ZenStack Release v1.7.1

What's Changed

• Fixed an incorrect access policy injection when updateMany or delegeMany are nested inside update operation in certain cases #961

Full Changelog: v1.7.0...v1.7.1

ZenStack Release v1.7.0

New Features

• VSCode extension and JetBrains plugin now support better auto-completion

  There's auto-completion inside attributes now. It's not perfect, but it should be a pretty big improvement compared to previous versions. Having accurate contextual auto-completion still requires quite some work, and we'll continue improving it down the road. Please let use know your pain points!

What's Changed

• Fixed type generation error for tanstack-query plugin when targeting Svelt #945 by @bbozzay
• Fixed ZModel validation error when using empty array in @default attribute #947 by @chunkerchunker

About V2

While gradually wrapping up the V1 track, we're making some good progressing on experimenting polymorphism in V2 branch. Please stay tuned for updates.

New Contributors

Welcome @bbozzay and @chunkerchunker to becoming warmhearted contributors! Thank you for making ZenStack a better toolkit!

Full Changelog: v1.6.2...v1.7.0

ZenStack Release v1.6.2

What's Changed

• Fixed an issue that transactions may not be properly rolled back due to nesting.
• Marked several APIs deprecated: withPolicy, withPassword, withOmit, withPreset. They'll be removed in V2.

Full Changelog: v1.6.1...v1.6.2

ZenStack Release v1.6.1

What's Changed

• Added support for the new nanoid() attribute function supported by Prisma #923 by @dikyarga
• Policy generation error when auth() is accessed with multi-level member access #921
• Incorrect resolution when references are resolved inside collection predicate expressions #925
• Updated several vulnerable npm dependencies

New Contributors

• Welcome @dikyarga as our new contributor!

Full Changelog: v1.6.0...v1.6.1

ZenStack Release v1.6.0

🎈 Happy New Year 🎈

New Features

• First release of JetBrains plugin! Search for "ZenStack Language Tools" in WebStorm or install it from here #519
• Plugin package for integrating with RedwoodJS docs

Improvements and Fixes

• [openapi] make sure optional fields are generated as nullable types
• [zmodel] fixed crash caused by missing opposite side of relation field when model inheritance is used
• [zmodel] stricter type checking for disallowing comparison between fields of different models #901
• [zod] fields with default values are generated into zod schema with ".default" #886

Full Changelog: v1.5.0...v1.6.0

ZenStack Release v1.5.0

New Features

• You can now specify the location of ZModel file in "package.json" in your project. #878

  {
      ...
      "zenstack": { "schema": "./db/schema.zmodel" }
  }

  The zenstack CLI recognizes this setting and will use it as default if it's set.

• Field-level access policies can be configured to override model-level ones #809 docs

Fixes and Improvements

• Upgraded "prettier" dependency to V3! By @sitch
• [swr] Marked the generated legacy mutation functions as deprecated. New code should use mutation hooks instead.
• [swr/tanstack] Fixed ESLint issue when calling the generated mutation hooks
• [zod] Generated "Create" schemas now require foreign key fields if the relation is non-optional.
• [zod] Fixed exports in "package.json" to make it compatible with Next.js 13+ bundler #861
• [swr] Runtime modules are not compiled to both CJS and ESM
• [cli] Removed --config option from CLI docs since it doesn't do anything today.

Welcome @sitch as our new contributor ❤️!

Full Changelog: v1.4.0...v1.5.0

ZenStack Release v1.4.0

New Features

• SWR plugin now generates mutation as hooks (they were plain async functions in the previous versions) and supports automatic optimistic update docs

  Old mutation usage:

  const { createPost } = useMutatePost();
  async function onCreate() {
      await createPost(...);
  }

  New mutation hooks:

  const { trigger: create, isMutating } = useCreatePost();
  function onCreate() {
      create(...);
  }

• New zenstack format CLI command for formatting ZModel files. Useful for people who are using non-VSCode IDE.

Breaking Changes

• Field-level access policy for "update" and "all" kinds are not allowed on relation fields anymore. It wasn't clear if the rule guards updates to the relation or the entity linked by the relation. To guard the update of a relation, put rules on the foreign key fields instead. I.e., change:

  model Post {
      ...
      author User @relation(fields: [authorId], references: [id]) @allow('update', ...)
      authorId String
  }

  to:

  model Post {
      ...
      author User @relation(fields: [authorId], references: [id])
      authorId String @allow('update', ...)
  }

Fixes and Improvements

• Support for multi-level model inheritance #540
• Zod plugin now generates foreign key fields into the schemas #828
• Stricter type compatibility check to binary operations in policy rules #804
• Cosmetic updates to REPL, and fixed compatibility with pnpm environment #854
• Fixed compatibility with Prisma Client Extensions that add new methods to models #852
• Fixed a query injection problem when a create is nested inside of an update in array form #864
• Fixed tanstack-query plugin's runtime compatibility with tanstack v5
• Fixed the problem that auth() cannot be resolved when User model is marked @@ignore #840

Full Changelog: v1.3.2...v1.4.0

ZenStack Release v1.3.2

What's Changed

• Fixed the issue that enhanced PrismaClient broke the usage of Prisma Client Extensions that add new methods to models.

Full Changelog: v1.3.1...v1.3.2

ZenStack Release v1.3.1

What's Changed

• Adding a utility for converting ZModel AST to source string in the SDK package for easier plugin development.
• Allow CLI to load plugin using a relative path to a JS module.

Full Changelog: v1.3.0...v1.3.1

ZenStack Release v1.3.0

New Features

• The new zenstack repl command. Use it to interactively call PrismaClient methods, with or without ZenStack enhancement. doc.
• [Preview] Automatic optimistic update for tanstack-query hooks. You can now pass a flag to let mutations automatically update related queries optimistically. doc.
• You can use collection predicate with auth() expression now. E.g.: @@allow('update', auth().roles?[permission == ADMIN]). Note that you still need to make sure the user context object you passed to enhance() include all fields (recursively) used in the expression. #803

Improvements and Fixes

• Field-level policy: fixed the issue that when a field only has deny rules, access is rejected even if the rules don't satisfy #811
• Field-level policy: fixed the issue that policies don't cover relations by @tlancina #814
• Field-level policy: entire "update" policy check is postponed to post-update stage if there's any "post-update" rules. #825
• Fixed validation rules for @db.TinyInt attribute by @elsantoalcielo in #821

New Contributors

• Welcome @elsantoalcielo as our new CONTRIBUTOR! Thank you all for making ZenStack a better product ❤️ @tlancina @jasonmacdonald @elsantoalcielo !

Full Changelog: v1.2.2...v1.3.0