chore(deps): bump the minor group across 1 directory with 17 updates

[dependabot]

Bumps the minor group with 17 updates in the / directory:

Package	From	To
@prisma/adapter-pg	7.2.0	7.3.0
@prisma/client	7.2.0	7.3.0
jsonwebtoken	9.0.2	9.0.3
next	16.1.1	16.1.6
nodemailer	7.0.12	7.0.13
@types/nodemailer	6.4.17	7.0.9
react	19.2.3	19.2.4
@types/react	19.2.3	19.2.10
react-dom	19.2.3	19.2.4
sass	1.93.2	1.97.3
sharp	0.34.4	0.34.5
winston	3.18.3	3.19.0
@babel/preset-typescript	7.27.1	7.28.5
eslint-config-next	16.1.1	16.1.6
prisma	7.2.0	7.3.0
ts-jest	29.4.5	29.4.6
tsx	4.20.6	4.21.0

Updates @prisma/adapter-pg from 7.2.0 to 7.3.0

Release notes

Sourced from @​prisma/adapter-pg's releases.

7.3.0

Today, we are excited to share the 7.3.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

ORM

• #28976: Fast and Small Query Compilers We've been working on various performance-related bugs since the initial ORM 7.0 release. With 7.3.0, we're introducing a new compilerBuild option for the client generator block in schema.prisma with two options: fast and small. This allows you to swap the underlying Query Compiler engine based on your selection, one built for speed (with an increase in size), and one built for size (with the trade off for speed). By default, the fast mode is used, but this can be set by the user:

generator client {
  provider = "prisma-client"
  output   = "../src/generated/prisma"
  compilerBuild = "fast" // "fast" | "small"
}

We still have more in progress for performance, but this new compilerBuild option is our first step toward addressing your concerns!

• #29005: Bypass the Query Compiler for Raw Queries Raw queries ($executeRaw, $queryRaw) can now skip going through the query compiler and query interpreter infrastructure. They can be sent directly to the driver adapter, removing additional overhead.

• #28965: Update MSSQL to v12.2.0 This community PR updates the @prisma/adapter-mssql to use MSSQL v12.2.0. Thanks Jay-Lokhande!

• #29001: Pin better-sqlite3 version to avoid SQLite bug An underlying bug in SQLite 3.51.0 has affected the better-sqlite3 adapter. We’ve bumped the version that powers @prisma/better-sqlite3 and have pinned the version to prevent any unexpected issues. If you are using @prisma/better-sqlite3 , please upgrade to v7.3.0.

• #29002: Revert @map enums to v6.19.0 behavior In the initial release of v7.0, we made a change with Mapped Enums where the generated enum would get its value from the value passed to the @map function. This was a breaking change from v6 that caused issues for many users. We have reverted this change for the time being, as many different diverging approaches have emerged from the community discussion.

• prisma-engines#5745: Cast BigInt to text in JSON aggregation When using relationJoins with BigInt fields in Prisma 7, JavaScript's JSON.parse loses precision for integers larger than Number.MAX_SAFE_INTEGER (2^53 - 1). This happens because PostgreSQL's JSONB_BUILD_OBJECT returns BigInt values as JSON numbers, which JavaScript cannot represent precisely.

  // Original BigInt ID: 312590077454712834
  // After JSON.parse: 312590077454712830 (corrupted!)
  

  This PR cast BigInt columns to ::text inside JSONB_BUILD_OBJECT calls, similar to how MONEY is already cast to ::numeric.

  -- Before
  JSONB_BUILD_OBJECT('id', "id")
  -- After
  
  JSONB_BUILD_OBJECT('id', "id"::text)
  
  

... (truncated)

Commits

• See full diff in compare view

Updates @prisma/client from 7.2.0 to 7.3.0

Release notes

Sourced from @​prisma/client's releases.

7.3.0

Today, we are excited to share the 7.3.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

ORM

• #28976: Fast and Small Query Compilers We've been working on various performance-related bugs since the initial ORM 7.0 release. With 7.3.0, we're introducing a new compilerBuild option for the client generator block in schema.prisma with two options: fast and small. This allows you to swap the underlying Query Compiler engine based on your selection, one built for speed (with an increase in size), and one built for size (with the trade off for speed). By default, the fast mode is used, but this can be set by the user:

generator client {
  provider = "prisma-client"
  output   = "../src/generated/prisma"
  compilerBuild = "fast" // "fast" | "small"
}

We still have more in progress for performance, but this new compilerBuild option is our first step toward addressing your concerns!

• #29005: Bypass the Query Compiler for Raw Queries Raw queries ($executeRaw, $queryRaw) can now skip going through the query compiler and query interpreter infrastructure. They can be sent directly to the driver adapter, removing additional overhead.

• #28965: Update MSSQL to v12.2.0 This community PR updates the @prisma/adapter-mssql to use MSSQL v12.2.0. Thanks Jay-Lokhande!

• #29001: Pin better-sqlite3 version to avoid SQLite bug An underlying bug in SQLite 3.51.0 has affected the better-sqlite3 adapter. We’ve bumped the version that powers @prisma/better-sqlite3 and have pinned the version to prevent any unexpected issues. If you are using @prisma/better-sqlite3 , please upgrade to v7.3.0.

• #29002: Revert @map enums to v6.19.0 behavior In the initial release of v7.0, we made a change with Mapped Enums where the generated enum would get its value from the value passed to the @map function. This was a breaking change from v6 that caused issues for many users. We have reverted this change for the time being, as many different diverging approaches have emerged from the community discussion.

• prisma-engines#5745: Cast BigInt to text in JSON aggregation When using relationJoins with BigInt fields in Prisma 7, JavaScript's JSON.parse loses precision for integers larger than Number.MAX_SAFE_INTEGER (2^53 - 1). This happens because PostgreSQL's JSONB_BUILD_OBJECT returns BigInt values as JSON numbers, which JavaScript cannot represent precisely.

  // Original BigInt ID: 312590077454712834
  // After JSON.parse: 312590077454712830 (corrupted!)
  

  This PR cast BigInt columns to ::text inside JSONB_BUILD_OBJECT calls, similar to how MONEY is already cast to ::numeric.

  -- Before
  JSONB_BUILD_OBJECT('id', "id")
  -- After
  JSONB_BUILD_OBJECT('id', "id"::text)
  

... (truncated)

Commits

• b6fd1bd chore(deps): update engines to 7.3.0-16.9d6ad21cbbceab97458517b147a6a09ff43aa...
• 223b6ea chore: make the interpreter reusable (#29016)
• 9d44ecc feat: compile raw queries in the client engine (#29005)
• 272b176 fix: revert "feat(client-generator-ts): [breaking] add support for ma… (#29002)
• c03d384 fix: pin better sqlite for exists bug (#29001)
• 8f69196 chore(deps): update engines to 7.3.0-8.aee8f579c2872ad0cedd6fd7e9070704fdb361...
• 768cd82 fix: fix QC benchmark (#28987)
• fd479fd feat(qc): fast and small build modes (#28976)
• a60094a perf: add query compilation and performance benchmarks (#28954)
• See full diff in compare view

Updates jsonwebtoken from 9.0.2 to 9.0.3

Changelog

Sourced from jsonwebtoken's changelog.

9.0.3 - 2025-12-04

• updates jws version to 4.0.1.

Commits

• ed59e76 chore: bump jws to 4.0.1 (#1007)
• See full diff in compare view

Updates next from 16.1.1 to 16.1.6

Release notes

Sourced from next's releases.

v16.1.6

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade to swc 54 (#88207)
• implement LRU cache with invocation ID scoping for minimal mode response cache (#88509)
• tweak LRU sentinel key (#89123)

Credits

Huge thanks to @​mischnic, @​wyattjoh, and @​ztanner for helping!

v16.1.5

Please refer the following changelogs for more information about this security release:

https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472 https://vercel.com/changelog/summary-of-cve-2026-23864

v16.1.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Only filter next config if experimental flag is enabled (#88733)

Credits

Huge thanks to @​mischnic for helping!

v16.1.3

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix linked list bug in LRU deleteFromLru (#88652)
• Fix relative same host redirects in node middleware (#88253)

Credits

Huge thanks to @​acdlite and @​ijjk for helping!

v16.1.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

... (truncated)

Commits

• adf8c61 v16.1.6
• 098c0c0 [backport][ci] Make gh auth status optional when triggering a release (#89100)
• a43df32 Backport/docs fixes jan 25 16.1.x (#89124)
• d6d5734 tweak LRU sentinel cache key (#89123)
• 4324698 backport: implement LRU cache with invocation ID scoping for minimal mode res...
• 23c4649 [backport] Upgrade to swc 54 (#88207) (#89103)
• acba4a6 v16.1.5
• e1d1fc6 Add maximum size limit for postponed body parsing (#88175)
• 500ec83 fetch(next/image): reduce maximumResponseBody from 300MB to 50MB (#88588)
• 1caaca3 feat(next/image)!: add images.maximumResponseBody config (#88183)
• Additional commits viewable in compare view

Updates nodemailer from 7.0.12 to 7.0.13

Release notes

Sourced from nodemailer's releases.

v7.0.13

7.0.13 (2026-01-27)

Bug Fixes

• downgrade transient connection error logs to warn level (4c041db)

Changelog

Sourced from nodemailer's changelog.

7.0.13 (2026-01-27)

Bug Fixes

• downgrade transient connection error logs to warn level (4c041db)

Commits

• 8931195 chore(master): release 7.0.13 (#1798)
• 9398d63 Bumped deps
• 4c041db fix: downgrade transient connection error logs to warn level
• See full diff in compare view

Updates @types/nodemailer from 6.4.17 to 7.0.9

Commits

• See full diff in compare view

Updates react from 19.2.3 to 19.2.4

Release notes

Sourced from react's releases.

19.2.4 (January 26th, 2026)

React Server Components

• Add more DoS mitigations to Server Actions, and harden Server Components (#35632 by @​gnoff, @​lubieowoce, @​sebmarkbage, @​unstubbable)

Commits

• 90ab3f8 Version 19.2.4
• See full diff in compare view

Updates @types/react from 19.2.3 to 19.2.10

Commits

• See full diff in compare view

Updates react-dom from 19.2.3 to 19.2.4

Release notes

Sourced from react-dom's releases.

19.2.4 (January 26th, 2026)

React Server Components

• Add more DoS mitigations to Server Actions, and harden Server Components (#35632 by @​gnoff, @​lubieowoce, @​sebmarkbage, @​unstubbable)

Commits

• 90ab3f8 Version 19.2.4
• See full diff in compare view

Updates sass from 1.93.2 to 1.97.3

Release notes

Sourced from sass's releases.

Dart Sass 1.97.3

To install Sass 1.97.3, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a bug where nesting an at-rule within multiple style rules in plain CSS could cause outer style rules to be omitted.

See the full changelog for changes in earlier releases.

Dart Sass 1.97.2

To install Sass 1.97.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Additional fixes for implicit configuration when nested imports are involved.

See the full changelog for changes in earlier releases.

Dart Sass 1.97.1

To install Sass 1.97.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a bug with the new CSS-style if() syntax where values would be evaluated even if their conditions didn't match.

See the full changelog for changes in earlier releases.

Dart Sass 1.97.0

To install Sass 1.97.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Add support for the display-p3-linear color space.

See the full changelog for changes in earlier releases.

Dart Sass 1.96.0

To install Sass 1.96.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

... (truncated)

Changelog

Sourced from sass's changelog.

1.97.3

• Fix a bug where nesting an at-rule within multiple style rules in plain CSS could cause outer style rules to be omitted.

1.97.2

• Additional fixes for implicit configuration when nested imports are involved.

1.97.1

• Fix a bug with the new CSS-style if() syntax where values would be evaluated even if their conditions didn't match.

1.97.0

• Add support for the display-p3-linear color space.

1.96.0

• Allow numbers with complex units (more than one numerator unit or more than zero denominator units) to be emitted to CSS. These are now emitted as calc() expressions, which now support complex units in plain CSS.

1.95.1

• No user-visible changes.

1.95.0

• Add support for the CSS-style if() function. In addition to supporting the plain CSS syntax, this also supports a sass() query that takes a Sass expression that evaluates to true or false at preprocessing time depending on whether the Sass value is truthy. If there are no plain-CSS queries, the function will return the first value whose query returns true during preprocessing. For example, if(sass(false): 1; sass(true): 2; else: 3) returns 2.

• The old Sass if() syntax is now deprecated. Users are encouraged to migrate to the new CSS syntax. if($condition, $if-true, $if-false) can be changed to if(sass($condition): $if-true; else: $if-false).

  See the Sass website for details.

• Plain-CSS if() functions are now considered "special numbers", meaning that they can be used in place of arguments to CSS color functions.

• Plain-CSS if() functions and attr() functions are now considered "special

... (truncated)

Commits

• 080eaef Fix at-rules combined with plain CSS nesting (#2725)
• f6f73f8 Bump gts from 6.0.2 to 7.0.0 in /pkg/sass-parser (#2711)
• 0b87dd7 Bump protobuf and protoc_plugin (#2723)
• d12cc7d Fix bug with implicit configuration for nested imports (#2658)
• 340bfd2 Bump actions/download-artifact from 6 to 7 (#2706)
• a795ab3 Bump actions/upload-artifact from 5 to 6 (#2705)
• add7e6f Bump protoc_plugin from 23.0.0 to 24.0.0 (#2696)
• 62ec662 Use pwsh instead of powershell (#2710)
• b2f2532 Don't evaluate if() values if the condition doesn't match (#2707)
• 0c7083a Add support for the display-p3-linear color space (#2703)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for sass since your current version.

Updates sharp from 0.34.4 to 0.34.5

Release notes

Sourced from sharp's releases.

v0.34.5

• Upgrade to libvips v8.17.3 for upstream bug fixes.

• Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

• Support building from source with npm v12+, deprecate --build-from-source flag. #4458

• Add support for BigTIFF output. #4459 @​throwbi

• Improve error messaging when only warnings issued. #4465

• Simplify ICC processing when retaining input profiles. #4468

v0.34.5-rc.1

• Upgrade to libvips v8.17.3 for upstream bug fixes.

• Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

• Support building from source with npm v12+, deprecate --build-from-source flag. #4458

• Add support for BigTIFF output. #4459 @​throwbi

• Improve error messaging when only warnings issued. #4465

• Simplify ICC processing when retaining input profiles. #4468

v0.34.5-rc.0

• Upgrade to libvips v8.17.3 for upstream bug fixes.

• Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

• Support building from source with npm v12+, deprecate --build-from-source flag. #4458

• Add support for BigTIFF output. #4459 @​throwbi

• Improve error messaging when only warnings issued. #4465

... (truncated)

Commits

• e062456 Release v0.34.5
• 6450c70 Prerelease v0.34.5-rc.1
• f7c95d1 TypeScript: consolidate a few enum-like properties
• ef86a75 Prerelease v0.34.5-rc.0
• 6c1e840 Use structured binding for tuples where possible
• e1628d8 Simplify ICC processing when retaining input profiles #4468
• 4f9f817 Linter: apply all recommended biome settings
• 09d5aa8 Docs: update internal and libvips doc links
• 040b73c Upgrade to libvips v8.17.3
• 1f2f33d Ensure licensing headers are retained by code bundlers
• Additional commits viewable in compare view

Updates winston from 3.18.3 to 3.19.0

Release notes

Sourced from winston's releases.

v3.19.0

• Run npm audit fix e7ccdc4
• Don't include jest.config.js in npm package 5a63c8c
• fix: append error cause when using logger.child() (#2467) e74a7ae
• Bump rimraf from 5.0.1 to 5.0.10 (#2517) 8a956fd
• fix: ensure File transport flushes all data before emitting finish (#2594) 86c890f
• Bump actions/setup-node from 4 to 6 (#2589) 3b8be02
• Bump @​babel/core from 7.28.0 to 7.28.5 (#2591) f4c3e2c
• Bump actions/checkout from 4 to 6 (#2593) dd7906e
• chore: migrate test runner from mocha to jest (#2567) 2e9eb18

---

winstonjs/winston@v3.18.3...v3.19.0

Commits

• ed45345 3.19.0
• e7ccdc4 Run npm audit fix
• 5a63c8c Don't include jest.config.js in npm package
• e74a7ae fix: append error cause when using logger.child() (#2467)
• 8a956fd Bump rimraf from 5.0.1 to 5.0.10 (#2517)
• 86c890f fix: ensure File transport flushes all data before emitting finish (#2594)
• 3b8be02 Bump actions/setup-node from 4 to 6 (#2589)
• f4c3e2c Bump @​babel/core from 7.28.0 to 7.28.5 (#2591)
• dd7906e Bump actions/checkout from 4 to 6 (#2593)
• 2e9eb18 chore: migrate test runner from mocha to jest (#2567)
• See full diff in compare view

Updates @babel/preset-typescript from 7.27.1 to 7.28.5

Release notes

Sourced from @​babel/preset-typescript's releases.

v7.28.5 (2025-10-23)

Thank you @​CO0Ki3, @​Olexandr88, and @​youthfulhps for your first PRs!

👓 Spec Compliance

• babel-parser
  • #17446 Allow Runtime Errors for Function Call Assignment Targets (@​liuxingbaoyu)
• babel-helper-validator-identifier
  • #17501 fix: update identifier to unicode 17 (@​fisker)

🐛 Bug Fix

• babel-plugin-proposal-destructuring-private
  • #17534 Allow mixing private destructuring and rest (@​CO0Ki3)
• babel-parser
  • #17521 Improve @babel/parser error typing (@​JLHwung)
  • #17491 fix: improve ts-only declaration parsing (@​JLHwung)
• babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • #17519 fix: rest correctly returns plain array (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • #17503 Fix JSXIdentifier handling in isReferencedIdentifier (@​JLHwung)
• babel-traverse
  • #17504 fix: ensure scope.push register in anonymous fn (@​JLHwung)

🏠 Internal

• babel-types
  • #17494 Type checking babel-types scripts (@​JLHwung)

🏃‍♀️ Performance

• babel-core
  • #17490 Faster finding of locations in buildCodeFrameError (@​liuxingbaoyu)

Committers: 8

• Babel Bot (@​babel-bot)
• Byeongho Yoo (@​youthfulhps)
• Huáng Jùnliàng (@​JLHwung)
• Hyeon Dokko (@​CO0Ki3)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​Olexandr88
• @​liuxingbaoyu
• fisker Cheung (@​fisker)

v7.28.4 (2025-09-05)

Thanks @​gwillen and @​mrginglymus for your first PRs!

🏠 Internal

• babel-core, babel-helper-check-duplicate-nodes, babel-traverse, babel-types
  • #17493 Update Jest to v30.1.1 (@​JLHwung)
• babel-plugin-transform-regenerator
  • #17455 chore: Clean up transform-regenerator (@​liuxingbaoyu)

... (truncated)

Changelog

Sourced from @​babel/preset-typescript's changelog.

Changelog

Tags:

• 💥 [Breaking Change]
• 👓 [Spec Compliance]
• 🚀 [New Feature]
• 🐛 [Bug Fix]
• 📝 [Documentation]
• 🏠 [Internal]
• 💅 [Polish]

Note: Gaps between patch versions are faulty, broken or test releases.

This file contains the changelog starting from v8.0.0-alpha.0.

• See CHANGELOG - v7.15.0 to v7.28.5 for v7.15.0 to v7.28.5 changes (the last common release between the v8 and v7 release lines was v7.28.5).
• See CHANGELOG - v7.0.0 to v7.14.9 for v7.0.0 to v7.14.9 changes.
• See CHANGELOG - v7 prereleases for v7.0.0-alpha.1 to v7.0.0-rc.4 changes.
• See CHANGELOG - v4, CHANGELOG - v5, and CHANGELOG - v6 for v4.x-v6.x changes.
• See CHANGELOG - 6to5 for the pre-4.0.0 version changelog.
• See Babylon's CHANGELOG for the Babylon pre-7.0.0-beta.29 version changelog.
• See babel-eslint's releases for the changelog before @babel/eslint-parser 7.8.0.
• See eslint-plugin-babel's releases for the changelog before @babel/eslint-plugin 7.8.0.

v8.0.0-rc.1 (2026-01-31)

💥 Breaking Change

• Other
  • #17763 Drop support for eslint v7-v8 (@​liuxingbaoyu)
  • #17755 Make eslint-parser/experimental-worker the default (@​liuxingbaoyu)
• babel-register
  • #17762 Remove browser entrypoint for @babel/register (@​nicolo-ribaudo)
• babel-parser, babel-plugin-proposal-partial-application, babel-plugin-syntax-partial-application
  • #17760 [Babel 8]: partial-application plugin requires "version" option (@​JLHwung)
• babel-core, babel-plugin-transform-runtime, babel-register
  • #17756 Use package.json#imports for browser-specific code (@​nicolo-ribaudo)
• babel-build-external-helpers, babel-cli
  • #17746 [Babel 8] Extract babel-build-external-helpers (@​JLHwung)
• babel-traverse
  • #17722 Remove NodePath#visit (@​liuxingbaoyu)
• babel-cli, babel-node
  • #17741 [Babel 8] Disallow excess arguments in babel-external-helpers (@​JLHwung)
• babel-generator, babel-plugin-proposal-pipeline-operator, babel-traverse, babel-types
  • #17732 [Babel 8] Remove smart pipeline support and remove accessor property from Standardized alias (@​JLHwung)
• babel-plugin-transform-object-assign, babel-standalone
  • #17619 [Babel 8] Remove @babel/plugin-transform-object-assign (@​liuxingbaoyu)
• babel-plugin-transform-runtime, babel-preset-env

... (truncated)

Commits

• 61647ae v7.28.5
• 42cb285 Improve @babel/core types (#17404)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​babel/preset-typescript since your current version.

Updates @types/nodemailer from 6.4.17 to 7.0.9

Commits

• See full diff in compare view

Updates @types/react from 19.2.3 to 19.2.10

Commits

• See full diff in compare view

Updates eslint-config-next from 16.1.1 to 16.1.6

Release notes

Sourced from eslint-config-next's releases.

v16.1.6

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade to swc 54 (#88207)
• implement LRU cache with invocation ID scoping for minimal mode response cache (#88509)
• tweak LRU sentinel key (#89123)

Credits

Huge thanks to @​mischnic, @​wyattjoh, and @​ztanner for helping!

v16.1.5

Please refer the following changelogs for more information about this security release:

https://vercel.com/changelog/summaries-of-cve-2025-59471-and-cve-2025-59472 https://vercel.com/changelog/summary-of-cve-2026-23864

v16.1.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Only filter next config if experimental flag is enabled (#88733)

Credits

Huge thanks to @​mischnic for helping!

v16.1.3

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix linked list bug in LRU deleteFromLru (#88652)
• Fix relative same host redirects in node middleware (#88253)

Credits

Huge thanks to @​acdlite and @​ijjk for helping!

v16.1.2

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

... (truncated)

Commits

• adf8c61 v16.1.6
• acba4a6 v16.1.5
• 60de6c2 v16.1.4
• f01cf07 v16.1.3
• cb436b3 v16.1.2
• See full diff in compare view

Updates prisma from 7.2.0 to 7.3.0

Release notes

Sourced from prisma's releases.

7.3.0

Today, we are excited to share the 7.3.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

ORM

• #28976: Fast and Small Query Compilers We've been working on various performance-related bugs since the initial ORM 7.0 release. With 7.3.0, we're introducing a new compilerBuild option for the client generator block in schema.prisma with two options: fast and small. This allows you to swap the underlying Query Compiler engine based on your selection, one built for speed (with an increase in size), and one built for size (with the trade off for speed). By default, the fast mode is used, but this can be set by the user:

generator client {
  provider = "prisma-client"
  output   = "../src/generated/prisma"
  compilerBuild = "fast" // "fast" | "small"
}

We still have more in progress for performance, but this new compilerBuild option is our first step toward addressing your concerns!

• #29005: Bypass the Query Compiler for Raw Queries Raw queries ($executeRaw, $queryRaw) can now skip going through the query compiler and query interpreter infrastructure. They can be sent directly to the driver adapter, removing additional overhead.

• #28965: Update MSSQL to v12.2.0 This community PR updates the @prisma/adapter-mssql to use MSSQL v12.2.0. Thanks Jay-Lokhande!

• #29001: Pin better-sqlite3 version to avoid SQLite bug An underlying bug in SQLite 3.51.0 has affected the better-sqlite3 adapter. We’ve bumped the version that powers @prisma/better-sqlite3 and have pinned the version to prevent any unexpected issues. If you are using @prisma/better-sqlite3 , please upgrade to v7.3.0.

• #29002: Revert @map enums to v6.19.0 behavior In the initial release of v7.0, we made a change with Mapped Enums where the generated enum would get its value from the value passed to the @map function. This was a breaking change from v6 that caused issues for many users. We have reverted this change for the time being, as many different diverging approaches have emerged from the community discussion.

• prisma-engines#5745: Cast BigInt to text in JSON aggregation When using relationJoins with BigInt fields in Prisma 7, JavaScript's JSON.parse loses precision for integers larger than Number.MAX_SAFE_INTEGER (2^53 - 1). This happens because PostgreSQL's JSONB_BUILD_OBJECT returns BigInt values as JSON numbers, which JavaScript cannot represent precisely.

  // Original BigInt ID: 312590077454712834
  // After JSON.parse: 312590077454712830 (corrupted!)
  

  This PR cast BigInt columns to ::text inside JSONB_BUILD_OBJECT calls, similar to how MONEY is already cast to ::numeric.

  -- Before
  JSONB_BUILD_OBJECT('id', "id")
  -- After
  
  JSONB_BUILD_OBJECT('id', "id"::text)
  
  

... (truncated)

Commits

• 32e5614 chore(cli): bump hono and @prisma/dev, resolving hono vulnerability. (#...
• 2a44bb8 chore(cli): bump studio, fixing vitess introspection. (#29045)
• 011b6a6 chore: remove promotions (#29015)
• 90141bb chore(cli): bump studio, add northwind to sandbox. (#28985)
• fd479fd feat(qc): fast and small build modes (#28976)
• See full diff in compare view

Updates ts-jest from 29.4.5 to 29.4.6

Release notes

Sourced from ts-jest's releases.

v29.4.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.6 (2025-12-01)

Bug Fixes

• log hybrid module as warning instead of failing tests (#5144) (528d37c), closes #5130

Commits

• 202bde5 chore(release): 29.4.6 (#5146)
• 528d37c fix: log hybrid module as warning instead of failing tests (#5144)
• 141e5af build(deps): update github/codeql-action digest to 497990d
• d281cce build(deps): update google/osv-scanner-action action to v2.3.0
• 0d20322 build(deps): update dependency memfs to ^4.51.0
• 455dde2 build(deps): update dependency js-yaml to ^4.1.1
• d579480 build(deps): update dependency @​types/node to v20.19.25
• f6859d0 build(deps): update dependency @​types/yargs to ^17.0.35
• 4d7e432 build(deps): update github/codeql-action digest to d3ced5c
• 4ea70c9 build(deps): update actions/checkout digest to 34e1148
• Additional commits viewable in compare view

Updates tsx from 4.20.6 to 4.21.0

Release notes

Sourced from tsx's releases.

v4.21.0

4.21.0 (2025-11-30)

Features

• upgrade esbuild (#748) (048fb62)

---

This release is also available on: