Skip to content

chore(deps): bump the production-dependencies group in /backend with 8 updates#2

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/backend/production-dependencies-442cab772a
Open

chore(deps): bump the production-dependencies group in /backend with 8 updates#2
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/backend/production-dependencies-442cab772a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown

Bumps the production-dependencies group in /backend with 8 updates:

Package From To
@prisma/client 5.22.0 7.8.0
dotenv 16.6.1 17.4.2
express-rate-limit 7.5.1 8.5.2
helmet 7.2.0 8.3.0
http-proxy-middleware 2.0.10 4.2.0
joi 17.13.4 18.2.3
uuid 9.0.1 14.0.1
prisma 5.22.0 7.8.0

Updates @prisma/client from 5.22.0 to 7.8.0

Release notes

Sourced from @​prisma/client's releases.

7.8.0

Today, we are excited to share the 7.8.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

Prisma Client

  • Added a queryPlanCacheMaxSize option to the PrismaClient constructor for fine-grained control over the query plan cache. Pass 0 to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (#29503)

Bug Fixes

Prisma Client

  • Fixed an equality filter panic and incorrect ::jsonb cast when filtering on PostgreSQL JSON list columns. Queries using where: { jsonListField: { equals: [...] } }prisma/prisma-engines#5804
  • Fixed case-insensitive JSON field filtering (mode: insensitive), allowing where: { jsonField: { equals: "...", mode: "insensitive" } }prisma/prisma-engines#5806
  • Fixed incorrect parameterization of enum values that have a custom database name set via @map. (#29422)
  • Fixed a database parameter limit check (P2029), which could incorrectly reject or miss over-limit queries. (#29422)
  • Fixed a regression that caused missing SQL Server VARCHARprisma/prisma-engines#5801

Schema Engine

  • Fixed a misleading error message in prisma migrate diff that referenced the --shadow-database-url CLI flag, which was removed in Prisma 7. (#29455)
  • Fixed prisma migrate dev (and shadow database migration replay in general) failing with CREATE INDEX CONCURRENTLY cannot run inside a transaction blockprisma/prisma-engines#5799
  • Fixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form pg_catalog.nextval('sequence_name'::regclass) instead of the bare nextval(...). Columns backed by sequences now correctly appear as @default(autoincrement())prisma/prisma-engines#5802

Driver Adapters

  • @​prisma/adapter-d1: Savepoint operations (createSavepoint, rollbackToSavepoint, releaseSavepoint) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (#29499)

Open roles at Prisma

Interested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that's right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

7.7.0

Today, we are excited to share the 7.7.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

... (truncated)

Commits
  • 62b44ac chore(deps): update engines to 7.8.0-5.e96eae70cf4ade6a15d7e6064d5b0b4f7d835d...
  • 4104864 feat: add a query plan cache size parameter (#29503)
  • 723ba7b chore(deps): update engines to 7.8.0-4.8c287008617e9b12f313df99e2c821ae61ea9a...
  • cadbafe chore(deps): update engines to 7.8.0-2.3187e3937290320ba3c7dbd5aa94af67942b44...
  • f705533 chore(deps): update engines to 7.8.0-1.7b80cc56c645c6e03c7541474e6a7c8d91b70d...
  • fbab4e8 Fix 29271 (#29303)
  • 6a3c3cc chore: extract parameterization to client-engine-runtime (#29422)
  • 5b420f8 fix(client): prevent caching of createMany queries to avoid cache bloat and p...
  • 30f0af6 feat: dmmf streaming with an E2E test (#29377)
  • 14c3c2e fix: pin E2E typescript to prevent 6 upgrade (#29383)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​prisma/client since your current version.


Updates dotenv from 16.6.1 to 17.4.2

Changelog

Sourced from dotenv's changelog.

17.4.2 (2026-04-12)

Changed

  • Improved skill files - tightened up details (#1009)

17.4.1 (2026-04-05)

Changed

  • Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

  • Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

  • Tighten up logs: ◇ injecting env (14) from .env (#1003)

17.3.1 (2026-02-12)

Changed

  • Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

  • Add a new README section on dotenv’s approach to the agentic future.

Changed

  • Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

17.2.4 (2026-02-05)

Changed

  • Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#915)
  • Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.

17.2.3 (2025-09-29)

Changed

  • Fixed typescript error definition (#912)

... (truncated)

Commits

Updates express-rate-limit from 7.5.1 to 8.5.2

Release notes

Sourced from express-rate-limit's releases.

v8.5.2

You can view the changelog here.

v8.5.1

You can view the changelog here.

v8.5.0

You can view the changelog here.

v8.4.1

You can view the changelog here.

v8.4.0

You can view the changelog here.

v8.3.2

You can view the changelog here.

v8.3.1

You can view the changelog here.

v8.3.0

You can view the changelog here.

v8.2.1

You can view the changelog here.

v8.2.0

You can view the changelog here.

v8.1.0

You can view the changelog here.

v8.0.1

You can view the changelog here.

v8.0.0

You can view the changelog here.

Commits
  • 9774693 8.5.2
  • 0e94cc0 v8.5.2 changelog
  • 9a583c5 feat: simplify IPv6 key generation (#633)
  • 4f4b3fb chore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (#632)
  • 3c1d6c5 chore(deps-dev): bump the development-dependencies group with 7 updates (#631)
  • 18884b6 chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (#630)
  • dacc980 chore(deps): bump handlebars from 4.7.8 to 4.7.9 (#629)
  • 486d0c6 chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (#627)
  • 50cc3f6 8.5.1
  • 92c8e3e chore: bump ip-address library to latest (#626)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for express-rate-limit since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates helmet from 7.2.0 to 8.3.0

Changelog

Sourced from helmet's changelog.

8.3.0 - 2026-07-11

Changed

  • Content-Security-Policy: improved performance by ~7% when there are no dynamic directives
  • Content-Security-Policy: improved error handling for invalid directive names

Fixed

  • Content-Security-Policy: useDefaults: false with no directives is no longer valid, both at runtime and the type level
  • Content-Security-Policy: dynamically-computed directive values would throw, not call next, when invalid
  • Content-Security-Policy: dynamically-computed directive value entries would throw, not call next, when function threw

8.2.0 - 2026-05-21

  • Cross-Origin-Opener-Policy: support noopener-allow-popups. See #522
  • Improve error message when passing duplicate options

8.1.0 - 2025-03-17

Changed

  • Content-Security-Policy gives a better error when a directive value, like self, should be quoted. See #482

8.0.0 - 2024-09-28

Changed

  • Breaking: Strict-Transport-Security now has a max-age of 365 days, up from 180
  • Breaking: Content-Security-Policy middleware now throws an error if a directive should have quotes but does not, such as self instead of 'self'. See #454
  • Breaking: Content-Security-Policy's getDefaultDirectives now returns a deep copy. This only affects users who were mutating the result
  • Breaking: Strict-Transport-Security now throws an error when "includeSubDomains" option is misspelled. This was previously a warning

Removed

  • Breaking: Drop support for Node 16 and 17. Node 18+ is now required
Commits
  • 75f1a98 8.3.0
  • f03f70d Update changelog for 8.3.0 release
  • a307fce Fix capitalization in CSP package changelog
  • 5347b43 Format default CSP in README for readability
  • 9afc570 CSP: fix middleware-specific README missing link
  • 266c95c Minor speedups to project setups test
  • 7a4196c CSP: update package-specific changelog
  • 02716b4 CSP: improve performance when there are no dynamic directives
  • 3f511ed CSP: move utility functions to separate file
  • 80338af CSP: disabling defaults with no directives is now an error
  • Additional commits viewable in compare view

Updates http-proxy-middleware from 2.0.10 to 4.2.0

Release notes

Sourced from http-proxy-middleware's releases.

v4.2.0

What's Changed

New Contributors

Full Changelog: chimurai/http-proxy-middleware@v4.1.1...v4.2.0

v4.1.1

What's Changed

Full Changelog: chimurai/http-proxy-middleware@v4.1.0...v4.1.1

v4.1.0

What's Changed

... (truncated)

Changelog

Sourced from http-proxy-middleware's changelog.

v4.2.0

  • feat(types): export OnProxyEvent type
  • feat(debug-proxy-errors-plugin): diagnostic message for POST + bodyParser + ECONNRESET error
  • chore(package.json): update to httpxy v0.5.4

v4.1.1

  • fix(fixRequestBody): harden form-data stringification

v4.1.0

  • feat(definePlugin): helper function to create plugins
  • chore(package.json): update to httpxy@0.5.3
  • fix(ipv6): preserve credentials when normalizing bracketed IPv6 target string
  • fix(ipv6): unspecified IPv6 target hostname (::)
  • fix(response-interceptor): reduce responseInterceptor buffer churn
  • fix(ws): handle multi-server upgrade subscription and safe proxy shutdown
  • feat(router): add 'res' and 'options' to router function
  • feat(pathRewrite): add 'res' and 'options' to custom pathRewrite function
  • fix(responseInterceptor): prevent trailer/content-length conflict
  • feat(zstd): support zstd compression in responseInterceptor and fixRequestBody
  • fix(responseInterceptor): handle bodyless responses (HEAD/1xx/204/304) with content-encoding
  • fix(router): harden proxy-table matching

v4.0.0

  • fix(types): fix Logger type
  • fix(error-response-plugin): sanitize input
  • feat: drop node v14/v16/v18 [BREAKING CHANGE]
  • refactor: replace http-proxy w/ httpxy
  • chore: remove legacyCreateProxyMiddleware() [BREAKING CHANGE]
  • ci: migrate from jest to vitest
  • chore(package.json): esm only [BREAKING CHANGE]
  • chore(package.json): bump to httpxy 0.5.0 (#1183)
  • chore(package.json): drop node20 [BREAKING CHANGE] (#1179)
  • refactor: remove deprecated url.parse() (#1176)
  • fix(fixRequestBody): support content-encoding on request body (#1142)
  • fix: prevent TypeError when ws enabled but server is undefined (#1163)
  • fix: applyPathRewrite logs old req.url instead of rewritten path (#1157)
  • feat(hono): support for hono with createHonoProxyMiddleware
  • feat(ipv6): support literal IPv6 addresses in target and forward options (ie. "http://[::1]:8000")
  • chore(package.json): bump httpxy to ^0.5.1
  • fix(logger-plugin): support ipv6 host and handle undefined protocol/host
  • ci(publish.yml): pin github.triggering_actor
  • chore(package.json): node ^22.15.0 (#1218)
  • refactor(package): subpath 'http-proxy-middleware/hono' (#1220)
  • chore: node 26 support

v3.0.5

... (truncated)

Commits
  • 4abb1ba chore(package.json): v4.2.0 (#1276)
  • d40ae3e chore(package.json): update dependencies (#1275)
  • 89a78d0 chore(debug-proxy-errors-plugin): fix BODY_PARSER_ERROR_MESSAGE formatting (#...
  • 7ba87a9 feat(debug-proxy-errors-plugin): debug message for bodyParser + ECONNRESET er...
  • 006f1a4 test(e2e): assert invalid multipart error log (#1272)
  • 22281bf test(e2e): add HttpAgent keepAlive test (#472) (#1267)
  • 5b37301 chore(package.json): bump dev deps (#1265)
  • 3695b93 refactor(errors): use HttpProxyMiddlewareError class (#1264)
  • b9242af feat(types): export OnProxyEvent type (#1263)
  • b3b98d2 chore(package.json): v4.1.1 (#1262)
  • Additional commits viewable in compare view
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates joi from 17.13.4 to 18.2.3

Commits
  • c86ddc0 18.2.3
  • 8077125 Merge pull request #3125 from hapijs/fix/json-schema-multiple-patterns
  • 223217a fix: expose multiple string patterns in json schemas
  • 85947a8 Merge pull request #3124 from hapijs/chore/object-proto
  • fe41c4f chore: deny prototype pollution in objects by restoring prototype
  • 87d3a62 18.2.2
  • 1c7d34e Merge pull request #3120 from hapijs/fix/json-schema-bugfixes
  • 515a8f0 test(json-schema): drop runtime validation from json-schema tests
  • 6574f75 fix(json-schema): register id'd child schemas in $defs
  • 770a2cf fix(json-schema): skip rule handlers with ref arguments
  • Additional commits viewable in compare view

Updates uuid from 9.0.1 to 14.0.1

Release notes

Sourced from uuid's releases.

v14.0.1

14.0.1 (2026-06-20)

Bug Fixes

  • add types condition to node export for moduleResolution bundler (#961) (27ffae5)

v14.0.0

14.0.0 (2026-04-19)

⚠ BREAKING CHANGES

  • expect crypto to be global everywhere (requires node@20+) (#935)
  • drop node@18 support (#934)

Features

Bug Fixes

  • expect crypto to be global everywhere (requires node@20+) (#935) (f2c235f)
  • Use GITHUB_TOKEN for release-please and enable npm provenance (#925) (ffa3138)

v13.0.2

13.0.2 (2026-05-04)

Bug Fixes

  • rerelease to fix provenance. (49ccb35)

v13.0.1

13.0.1 (2026-04-27)

Bug Fixes

v13.0.0

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

  • make browser exports the default (#901)

... (truncated)

Changelog

Sourced from uuid's changelog.

14.0.1 (2026-06-20)

Bug Fixes

  • add types condition to node export for moduleResolution bundler (#961) (27ffae5)

14.0.0 (2026-04-19)

Security

  • Fixes GHSA-w5hq-g745-h8pq: v3(), v5(), and v6() did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid offset was provided. A RangeError is now thrown if offset < 0 or offset + 16 > buf.length.

⚠ BREAKING CHANGES

  • crypto is now expected to be globally defined (requires node@20+) (#935)
  • drop node@18 support (#934)
  • upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years

13.0.0 (2025-09-08)

⚠ BREAKING CHANGES

  • make browser exports the default (#901)

Bug Fixes

12.0.0 (2025-09-05)

⚠ BREAKING CHANGES

  • update to typescript@5.2 (#887)
  • remove CommonJS support (#886)
  • drop node@16 support (#883)

Features

Bug Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for uuid since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates prisma from 5.22.0 to 7.8.0

Release notes

Sourced from prisma's releases.

7.8.0

Today, we are excited to share the 7.8.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

Prisma Client

  • Added a queryPlanCacheMaxSize option to the PrismaClient constructor for fine-grained control over the query plan cache. Pass 0 to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (#29503)

Bug Fixes

Prisma Client

  • Fixed an equality filter panic and incorrect ::jsonb cast when filtering on PostgreSQL JSON list columns. Queries using where: { jsonListField: { equals: [...] } }prisma/prisma-engines#5804
  • Fixed case-insensitive JSON field filtering (mode: insensitive), allowing where: { jsonField: { equals: "...", mode: "insensitive" } }prisma/prisma-engines#5806
  • Fixed incorrect parameterization of enum values that have a custom database name set via @map. (#29422)
  • Fixed a database parameter limit check (P2029), which could incorrectly reject or miss over-limit queries. (#29422)
  • Fixed a regression that caused missing SQL Server VARCHARprisma/prisma-engines#5801

Schema Engine

  • Fixed a misleading error message in prisma migrate diff that referenced the --shadow-database-url CLI flag, which was removed in Prisma 7. (#29455)
  • Fixed prisma migrate dev (and shadow database migration replay in general) failing with CREATE INDEX CONCURRENTLY cannot run inside a transaction blockprisma/prisma-engines#5799
  • Fixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form pg_catalog.nextval('sequence_name'::regclass) instead of the bare nextval(...). Columns backed by sequences now correctly appear as @default(autoincrement())prisma/prisma-engines#5802

Driver Adapters

  • @​prisma/adapter-d1: Savepoint operations (createSavepoint, rollbackToSavepoint, releaseSavepoint) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (#29499)

Open roles at Prisma

Interested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that's right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

7.7.0

Today, we are excited to share the 7.7.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

... (truncated)

Commits
  • 5723406 fix(cli): route bootstrap telemetry to Prisma Web Properties project (#29473)
  • 8e71aa7 fix(cli): install missing @prisma/client in prisma bootstrap (#29444)
  • ada077b fix(cli): bootstrap UX — auto-install deps, resumable flow, timeout handling ...
  • 9b0b7f5 feat(cli): add prisma bootstrap command (#29374)
  • 5fece0a chore: bump @​prisma/dev to 0.24.3 (#29396)
  • 45d7e0f feat(cli): add prisma postgres link command (#29352)
  • adbdf15 Pre-bundle Studio frontend assets and replace Hono (#29389)
  • f8258ad chore: bump effect to fix vulnerability (#29384)
  • 74839a9 feat(cli): update bundled @​prisma/studio-core to 0.27.3 (#29376)
  • 309b4bc refactor: extract 'prisma-client-js' into PRISMA_CLIENT_JS_PROVIDER constant ...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for prisma since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production-dependencies group in /backend with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [@prisma/client](https://github.com/prisma/prisma/tree/HEAD/packages/client) | `5.22.0` | `7.8.0` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.4.2` |
| [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `7.5.1` | `8.5.2` |
| [helmet](https://github.com/helmetjs/helmet) | `7.2.0` | `8.3.0` |
| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.10` | `4.2.0` |
| [joi](https://github.com/hapijs/joi) | `17.13.4` | `18.2.3` |
| [uuid](https://github.com/uuidjs/uuid) | `9.0.1` | `14.0.1` |
| [prisma](https://github.com/prisma/prisma/tree/HEAD/packages/cli) | `5.22.0` | `7.8.0` |


Updates `@prisma/client` from 5.22.0 to 7.8.0
- [Release notes](https://github.com/prisma/prisma/releases)
- [Commits](https://github.com/prisma/prisma/commits/7.8.0/packages/client)

Updates `dotenv` from 16.6.1 to 17.4.2
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.6.1...v17.4.2)

Updates `express-rate-limit` from 7.5.1 to 8.5.2
- [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases)
- [Commits](express-rate-limit/express-rate-limit@v7.5.1...v8.5.2)

Updates `helmet` from 7.2.0 to 8.3.0
- [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md)
- [Commits](helmetjs/helmet@v7.2.0...v8.3.0)

Updates `http-proxy-middleware` from 2.0.10 to 4.2.0
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v2.0.10...v4.2.0)

Updates `joi` from 17.13.4 to 18.2.3
- [Commits](hapijs/joi@v17.13.4...v18.2.3)

Updates `uuid` from 9.0.1 to 14.0.1
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v9.0.1...v14.0.1)

Updates `prisma` from 5.22.0 to 7.8.0
- [Release notes](https://github.com/prisma/prisma/releases)
- [Commits](https://github.com/prisma/prisma/commits/7.8.0/packages/cli)

---
updated-dependencies:
- dependency-name: "@prisma/client"
  dependency-version: 7.8.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: dotenv
  dependency-version: 17.4.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: express-rate-limit
  dependency-version: 8.5.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: helmet
  dependency-version: 8.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: http-proxy-middleware
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: joi
  dependency-version: 18.2.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: uuid
  dependency-version: 14.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: prisma
  dependency-version: 7.8.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Development

Successfully merging this pull request may close these issues.

0 participants