Conversation
WalkthroughIntroduces a new Better-Auth + Astro + Prisma example project with complete authentication scaffolding. Concurrently refactors multiple ORM examples to use generated Prisma clients instead of package-distributed clients, updates build tooling from ts-node to tsx, and adds extension/configuration dependencies across projects. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Areas requiring attention:
Possibly related PRs
Pre-merge checks❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 8
🧹 Nitpick comments (14)
orm/betterauth-astro/.gitignore (1)
16-18: Consider adding .env.local for development override flexibility (optional).While the current patterns (.env and .env.production) cover the basics, many modern setups also include
.env.localfor local development overrides that shouldn't be committed. This is optional but may improve developer experience if added in the future.orm/betterauth-astro/package.json (1)
2-2: Update package name to be more descriptive.The package name "better-auth-test" appears to be a test/placeholder name and should be updated to something more appropriate for an example project, such as "betterauth-astro" to match the directory name and purpose.
Apply this diff:
- "name": "better-auth-test", + "name": "betterauth-astro",orm/betterauth-astro/src/lib/prisma.ts (1)
1-7: Consider singleton pattern for development mode.The current implementation may create multiple PrismaClient instances during development (hot reloads), which could exhaust database connections. Consider implementing a singleton pattern.
Apply this diff to add a singleton pattern:
import { PrismaClient } from "../../prisma/generated/client"; -const prisma = new PrismaClient({ - datasourceUrl: import.meta.env.DATABASE_URL, -}); +const globalForPrisma = globalThis as unknown as { + prisma: PrismaClient | undefined; +}; + +const prisma = + globalForPrisma.prisma ?? + new PrismaClient({ + datasourceUrl: import.meta.env.DATABASE_URL, + }); + +if (import.meta.env.MODE !== "production") globalForPrisma.prisma = prisma; export default prisma;orm/betterauth-astro/src/middleware.ts (2)
7-13: Misleading variable name:isAuthedcontains session object, not boolean.The variable
isAuthedsuggests a boolean value, but it actually contains the session object returned byauth.api.getSession(). This can cause confusion.Apply this diff for clarity:
- const isAuthed = await auth.api.getSession({ + const session = await auth.api.getSession({ headers: context.request.headers, }); - if (isAuthed) { - context.locals.user = isAuthed.user; - context.locals.session = isAuthed.session; + if (session) { + context.locals.user = session.user; + context.locals.session = session.session; }
4-15: Consider adding error handling for session retrieval.The middleware does not handle potential errors from
auth.api.getSession(). If the authentication service fails, the error could propagate unhandled and cause the entire request to fail.Consider wrapping the auth call in a try-catch block:
export const onRequest = defineMiddleware(async (context, next) => { context.locals.user = null; context.locals.session = null; try { const session = await auth.api.getSession({ headers: context.request.headers, }); if (session) { context.locals.user = session.user; context.locals.session = session.session; } } catch (error) { // Log error but continue - fail open for better UX console.error('Auth session retrieval failed:', error); } return next(); });orm/betterauth-astro/src/pages/sign-up/index.astro (1)
13-18: Consider adding client-side password validation.The password field has no validation requirements (minimum length, complexity). While server-side validation is critical, client-side hints improve UX.
Consider adding a
minlengthattribute:- <input required type="password" name="password" placeholder="Password" /> + <input required type="password" name="password" placeholder="Password" minlength="8" />.github/tests/orm/betteruth-astro/run.sh (1)
55-56: Redundant npm install.Line 55 runs
npm installagain after it was already run on line 18. This is redundant and slows down the test.Apply this diff:
popd > /dev/null -npm install npx prisma migrate dev --name init --schema prisma/schema.prismaorm/betterauth-astro/src/env.d.ts (1)
10-12: Add missing environment variable types.The
ImportMetaEnvinterface is missing other environment variables that are used in the project, such asBETTER_AUTH_SECRET(mentioned in the README) and potentiallyBETTER_AUTH_URLandTRUSTED_ORIGINS.Apply this diff:
interface ImportMetaEnv { readonly DATABASE_URL: string; + readonly BETTER_AUTH_SECRET: string; + readonly BETTER_AUTH_URL?: string; + readonly TRUSTED_ORIGINS?: string; }orm/betterauth-astro/prisma.config.ts (1)
11-11: Provide a helpful error for missing DATABASE_URL.The non-null assertion (
!) will cause a cryptic error ifDATABASE_URLis not set. Consider providing a more helpful error message.Apply this diff:
+if (!process.env.DATABASE_URL) { + throw new Error( + "DATABASE_URL environment variable is required. " + + "Please check your .env file and ensure DATABASE_URL is set." + ); +} + export default defineConfig({ schema: "prisma/schema.prisma", migrations: { path: "prisma/migrations", }, engine: "classic", datasource: { - url: process.env.DATABASE_URL!, + url: process.env.DATABASE_URL, }, });orm/betterauth-astro/src/pages/sign-in/index.astro (3)
14-15: Add autocomplete attributes for better UX.Email and password fields should include appropriate
autocompleteattributes to help browsers and password managers.Apply this diff:
- <input type="email" name="email" placeholder="Email" required /> - <input required type="password" name="password" placeholder="Password" /> + <input type="email" name="email" placeholder="Email" required autocomplete="email" /> + <input type="password" name="password" placeholder="Password" required autocomplete="current-password" />
36-36: Simplify the error check.
Boolean(tmp.error) === falseis unnecessarily verbose. The condition can be simplified.Apply this diff:
- if (Boolean(tmp.error) === false) { + if (!tmp.error) { window.location.href = '/' } else if (errorElement && tmp.error) {
20-42: Add form disabled state during submission.The form should be disabled during the sign-in process to prevent duplicate submissions and provide better UX.
Apply this diff:
<script> import { authClient } from "../../lib/auth-client" const errorElement = document.getElementById('error-message') + const form = document.getElementById('signin-form') as HTMLFormElement document.getElementById('signin-form')?.addEventListener('submit', async (event) => { event.preventDefault() + const submitButton = form.querySelector('button[type="submit"]') as HTMLButtonElement + submitButton.disabled = true + submitButton.textContent = 'Signing in...' if (errorElement) { errorElement.style.display = 'none' errorElement.textContent = '' } const formData = new FormData(event.target as HTMLFormElement) const email = formData.get('email') as string const password = formData.get('password') as string const tmp = await authClient.signIn.email({ email, password, }) if (!tmp.error) { window.location.href = '/' } else if (errorElement && tmp.error) { errorElement.textContent = tmp.error.message || 'Sign in failed' errorElement.style.display = 'block' + submitButton.disabled = false + submitButton.textContent = 'Sign In' } })orm/betterauth-astro/README.md (1)
94-94: Format the URL as a link.The bare URL should be formatted as a proper markdown link for better rendering.
Apply this diff:
-The server is now running at http://localhost:4321 +The server is now running at <http://localhost:4321>orm/betterauth-astro/src/pages/api/auth/[...all].ts (1)
6-8: Clean delegation pattern; consider adding error handling and observability.The route handler correctly delegates to Better-Auth's handler, which follows the standard integration pattern. The implementation is clean and straightforward.
For production-ready authentication, consider wrapping the handler with error handling and request logging:
export const ALL: APIRoute = async (ctx) => { - return auth.handler(ctx.request); + try { + return await auth.handler(ctx.request); + } catch (error) { + console.error("Auth handler error:", error); + return new Response("Internal Server Error", { status: 500 }); + } };This provides:
- Explicit error handling for unexpected failures
- Error logging for debugging
- Graceful error responses to clients
Note: Better-Auth may already handle errors internally, so verify whether this wrapper is necessary for your use case.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (1)
orm/betterauth-astro/public/favicon.svgis excluded by!**/*.svg
📒 Files selected for processing (18)
.github/tests/orm/betteruth-astro/run.sh(1 hunks)orm/betterauth-astro/.gitignore(1 hunks)orm/betterauth-astro/README.md(1 hunks)orm/betterauth-astro/astro.config.mjs(1 hunks)orm/betterauth-astro/package.json(1 hunks)orm/betterauth-astro/prisma.config.ts(1 hunks)orm/betterauth-astro/prisma/schema.prisma(1 hunks)orm/betterauth-astro/src/env.d.ts(1 hunks)orm/betterauth-astro/src/lib/auth-client.ts(1 hunks)orm/betterauth-astro/src/lib/auth.ts(1 hunks)orm/betterauth-astro/src/lib/prisma.ts(1 hunks)orm/betterauth-astro/src/middleware.ts(1 hunks)orm/betterauth-astro/src/pages/api/auth/[...all].ts(1 hunks)orm/betterauth-astro/src/pages/index.astro(1 hunks)orm/betterauth-astro/src/pages/sign-in/index.astro(1 hunks)orm/betterauth-astro/src/pages/sign-up/index.astro(1 hunks)orm/betterauth-astro/tsconfig.json(1 hunks)orm/betterauth-nextjs/README.md(1 hunks)
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-10-15T13:58:59.096Z
Learnt from: AmanVarshney01
PR: prisma/prisma-examples#8327
File: orm/graphql-auth/prisma/schema.prisma:2-4
Timestamp: 2025-10-15T13:58:59.096Z
Learning: The "prisma-client" generator provider (introduced in Prisma v6) is the newer, ESM-ready alternative to "prisma-client-js". It requires an explicit output path and is better suited for modern runtimes, edge deployments, and will become the default in Prisma v7. Use "prisma-client" for new projects or when modernizing existing projects.
Applied to files:
orm/betterauth-astro/src/lib/prisma.ts
🧬 Code graph analysis (3)
orm/betterauth-astro/src/lib/auth-client.ts (1)
orm/betterauth-nextjs/src/lib/auth-client.ts (1)
createAuthClient(3-3)
orm/betterauth-astro/src/middleware.ts (1)
orm/betterauth-astro/src/lib/auth.ts (1)
auth(5-12)
orm/betterauth-astro/src/pages/api/auth/[...all].ts (1)
orm/betterauth-astro/src/lib/auth.ts (1)
auth(5-12)
🪛 markdownlint-cli2 (0.18.1)
orm/betterauth-astro/README.md
11-11: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
17-17: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
25-25: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
31-31: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
54-54: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
60-60: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
68-68: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
90-90: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
94-94: Bare URL used
(MD034, no-bare-urls)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)
- GitHub Check: test (orm/grpc)
- GitHub Check: test (orm/nest-graphql-sdl-first)
- GitHub Check: test (orm/graphql-sdl-first)
- GitHub Check: test (orm/nuxt)
- GitHub Check: test (orm/solid-start)
🔇 Additional comments (15)
orm/betterauth-astro/.gitignore (1)
1-26: Standard and well-organized .gitignore configuration.The file covers all essential patterns for an Astro + Prisma + Better-Auth stack:
- Build outputs (dist/, .astro/)
- Dependencies (node_modules/)
- Environment files (.env, .env.production)
- IDE and tooling artifacts (.idea/, .DS_Store)
- Prisma generated client (/prisma/generated)
This aligns well with the project setup mentioned in the PR.
orm/betterauth-nextjs/README.md (1)
79-79: LGTM! Documentation alignment with PostgreSQL.The update correctly reflects the PostgreSQL provider in the Better-Auth configuration example, aligning with the Prisma Postgres setup described in the README.
orm/betterauth-astro/tsconfig.json (1)
1-5: LGTM! Standard Astro TypeScript configuration.The configuration correctly extends Astro's strict preset and appropriately includes/excludes directories.
orm/betterauth-astro/package.json (1)
11-21: Dependencies look appropriate.All dependencies and devDependencies are correctly specified with appropriate version constraints for the Astro + Prisma + Better-Auth stack.
orm/betterauth-astro/astro.config.mjs (1)
1-5: LGTM! Minimal and appropriate Astro configuration.The empty configuration object is appropriate for a basic Astro setup with no special requirements. The @ts-check directive provides additional type safety.
orm/betterauth-astro/prisma/schema.prisma (4)
7-10: LGTM! Modern Prisma client generator configuration.The use of "prisma-client" provider with an explicit output path is correct for modern Prisma v6 projects and aligns with best practices for ESM-ready deployments.
Based on learnings.
32-45: Session model looks comprehensive.The Session model appropriately includes security-relevant fields like
ipAddressanduserAgent, and correctly enforces a unique constraint on thetokenfield.
47-64: Account model supports multiple authentication methods.The Account model correctly includes fields for both OAuth providers (accessToken, refreshToken, etc.) and password-based authentication, allowing flexible authentication strategies.
17-30: Now I need to verify if the betterauth-astro directory actually has Better-Auth properly configured:The ID generation strategy is intentionally delegated to Better-Auth.
Better-Auth by default generates unique IDs for users, sessions, and other entities. The Better-Auth CLI automatically adds the necessary authentication models to the schema, and generates schemas with
id String @idwithout an explicit@default()directive. This matches the schema shown in the review comment.The absence of
@default()is not a misconfiguration—it's the standard pattern because Better-Auth allows customization of ID generation via theadvanced.database.generateIdoption, and the default behavior is to have Better-Auth handle ID generation. As long as the Better-Auth adapter is properly initialized with the Prisma client in the auth configuration file, user IDs will be generated automatically at the application layer.orm/betterauth-astro/src/pages/sign-up/index.astro (1)
2-4: LGTM! Correct page configuration.The
prerender = falseexport is correct for this dynamic authentication page, and the redirect for already-authenticated users is appropriate.orm/betterauth-astro/src/lib/auth-client.ts (1)
1-5: LGTM: Clean client abstraction.The module provides a clean abstraction for the auth client with both named exports and a default client instance, following the same pattern as the NextJS example.
.github/tests/orm/betteruth-astro/run.sh (1)
14-14: Fix the directory path typo.The path has a typo:
betteruth-astroshould bebetterauth-astro. This will cause the test script to fail as it won't find the project directory.Apply this diff:
-cd "$REPO_ROOT/orm/betterauth-astro" +cd "$REPO_ROOT/orm/betterauth-astro"Note: The test script file itself is also in the wrong directory:
.github/tests/orm/betteruth-astro/run.shshould be.github/tests/orm/betterauth-astro/run.sh.Likely an incorrect or invalid review comment.
orm/betterauth-astro/src/lib/auth.ts (1)
5-12: Do not apply this suggested configuration; the review comment mischaracterizes Better-Auth requirements.Better-Auth's
baseURLis not strictly mandatory—it falls back to theBETTER_AUTH_URLenvironment variable or attempts to infer the current URL, making the claim that it is "required" inaccurate. While settingbaseURLorBETTER_AUTH_URLexplicitly is recommended in production to avoid issues, it is not a critical blocking requirement as the review suggests.Additionally, the README already documents
trustedOriginsas an optional setting (step 4 shows it as optional for non-standard ports). The environment variables referenced are not documented in the project, but the core premise that these are mandatory production-blocking settings is incorrect.Likely an incorrect or invalid review comment.
orm/betterauth-astro/src/pages/api/auth/[...all].ts (2)
1-2: LGTM!The imports are correct and follow Astro v5 conventions for API routes.
4-4: Correct prerender configuration for Astro API route.The
prerender = falseexport on line 4 is correct. Since the Astro config uses the default output mode ("static"), API routes require this setting to execute dynamically server-side via the adapter. The authentication handler pattern is properly implemented.
There was a problem hiding this comment.
Actionable comments posted: 2
♻️ Duplicate comments (2)
orm/betterauth-astro/README.md (1)
74-74: Fix file reference (server config file).Should be
auth.ts, notauth-client.ts. This was flagged earlier.-3. (Optional) If running on a port other than 4321, add that url to the `trustedOrigins` field in `auth-client.ts` +3. (Optional) If running on a port other than 4321, add that URL to the `trustedOrigins` field in `auth.ts`orm/betterauth-astro/src/pages/index.astro (1)
16-22: Inline ESM needs a module script.
importinside a plain<script>will fail in the browser. Use a module script.Apply:
- <script> + <script type="module"> import { authClient } from '../lib/auth-client' document.getElementById('signOutButton')?.addEventListener('click', async () => { - await authClient.signOut() - window.location.href = '/sign-in' + try { + await authClient.signOut() + window.location.href = '/sign-in' + } catch (error) { + console.error('Sign out failed:', error) + alert('Failed to sign out. Please try again.') + } }) </script>
🧹 Nitpick comments (7)
orm/betterauth-astro/src/pages/index.astro (1)
14-14: Avoid dumping the full user object.Rendering the entire user JSON can expose sensitive fields. Limit to safe fields (e.g., id, email) or remove in prod.
.github/tests/orm/betterauth-astro/run.sh (3)
3-3: Harden shell options.Add
pipefailto catch pipeline failures.-set -eu +set -euo pipefail
30-33: Ensure background processes are cleaned up on errors.Add a trap-based cleanup and make
killsafe.+cleanup() { + if [ -n "${pid:-}" ] && kill -0 "$pid" 2>/dev/null; then kill "$pid" 2>/dev/null || true; fi + if [ -n "${NODE_PID:-}" ] && kill -0 "$NODE_PID" 2>/dev/null; then kill "$NODE_PID" 2>/dev/null || true; fi +} +trap cleanup EXIT INT TERM @@ node index.js >"$LOG_FILE" & NODE_PID=$! @@ -kill "$pid" -echo "🛑 App stopped (PID $pid)" -kill "$NODE_PID" -wait "$NODE_PID" || true +kill "$pid" 2>/dev/null || true +echo "🛑 App stop requested (PID $pid)" +kill "$NODE_PID" 2>/dev/null || true +wait "$NODE_PID" 2>/dev/null || trueAlso applies to: 66-69
55-61: Make readiness checks deterministic and remove redundant install.
- Duplicate
npm install(Line 55) slows CI.- Replace fixed
sleep 15with a bounded readiness loop.-npm install -npx prisma migrate dev --name init --schema prisma/schema.prisma -npm run dev & +npx prisma migrate dev --name init --schema prisma/schema.prisma +npm run dev & pid=$! - -sleep 15 - -# check frontend -curl --fail 'http://localhost:4321/' +MAX_APP_WAIT=60 +WAITED=0 +until curl -sf 'http://localhost:4321/' >/dev/null; do + sleep 1 + WAITED=$((WAITED + 1)) + if [ "$WAITED" -ge "$MAX_APP_WAIT" ]; then + echo "❌ Timeout waiting for app on :4321" + exit 1 + fi +done +echo "✅ App responded on :4321"Also applies to: 62-64
orm/betterauth-astro/src/pages/sign-in/index.astro (1)
15-20: Improve form accessibility.Add labels and proper autocomplete; make error region announce updates.
- <input type="email" name="email" placeholder="Email" required /> - <input required type="password" name="password" placeholder="Password" /> + <label for="email">Email</label> + <input id="email" type="email" name="email" placeholder="Email" required autocomplete="email" /> + <label for="password">Password</label> + <input id="password" required type="password" name="password" placeholder="Password" autocomplete="current-password" /> @@ - <p id="error-message" style="color: red; display: none;"></p> + <p id="error-message" style="color: red; display: none;" aria-live="polite"></p>orm/betterauth-astro/README.md (2)
11-13: Add language identifiers to fenced code blocks.For syntax highlighting and a11y.
-``` +```bash npx try-prisma@latest --template orm/betterauth-astro@@
-+bash
cd betterauth-astro@@ -``` +```bash git clone git@github.com:prisma/prisma-examples.git --depth=1@@
-+bash
cd prisma-examples/orm/betterauth-astro
npm install@@ -``` +```bash npx prisma generate@@
-+bash
npx prisma migrate dev --name init@@ -``` +```bash npx @better-auth/cli@latest secret@@
-+bash
npm run devAlso applies to: 17-19, 25-27, 31-34, 54-56, 60-62, 68-70, 90-92
94-94: Avoid bare URL.Format the local URL as a link.
-The server is now running at http://localhost:4321 +The server is now running at <http://localhost:4321>
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (6)
.github/tests/orm/betterauth-astro/run.sh(1 hunks)orm/betterauth-astro/README.md(1 hunks)orm/betterauth-astro/src/lib/auth.ts(1 hunks)orm/betterauth-astro/src/pages/index.astro(1 hunks)orm/betterauth-astro/src/pages/sign-in/index.astro(1 hunks)orm/betterauth-astro/src/pages/sign-up/index.astro(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (2)
- orm/betterauth-astro/src/lib/auth.ts
- orm/betterauth-astro/src/pages/sign-up/index.astro
🧰 Additional context used
🪛 markdownlint-cli2 (0.18.1)
orm/betterauth-astro/README.md
11-11: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
17-17: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
25-25: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
31-31: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
54-54: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
60-60: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
68-68: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
90-90: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
94-94: Bare URL used
(MD034, no-bare-urls)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (31)
- GitHub Check: test (orm/authjs-nextjs)
- GitHub Check: test (orm/astro)
- GitHub Check: test (orm/ai-sdk-nextjs)
- GitHub Check: test (orm/betterauth-astro)
- GitHub Check: test (orm/express)
- GitHub Check: test (orm/nest)
- GitHub Check: test (orm/hapi-graphql)
- GitHub Check: test (orm/clerk-nextjs)
- GitHub Check: test (orm/fastify)
- GitHub Check: test (orm/fastify-graphql-sdl-first)
- GitHub Check: test (orm/graphql-subscriptions)
- GitHub Check: test (orm/fastify-graphql)
- GitHub Check: test (orm/graphql-sdl-first)
- GitHub Check: test (orm/koa)
- GitHub Check: test (orm/betterauth-nextjs)
- GitHub Check: test (orm/hono)
- GitHub Check: test (orm/hapi-graphql-sdl-first)
- GitHub Check: test (orm/hapi)
- GitHub Check: test (orm/graphql)
- GitHub Check: test (orm/react-router-7)
- GitHub Check: test (orm/grpc)
- GitHub Check: test (orm/nest-graphql-sdl-first)
- GitHub Check: test (orm/graphql-auth)
- GitHub Check: test (orm/nest-graphql)
- GitHub Check: test (orm/nextjs-trpc)
- GitHub Check: test (orm/nextjs-graphql)
- GitHub Check: test (orm/nextjs)
- GitHub Check: test (orm/nuxt)
- GitHub Check: test (orm/solid-start)
- GitHub Check: test (orm/testing-express)
- GitHub Check: test (orm/sveltekit)
🔇 Additional comments (1)
orm/betterauth-astro/src/pages/sign-in/index.astro (1)
11-12: Title present — good.
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
There was a problem hiding this comment.
Actionable comments posted: 7
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
orm/graphql-auth/src/schema.ts (1)
247-256: Bug: User.posts returns a single record for a list field.The GraphQL field is a non-null list, but the resolver uses findFirst and returns a single Post. Switch to findMany.
- t.nonNull.list.nonNull.field('posts', { + t.nonNull.list.nonNull.field('posts', { type: 'Post', resolve: (parent, _, context: Context) => { - return context.prisma.post.findFirst({ - where: { - author: { id: parent.id || undefined }, - }, - }) + return context.prisma.post.findMany({ + where: { authorId: parent.id || undefined }, + }) }, })
🧹 Nitpick comments (11)
orm/nest-graphql-sdl-first/prisma/seed.ts (1)
1-5: Generated client import is good; make seeds resilient to env.
- Add dotenv side‑effect so running seed directly also works.
- Make Accelerate conditional to avoid requiring PRISMA_ACCELERATE_URL.
-import { PrismaClient, Prisma } from './generated/client'; +import 'dotenv/config'; +import { PrismaClient, Prisma } from './generated/client'; import { withAccelerate } from '@prisma/extension-accelerate'; -const prisma = new PrismaClient().$extends(withAccelerate()); +const base = new PrismaClient(); +const prisma = process.env.PRISMA_ACCELERATE_URL + ? base.$extends(withAccelerate()) + : base;Based on learnings.
orm/fastify-graphql/src/context.ts (1)
1-12: Context typing is solid; consider conditional Accelerate and a function context.
- Keep typeof prisma typing. Make Accelerate opt‑in via env.
- Optional: export a context function to attach request data later.
import { PrismaClient } from '../prisma/generated/client' import { withAccelerate } from '@prisma/extension-accelerate' -const prisma = new PrismaClient().$extends(withAccelerate()) +const base = new PrismaClient() +const prisma = process.env.PRISMA_ACCELERATE_URL + ? base.$extends(withAccelerate()) + : base export interface Context { prisma: typeof prisma } -export const context: Context = { - prisma: prisma, -} +export const context: Context = { prisma } +export const buildContext = async (): Promise<Context> => ({ prisma })If you adopt buildContext, wire it in server.ts:
- context: () => context, + context: buildContext,Based on learnings.
orm/graphql/src/db.ts (1)
1-4: Generator config verified correct; Accelerate conditioning is optional improvement.The schema.prisma generator is properly configured with the modern
prisma-clientprovider, output path matches the import path./generated, and engineType is set toclient. The code change is sound.Consider gating Accelerate on the environment variable to prevent local dev failures when PRISMA_ACCELERATE_URL is unavailable:
-import { PrismaClient } from '../prisma/generated/client' -import { withAccelerate } from '@prisma/extension-accelerate' - -export const prisma = new PrismaClient().$extends(withAccelerate()) +import { PrismaClient } from '../prisma/generated/client' +import { withAccelerate } from '@prisma/extension-accelerate' + +const base = new PrismaClient() +export const prisma = process.env.PRISMA_ACCELERATE_URL + ? base.$extends(withAccelerate()) + : baseorm/fastify-graphql/src/server.ts (1)
1-1: Use environment variables for PORT/HOST and add graceful Prisma shutdown.Environment-based configuration (PORT/HOST) follows container/cloud deployment patterns. The graceful shutdown hook ensures database connections close cleanly on process exit.
import 'dotenv/config' import fastify from 'fastify' import mercurius from 'mercurius' import { schema } from './schema' import { context } from './context' const app = fastify() +const port = Number(process.env.PORT) || 4000 +const host = process.env.HOST ?? '0.0.0.0' app.register(mercurius, { schema, graphiql: true, context: () => context, }) +app.addHook('onClose', async () => { + await context.prisma.$disconnect() +}) + -app.listen({ port: 4000 }, (err) => { +app.listen({ port, host }, (err) => { if (err) { console.error(err) process.exit(1) } console.log(`\ - 🚀 Server ready at: http://localhost:4000/graphiql + 🚀 Server ready at: http://${host === '0.0.0.0' ? 'localhost' : host}:${port}/graphiql ⭐️ See sample queries: http://pris.ly/e/ts/graphql-fastify#using-the-graphql-api `) })(Note: The disconnect can use the already-imported
contextdirectly rather than a dynamic import.)orm/fastify-graphql/prisma/seed.ts (1)
1-5: Make seed env‑agnostic with dotenv and conditional Accelerate.Both seed files currently unconditionally apply Accelerate and lack dotenv imports. Since dotenv is already a dependency in both packages, consider making seeds resilient to missing environment variables:
+import 'dotenv/config' import { PrismaClient, Prisma } from './generated/client' import { withAccelerate } from '@prisma/extension-accelerate' -const prisma = new PrismaClient().$extends(withAccelerate()) +const base = new PrismaClient() +const prisma = process.env.PRISMA_ACCELERATE_URL + ? base.$extends(withAccelerate()) + : baseApply to both
orm/fastify-graphql/prisma/seed.tsandorm/nest-graphql-sdl-first/prisma/seed.ts. Seeding is properly wired via prisma.seed in package.json.orm/graphql-subscriptions/src/schema.ts (1)
76-80: Make search case‑insensitive for better UX.Add mode: 'insensitive' to both contains filters so users get matches regardless of casing.
- OR: [ - { title: { contains: args.searchString } }, - { content: { contains: args.searchString } }, - ], + OR: [ + { title: { contains: args.searchString, mode: 'insensitive' } }, + { content: { contains: args.searchString, mode: 'insensitive' } }, + ],orm/hapi-graphql/src/schema.ts (1)
51-55: Prefer case‑insensitive search for title/content.- OR: [ - { title: { contains: args.searchString } }, - { content: { contains: args.searchString } }, - ], + OR: [ + { title: { contains: args.searchString, mode: 'insensitive' } }, + { content: { contains: args.searchString, mode: 'insensitive' } }, + ],orm/graphql-auth/src/schema.ts (2)
69-73: Make feed search case‑insensitive.- OR: [ - { title: { contains: args.searchString } }, - { content: { contains: args.searchString } }, - ], + OR: [ + { title: { contains: args.searchString, mode: 'insensitive' } }, + { content: { contains: args.searchString, mode: 'insensitive' } }, + ],
270-283: Guard against null in Post.author resolver.Avoid throwing if the post isn’t found; the field is nullable.
- return post!.author + return post?.author ?? nullorm/graphql/lib/pothos-prisma-types.ts (1)
5-45: Tighten PrismaTypes Create/Update types for better safety.Use Prisma.UserCreateInput/UpdateInput and Prisma.PostCreateInput/UpdateInput instead of {} to improve type inference across builders.
export default interface PrismaTypes { User: { Name: "User"; Shape: User; Include: Prisma.UserInclude; Select: Prisma.UserSelect; OrderBy: Prisma.UserOrderByWithRelationInput; WhereUnique: Prisma.UserWhereUniqueInput; Where: Prisma.UserWhereInput; - Create: {}; - Update: {}; + Create: Prisma.UserCreateInput; + Update: Prisma.UserUpdateInput; RelationName: "posts"; ListRelations: "posts"; Relations: { posts: { Shape: Post[]; Name: "Post"; Nullable: false; }; }; }; Post: { Name: "Post"; Shape: Post; Include: Prisma.PostInclude; Select: Prisma.PostSelect; OrderBy: Prisma.PostOrderByWithRelationInput; WhereUnique: Prisma.PostWhereUniqueInput; Where: Prisma.PostWhereInput; - Create: {}; - Update: {}; + Create: Prisma.PostCreateInput; + Update: Prisma.PostUpdateInput; RelationName: "author"; ListRelations: never; Relations: { author: { Shape: User | null; Name: "User"; Nullable: true; }; }; }; }If the builder currently imports PrismaTypes as a default type, no additional changes are needed. If it imports a named type, switch to a default type import:
// before: import type { PrismaTypes } from '../lib/pothos-prisma-types' import type PrismaTypes from '../lib/pothos-prisma-types'orm/nextjs-graphql/lib/pothos-prisma-types.ts (1)
46-46: Document pothos type generation requirement in README and/or automation scripts.The
getDatamodel()function is correctly configured to be auto-generated via theprisma-pothos-typesgenerator. However:
- No automatic regeneration: The build process doesn't trigger
prisma generate. Developers must manually run it after schema changes (typically vianpx prisma migrate devornpx prisma generate).- Documentation gap: The README doesn't mention this requirement. Developers unfamiliar with Prisma generators may forget to regenerate, leading to stale types being committed.
Suggestions:
- Add a note to the README explaining that types must be regenerated after schema changes
- Consider adding
prisma generateto aprepareorpostinstallscript to reduce manual steps
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (80)
.github/get-ppg-dev/index.js(1 hunks).github/get-ppg-dev/package.json(1 hunks)orm/fastify-graphql-sdl-first/package.json(1 hunks)orm/fastify-graphql-sdl-first/prisma/schema.prisma(1 hunks)orm/fastify-graphql-sdl-first/prisma/seed.ts(1 hunks)orm/fastify-graphql-sdl-first/src/context.ts(1 hunks)orm/fastify-graphql-sdl-first/src/server.ts(2 hunks)orm/fastify-graphql/package.json(1 hunks)orm/fastify-graphql/prisma/schema.prisma(1 hunks)orm/fastify-graphql/prisma/seed.ts(1 hunks)orm/fastify-graphql/src/context.ts(1 hunks)orm/fastify-graphql/src/schema.ts(3 hunks)orm/fastify-graphql/src/server.ts(1 hunks)orm/graphql-auth/package.json(1 hunks)orm/graphql-auth/prisma/schema.prisma(1 hunks)orm/graphql-auth/prisma/seed.ts(1 hunks)orm/graphql-auth/src/context.ts(1 hunks)orm/graphql-auth/src/schema.ts(2 hunks)orm/graphql-auth/src/server.ts(1 hunks)orm/graphql-nexus/package.json(2 hunks)orm/graphql-nexus/prisma/schema.prisma(1 hunks)orm/graphql-nexus/prisma/seed.ts(1 hunks)orm/graphql-nexus/src/context.ts(1 hunks)orm/graphql-nexus/src/schema.ts(2 hunks)orm/graphql-nexus/src/server.ts(1 hunks)orm/graphql-sdl-first/package.json(1 hunks)orm/graphql-sdl-first/prisma/schema.prisma(1 hunks)orm/graphql-sdl-first/prisma/seed.ts(1 hunks)orm/graphql-sdl-first/src/context.ts(1 hunks)orm/graphql-sdl-first/src/server.ts(1 hunks)orm/graphql-sdl-first/tsconfig.json(1 hunks)orm/graphql-subscriptions/package.json(2 hunks)orm/graphql-subscriptions/prisma/schema.prisma(1 hunks)orm/graphql-subscriptions/prisma/seed.ts(1 hunks)orm/graphql-subscriptions/schema.graphql(1 hunks)orm/graphql-subscriptions/src/context.ts(1 hunks)orm/graphql-subscriptions/src/schema.ts(2 hunks)orm/graphql-subscriptions/src/server.ts(2 hunks)orm/graphql/lib/pothos-prisma-types.ts(1 hunks)orm/graphql/package.json(2 hunks)orm/graphql/prisma/schema.prisma(1 hunks)orm/graphql/prisma/seed.ts(1 hunks)orm/graphql/src/builder.ts(2 hunks)orm/graphql/src/db.ts(1 hunks)orm/graphql/src/schema/post.ts(2 hunks)orm/graphql/src/schema/user.ts(1 hunks)orm/graphql/src/server.ts(1 hunks)orm/graphql/tsconfig.json(1 hunks)orm/hapi-graphql-sdl-first/package.json(1 hunks)orm/hapi-graphql-sdl-first/prisma/schema.prisma(1 hunks)orm/hapi-graphql-sdl-first/prisma/seed.ts(1 hunks)orm/hapi-graphql-sdl-first/src/context.ts(1 hunks)orm/hapi-graphql-sdl-first/src/index.ts(1 hunks)orm/hapi-graphql/package.json(1 hunks)orm/hapi-graphql/prisma/schema.prisma(1 hunks)orm/hapi-graphql/prisma/seed.ts(1 hunks)orm/hapi-graphql/src/context.ts(1 hunks)orm/hapi-graphql/src/schema.ts(2 hunks)orm/hapi-graphql/src/server.ts(1 hunks)orm/nest-graphql-sdl-first/package.json(2 hunks)orm/nest-graphql-sdl-first/prisma/schema.prisma(1 hunks)orm/nest-graphql-sdl-first/prisma/seed.ts(1 hunks)orm/nest-graphql-sdl-first/src/app.module.ts(1 hunks)orm/nest-graphql-sdl-first/src/context.ts(1 hunks)orm/nest-graphql/package.json(2 hunks)orm/nest-graphql/prisma/schema.prisma(1 hunks)orm/nest-graphql/prisma/seed.ts(1 hunks)orm/nest-graphql/src/app.module.ts(2 hunks)orm/nest-graphql/src/prisma.service.ts(1 hunks)orm/nest/package.json(1 hunks)orm/nextjs-graphql/lib/pothos-prisma-types.ts(1 hunks)orm/nextjs-graphql/lib/prisma.ts(1 hunks)orm/nextjs-graphql/next-env.d.ts(1 hunks)orm/nextjs-graphql/package.json(1 hunks)orm/nextjs-graphql/pages/api/graphql.ts(2 hunks)orm/nextjs-graphql/prisma/schema.prisma(2 hunks)orm/nextjs-graphql/prisma/seed.ts(1 hunks)orm/nextjs-trpc/package.json(1 hunks)orm/postgis-express/package.json(1 hunks)orm/testing-express/package.json(1 hunks)
✅ Files skipped from review due to trivial changes (5)
- orm/graphql-sdl-first/prisma/seed.ts
- orm/graphql-subscriptions/schema.graphql
- orm/nextjs-graphql/next-env.d.ts
- orm/graphql/src/schema/post.ts
- orm/graphql-sdl-first/tsconfig.json
🧰 Additional context used
🧠 Learnings (4)
📚 Learning: 2025-08-22T12:12:24.602Z
Learnt from: FGoessler
PR: prisma/prisma-examples#8260
File: generator-prisma-client/nextjs-starter-webpack-turborepo/packages/database/package.json:13-13
Timestamp: 2025-08-22T12:12:24.602Z
Learning: When analyzing changes from package.json seed scripts to "prisma db seed", always verify the actual content of prisma.config.ts rather than relying solely on regex patterns, as the configuration may be properly defined but in a format that doesn't match overly restrictive search patterns.
Applied to files:
orm/graphql-subscriptions/package.jsonorm/nextjs-graphql/prisma/seed.tsorm/graphql-auth/prisma/seed.tsorm/graphql/prisma/seed.tsorm/hapi-graphql-sdl-first/prisma/seed.tsorm/nest-graphql-sdl-first/package.jsonorm/fastify-graphql-sdl-first/package.jsonorm/fastify-graphql/prisma/seed.tsorm/fastify-graphql-sdl-first/prisma/seed.tsorm/hapi-graphql/prisma/seed.tsorm/graphql-auth/package.jsonorm/fastify-graphql/package.jsonorm/hapi-graphql/package.jsonorm/graphql-subscriptions/prisma/seed.tsorm/nest-graphql-sdl-first/prisma/seed.tsorm/graphql-nexus/prisma/seed.tsorm/graphql-nexus/package.jsonorm/nest-graphql/package.jsonorm/graphql/package.jsonorm/nest-graphql/prisma/seed.ts
📚 Learning: 2025-10-15T13:58:59.096Z
Learnt from: AmanVarshney01
PR: prisma/prisma-examples#8327
File: orm/graphql-auth/prisma/schema.prisma:2-4
Timestamp: 2025-10-15T13:58:59.096Z
Learning: The "prisma-client" generator provider (introduced in Prisma v6) is the newer, ESM-ready alternative to "prisma-client-js". It requires an explicit output path and is better suited for modern runtimes, edge deployments, and will become the default in Prisma v7. Use "prisma-client" for new projects or when modernizing existing projects.
Applied to files:
orm/nextjs-graphql/prisma/seed.tsorm/graphql-auth/prisma/seed.tsorm/graphql/prisma/schema.prismaorm/graphql-subscriptions/src/schema.tsorm/graphql-subscriptions/src/context.tsorm/graphql/prisma/seed.tsorm/graphql-sdl-first/src/context.tsorm/hapi-graphql/prisma/schema.prismaorm/graphql-nexus/prisma/schema.prismaorm/fastify-graphql-sdl-first/src/context.tsorm/fastify-graphql/prisma/schema.prismaorm/graphql-auth/src/context.tsorm/hapi-graphql-sdl-first/prisma/seed.tsorm/nest-graphql/prisma/schema.prismaorm/nextjs-graphql/lib/prisma.tsorm/fastify-graphql/src/context.tsorm/graphql/src/db.tsorm/graphql-subscriptions/prisma/schema.prismaorm/fastify-graphql/prisma/seed.tsorm/fastify-graphql/src/schema.tsorm/hapi-graphql-sdl-first/src/context.tsorm/fastify-graphql-sdl-first/prisma/seed.tsorm/hapi-graphql/prisma/seed.tsorm/fastify-graphql-sdl-first/prisma/schema.prismaorm/hapi-graphql/src/schema.tsorm/graphql-sdl-first/prisma/schema.prismaorm/graphql-auth/prisma/schema.prismaorm/graphql-nexus/src/context.tsorm/graphql-subscriptions/prisma/seed.tsorm/graphql-nexus/src/schema.tsorm/nextjs-graphql/prisma/schema.prismaorm/nest-graphql-sdl-first/prisma/schema.prismaorm/nest-graphql-sdl-first/prisma/seed.tsorm/graphql-nexus/prisma/seed.tsorm/graphql-auth/src/schema.tsorm/hapi-graphql-sdl-first/prisma/schema.prismaorm/nest-graphql/prisma/seed.tsorm/hapi-graphql/src/context.ts
📚 Learning: 2025-10-15T13:58:29.130Z
Learnt from: AmanVarshney01
PR: prisma/prisma-examples#8327
File: orm/fastify-graphql/prisma/schema.prisma:2-4
Timestamp: 2025-10-15T13:58:29.130Z
Learning: In Prisma v6.15 and later, `provider = "prisma-client"` is a valid generator configuration value when combined with `engineType = "client"`. This configuration generates a Prisma client without Rust engine binaries, relying on JavaScript driver adapters instead, and is different from the traditional `provider = "prisma-client-js"` configuration.
Applied to files:
orm/graphql/prisma/schema.prismaorm/hapi-graphql/prisma/schema.prismaorm/graphql-nexus/prisma/schema.prismaorm/fastify-graphql/prisma/schema.prismaorm/nest-graphql/prisma/schema.prismaorm/graphql-subscriptions/prisma/schema.prismaorm/fastify-graphql-sdl-first/prisma/schema.prismaorm/graphql-sdl-first/prisma/schema.prismaorm/graphql-auth/prisma/schema.prismaorm/nextjs-graphql/prisma/schema.prismaorm/nest-graphql-sdl-first/prisma/schema.prismaorm/hapi-graphql-sdl-first/prisma/schema.prisma
📚 Learning: 2025-10-15T13:56:01.807Z
Learnt from: AmanVarshney01
PR: prisma/prisma-examples#8327
File: orm/graphql-subscriptions/prisma/schema.prisma:1-5
Timestamp: 2025-10-15T13:56:01.807Z
Learning: In Prisma v6.15 and later, `engineType = "client"` is a valid generator configuration value that generates a Prisma client without Rust engine binaries, relying on JavaScript driver adapters instead (e.g., prisma/adapter-pg). This is useful for edge and serverless deployments.
Applied to files:
orm/graphql/prisma/schema.prismaorm/hapi-graphql/prisma/schema.prismaorm/graphql-nexus/prisma/schema.prismaorm/fastify-graphql/prisma/schema.prismaorm/nest-graphql/prisma/schema.prismaorm/graphql-subscriptions/prisma/schema.prismaorm/fastify-graphql-sdl-first/prisma/schema.prismaorm/graphql-sdl-first/prisma/schema.prismaorm/graphql-auth/prisma/schema.prismaorm/nextjs-graphql/prisma/schema.prismaorm/nest-graphql-sdl-first/prisma/schema.prismaorm/hapi-graphql-sdl-first/prisma/schema.prisma
🧬 Code graph analysis (10)
orm/nextjs-graphql/lib/pothos-prisma-types.ts (1)
orm/graphql/lib/pothos-prisma-types.ts (2)
PrismaTypes(4-45)getDatamodel(46-46)
orm/graphql-subscriptions/src/server.ts (1)
orm/graphql-subscriptions/src/context.ts (1)
context(14-17)
orm/graphql/lib/pothos-prisma-types.ts (1)
orm/nextjs-graphql/lib/pothos-prisma-types.ts (1)
getDatamodel(46-46)
orm/graphql/src/builder.ts (1)
orm/graphql/lib/pothos-prisma-types.ts (1)
getDatamodel(46-46)
orm/graphql-subscriptions/src/schema.ts (2)
orm/nuxt/prisma/seed.js (2)
require(1-1)require(2-2)orm/prisma-mocking-javascript/client.js (1)
require(1-1)
orm/fastify-graphql/src/schema.ts (2)
orm/nuxt/prisma/seed.js (2)
require(1-1)require(2-2)orm/prisma-mocking-javascript/client.js (1)
require(1-1)
orm/hapi-graphql/src/schema.ts (2)
orm/nuxt/prisma/seed.js (2)
require(1-1)require(2-2)orm/prisma-mocking-javascript/client.js (1)
require(1-1)
orm/graphql-nexus/src/schema.ts (2)
orm/nuxt/prisma/seed.js (2)
require(1-1)require(2-2)orm/prisma-mocking-javascript/client.js (1)
require(1-1)
orm/nextjs-graphql/pages/api/graphql.ts (1)
orm/nextjs-graphql/lib/pothos-prisma-types.ts (1)
getDatamodel(46-46)
orm/graphql-auth/src/schema.ts (2)
orm/nuxt/prisma/seed.js (2)
require(1-1)require(2-2)orm/prisma-mocking-javascript/client.js (1)
require(1-1)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (19)
- GitHub Check: test (orm/astro)
- GitHub Check: test (orm/ai-sdk-nextjs)
- GitHub Check: test (orm/authjs-nextjs)
- GitHub Check: test (orm/betterauth-astro)
- GitHub Check: test (orm/betterauth-nextjs)
- GitHub Check: test (orm/graphql)
- GitHub Check: test (orm/graphql-nexus)
- GitHub Check: test (orm/nextjs-trpc)
- GitHub Check: test (orm/hapi)
- GitHub Check: test (orm/clerk-nextjs)
- GitHub Check: test (orm/hapi-graphql)
- GitHub Check: test (orm/nextjs-graphql)
- GitHub Check: test (orm/nest-graphql-sdl-first)
- GitHub Check: test (orm/nest-graphql)
- GitHub Check: test (orm/grpc)
- GitHub Check: test (orm/nextjs)
- GitHub Check: test (orm/nest)
- GitHub Check: test (orm/react-router-7)
- GitHub Check: test (orm/nuxt)
3 participants
Summary by CodeRabbit
New Features
Chores