Skip to content

chore(deps): update dependency kysely to v0.28.8 #902

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update dependency kysely to v0.28.8 #902

wants to merge 1 commit into from
+10 −4

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Nov 6, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
kysely (source) ^0.24.2 || ^0.25.0 || ^0.26.0 || ^0.27.0 -> ^0.24.2 || ^0.25.0 || ^0.26.0 || ^0.27.0 || ^0.28.0 age confidence
kysely (source) 0.27.5 -> 0.28.8 age confidence

Release Notes

kysely-org/kysely (kysely)

v0.28.8: 0.28.8

Compare Source

Hey 👋

A small batch of bug fixes. Please report any issues. 🤞😰🤞

🚀 Features
🐞 Bugfixes
PostgreSQL 🐘
📖 Documentation
📦 CICD & Tooling
⚠️ Breaking Changes
🐤 New Contributors

Full Changelog: kysely-org/kysely@v0.28.7...v0.28.8

v0.28.7: 0.28.7

Compare Source

Hey 👋

A small batch of bug fixes. Please report any issues. 🤞😰🤞

🚀 Features
🐞 Bugfixes
📖 Documentation
📦 CICD & Tooling
⚠️ Breaking Changes
🐤 New Contributors

Full Changelog: kysely-org/kysely@v0.28.6...v0.28.7

v0.28.6: 0.28.6

Compare Source

Hey 👋

A small batch of bug fixes. Please report any issues. 🤞😰🤞

Docs site has been optimized and all we got was this animation:

image
🚀 Features
🐞 Bugfixes
PostgreSQL 🐘 / MSSQL 🥅
MySQL 🐬
📖 Documentation
📦 CICD & Tooling
⚠️ Breaking Changes
🐤 New Contributors

Full Changelog: kysely-org/kysely@v0.28.5...v0.28.6

v0.28.5: 0.28.5

Compare Source

Hey 👋

A small batch of bug fixes. Please report any issues. 🤞😰🤞

🚀 Features
🐞 Bugfixes
📖 Documentation
📦 CICD & Tooling
⚠️ Breaking Changes
🐤 New Contributors

Full Changelog: kysely-org/kysely@v0.28.4...v0.28.5

v0.28.4: 0.28.4

Compare Source

Hey 👋

A small batch of bug fixes. Please report any issues. 🤞😰🤞

🚀 Features
🐞 Bugfixes
PostgreSQL 🐘
📖 Documentation
📦 CICD & Tooling
⚠️ Breaking Changes
🐤 New Contributors

Full Changelog: kysely-org/kysely@v0.28.3...v0.28.4

v0.28.3: 0.28.3

Compare Source

Hey 👋

A small batch of bug fixes. Please report any issues. 🤞😰🤞

🚀 Features
CockroachDB 🟣
  • fix: filter out internal cockroachdb schemas in postgres introspector by @​yawhide in #​1459
🐞 Bugfixes
MySQL 🐬 / MS SQL Server 🥅
MS SQL Server 🥅
📖 Documentation
📦 CICD & Tooling
⚠️ Breaking Changes
🐤 New Contributors

Full Changelog: kysely-org/kysely@0.28.2...v0.28.3

v0.28.2

Compare Source

Hey 👋

v0.28 broke an undocumented TypeScript behavior our API had that allowed you to pass table name unions to query builders and enable some DRYing of queries. Seeing that this pattern was quite popular, we decided to support it officially with the addition of the table method in the dynamic module.

You can pull off some crazy complex stuff like:

async function getRowByColumn<
  T extends keyof Database,
  C extends keyof Database[T] & string,
  V extends SelectType<Database[T][C]>,
>(t: T, c: C, v: V) {
  // We need to use the dynamic module since the table name
  // is not known at compile time.
  const { table, ref } = db.dynamic

  return await db
    .selectFrom(table(t).as('t'))
    .selectAll()
    .where(ref(c), '=', v)
    // `id` can be directly referenced since every table has it.
    .orderBy('t.id')
    .executeTakeFirstOrThrow()
}

const person = await getRowByColumn('person', 'first_name', 'Arnold')

...and it'll narrow the downstream query context to the intersection of all the possible shapes of tables in the union type. (DONT DO THIS AT HOME KIDS!)

A simpler example would be:

async function deleteItem(id: string, table: 'person' | 'pet') {
  await db
    .deleteFrom(db.dynamic.table(table).as('t'))
    .where('id', '=', id)
    .executeTakeFirstOrThrow()
}

If you attempt to refer to a column that doesn't exist in both "person" and "pet" (e.g. "pet"'s "species" column), the compiler will correctly yell at you.

🚀 Features

🐞 Bugfixes

SQLite 📘

📖 Documentation

📦 CICD & Tooling

⚠️ Breaking Changes

🐤 New Contributors

Full Changelog: kysely-org/kysely@0.28.1...0.28.2

v0.28.1

Compare Source

Hey 👋

Just a small crucial bug fix release. Please inform us if you see any more regressions since v0.28. 🙏

🚀 Features

🐞 Bugfixes

PostgreSQL 🐘
  • pg introspector - Wrap schema.table in double quotes for case handling by @​neil176 in #​1426

📖 Documentation

📦 CICD & Tooling

⚠️ Breaking Changes

🐤 New Contributors

Full Changelog: kysely-org/kysely@0.28.0...0.28.1

v0.28.0

Compare Source

Hey 👋

Transactions are getting a lot of love in this one!

As part an effort to replace Knex with Kysely, B4nan, the author of mikro-orm drove the new setAccessMode('read only'|'read write') method when starting transactions.

You can now commit/rollback transactions manually and there's even savepoint support:

const trx = await db.startTransaction().execute()

try {
  // do stuff with `trx`, including work with savepoints via the new `savepoint(name)`, `rollbackToSavepoint(name)` and `releaseSavepoint(name)` methods!

  await trx.commit().execute()
} catch (error) {
  await trx.rollback().execute()

  throw error
}

We also added using keyword support, so now you can write:

await using db = new Kysely({...})

and db.destroy() will be called automatically once the current scope is exited.
If you plan on trying this out (it is optional, you can still const db = new Kysely({...}) and await db.destroy() manually), the using keyword requires typescript >= 5.2 and the following tsconfig.json options:

{
  "compilerOptions": {
    "target": "ES2022",
    "lib": ["ESNext", ...],
    ...
  }
  ...
}

We also added a plugin to handle in () and not in (). It comes with 2 handling strategies, one similar to how Knex.js, PrismaORM, Laravel and SQLAlchemy do it, and one similar to how TypeORM and Sequelize do it. It also supports custom strategies, e.g. throwing an error to avoid making a call to the database and wasting resources. Here's an example with one of the strategies we ship:

import {
  // ...
  HandleEmptyInListsPlugin,
  // ...
  replaceWithNoncontingentExpression,
  // ...
} from 'kysely'

const db = new Kysely<Database>({
  // ...
  plugins: [
    new HandleEmptyInListsPlugin({
      strategy: replaceWithNoncontingentExpression
    })
  ],
})

// ...
  .where('id', 'in', [])
  .where('first_name', 'not in', []) // => `where 1 = 0 and 1 = 1`

🚀 Features

PostgreSQL 🐘 / MySQL 🐬
  • feat: Allow read-only transactions in Postgres and MySQL by B4nan in #​1342 & #​1350
PostgreSQL 🐘 / MS SQL Server 🥅
PostgreSQL 🐘 / SQLite 📘
PostgreSQL 🐘
MySQL 🐬
MS SQL Server 🥅
  • Add outer and cross apply (mssql) by @​drew-marsh in #​1074
  • refactor: extract validateConnections and resetConnectionsOnRelease to root of config, flip default resetConnectionsOnRelease behavior. by @​igalklebanov in #​1388
SQLite 📘

🐞 Bugfixes

PostgreSQL 🐘

📖 Documentation

📦 CICD & Tooling

⚠️ Breaking Changes

  • InferResult now outputs InsertResult[], UpdateResult[], DeleteResult[], MergeResult[], instead of InsertResult, UpdateResult, DeleteResult, MergeResult. To get the singular form, use type Result = InferResult<T>[number].
  • Some generic/wide usages of QueryCreator's methods should no longer pass type checks. We never supported these officially.
  • As preventAwait is now removed on all builders, you must avoid awaiting builders without calling execute-like methods on your own.
  • TypeScript versions 4.5 and older are no longer supported. You will get an immediate compilation error telling you to upgrade.
  • QueryResult.numUpdatedOrDeletedRows has been removed (after spending ~2 years in deprecation). We still log a warning. Outdated dialects that don't use QueryResult.numAffectedRows should be updated OR forked.
  • DefaultQueryExecutor.compileQuery now requires passing a queryId argument. Use the newly exported createQueryId() as that argument value from now on.
  • UpdateValuesNode type has been removed.
  • MssqlDialectConfig.tedious.resetConnectionOnRelease has been deprecated, and had it's default flipped to false. Use MssqlDialectConfig.resetConnectionsOnRelease instead.
  • MssqlDialectConfig.tarn.options.validateConnections has been deprecated. Use MssqlDialectConfig.validateConnections instead.
  • String literals are now ' injection protected, hopefully. Please report any issues.

🐤 New Contributors

Full Changelog: kysely-org/kysely@0.27.6...0.28.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@changeset-bot
Copy link

changeset-bot bot commented Nov 6, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: 402919e

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@vercel
Copy link
Contributor

vercel bot commented Nov 6, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Updated (UTC)
vercel-storage-next-integration-test-suite Ready Ready Preview Nov 13, 2025 11:14am

@socket-security
Copy link

socket-security bot commented Nov 6, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedkysely@​0.28.810010010089100

View full report

@renovate renovate bot force-pushed the renovate/kysely-0.x branch from ef5a1d5 to 402919e Compare November 13, 2025 11:13
vercel[bot]
vercel bot reviewed Nov 13, 2025
View reviewed changes
packages/postgres-kysely/package.json
},
"peerDependencies": {
"kysely": "^0.24.2 || ^0.25.0 || ^0.26.0 || ^0.27.0"
"kysely": "^0.24.2 || ^0.25.0 || ^0.26.0 || ^0.27.0 || ^0.28.0"
Copy link
Contributor

@vercel vercel bot Nov 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Node.js engine requirement is incompatible with Kysely 0.28.8, which requires Node.js >=20.0.0. Users on Node.js 18 or 19 will fail to install this package.

View Details
📝 Patch Details 
diff --git a/packages/postgres-kysely/package.json b/packages/postgres-kysely/package.json
index 152de01..ea9a687 100644
--- a/packages/postgres-kysely/package.json
+++ b/packages/postgres-kysely/package.json
@@ -64,7 +64,7 @@
     "kysely": "^0.24.2 || ^0.25.0 || ^0.26.0 || ^0.27.0 || ^0.28.0"
   },
   "engines": {
-    "node": ">=18.14"
+    "node": ">=20.0.0"
   },
   "publishConfig": {
     "access": "public"

Analysis

Incorrect Node.js engine requirement in @vercel/postgres-kysely

What fails: The package declares "engines": { "node": ">=18.14" } but its peer dependency Kysely 0.28.8 requires node: >=20.0.0, creating a misleading compatibility claim.

How to reproduce: Check the package.json engine requirement vs. the peer dependency:

  • Package declares: "engines": { "node": ">=18.14" } (line 67 in packages/postgres-kysely/package.json)
  • Peer dependency resolved: [email protected] with engines: { "node": ">=20.0.0" } (verified in pnpm-lock.yaml line 2911)

Result:

  • Users on Node 18 or 19 installing this package with engine-strict configuration enabled will encounter installation failure with an engine mismatch error on the Kysely dependency
  • Even without strict checking, Node 18 users will have a misleading expectation that the package supports their version when it actually requires Node 20+
  • According to pnpm-lock.yaml, only Kysely 0.28.8 is resolved in the peer dependency range, which has the strict Node 20.0.0 requirement

Expected: The package should accurately declare the minimum Node version it actually requires. Since Kysely 0.28.8 is the latest version in the peer dependency range and requires Node 20+, the engines field should reflect this requirement to ensure accurate compatibility information for consumers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vercel vercel[bot] vercel[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant