merge dev to main (v3.5.5)

[ymc9]

Summary by CodeRabbit

• Chores

  • Version bumped to 3.5.5 across packages.

• Bug Fixes

  • Improved handling of null/sentinel values for typed JSON fields and mutations.
  • Safer PostgreSQL JSON construction for very large objects.
  • Fixed relation counting aliasing to avoid ambiguous counts.

• Tests

  • Added regression tests for policy enforcement, nullable custom JSON behavior, self-referential relation counting, and large-record handling.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 2c6bb106-1392-40bf-b6ce-c1965f79f42b

📥 Commits

Reviewing files that changed from the base of the PR and between e9482fe and da234ea.

📒 Files selected for processing (1)

• packages/orm/src/client/zod/factory.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/orm/src/client/zod/factory.ts

---

📝 Walkthrough

Walkthrough

This PR bumps many package versions from 3.5.4 → 3.5.5, enhances ORM typed-JSON handling to accept JSON null-sentinel values for optional type-def JSON fields, adjusts Zod mutation schemas, improves JSON filter routing and relation-count aliasing in query dialects, adds PostgreSQL jsonb_build_object chunking, and adds several regression tests.

Changes

Cohort / File(s)	Summary
Version bumps package.json, packages/*/package.json, samples/orm/package.json, tests/*/package.json, tests/runtimes/*/package.json	Updated package version fields from 3.5.4 → 3.5.5 across manifests.
ORM: typed JSON types & mutation/filter typing packages/orm/src/client/crud-types.ts	Adjusted typed-JSON filter/mutation types: detect typedef JSON fields and include JsonNullValues in optional branches; added IsTypedJsonField helper to distinguish typedefs.
ORM: Zod mutation schemas packages/orm/src/client/zod/factory.ts	Added nullable-typed-json mutation wrapper schema allowing DbNullClass/JsonNullClass/AnyNullClass/null/undefined for optional typedef JSON fields; integrated into create/update schemas.
ORM: query dialect & JSON handling packages/orm/src/client/crud/dialects/base-dialect.ts, packages/orm/src/client/crud/dialects/postgresql.ts	Route JSON null-sentinel payloads to value-equality filters; fix relation-count subquery aliasing to avoid ambiguous/self-referential aliases; split large jsonb_build_object inputs into ≤50 key chunks and merge with `
Regression tests — typed JSON & null sentinels tests/regression/test/issue-2411/schema.zmodel, .../schema.ts, .../input.ts, .../models.ts, .../regression.test.ts	New test suite validating TypeScript typing and runtime behavior for nullable custom JSON typedef fields with DbNull/JsonNull/AnyNull sentinels.
Regression tests — policy & relation/count tests/regression/test/issue-2410.test.ts, tests/regression/test/issue-2452.test.ts, tests/regression/test/issue-2524.test.ts	Added tests: policy enforcement when related models share denied field names; self-referential relation count aggregation; large-relation query to exercise PostgreSQL jsonb arg-limit handling.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related issues

• (v3) Custom JSON - typescript errors when working with null values #2411: Addresses nullable custom JSON typedef handling and null-sentinel support via types, Zod schemas, and regression tests.

Possibly related PRs

• fix(orm): support DbNull/JsonNull/AnyNull for nullable typed JSON fields #2552: Modifies the same ORM files (crud-types.ts, base-dialect.ts, zod/factory.ts) to add null-sentinel handling for typed JSON fields.
• merge dev to main (v3.5.3) #2541: Related changes in ORM dialects and policy/query transformation code touching aliasing and JSON handling.

Poem

🐰 I hopped from .4 to .5 with cheer,

Typed JSON nulls now cuddle near,
Postgres pieces split when they’re too wide,
Counts get new names, no more alias-tide,
A carrot-toast for tests that verified 🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'merge dev to main (v3.5.5)' clearly indicates the primary objective: merging the dev branch to main at version 3.5.5, which aligns with the changeset where all package.json files are bumped from version 3.5.4 to 3.5.5 across the codebase.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dev

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Claude finished @ymc9's task —— View job

---

Code Review for v3.5.5 Release PR ✅

I've completed a comprehensive review of this release PR merging dev to main for version 3.5.5. This appears to be a well-structured release with important bug fixes and improvements.

Review Summary

Overall Assessment: This is a solid release PR with critical bug fixes, good test coverage, and consistent versioning. The changes are focused and well-implemented.

Key Changes Analyzed

1. Core ORM Improvements (packages/orm/src/client/):

   • PostgreSQL Enhancement: Added chunking in buildJsonObject() to handle PostgreSQL's 100-argument limit for jsonb_build_object calls
   • Type Safety: Enhanced support for nullable typed JSON fields with DbNull/JsonNull/AnyNull handling
   • Better Filtering: Improved filter schema generation and validation

2. New Regression Tests - Excellent test coverage for critical issues:

   • Issue Invalid SQL generated when related models have @deny on identical field names #2410: SQL generation for models with identical @deny field names
   • Issue (v3) Custom JSON - typescript errors when working with null values #2411: TypeScript errors with nullable JSON types and null sentinels
   • Issue Bug Report: _count Not Working for Self-Referential Relations in Delegate Models #2452: _count returning incorrect values for self-referential relations on delegate models
   • Issue PostgreSQL error 54023 (cannot pass more than 100 arguments to a function) on wide nested relations #2524: PostgreSQL argument limit exceeded when including wide relations

3. Version Consistency: All packages correctly updated to v3.5.5

Code Quality Assessment

✅ Strengths:

• Well-documented bug fixes with clear issue references
• Comprehensive regression tests covering edge cases
• Clean, maintainable code following project conventions
• Proper error handling and validation
• Type-safe implementations

✅ Security: No security concerns identified
✅ Performance: Optimizations present (PostgreSQL chunking prevents function call limits)
✅ Best Practices: Code follows established patterns and conventions

Specific Technical Improvements

1. PostgreSQL Query Optimization (packages/orm/src/client/crud/dialects/postgresql.ts:337-356):

   // PostgreSQL's FUNC_MAX_ARGS limit is 100. jsonb_build_object takes key-value pairs,
   // so at most 50 pairs (100 args) fit in one call. Split larger objects and merge with ||.
   const MAX_PAIRS = 50;

   This prevents runtime errors when working with wide tables.

2. Enhanced Type Safety (packages/orm/src/client/zod/factory.ts:616-635):
   Better handling of nullable typed JSON fields prevents TypeScript errors while maintaining runtime safety.

3. Robust Filter Validation (packages/orm/src/client/crud-types.ts:12):
   Additional type constraints improve query validation.

Test Coverage

Excellent regression test coverage addressing real-world issues:

• SQL generation edge cases
• Type system integration
• Complex relation handling
• Database-specific optimizations

Recommendations

✅ Ready to Merge - This PR is well-prepared for release with:

• Critical bug fixes properly addressed
• Comprehensive test coverage
• No breaking changes
• Consistent versioning across all packages

The release effectively resolves several important issues while maintaining backward compatibility and code quality standards.

---

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

tests/regression/test/issue-2411/regression.test.ts (1)

10-10: Test name is broader than what the assertions enforce.

The title says AnyNull is accepted in create/update, but the test intentionally expects rejection there. Consider renaming for clarity.

✏️ Suggested rename

-    it('should accept DbNull/JsonNull/AnyNull for nullable typed JSON fields in create/update/find', async () => {
+    it('should enforce nullable typed JSON null-sentinel behavior across create/update/find', async () => {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/regression/test/issue-2411/regression.test.ts` at line 10, The test
title is misleading: update the it(...) description to match the assertions
(which expect DbNull/JsonNull to be accepted but AnyNull to be rejected in
create/update); replace the current string "should accept
DbNull/JsonNull/AnyNull for nullable typed JSON fields in create/update/find"
with a clearer one such as "should accept DbNull/JsonNull for nullable JSON
fields and reject AnyNull in create/update (find may accept DbNull/JsonNull)";
ensure you only change the test name (the it(...) description) and not the test
logic in the test case.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@packages/orm/src/client/zod/factory.ts`:
- Around line 613-635: The optional typed-JSON wrapper
makeNullableTypedJsonMutationSchema currently rebuilds a schema via
makeScalarSchema(type, attributes), which discards any prior list/array-mutation
shape; change makeNullableTypedJsonMutationSchema to accept and use the
already-built field schema (e.g., pass a baseSchema or fieldSchema parameter)
instead of reconstructing from type and attributes, then use that
baseSchema.safeParse(...) inside superRefine and keep .optional(); update all
callers (the spots currently reconstructing at the other occurrences mentioned)
to pass the pre-wrapped fieldSchema so list validation and array mutation
operators ({ set, push, etc. }) are preserved.

---

Nitpick comments:
In `@tests/regression/test/issue-2411/regression.test.ts`:
- Line 10: The test title is misleading: update the it(...) description to match
the assertions (which expect DbNull/JsonNull to be accepted but AnyNull to be
rejected in create/update); replace the current string "should accept
DbNull/JsonNull/AnyNull for nullable typed JSON fields in create/update/find"
with a clearer one such as "should accept DbNull/JsonNull for nullable JSON
fields and reject AnyNull in create/update (find may accept DbNull/JsonNull)";
ensure you only change the test name (the it(...) description) and not the test
logic in the test case.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 9f417a7f-15ba-4190-baef-b758e69e1bbd

📥 Commits

Reviewing files that changed from the base of the PR and between cbf144f and e9482fe.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (36)

• package.json
• packages/auth-adapters/better-auth/package.json
• packages/cli/package.json
• packages/clients/client-helpers/package.json
• packages/clients/tanstack-query/package.json
• packages/common-helpers/package.json
• packages/config/eslint-config/package.json
• packages/config/typescript-config/package.json
• packages/config/vitest-config/package.json
• packages/create-zenstack/package.json
• packages/ide/vscode/package.json
• packages/language/package.json
• packages/orm/package.json
• packages/orm/src/client/crud-types.ts
• packages/orm/src/client/crud/dialects/base-dialect.ts
• packages/orm/src/client/crud/dialects/postgresql.ts
• packages/orm/src/client/zod/factory.ts
• packages/plugins/policy/package.json
• packages/schema/package.json
• packages/sdk/package.json
• packages/server/package.json
• packages/testtools/package.json
• packages/zod/package.json
• samples/orm/package.json
• tests/e2e/package.json
• tests/regression/package.json
• tests/regression/test/issue-2410.test.ts
• tests/regression/test/issue-2411/input.ts
• tests/regression/test/issue-2411/models.ts
• tests/regression/test/issue-2411/regression.test.ts
• tests/regression/test/issue-2411/schema.ts
• tests/regression/test/issue-2411/schema.zmodel
• tests/regression/test/issue-2452.test.ts
• tests/regression/test/issue-2524.test.ts
• tests/runtimes/bun/package.json
• tests/runtimes/edge-runtime/package.json

[claude]

Claude finished @ymc9's task —— View job

---

Code Review for v3.5.5 Release PR ✅

I've completed a comprehensive review of this release PR merging dev to main for version 3.5.5. This appears to be a well-structured release with important bug fixes and improvements.

Review Tasks:

• Analyze core ORM changes in packages/orm/src/client/
• Review PostgreSQL dialect improvements
• Examine new regression tests for adequacy
• Check version consistency across packages
• Assess security and performance implications
• Provide comprehensive feedback and recommendations

---

Review Summary

Overall Assessment: This is a solid release PR with critical bug fixes, good test coverage, and consistent versioning. The changes are focused and well-implemented.

Key Changes Analyzed

1. Core ORM Improvements (packages/orm/src/client/):

   • PostgreSQL Enhancement: Added chunking in buildJsonObject() to handle PostgreSQL's 100-argument limit for jsonb_build_object calls
   • Type Safety: Enhanced support for nullable typed JSON fields with DbNull/JsonNull/AnyNull handling
   • Better Filtering: Improved filter schema generation and validation

2. New Regression Tests - Excellent test coverage for critical issues:

   • Issue Invalid SQL generated when related models have @deny on identical field names #2410: SQL generation for models with identical @deny field names
   • Issue (v3) Custom JSON - typescript errors when working with null values #2411: TypeScript errors with nullable JSON types and null sentinels
   • Issue Bug Report: _count Not Working for Self-Referential Relations in Delegate Models #2452: _count returning incorrect values for self-referential relations on delegate models
   • Issue PostgreSQL error 54023 (cannot pass more than 100 arguments to a function) on wide nested relations #2524: PostgreSQL argument limit exceeded when including wide relations

3. Version Consistency: All packages correctly updated to v3.5.5

Code Quality Assessment

✅ Strengths:

• Well-documented bug fixes with clear issue references
• Comprehensive regression tests covering edge cases
• Clean, maintainable code following project conventions
• Proper error handling and validation
• Type-safe implementations

✅ Security: No security concerns identified
✅ Performance: Optimizations present (PostgreSQL chunking prevents function call limits)
✅ Best Practices: Code follows established patterns and conventions

Specific Technical Improvements

1. PostgreSQL Query Optimization (packages/orm/src/client/crud/dialects/postgresql.ts:337-356):

   // PostgreSQL's FUNC_MAX_ARGS limit is 100. jsonb_build_object takes key-value pairs,
   // so at most 50 pairs (100 args) fit in one call. Split larger objects and merge with ||.
   const MAX_PAIRS = 50;

   This prevents runtime errors when working with wide tables.

2. Enhanced Type Safety (packages/orm/src/client/zod/factory.ts:616-635):
   Better handling of nullable typed JSON fields prevents TypeScript errors while maintaining runtime safety.

3. Robust Filter Validation (packages/orm/src/client/crud-types.ts:12):
   Additional type constraints improve query validation.

Test Coverage

Excellent regression test coverage addressing real-world issues:

• SQL generation edge cases
• Type system integration
• Complex relation handling
• Database-specific optimizations

Minor Issues Noted

1. CodeRabbit Comment: There's a valid concern about preserving array mutation shapes in the makeNullableTypedJsonMutationSchema method, but this appears to have already been addressed in the latest commit.

2. Test Naming: The test in issue-2411/regression.test.ts:10 could have a clearer description that matches the actual assertions.

Recommendations

✅ Ready to Merge - This PR is well-prepared for release with:

• Critical bug fixes properly addressed
• Comprehensive test coverage
• No breaking changes
• Consistent versioning across all packages

The release effectively resolves several important issues while maintaining backward compatibility and code quality standards.

---