fix(deps): update dependency drizzle-orm to ^0.36.0 #150
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^0.35.0
->^0.36.0
Release Notes
drizzle-team/drizzle-orm (drizzle-orm)
v0.36.0
Compare Source
New Features
Row-Level Security (RLS)
With Drizzle, you can enable Row-Level Security (RLS) for any Postgres table, create policies with various options, and define and manage the roles those policies apply to.
Drizzle supports a raw representation of Postgres policies and roles that can be used in any way you want. This works with popular Postgres database providers such as
Neon
andSupabase
.In Drizzle, we have specific predefined RLS roles and functions for RLS with both database providers, but you can also define your own logic.
Enable RLS
If you just want to enable RLS on a table without adding policies, you can use
.enableRLS()
As mentioned in the PostgreSQL documentation:
Roles
Currently, Drizzle supports defining roles with a few different options, as shown below. Support for more options will be added in a future release.
If a role already exists in your database, and you don’t want drizzle-kit to ‘see’ it or include it in migrations, you can mark the role as existing.
Policies
To fully leverage RLS, you can define policies within a Drizzle table.
Example of pgPolicy with all available properties
Link Policy to an existing table
There are situations where you need to link a policy to an existing table in your database.
The most common use case is with database providers like
Neon
orSupabase
, where you need to add a policyto their existing tables. In this case, you can use the
.link()
APIMigrations
If you are using drizzle-kit to manage your schema and roles, there may be situations where you want to refer to roles that are not defined in your Drizzle schema. In such cases, you may want drizzle-kit to skip managing these roles without having to define each role in your drizzle schema and marking it with
.existing()
.In these cases, you can use
entities.roles
indrizzle.config.ts
. For a complete reference, refer to the thedrizzle.config.ts
documentation.By default,
drizzle-kit
does not manage roles for you, so you will need to enable this feature indrizzle.config.ts
.In case you need additional configuration options, let's take a look at a few more examples.
You have an
admin
role and want to exclude it from the list of manageable rolesYou have an
admin
role and want to include it in the list of manageable rolesIf you are using
Neon
and want to exclude Neon-defined roles, you can use the provider optionIf you are using
Supabase
and want to exclude Supabase-defined roles, you can use the provider optionRLS on views
With Drizzle, you can also specify RLS policies on views. For this, you need to use
security_invoker
in the view's WITH options. Here is a small example:Using with Neon
The Neon Team helped us implement their vision of a wrapper on top of our raw policies API. We defined a specific
/neon
import with thecrudPolicy
function that includes predefined functions and Neon's default roles.Here's an example of how to use the
crudPolicy
function:This policy is equivalent to:
Neon
exposes predefinedauthenticated
andanaonymous
roles and related functions. If you are usingNeon
for RLS, you can use these roles, which are marked as existing, and the related functions in your RLS queries.For example, you can use the
Neon
predefined roles and functions like this:Using with Supabase
We also have a
/supabase
import with a set of predefined roles marked as existing, which you can use in your schema.This import will be extended in a future release with more functions and helpers to make using RLS and
Supabase
simpler.For example, you can use the
Supabase
predefined roles like this:The
/supabase
import also includes predefined tables and functions that you can use in your applicationThis allows you to use it in your code, and Drizzle Kit will treat them as existing databases,
using them only as information to connect to other entities
Let's check an example of adding a policy to a table that exists in
Supabase
Bug fixes
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.