by @Azzerty23)

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-alpha.99...v1.0.0-alpha.102

What's Changed

• Fixed VSCode extension error triggered by highlighting content when ZModel contains parse errors
• Fixed test environment compatibility with Win32 (by @potion-cellar )
• Added CLI config file support (see here for details)
• Added security scheme support and a few other configurations for @zenstackhq/openapi plugin
• Fixed the issue that VSCode extension reports errors for @@openapi.meta attribute
• Improved @zenstackhq/trpc plugin to wrap Prisma errors into proper trpc errors

Special thanks to @potion-cellar, @Azzerty23, and @jawadst for filing several issues.

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-alpha.98...v1.0.0-alpha.99

What's Changed

• More robust url and payload handling in OpenAPI services (by @potion-cellar)
• Allow to customize OpenAPI specification version (with the "specVersion" option in plugin, defaults to "3.1.0")
• Added support to use @tanstack/react-query as data fetcher for "react" plugin (by @jonathangerbaud)
• zenstack init command now installs ZenStack dependencies with pinned version
• Added zenstack info command to show package versions and available upgrade
• Added the missing count hooks for react hooks generation

New Contributors

• Welcome @potion-cellar and @jonathangerbaud to become our contributors. Thank you for your thoughtful ideas and code!

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-alpha.87...v1.0.0-alpha.98

What's Changed

• Support for implicit many-to-many relations
• Added attribute functions for filtering on fields in policy expressions: contains, search, startsWith, endsWith, has, hasSome, isEmpty. You can use these functions to write more flexible policy rules, e.g.:

  model Post {
    id String @id
    title String
    @@allow('update', startsWith(title, '[DRAFT]'))
  }
  

  See detailed documentation here: https://zenstack.dev/docs/reference/zmodel-language#predefined-attribute-functions.
• Improved consistency in handling undefined and null values in auth() object

Full Changelog: https://github.com/zenstackhq/zenstack/compare/v1.0.0-alpha.85...v1.0.0-alpha.87

What's Changed

• Upgraded langium dependency (old version results in a StackOverflow error)
• Added support for Prisma's @@ignore and @ignore attributes
• VSCode: improved support for @relation field generation

What's Changed

• Server adapter for Express.js
• More plugin options for @zenstackhq/openapi plugin

Potential Breaking Changes

• Prisma relation-related mutations: connect, connectOrCreate, and update now trigger the validation of "update" policy on the relation owner side (since such operations update foreign keys). It wasn't enforced in the previous releases. You may need to adjust access policies accordingly.

E.g.:

model User {
  ...
  posts Post[]
}

model Post {
  ...
  author User? @relation(fields: [authorId], references: [id])
  authorId String?

db.user.create({
  data: {
    posts: { connect: { id: 'post1' } }
  }
});

The above code may fail if Post model is not updatable by the current user.

What's Changed

• New OpenAPI plugin for generating OpenAPI V3 specification from zmodel! You can use it to generate a YAML/JSON spec and load it up into tools like swagger-ui. Check here for an example.
• Adapter for integrating with Fastify: automatic OpenAPI services for CRUD.
• Fix: make sure zod schemas are lazily loaded to avoid circular dependency issues.

Under the hood, this release includes a unified OpenAPI layer for handling CRUD operations, which is used by the new fastify adapter and will also be the foundation for other upcoming new server-side adapters.

What's Changed

• Added @@schema attribute for supporting "multi-schema setup"
• Fixed code generation issue in monorepo environment
• Fixed package manager detection issue in monorepro environment

Thanks to @digoburigo for reporting the multi-schema issue.
Thanks to @keanugrieves for reporting mono-repro problems.

What's Changed

• Added support for Prisma type modifier attributes, like @db.Text, @db.Date etc. #236
• Added support for multi-field @@id #238
• Added support for self-relations #237
• Added two attributes that passthrough text to Prisma schema as attributes: @prisma.passthrough, @@prisma.passthrough

What's Changed

• Fixed missing string quote for functional calls inside of attribute #234
• Fixed the problem that enum field can't be used as relation foreign key #233
• Allow DateTime field to use ISO datetime string as @default #232

What's Changed

• Fixed regression in @zenstackhq/react hooks generator: now when a mutation succeeds but the result can't be read back, hook returns undefined instead of throwing an error
• Similarly, @zenstackhq/trpc generated routers return undefined when result can't be read back
• Cleaned up unnecessary peer dependencies in @zenstackhq/runtime
• When running zenstack init, install Prisma if not found #219
• VSCode: don't show validation errors when there're syntax errors #221
• Allow both "PUT" and "PATCH" HTTP verbs for "update" and "updateMany"
• Fixed support for using empty array as default field value
• Carry over @@map and @map attributes from zmodel to prisma schema

Please upgrade your VSCode extension too (v1.0.7).

What's Changed

• fixed incorrect HTTP method for react hooks generated for "upsert" action
• relation filters, both for *-to-many filter (some/none/every) and *-to-one filter (is/isNot), now recognize access policies
• fixed bugs around policy evaluation for nested update/delete for to-one relations
• next.js integration now supports setting a custom logger

What's Changed

• Pinned "langium" dependency version due to an issue in its latest release