Prisma Next

v0.12.0 Breaking

This release includes 10 breaking changes for platform teams planning a safe upgrade.

Published 1d CLI & Terminal

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

loggy-core loggy-terminal

Affected surfaces

breaking_upgrade deps

ReleasePort's take

Light signal

editorial:auto 1d

ReleasePort Layer 1 v0.12.0 raises minimum supported runtimes (Node.js ≥24, TypeScript ≥5.9) and updates PostgreSQL‑related contract defaults.

Why it matters: Deployments must meet the new version floors; failing to upgrade Node.js or TypeScript before migration will cause build failures.

Summary

AI summary

Updates Breaking changes, New contributors, and cols across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Breaking
Breaking	High	Supported-version floors raised: Node.js >=24, TypeScript >=5.9, PostgreSQL 17, MongoDB 8.0. Supported-version floors raised: Node.js >=24, TypeScript >=5.9, PostgreSQL 17, MongoDB 8.0. Source: llm_adapter@2026-06-02 Confidence: high	—
Breaking	High	Un-namespaced Postgres models now default to `public` namespace instead of `__unbound__`.` Un-namespaced Postgres models now default to `public` namespace instead of `__unbound__`.` Source: llm_adapter@2026-06-02 Confidence: high	—
Breaking	High	Cross‑namespace references now use explicit `{ namespace, model }` pairs instead of bare strings. Cross‑namespace references now use explicit `{ namespace, model }` pairs instead of bare strings. Source: llm_adapter@2026-06-02 Confidence: high	—
Breaking	High	`capabilities` field removed from `defineContract` API. `capabilities` field removed from `defineContract` API. Source: llm_adapter@2026-06-02 Confidence: high	—
Breaking	High	`verifyMarker` replaces `verify`/`RuntimeVerifyOptions`; old options removed. `verifyMarker` replaces `verify`/`RuntimeVerifyOptions`; old options removed. Source: llm_adapter@2026-06-02 Confidence: high	—
Breaking	High	Migration manifest closed; `labels` and `hints` fields removed. Migration manifest closed; `labels` and `hints` fields removed. Source: llm_adapter@2026-06-02 Confidence: high	—
Breaking	Medium	Models and value objects moved to namespaced domain plane (`contract.domain.namespaces.<ns>`). Models and value objects moved to namespaced domain plane (`contract.domain.namespaces.<ns>`). Source: granite4.1:30b@2026-06-02-audit Confidence: low	—
Feature	Medium	Added `rawSql` for raw SQL in typed query builder (Postgres and SQLite). Added `rawSql` for raw SQL in typed query builder (Postgres and SQLite). Source: llm_adapter@2026-06-02 Confidence: high	—
Feature	Medium	`prisma-next contract emit` now supports `outputPath` option to customize emission location. `prisma-next contract emit` now supports `outputPath` option to customize emission location. Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix	Medium	MongoDB optional fields that are `undefined` are now omitted when deserializing `createIndex`. MongoDB optional fields that are `undefined` are now omitted when deserializing `createIndex`. Source: llm_adapter@2026-06-02 Confidence: high	—
Bugfix	Medium	Foreign‑key referential actions (`onDelete`/`onUpdate`) are now preserved in the schema IR. Foreign‑key referential actions (`onDelete`/`onUpdate`) are now preserved in the schema IR. Source: llm_adapter@2026-06-02 Confidence: high	—

Full changelog

v0.12.0

Namespaces become first-class: un-namespaced Postgres models now live in public, the application plane is symmetric with storage, and every cross-namespace reference is explicit. This release also ratifies a version-support policy (Node 24+), simplifies runtime marker verification, closes MongoDB validators by default, and adds raw SQL to the typed builder. Several contract-shape changes require a one-time re-emit — most are mechanical and covered by the linked upgrade recipes.

Breaking changes

Supported-version floors raised — the supported floor for each dependency is now the latest GA release we test against: Node.js >=24 (declared in every package's engines), TypeScript >=5.9, PostgreSQL 17, and MongoDB 8.0. Bump your runtime and toolchain to meet these floors before upgrading. (#659)
Un-namespaced Postgres models default to public — models without an explicit namespace now emit under the public namespace instead of the __unbound__ sentinel (postgres-unbound-schema → postgres-schema); explicit namespace unbound { … } still round-trips to __unbound__. Re-emit your contract so contract.json / contract.d.ts pick up the new namespace key. See the 0.11→0.12 upgrade recipe. (#662)

Before (emitted contract.json):
```
"storage": {
  "namespaces": {
    "__unbound__": { "id": "__unbound__", "kind": "postgres-unbound-schema" }
  }
}
```
After:
```
"storage": {
  "namespaces": {
    "public": { "id": "public", "kind": "postgres-schema" }
  }
}
```
Symmetric domain plane — models and value objects moved from flat contract.models / contract.valueObjects to contract.domain.namespaces.<ns>, and emitted contract.d.ts exports Models via ContractModelsMap<Contract> instead of Contract['models']. Re-emit your contract; consumers reading the flat shape must adopt the namespaced helpers. See the 0.11→0.12 upgrade recipe (extension authors: the extension-author recipe also covers the removal of the @prisma-next/contract/testing subpath — test factories now live in @prisma-next/test-utils). (#653)

Before (consuming emitted contract.d.ts):
```
type Models = Contract['models'];
```
After:
```
type Models = ContractModelsMap<Contract>;
```
Cross-namespace references are explicit { namespace, model } pairs — emitted contract roots and relation.to now carry an explicit { namespace, model } object (namespace branded as NamespaceId) rather than a bare model-name string. Re-emit your contract, and update any code that read relation.to (or a root) as a string to read .model / .namespace. (#600)

Before (consuming emitted contract.d.ts):
```
// relation.to was a bare model-name string
readonly to: 'User';
```
After:
```
// relation.to is now an explicit { namespace, model }
readonly to: { readonly namespace: 'public' & NamespaceId; readonly model: 'User' };
```

capabilities removed from defineContract — the capabilities field on the first argument of defineContract({ … }, …) is gone; capabilities are now contributed automatically by target components and the extension packs in extensionPacks. Delete the capabilities: { … } block from every call site and re-emit. See the 0.11→0.12 upgrade recipe. (#574)

Before:

export const contract = defineContract(
  {
    extensionPacks: { pgvector },
    capabilities: { postgres: { lateral: true, jsonAgg: true } },
  },
  ({ field, model }) => {
    // … model definitions …
  },
);

After:

export const contract = defineContract(
  { extensionPacks: { pgvector } },
  ({ field, model }) => {
    // … model definitions …
  },
);

verifyMarker replaces verify / RuntimeVerifyOptions — the SQL runtime's verify: { mode, requireMarker } option is replaced by verifyMarker?: 'onFirstUse' | false (default 'onFirstUse'), and the runtime no longer throws on contract-marker drift — it emits one warn-level log line per runtime instance and proceeds. The RuntimeVerifyOptions export is removed in favour of VerifyMarkerOption. Migrate verify call sites and switch fail-fast verification to the db-verify CLI. See the 0.11→0.12 upgrade recipe. (#592)

Before:
```
const runtime = createRuntime({
  stackInstance,
  context,
  driver,
  verify: { mode: 'onFirstUse', requireMarker: false },
});
```
After:
```
const runtime = createRuntime({
  stackInstance,
  context,
  driver,
  // verifyMarker omitted — 'onFirstUse' is the default; pass `false` to skip
});
```
Migration manifest closed; labels/hints removed — the on-disk migration.json schema is now closed and no longer carries labels or hints; a manifest still holding either key fails to load with INVALID_MANIFEST. Both fields also leave the content-addressed migration identity, so migrationHash changes. Run the colocated codemod to strip the keys and recompute each hash. See the 0.11→0.12 upgrade recipe. (#615)
MongoDB emits closed $jsonSchema validators by default — every emitted object schema (collection validators, nested objects, and oneOf branches) now carries additionalProperties: false, and each non-variant Mongo model must resolve to an objectId _id before emit succeeds. Re-emit your Mongo contracts and apply the open→closed validator change (the planner classifies it as destructive). See the 0.11→0.12 upgrade recipe. (#637)
mongodb is now a user-supplied peer dependency — @prisma-next/driver-mongo, @prisma-next/adapter-mongo, and @prisma-next/mongo no longer bundle mongodb; install mongodb@^7 yourself as a peer dependency. (#597)
.distinct(cols) now collapses to one row per group — .distinct(cols) on the SQL ORM Collection (and on nested .include(…)) now keeps a single representative row per (cols) group, matching Prisma semantics; previously it did not collapse when the projection carried other distinguishing columns. No call-site change is required, but query results change — review any logic or fixtures that relied on the old non-collapsing output. Extension authors implementing ExprVisitor / exhaustive expr.kind switches must handle the new WindowFuncExpr variant — see the extension-author recipe. (#576)
In-repo CipherStash extension removed — @prisma-next/extension-cipherstash is no longer published from this repo; CipherStash's encrypted-field support now ships from CipherStash's own repository as @cipherstash/prisma-next. Depend on that package instead. (#650)

Features

Customize where the contract emitter writes via outputPath in prisma-next.config.ts or --output-path on prisma-next contract emit. (#584)
Raw SQL in the typed query builder (rawSql) for Postgres and SQLite, so escape-hatch expressions compose with the rest of the builder. (#594)
migration list rewritten to show the complete migration set, ref/graph context, and multi-space output instead of only the migrations along a single chain. (#603)
migration graph --tree renders a condensed annotated-tree view of the migration topology. (#658)
Roll back migrations without editing contract source: reverse edges are now plannable and applyable via --to. (#635)
Single-query include aggregates in the SQL ORM client — counts and aggregates on included relations are fetched in one query rather than fanning out. (#596)
planExecutionId on RuntimeMiddlewareContext, a fresh per-execute() identity letting middleware correlate beforeExecute and afterExecute for the same call. (#605)
Mongo middleware can rewrite query parameters in beforeExecute before they are encoded, restoring parity with the SQL param-mutator seam. (#652)
emptyContract({ target }) lets contract-space extensions that contribute only migration invariants (e.g. installing a Postgres extension) omit a contract source instead of hand-authoring an empty one. (#651)

Fixes

Mongo: optional fields that are undefined are omitted when deserializing createIndex, instead of being written out. (#580)
Foreign-key referential actions (onDelete / onUpdate) are now preserved in the schema IR. (#608)
Mongo db update: adding an optional field to an existing model now applies cleanly — the validator-widening op is classified and applied correctly instead of being gated or dropped. (#624)
The dev→ship transition is fixed: the first migration plan after db update now succeeds via ref-paired snapshots and an auto-baseline on an empty graph. (#582)
prisma-next init scaffolds into the canonical src/prisma/ layout, matching the rest of the framework, so fresh projects start in the expected shape. (#581)
In-process contracts built with defineContract and passed to createExecutionContext now carry the same adapter + driver capability matrix as CLI-emitted contracts. (#602)

New contributors

@xxiaoxiong made their first contribution in #580
@medz made their first contribution in #608

Breaking Changes

Supported-version floors raised: Node.js >=24, TypeScript >=5.9, PostgreSQL 17, MongoDB 8.0.
Un-namespaced Postgres models now default to the `public` namespace instead of `__unbound__`.
Models and value objects moved from flat `contract.models`/`contract.valueObjects` to namespaced shape under `contract.domain.namespaces`. Exported type helpers change accordingly.
Cross‑namespace references are explicit `{ namespace, model }` pairs rather than bare strings.
Removed `capabilities` field from `defineContract` API; capabilities are now auto‑contributed.
Replaced `verify: { mode, requireMarker }` with `verifyMarker?: 'onFirstUse' | false` and removed related types.
Migration manifest schema closed; `labels` and `hints` fields are disallowed and cause load failure.
MongoDB validators now emit `$jsonSchema` with `additionalProperties: false` by default.
Removed bundled `mongodb` from Prisma Next Mongo drivers; it must be installed as a peer dependency.
.distinct(cols) on SQL ORM Collection now collapses to one row per group, changing result shape.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Prisma Next

Get notified when new releases ship.

About Prisma Next

All releases →

Related context

Related tools

Earlier breaking changes

v0.11.0 reject mismatched --authoring/--schema-path flags in prisma‑next init (TML-2652)
v0.9.0 Restructures migration CLI surface around resolved vocabulary.
v0.9.0 Deprecates and renames @prisma-next/agent-skill to @prisma-next/skills.