Skip to content

chore(neon-adapter): bump @neondatabase/serverless to 1.0.1 #13250

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(neon-adapter): bump @neondatabase/serverless to 1.0.1 #13250

wants to merge 1 commit into from

Conversation

thenovatasha
Copy link

Description

Bumps @neondatabase/serverless dependency from 0.10.4 to 1.0.1 for the Neon adapter.

Changes

  • Updated @neondatabase/serverless version in package.json from 0.10.4 to 1.0.1

Compatibility Verification

The existing adapter code is fully compatible with version 1.0.1 because:

  • API Stability: The Pool interface and client.query() method signatures remain unchanged
  • Result Structure: result.rows and result.rowCount behavior is identical
  • Type Definitions: TypeScript interfaces are compatible
  • No Breaking Changes: Version 1.0.1 introduced internal optimizations but maintained backward compatibility

Testing

Test script (adapter-neon/tests/) runs, and test passes.

🧢 Checklist

  • This is a non-breaking change (dependency bump only)
  • Documentation
  • Tests
  • Ready to be merged

🎫 Affected issues

Fixes: #13249

@vercel Vercel
Copy link

vercel bot commented Sep 26, 2025

@thenovatasha is attempting to deploy a commit to the authjs Team on Vercel.

A member of the Team first needs to authorize it.

@vercel Vercel
Copy link

vercel bot commented Sep 26, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
auth-docs Error Error Sep 26, 2025 4:29pm
1 Skipped Deployment
Project Deployment Preview Comments Updated (UTC)
next-auth-docs Ignored Ignored Preview Sep 26, 2025 4:29pm

@github-actions github-actions bot added adapters Changes related to the core code concerning database adapters neon labels Sep 26, 2025
@socket-security Socket Security
Copy link

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​builder.io/​qwik-city@​1.13.0 ⏵ 1.5.598 +325 -757994100
Added@​graphql-typed-document-node/​core@​3.2.01001005882100
Added@​balazsorban/​monorepo-release@​0.5.1731006976100
Added@​types/​uuid@​8.3.41001007083100
Added@​graphql-codegen/​client-preset@​4.1.0991007099100
Added@​sveltejs/​adapter-auto@​3.2.5991007090100
Added@​types/​set-cookie-parser@​2.4.101001007178100
Added@​types/​express@​4.17.211001007181100
Added@​types/​pug@​2.0.101001007177100
Added@​types/​pouchdb@​6.4.2961007178100
Added@​radix-ui/​react-tabs@​1.1.1991007198100
Added@​sveltejs/​adapter-auto@​1.0.0-next.911001007290100
Added@​types/​pg@​8.11.01001007386100
Added@​types/​jsonwebtoken@​8.5.91001007380100
Added@​types/​morgan@​1.9.91001007379100
Added@​sveltejs/​package@​2.3.51001007493100
Added@​radix-ui/​react-accordion@​1.2.1991007496100
Added@​inkeep/​widgets@​0.2.28981100748580
Added@​types/​react-dom@​18.2.181001007593100
Addedvite@​5.3.196758399100
Added@​graphql-codegen/​cli@​5.0.0961007798100
Added@​types/​nodemailer@​6.4.61001007789100
Added@​miniflare/​d1@​2.14.21001007977100
Updated@​types/​eslint@​8.56.12 ⏵ 8.56.101001007878100
Added@​simplewebauthn/​types@​9.0.11001007880100
Added@​types/​supertest@​2.0.161001009479100
Updated@​builder.io/​qwik@​1.13.0 ⏵ 1.7.399 +11007993 +1100
Added@​types/​react@​18.0.371001007994100
Added@​types/​react@​18.2.781001007996100
Added@​sveltejs/​kit@​2.6.494887999100
Added@​solidjs/​meta@​0.28.7961009380100
Updated@​types/​node@​20.17.47 ⏵ 20.12.71001008195 -1100
Added@​sveltejs/​vite-plugin-svelte@​3.1.21001008198100
See 22 more rows in the dashboard

View full report

@socket-security Socket Security
Copy link

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn Critical
@builder.io/[email protected] has a Critical CVE.

CVE: GHSA-qr9h-j6xg-2j72 Qwik's unhandled exception vulnerabilty can cause server crashes from malicious requests (CRITICAL)

Affected versions: < 1.13.0

Patched version: 1.13.0

From: apps/dev/qwik/package.jsonnpm/@builder.io/[email protected]

ℹ Read more on: This package | This alert | What is a critical CVE?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@builder.io/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ndom91 ndom91 Awaiting requested review from ndom91 ndom91 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
adapters Changes related to the core code concerning database adapters neon
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

chore(neon-adapter): Compilation issues due to Typescript type mismatch
1 participant
@thenovatasha