Releases: cerebruminc/yates
Releases · cerebruminc/yates
v4.0.0
25 Feb 16:15
Compare
Sorry, something went wrong.
No results found
4.0.0 (2026-02-25)⚠ BREAKING CHANGES
refactor permissions to query filters
Features
Refactor permissions to query filters (06d1007 )
replace RLS/role switching with query-based ability filters
update tests/types to new expression API and nested enforcement
add v1 -> v2 migration guide and link in README
No DB role switching or RLS migrations
No SET ROLE, no RLS policies to maintain, and no per‑request transaction wrappers just to apply permissions.
Portable across environments & tooling
RLS requires specific Postgres setup; the new approach runs anywhere Prisma runs (dev, CI, tests) without special DB setup.
Easier to test and reason about
Permission logic is in one place (TypeScript) and can be unit/integration tested without DB policy scaffolding.
Better ergonomics for app teams
Permissions are expressed as Prisma where filters that feel familiar and can be built from app context.
No implicit permission gaps from raw SQL
RLS is bypassed if a query doesn’t run under the right role. With the new approach, Yates intercepts Prisma operations consistently.
Works with Prisma client extensions
No dependency on middleware ordering inside DB transactions, fewer surprises.
App‑side enforcement, not DB‑side
If someone bypasses Prisma (raw SQL in another process), the database won’t enforce permissions.
Potentially extra queries
For create checks with relation filters, Yates may do preflight reads.
v3.8.1
15 Nov 18:17
Compare
Sorry, something went wrong.
No results found
3.8.1 (2025-11-15)Bug Fixes
update prepublishOnly script to include generate step before build (4f95180 )
v3.8.0
15 Nov 18:08
Compare
Sorry, something went wrong.
No results found
3.8.0 (2025-11-15)Features
add test for multiple Yates clients operating in the same DB (b35e2ed )
refactor internal to use a class with inner state for tracking database scope (0d00e29 )
Bug Fixes
scope postgres roles to database (239f804 )
v3.7.2
14 Nov 12:22
Compare
Sorry, something went wrong.
No results found
3.7.2 (2025-11-14)Bug Fixes
use default abilities for wildcard abilities (4c22fa0 )
v3.7.1
13 Nov 11:24
Compare
Sorry, something went wrong.
No results found
3.7.1 (2025-11-13)Bug Fixes
remove edge case chance of SET ROLE leaking (35a7394 )
v3.7.0
01 Oct 13:20
Compare
Sorry, something went wrong.
No results found
3.7.0 (2025-08-27)Features
add npm audit action over the yates repo (a7b1563 )
Bug Fixes
security vulnerabilities by running npm audit fix (3a507d8 )
v3.6.3
16 Jun 13:45
Compare
Sorry, something went wrong.
No results found
3.6.3 (2025-06-16)Bug Fixes
correct postgres reference in escape.ts (25ff473 )
sanitize all hyphens in slug generation (b05ab55 )
v3.6.2
05 Mar 13:29
Compare
Sorry, something went wrong.
No results found
3.6.2 (2025-02-13)Bug Fixes
ci: upgrade base image to run integration-tests workflow (2bdb0b3 )
v3.6.1
16 Nov 22:40
Compare
Sorry, something went wrong.
No results found
3.6.1 (2024-11-04)Bug Fixes
remove unnecessary yates_id field on transaction (93f3a1f )
v3.6.0
02 Nov 03:32
Compare
Sorry, something went wrong.
No results found
3.6.0 (2024-11-02)Features
improve performance (esp. n+1) by batching requests (0ff5d67 )
