npmpackage.info

Gathering detailed insights and metrics for @prisma/prisma-schema-wasm

Other packages similar to @prisma/prisma-schema-wasm

@prisma/prisma-fmt-wasm

4.17.0-16.27eb2449f178cd9fe1a4b892d732cc4795f75085

The WASM package for prisma-fmt

@prisma/engines

5.22.0

This package is intended for Prisma's internal use

@prisma/client

5.22.0

Prisma Client is an auto-generated, type-safe and modern JavaScript/TypeScript ORM for Node.js that's tailored to your data. Supports PostgreSQL, CockroachDB, MySQL, MariaDB, SQL Server, SQLite & MongoDB databases.

@mrleebo/prisma-ast

0.12.0

This library uses an abstract syntax tree to parse schema.prisma files into an object in JavaScript. It is similar to [@prisma/sdk](https://github.com/prisma/prisma/tree/master/src/packages/sdk) except that it preserves comments and model attributes.

Gathering detailed insights and metrics for @prisma/prisma-schema-wasm

@prisma/prisma-schema-wasm

🚂 Engine components of Prisma ORM

5.23.0-21.0160cc2f56997459423712af8dfa8cf1ad97704b

1,195

Apache-2.0

Rust

10,672,657 5.4

Installations

npm install @prisma/prisma-schema-wasm

Pull Requests

Open

91

Total

4,418

Closed

684

Merged

3,643

Issues

Open

79

Total

534

Closed

455

Releases

Unable to fetch releases

Developer

prisma

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

Typescript Support

Yes

Node Version

20.18.1

NPM Version

10.8.2 Statistics

1,195 Stars

9,992 Commits

240 Forks

18 Watching

318 Branches

115 Contributors

Updated on 27 Nov 2024

Languages

Rust (99.22%)

TypeScript (0.38%)

Makefile (0.13%)

Shell (0.12%)

Nix (0.09%)

HTML (0.01%)

TSQL (0.01%)

Dockerfile (0.01%)

JavaScript (0.01%)

Total Downloads

Cumulative downloads

Total Downloads

10,672,657

Last day

-6.3%

54,872

Compared to previous day

Last week

-3%

295,537

Compared to previous week

Last month

15.1%

1,199,051

Compared to previous month

Last year

973%

9,762,766

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

No dependencies detected.

Versions

Prisma Engines

This repository contains a collection of engines that power the core stack for Prisma, most prominently Prisma Client and Prisma Migrate.

If you're looking for how to install Prisma or any of the engines, the Getting Started guide might be useful.

This document describes some of the internals of the engines, and how to build and test them.

What's in this repository

This repository contains four engines:

Query engine, used by the client to run database queries from Prisma Client
Schema engine, used to create and run migrations and introspection
Prisma Format, used to format prisma files

Additionally, the psl (Prisma Schema Language) is the library that defines how the language looks like, how it's parsed, etc.

You'll also find:

libs, for various (small) libraries such as macros, user facing errors, various connector/database-specific libraries, etc.
a docker-compose.yml file that's helpful for running tests and bringing up containers for various databases
a flake.nix file for bringing up all dependencies and making it easy to build the code in this repository (the use of this file and nix is entirely optional, but can be a good and easy way to get started)
an .envrc file to make it easier to set everything up, including the nix shell

Documentation

The API docs (cargo doc) are published on our fabulous repo page.

Building Prisma Engines

Prerequisites:

Installed the latest stable version of the Rust toolchain. You can get the toolchain at rustup or the package manager of your choice.
Linux only: OpenSSL is required to be installed.
Installed direnv, then direnv allow on the repository root.
- Make sure direnv is hooked into your shell
- Alternatively: Load the defined environment in ./.envrc manually in your shell.
For m1 users: Install Protocol Buffers

Note for nix users: it should be enough to direnv allow. How to build:

To build all engines, simply execute cargo build on the repository root. This builds non-production debug binaries. If you want to build the optimized binaries in release mode, the command is cargo build --release.

Depending on how you invoked cargo in the previous step, you can find the compiled binaries inside the repository root in the target/debug (without --release) or target/release directories (with --release):

Prisma Component	Path to Binary
Query Engine	`./target/[debug\|release]/query-engine`
Schema Engine	`./target/[debug\|release]/schema-engine`
Prisma Format	`./target/[debug\|release]/prisma-fmt`

Prisma Schema Language

The Prisma Schema Language is a library which defines the data structures and parsing rules for prisma files, including the available database connectors. For more technical details, please check the library README.

The PSL is used throughout the schema engine, as well as prisma format. The DataModeL (DML), which is an annotated version of the PSL is also used as input for the query engine.

Query Engine

The Query Engine is how Prisma Client queries are executed. Here's a brief description of what it does:

takes as inputs an annotated version of the Prisma Schema file called the DataModeL (DML),
using the DML (specifically, the datasources and providers), it builds up a GraphQL model for queries and responses,
runs as a server listening for GraphQL queries,
it translates the queries to the respective native datasource(s) and returns GraphQL responses, and
handles all connections and communication with the native databases.

When used through Prisma Client, there are two ways for the Query Engine to be executed:

as a binary, downloaded during installation, launched at runtime; communication happens via HTTP (./query-engine/query-engine)
as a native, platform-specific Node.js addon; also downloaded during installation (./query-engine/query-engine-node-api)

Usage

You can also run the Query Engine as a stand-alone GraphQL server.

Warning: There is no guaranteed API stability. If using it on production please be aware the api and the query language can change any time.

Notable environment flags:

RUST_LOG_FORMAT=(devel|json) sets the log format. By default outputs json.
QE_LOG_LEVEL=(info|debug|trace) sets the log level for the Query Engine. If you need Query Graph debugging logs, set it to "trace"
FMT_SQL=1 enables logging formatted SQL queries
PRISMA_DML_PATH=[path_to_datamodel_file] should point to the datamodel file location. This or PRISMA_DML is required for the Query Engine to run.
PRISMA_DML=[base64_encoded_datamodel] an alternative way to provide a datamodel for the server.
RUST_BACKTRACE=(0|1) if set to 1, the error backtraces will be printed to the STDERR.
LOG_QUERIES=[anything] if set, the SQL queries will be written to the INFO log. Needs the right log level enabled to be seen from the terminal.
RUST_LOG=[filter] sets the filter for the logger. Can be either trace, debug, info, warning or error, that will output ALL logs from every crate from that level. The .envrc in this repo shows how to log different parts of the system in a more granular way.

Starting the Query Engine:

The engine can be started either with using the cargo build tool, or pre-building a binary and running it directly. If using cargo, replace whatever command that starts with ./query-engine with cargo run --bin query-engine --.

You can also pass --help to find out more options to run the engine.

Metrics

Running make show-metrics will start Prometheus and Grafana with a default metrics dashboard. Prometheus will scrape the /metrics endpoint to collect the engine's metrics

Navigate to http://localhost:3000 to view the Grafana dashboard.

Schema Engine

The Schema Engine does a couple of things:

creates new migrations by comparing the prisma file with the current state of the database, in order to bring the database in sync with the prisma file
run these migrations and keeps track of which migrations have been executed
(re-)generate a prisma schema file starting from a live database

The engine uses:

the prisma files, as the source of truth
the database it connects to, for diffing and running migrations, as well as keeping track of migrations in the _prisma_migrations table
the prisma/migrations directory which acts as a database of existing migrations

Prisma format

Prisma format can format prisma schema files. It also comes as a WASM module via a node package. You can read more here.

Debugging

When trying to debug code, here's a few things that might be useful:

use the language server; being able to go to definition and reason about code can make things a lot easier,
add dbg!() statements to validate code paths, inspect variables, etc.,
you can control the amount of logs you see, and where they come from using the RUST_LOG environment variable; see the documentation,
you can use the test-cli to test migration and introspection without having to go through the prisma npm package.

Testing

There are two test suites for the engines: Unit tests and integration tests.

Unit tests: They test internal functionality of individual crates and components.

You can find them across the whole codebase, usually in ./tests folders at the root of modules. These tests can be executed via cargo test. Note that some of them will require the TEST_DATABASE_URL enviornment variable set up.
Integration tests: They run GraphQL queries against isolated instances of the Query Engine and asserts that the responses are correct.

You can find them at ./query-engine/connector-test-kit-rs.

Set up & run tests:

Prerequisites:

Installed Rust toolchain.
Installed Docker.
Installed direnv, then direnv allow on the repository root.
- Alternatively: Load the defined environment in ./.envrc manually in your shell.

Setup:

There are helper make commands to set up a test environment for a specific database connector you want to test. The commands set up a container (if needed) and write the .test_config file, which is picked up by the integration tests:

make dev-mysql: MySQL 5.7
make dev-mysql8: MySQL 8
make dev-postgres: PostgreSQL 10
make dev-sqlite: SQLite
make dev-mongodb_5: MongoDB 5

*On windows: If not using WSL, make is not available and you should just see what your command does and do it manually. Basically this means editing the .test_config file and starting the needed Docker containers.

To actually get the tests working, read the contents of .envrc. Then Edit environment variables for your account from Windows settings, and add at least the correct values for the following variables:

WORKSPACE_ROOT should point to the root directory of prisma-engines project.
PRISMA_BINARY_PATH is usually %WORKSPACE_ROOT%\target\release\query-engine.exe.
SCHEMA_ENGINE_BINARY_PATH should be %WORKSPACE_ROOT%\target\release\schema-engine.exe.

Other variables may or may not be useful.

Run:

Run cargo test in the repository root.

Testing driver adapters

Please refer to the Testing driver adapters section in the connector-test-kit-rs README.

ℹ️ Important note on developing features that require changes to the both the query engine, and driver adapters code

As explained in Testing driver adapters, running DRIVER_ADAPTER=$adapter make qe-test will ensure you have prisma checked out in your filesystem in the same directory as prisma-engines. This is needed because the driver adapters code is symlinked in prisma-engines.

When working on a feature or bugfix spanning adapters code and query-engine code, you will need to open sibling PRs in prisma/prisma and prisma/prisma-engines respectively. Locally, each time you run DRIVER_ADAPTER=$adapter make test-qe tests will run using the driver adapters built from the source code in the working copy of prisma/prisma. All good.

In CI, tho', we need to denote which branch of prisma/prisma we want to use for tests. In CI, there's no working copy of prisma/prisma before tests run. The CI jobs clones prisma/prisma main branch by default, which doesn't include your local changes. To test in integration, we can tell CI to use the branch of prisma/prisma containing the changes in adapters. To do it, you can use a simple convention in commit messages. Like this:

git commit -m "DRIVER_ADAPTERS_BRANCH=prisma-branch-with-changes-in-adapters [...]"

GitHub actions will then pick up the branch name and use it to clone that branch's code of prisma/prisma, and build the driver adapters code from there.

When it's time to merge the sibling PRs, you'll need to merge the prisma/prisma PR first, so when merging the engines PR you have the code of the adapters ready in prisma/prisma main branch.

Testing engines in `prisma/prisma`

You can trigger releases from this repository to npm that can be used for testing the engines in prisma/prisma either automatically or manually:

Automated integration releases from this repository to npm

Any branch name starting with integration/ will, first, run the full test suite in GH Actions and, second, run the release workflow (build and upload engines to S3 & R2). To trigger the release on any other branch, you have two options:

Either run build-engines workflow on a specified branch manually.
Or add [integration] string anywhere in your commit messages/

The journey through the pipeline is the same as a commit on the main branch.

It will trigger prisma/engines-wrapper and publish a new @prisma/engines-version npm package but on the integration tag.
Which triggers prisma/prisma to create a chore(Automated Integration PR): [...] PR with a branch name also starting with integration/
Since in prisma/prisma we also trigger the publish pipeline when a branch name starts with integration/, this will publish all prisma/prisma monorepo packages to npm on the integration tag.
Our ecosystem-tests tests will automatically pick up this new version and run tests, results will show in GitHub Actions

This end to end will take minimum ~1h20 to complete, but is completely automated :robot:

Notes:

tests and publishing workflows are run in parallel in both prisma/prisma-engines and prisma/prisma repositories. So, it is possible that the engines would be published and only then test suite will discover a defect. It is advised that to keep an eye on both test and publishing workflows.

Manual integration releases from this repository to npm

Additionally to the automated integration release for integration/ branches, you can also trigger a publish manually in the Buildkite [Test] Prisma Engines job if that succeeds for any branch name. Click "🚀 Publish binaries" at the bottom of the test list to unlock the publishing step. When all the jobs in [Release] Prisma Engines succeed, you also have to unlock the next step by clicking "🚀 Publish client". This will then trigger the same journey as described above.

Parallel rust-analyzer builds

When rust-analzyer runs cargo check it will lock the build directory and stop any cargo commands from running until it has completed. This makes the build process feel a lot longer. It is possible to avoid this by setting a different build path for rust-analyzer. To avoid this. Open VSCode settings and search for Check on Save: Extra Args. Look for the Rust-analyzer › Check On Save: Extra Args settings and add a new directory for rust-analyzer. Something like:

--target-dir:/tmp/rust-analyzer-check

Community PRs: create a local branch for a branch coming from a fork

To trigger an Automated integration releases from this repository to npm or Manual integration releases from this repository to npm branches of forks need to be pulled into this repository so the Buildkite job is triggered. You can use these GitHub and git CLI commands to achieve that easily:

gh pr checkout 4375
git checkout -b integration/sql-nested-transactions
git push --set-upstream origin integration/sql-nested-transactions

If there is a need to re-create this branch because it has been updated, deleting it and re-creating will make sure the content is identical and avoid any conflicts.

git branch --delete integration/sql-nested-transactions
gh pr checkout 4375
git checkout -b integration/sql-nested-transactions
git push --set-upstream origin integration/sql-nested-transactions --force

Security

If you have a security issue to report, please contact us at security@prisma.io

No vulnerabilities found.

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

9

Security-Policy

Determines if the project has published a security policy.

5

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

Reason

detected GitHub workflow tokens with excessive permissions

Details

Warn: no topLevel permission defined: .github/workflows/build-engines-apple-intel-template.yml:1
Warn: no topLevel permission defined: .github/workflows/build-engines-apple-silicon-template.yml:1
Warn: no topLevel permission defined: .github/workflows/build-engines-linux-template.yml:1
Warn: no topLevel permission defined: .github/workflows/build-engines-react-native-template.yml:1
Warn: no topLevel permission defined: .github/workflows/build-engines-windows-template.yml:1
Warn: no topLevel permission defined: .github/workflows/build-engines-windows.yml:1
Warn: no topLevel permission defined: .github/workflows/build-engines.yml:1
Warn: no topLevel permission defined: .github/workflows/build-prisma-schema-wasm.yml:1
Warn: no topLevel permission defined: .github/workflows/codspeed.yml:1
Warn: no topLevel permission defined: .github/workflows/formatting.yml:1
Warn: no topLevel permission defined: .github/workflows/on-push-to-main.yml:1
Warn: no topLevel permission defined: .github/workflows/publish-prisma-schema-wasm.yml:1
Warn: no topLevel permission defined: .github/workflows/publish-query-engine-wasm.yml:1
Warn: no topLevel permission defined: .github/workflows/renovate.yml:1
Warn: no topLevel permission defined: .github/workflows/test-compilation.yml:1
Warn: no topLevel permission defined: .github/workflows/test-driver-adapters-template.yml:1
Warn: no topLevel permission defined: .github/workflows/test-quaint.yml:1
Warn: no topLevel permission defined: .github/workflows/test-query-engine-black-box.yml:1
Warn: no topLevel permission defined: .github/workflows/test-query-engine-template.yml:1
Warn: no topLevel permission defined: .github/workflows/test-query-engine.yml:1
Warn: no topLevel permission defined: .github/workflows/test-schema-engine.yml:1
Warn: no topLevel permission defined: .github/workflows/test-unit-tests.yml:1
Warn: no topLevel permission defined: .github/workflows/wasm-benchmarks.yml:1
Warn: no topLevel permission defined: .github/workflows/wasm-size.yml:1
Info: no jobLevel write permissions found

0

Fuzzing

Determines if the project uses fuzzing.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-apple-intel-template.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-apple-intel-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engines-apple-intel-template.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-apple-intel-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-apple-intel-template.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-apple-intel-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-apple-intel-template.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-apple-intel-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-apple-silicon-template.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-apple-silicon-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engines-apple-silicon-template.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-apple-silicon-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-apple-silicon-template.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-apple-silicon-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-apple-silicon-template.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-apple-silicon-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-linux-template.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-linux-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-linux-template.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-linux-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-linux-template.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-linux-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-linux-template.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-linux-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-react-native-template.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-react-native-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-windows-template.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-windows-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-windows-template.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-windows-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engines-windows-template.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-windows-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-windows-template.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-windows-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-windows.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-windows.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engines-windows.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-windows.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-windows.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-windows.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines-windows.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines-windows.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines.yml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines.yml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-engines.yml:323: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-engines.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-engines.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-prisma-schema-wasm.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/build-prisma-schema-wasm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codspeed.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/codspeed.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/codspeed.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/codspeed.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/codspeed.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/codspeed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/formatting.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/formatting.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/formatting.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/formatting.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/formatting.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/formatting.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/formatting.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/formatting.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/formatting.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/formatting.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/formatting.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/formatting.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/on-push-to-main.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/on-push-to-main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/on-push-to-main.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/on-push-to-main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-prisma-schema-wasm.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/publish-prisma-schema-wasm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-prisma-schema-wasm.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/publish-prisma-schema-wasm.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-prisma-schema-wasm.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/publish-prisma-schema-wasm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-query-engine-wasm.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/publish-query-engine-wasm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-query-engine-wasm.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/publish-query-engine-wasm.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-query-engine-wasm.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/publish-query-engine-wasm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/renovate.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/renovate.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/renovate.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/renovate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-compilation.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-compilation.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-compilation.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-compilation.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-compilation.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-compilation.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-driver-adapters-template.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-driver-adapters-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-driver-adapters-template.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-driver-adapters-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-driver-adapters-template.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-driver-adapters-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-driver-adapters-template.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-driver-adapters-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-driver-adapters-template.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-driver-adapters-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-quaint.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-quaint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-quaint.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-quaint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-quaint.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-quaint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-quaint.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-quaint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-query-engine-black-box.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-query-engine-black-box.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-query-engine-black-box.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-query-engine-black-box.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-query-engine-black-box.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-query-engine-black-box.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-query-engine-template.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-query-engine-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-query-engine-template.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-query-engine-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-query-engine-template.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-query-engine-template.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-query-engine-template.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-query-engine-template.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:227: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-schema-engine.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-schema-engine.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-unit-tests.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-unit-tests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-unit-tests.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/test-unit-tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wasm-benchmarks.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-benchmarks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wasm-benchmarks.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-benchmarks.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/wasm-benchmarks.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-benchmarks.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/wasm-benchmarks.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-benchmarks.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/wasm-benchmarks.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-benchmarks.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/wasm-benchmarks.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-benchmarks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wasm-size.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-size.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/wasm-size.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-size.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/wasm-size.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-size.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/wasm-size.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/prisma/prisma-engines/wasm-size.yml/main?enable=pin
Warn: containerImage not pinned by hash: docker/planetscale_proxy/Dockerfile:1
Warn: containerImage not pinned by hash: docker/planetscale_proxy/Dockerfile:5: pin your Docker image by updating alpine:latest to alpine:latest@sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb7527e017a4b4a
Warn: containerImage not pinned by hash: query-engine/driver-adapters/executor/bench/Dockerfile:1: pin your Docker image by updating postgres:16 to postgres:16@sha256:5d65b8bdb20369ea902b987aa63cfe4983130bc8cd2c25830d126636b80b608d
Warn: containerImage not pinned by hash: script/.profile-shell/Dockerfile:2
Warn: downloadThenRun not pinned by hash: script/.profile-shell/Dockerfile:7
Info: 0 out of 54 GitHub-owned GitHubAction dependencies pinned
Info: 1 out of 44 third-party GitHubAction dependencies pinned
Info: 0 out of 4 containerImage dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

5.4

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to @prisma/prisma-schema-wasm

Other packages similar to @prisma/prisma-schema-wasm

@prisma/prisma-schema-wasm

Installations

Pull Requests

91

4,418

684

3,643

Issues

79

534

455

Releases

Unable to fetch releases

Developer

Developer Guide

CommonJS

Yes

20.18.1

10.8.2

Statistics

Languages

Total Downloads

10,672,657

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Prisma Engines

What's in this repository

Documentation

Building Prisma Engines

Prisma Schema Language

Query Engine

Usage

Metrics

Schema Engine

Prisma format

Debugging

Testing

Set up & run tests:

Testing driver adapters

Testing engines in prisma/prisma

Automated integration releases from this repository to npm

Manual integration releases from this repository to npm

Parallel rust-analyzer builds

Community PRs: create a local branch for a branch coming from a fork

Security

10

10

10

10

10

9

5

0

0

0

0

0

0

5.4

/10

Testing engines in `prisma/prisma`