You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My server was attacked, but fortunately no damage was caused.
Upgrade Prisma to v7 and use prisma-client instead of prisma-client-js.
The biggest advantage is that you no longer need to use an engine written in Rust. Previously, I had to specify binaryTargets to deploy correctly on the server because my server's performance did not support building on it, and my local environment was different from the server's (my local environment was Arch Linux, corresponding to debian-openssl-3.0.x, but the server was Fedora, corresponding to rhel-openssl-3.0.x).
Upgrade better-auth
The passkey plugin was split to a separate package @better-auth/passkey.
Configure prettier
Otherwise, Prettier and ESLint will fight each other.
First of all, thank you very much for your contribution. This PR cannot be merged for the following reasons:
The dependency handling is inappropriate. Version numbers should not include the ^ symbol, as we need to pin exact versions to avoid compatibility risks.
We can't directly merge your Prisma upgrade because the project must be deployed across multiple different environments. In the past, we've encountered numerous compatibility issues that caused the project to fail at runtime, requiring extensive testing before any upgrade. (Adjustments to the database layer demand significant testing effort. If I have time, I’ll handle the upgrade myself—it’s genuinely quite troublesome and full of pitfalls.)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Just upgrade many, many dependencies...
The only thing I haven't updated is
@types/node.Major changes
Use caret ranges for package versions
Update Next.js to fix CVE-2025-66478.
My server was attacked, but fortunately no damage was caused.
Upgrade Prisma to v7 and use
prisma-clientinstead ofprisma-client-js.The biggest advantage is that you no longer need to use an engine written in Rust. Previously, I had to specify
binaryTargetsto deploy correctly on the server because my server's performance did not support building on it, and my local environment was different from the server's (my local environment was Arch Linux, corresponding todebian-openssl-3.0.x, but the server was Fedora, corresponding torhel-openssl-3.0.x).Upgrade better-auth
The passkey plugin was split to a separate package
@better-auth/passkey.Configure prettier
Otherwise, Prettier and ESLint will fight each other.