npmpackage.info

Gathering detailed insights and metrics for @prisma/client

Other packages similar to @prisma/client

@prisma/instrumentation

6.7.0

OpenTelemetry compliant instrumentation for Prisma Client

@prisma/nextjs-monorepo-workaround-plugin

6.7.0

Ensures that your Prisma files are copied

prisma-client-lib

1.34.12

This package includes all dependencies besides `graphql` needed in order to run Prisma client in JavaScript, TypeScript and Flow.

@prisma/client-engine-runtime

6.7.0

This package is intended for Prisma's internal use

Gathering detailed insights and metrics for @prisma/client

@prisma/client - 6.7.0 | npmpackage.info

@prisma/client

Next-generation ORM for Node.js & TypeScript | PostgreSQL, MySQL, MariaDB, SQL Server, SQLite, MongoDB and CockroachDB

6.7.0

42,269

Apache-2.0

TypeScript

171.00 B

248,994,827 6.6

Installations

npm install @prisma/client

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, ESM, UMD

Min. Node Version

>=18.18

Node Version

18.20.8

NPM Version

10.8.2 Score

77.4

Supply Chain

72.2

Quality

97.6

Maintenance

100

Vulnerability

98.9

License

Pull Requests

Open

33

Total

8,754

Closed

2,662

Merged

6,059

Issues

Open

2,255

Total

11,104

Closed

8,849

Releases

212

6.7.0

Updated on Apr 29, 2025

6.6.0

Updated on Apr 08, 2025

6.5.0

Updated on Mar 11, 2025

6.4.1

Updated on Feb 20, 2025

6.4.0

Updated on Feb 18, 2025

6.3.1

Updated on Feb 04, 2025

View All 212 releases

Languages

TypeScript

JavaScript

Shell

Dockerfile

PLpgSQL

TSQL

Batchfile

TypeScript (98.65%)

JavaScript (1.19%)

Shell (0.1%)

Dockerfile (0.04%)

PLpgSQL (0.01%)

Developer

prisma

Download Statistics

Total Downloads

248,994,827

Last Day

491,265

Last Week

2,681,935

Last Month

11,159,612

Last Year

111,940,924

GitHub Statistics

Apache-2.0 License

42,269 Stars

11,490 Commits

1,747 Forks

236 Watchers

437 Branches

294 Contributors

Updated on May 15, 2025

Bundle Size

233.00 B

Minified

171.00 B

Minified + Gzipped

Bundlephobia

Maintainers

View All 294 Contributors

Package Meta Information

Latest Version

6.7.0

Package Id

@prisma/client@6.7.0

Unpacked Size

15.68 MB

Size

5.68 MB

File Count

NPM Version

10.8.2

Node Version

18.20.8

Published on

Apr 29, 2025

Total Downloads

Cumulative downloads

Total Downloads

248,994,827

Last Day

491,265

Compared to previous day

Last Week

9.6%

2,681,935

Compared to previous week

Last Month

0.9%

11,159,612

Compared to previous month

Last Year

45.8%

111,940,924

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Peer Dependencies

prisma typescript

Dev Dependencies

100

@cloudflare/workers-types @codspeed/benchmark.js-plugin @faker-js/faker @fast-check/jest @inquirer/prompts @jest/create-cache-key-function @jest/globals @jest/test-sequencer @libsql/client @neondatabase/serverless @opentelemetry/api @opentelemetry/context-async-hooks @opentelemetry/instrumentation @opentelemetry/resources @opentelemetry/sdk-trace-base @opentelemetry/semantic-conventions @planetscale/database @prisma/engines-version @prisma/mini-proxy @prisma/query-compiler-wasm @prisma/query-engine-wasm @snaplet/copycat @swc-node/register @swc/core @swc/jest @timsuchanek/copy @types/debug @types/fs-extra @types/jest @types/js-levenshtein @types/mssql @types/node @types/pg arg benchmark decimal.js esbuild execa expect-type fs-extra get-stream globby indent-string jest jest-extended jest-junit jest-serializer-ansi-escapes jest-snapshot js-levenshtein kleur klona mariadb memfs mssql new-github-issue-url node-fetch p-retry pg resolve rimraf simple-statistics sort-keys source-map-support sql-template-tag stacktrace-parser strip-ansi strip-indent tempy ts-node ts-pattern tsd typescript undici wrangler zx @prisma/adapter-better-sqlite3 @prisma/adapter-libsql @prisma/adapter-d1 @prisma/adapter-neon @prisma/adapter-pg @prisma/adapter-pg-worker @prisma/adapter-planetscale @prisma/client-common @prisma/client-generator-js @prisma/client-generator-ts @prisma/config @prisma/debug @prisma/client-engine-runtime @prisma/dmmf @prisma/driver-adapter-utils @prisma/engines @prisma/fetch-engine @prisma/generator-helper @prisma/instrumentation @prisma/generator @prisma/internals @prisma/migrate @prisma/get-platform @prisma/pg-worker @prisma/ts-builders

Prisma Client ·

Prisma Client JS is an auto-generated query builder that enables type-safe database access and reduces boilerplate. You can use it as an alternative to traditional ORMs such as Sequelize, TypeORM or SQL query builders like knex.js.

It is part of the Prisma ecosystem. Prisma provides database tools for data access, declarative data modeling, schema migrations and visual data management. Learn more in the main prisma repository or read the documentation.

Getting started

Follow one of these guides to get started with Prisma Client JS:

Quickstart (5 min)
Set up a new project with Prisma (SQL migrations) (15 min)
Set up a new project with Prisma (Prisma Migrate) (15 min)
Add Prisma to an existing project (15 min)

Alternatively you can explore the ready-to-run examples (REST, GraphQL, gRPC, plain JavaScript and TypeScript demos, ...) or watch the demo videos (1-2 min per video).

Contributing

Refer to our contribution guidelines and Code of Conduct for contributors.

Tests Status

Prisma Tests Status:
Ecosystem Tests Status:

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

License

Determines if the project has defined a license.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Fuzzing

Determines if the project uses fuzzing.

9

Security-Policy

Determines if the project has published a security policy.

7

SAST

Determines if the project uses static code analysis.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-close-github-discussions.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/auto-close-github-discussions.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-close-github-discussions.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/auto-close-github-discussions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-close-github-discussions.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/auto-close-github-discussions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/benchmark.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmark.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/benchmark.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engine-branch.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/build-engine-branch.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundle-size.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/bundle-size.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/bundle-size.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/bundle-size.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/codeql-analysis.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/codeql-analysis.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/daily-test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/daily-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-stale-issues.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/label-stale-issues.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-stale-issues.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/label-stale-issues.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-workflow-files.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/lint-workflow-files.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-workflow-files.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/lint-workflow-files.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/manage-dist-tag.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/manage-dist-tag.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-ci.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-ci.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-ci.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-ci.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-latest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-latest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-latest.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-latest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-latest.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/release-latest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:282: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:363: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:366: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:398: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:422: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:425: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:442: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:468: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:477: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:489: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:519: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:523: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:634: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:564: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:574: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:611: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:707: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:779: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:782: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:308: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:311: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:337: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:918: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:944: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:1137: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:1305: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:662: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:734: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:745: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:824: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:827: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:869: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:872: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:1007: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:1031: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-template.yml:1071: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-template.yml:1112: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-engines-version.yml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-engines-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-studio-version.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma/update-studio-version.yml/main?enable=pin
Warn: containerImage not pinned by hash: .devcontainer/Dockerfile:5
Warn: containerImage not pinned by hash: docker/mongodb_replica/Dockerfile:3
Warn: containerImage not pinned by hash: docker/planetscale_proxy/Dockerfile:1
Warn: containerImage not pinned by hash: docker/planetscale_proxy/Dockerfile:5: pin your Docker image by updating alpine:latest to alpine:latest@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
Warn: containerImage not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:1
Warn: containerImage not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:3
Warn: containerImage not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:23
Warn: npmCommand not pinned by hash: packages/client/tests/e2e/_utils/standard.dockerfile:10-18
Warn: npmCommand not pinned by hash: .github/workflows/scripts/setup.sh:5
Info: 0 out of 46 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 61 third-party GitHubAction dependencies pinned
Info: 0 out of 7 containerImage dependencies pinned
Info: 0 out of 2 npmCommand dependencies pinned

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

6.6

/10

Last Scanned on 2025-05-05

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More