-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(deps): update dependency slonik to v45 #1937
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The code review is centered on a minor version update for the slonik
package in the project's dependencies. While not a massive change, it's important to verify compatibility with the other parts of the codebase that interact with this package.
@@ -25,7 +25,7 @@ | |||
"pg": "^8.11.5", | |||
"pg-hstore": "^2.3.4", | |||
"sequelize": "^6.37.3", | |||
"slonik": "^40.0.0", | |||
"slonik": "^45.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The slonik
package has been upgraded from '^40.0.0' to '^45.0.0'. Please ensure the update doesn't introduce breaking changes that could affect the existing implementation and confirm that there was sufficient testing in place to verify the updated functionality.
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All changes in this diff are related to updating the version of slonik
package from ^40.0.0
to ^45.0.0
in the package.json
file of the /database
package. The change is likely done for newest features, bug fixes or security patches, which is a good practice. Adding or changing a version for any library should not be done lightly. It is always recommended to consult the changelog or documentation to understand what the changes are. Depending on the version update, there might be breaking changes introduced and this needs to be thoroughly tested.
@@ -25,7 +25,7 @@ | |||
"pg": "^8.11.5", | |||
"pg-hstore": "^2.3.4", | |||
"sequelize": "^6.37.3", | |||
"slonik": "^40.0.0", | |||
"slonik": "^45.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You have updated the version of slonik from 40.0.0 to 45.0.0. This is a major version change and might include breaking changes according to semantic versioning principles. While updating dependencies is essential for security and leveraging new features, it is crucial to ensure that this update does not break existing functionality. Please ensure adequate testing is conducted to cover the database operations this package is responsible for.
Here's the code health analysis summary for commits Analysis Summary
|
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/slonik@40.2.6 |
Codecov ReportAll modified and coverable lines are covered by tests ✅
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #1937 +/- ##
=====================================
Coverage 9.74% 9.74%
=====================================
Files 133 133
Lines 9730 9730
Branches 131 141 +10
=====================================
Hits 948 948
Misses 8782 8782
☔ View full report in Codecov by Sentry. |
dca7a43
to
8083cd9
Compare
8083cd9
to
82db26f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 82db26f
@@ -25,7 +25,7 @@ | |||
"pg": "^8.11.5", | |||
"pg-hstore": "^2.3.4", | |||
"sequelize": "^6.37.3", | |||
"slonik": "^40.0.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The version update of slonik is quite significant. Have you checked if there are any breaking changes between version 40.0.0 and 45.0.0? If there are, they could cause unexpected behaviors in our application if not properly addressed.
2545e2b
to
5e40a54
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for 5e40a54
@@ -25,7 +25,7 @@ | |||
"pg": "^8.11.5", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Check the compatibility of the updated Slonik package with the 'pg' package. Minor or patch updates may be needed to ensure compatibility.
6716d43
to
7c9f22c
Compare
7c9f22c
to
b748e64
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodecovAI submitted a new review for b748e64
@@ -25,7 +25,7 @@ | |||
"pg": "^8.11.5", | |||
"pg-hstore": "^2.3.4", | |||
"sequelize": "^6.37.3", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ensure the sequelize package is compatible with the new Slonik version. In case of conflict, update or downgrade to a suitable version.
dc3c0bd
to
4abc84c
Compare
e4a236b
to
234ba30
Compare
234ba30
to
1fa79dd
Compare
|
This PR contains the following updates:
^40.0.0
->^45.0.0
Release Notes
gajus/slonik (slonik)
v45.2.1
Compare Source
Patch Changes
0378001
]:v45.2.0
Compare Source
Patch Changes
v45.1.0
Compare Source
Patch Changes
v45.0.0
Compare Source
Minor Changes
5525659
Thanks @gajus! - * fixes TypeScript error due to clashing "cause" property in Error object (#567)Patch Changes
v44.0.0
Compare Source
Major Changes
96db9f0
Thanks @gajus! - Convert token types to symbols to ensures that SQL tokens cannot be injected from outside of the codebase, e.g. through JSON.Thanks to @alxndrsn for reporting the issue and suggesting patch (#595).
Thanks to @danielrearden for suggesting a viable patch.
Patch Changes
96db9f0
]:v43.0.8
Compare Source
Patch Changes
30f1dc4
Thanks @gajus! - remove exportsUpdated dependencies [
30f1dc4
]:v43.0.7
Compare Source
Patch Changes
dba5be1
Thanks @gajus! - corrects exports; adds more logging about pool stateUpdated dependencies [
dba5be1
]:v43.0.6
Compare Source
Patch Changes
#591
30e89a6
Thanks @gajus! - split driver into a separate package#591
30e89a6
Thanks @gajus! - add slonik-interceptor-query-cache to monorepoUpdated dependencies [
30e89a6
,30e89a6
]:v43.0.5
Compare Source
Patch Changes
d1958fd
Thanks @gajus! - log how long it took to acquire a connectionUpdated dependencies [
d1958fd
]:v43.0.4
Compare Source
Patch Changes
d0d9a82
Thanks @gajus! - use $slonik_ bindingsUpdated dependencies [
d0d9a82
]:v43.0.3
Compare Source
Patch Changes
c9e261d
Thanks @gajus! - log when connection pool is full0f072df
Thanks @gajus! - drop ambiguous SqlFragment memberUpdated dependencies [
0f072df
]:v43.0.2
Compare Source
Patch Changes
a28e8ac
]:v43.0.1
Compare Source
Patch Changes
146a301
Thanks @gajus! - add missing type exportsUpdated dependencies [
146a301
]:v43.0.0
Compare Source
Minor Changes
8c58884
Thanks @gajus! - force version bumpPatch Changes
cb257c5
Thanks @gajus! - correct createSqlTokenSqlFragment exportUpdated dependencies [
cb257c5
,8c58884
]:v42.0.0
Compare Source
Minor Changes
fb83bd9
Thanks @gajus! - force update versionPatch Changes
fb83bd9
]:v41.2.1
Compare Source
v41.2.0
Compare Source
v41.1.0
Compare Source
v41.0.1
Compare Source
The fix is in this commit: gajus/slonik@0e83bc1
It shows how simultaneously releasing and ending the pool could have resulted in termination sequence proceeding without waiting for release sequence to complete. The symptom of this would have been an error that complains about an attempt to use a terminated backend.
Shoutout to @mikeroelens for going above and beyond to chase down the root of the issue and suggest a fix and context that led to replicating the mysterious behavior. 🥳
v41.0.0
Compare Source
New Slonik behavior means that you can no longer accidentally run a non-transaction query inside of a transaction.
If you receive an error
UnexpectedForeignConnectionError
, then you are trying to execute a query using a connection that is not associated with the transaction. This error is thrown to prevent accidental unsafe transaction handling, e.g.In this example, the query is executed using the
connection
that is not associated with the transaction. This is unsafe because the query is not part of the transaction and will not be rolled back if the transaction is aborted.This behavior is achieved using AsyncLocalContext.
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.