build(deps-dev): bump prisma from 5.22.0 to 7.4.0

[dependabot]

Bumps prisma from 5.22.0 to 7.4.0.

Release notes

Sourced from prisma's releases.

7.4.0

Today, we are excited to share the 7.4.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Caching in Prisma Client

Today’s release is a big one, as we introduce a new caching layer into Prisma ORM. But why the need for a caching layer?

In Prisma 7, the query compiler runs as a WebAssembly module directly on the JavaScript main thread. While this simplified the architecture by eliminating the separate engine process, it introduced a trade-off: every query now synchronously blocks the event loop during compilation.

For individual queries, compilation takes between 0.1ms and 1ms, which is barely noticeable in isolation. But under high concurrency this overhead adds up and creates event loop contention that affects overall application throughput.

For instance, say we have a query that is run over and over, but is a similar shape:

// These two queries have the same shape:
const alice = await prisma.user.findUnique({ where: { email: 'alice@prisma.io' } })
const bob = await prisma.user.findUnique({ where: { email: 'bob@prisma.io' } })

Prior to v7.4.0, this would be reevaluated ever time the query is run. Now, Prisma Client will extract the user-provided values and replaces them with typed placeholders, producing a normalized query shape:

prisma.user.findUnique({ where: { email: %1 } })   // cache key
                                         ↑
                              %1 = 'alice@prisma.io'  (or 'bob@prisma.io')

This normalized shape is used as a cache key. On the first call, the query is compiled as usual and the resulting plan is stored in an LRU cache. On every subsequent call with the same query shape, regardless of the actual values, the cached plan is reused instantly without invoking the compiler.

We have more details on the impact of this change and some deep dives into Prisma architecture in an upcoming blog post!

Partial Indexes (Filtered Indexes) Support

We're excited to announce Partial Indexes support in Prisma! This powerful community-contributed feature allows you to create indexes that only include rows matching specific conditions, significantly reducing index size and improving query performance.

Partial indexes are available behind the partialIndexes preview feature for PostgreSQL, SQLite, SQL Server, and CockroachDB, with full migration and introspection support.

Basic usage

Enable the preview feature in your schema:

generator client {
  provider        = "prisma-client-js"
</tr></table> 

... (truncated)

Commits

• 1df1c6d fix(cli-generator): outdated default generator provider (#29089)
• 710c25d fix: update dependencies to fix pnpm audit (#29128)
• fdabc1c fix(cli): remove Prisma Pulse from CLI help message (#29093)
• 1677a32 docs: fix broken getting started links across repository (#28948)
• 32e5614 chore(cli): bump hono and @prisma/dev, resolving hono vulnerability. (#...
• 2a44bb8 chore(cli): bump studio, fixing vitess introspection. (#29045)
• 011b6a6 chore: remove promotions (#29015)
• 90141bb chore(cli): bump studio, add northwind to sandbox. (#28985)
• fd479fd feat(qc): fast and small build modes (#28976)
• 815ba13 chore(cli): bump @prisma/dev, fix init usage following changes. (#28929)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for prisma since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 59a64ff556

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Keep prisma and @prisma/client on same major version

This change upgrades only prisma to ^7.4.0 while @prisma/client remains on the 5.x line (package.json still pins @prisma/client to ^5.18.0), creating a major-version skew in the Prisma toolchain. In this repo, prisma generate is part of CI and image builds, and running CLI 7 against client 5 is an unsupported combination that can fail generation/migrations or produce a client/runtime mismatch; upgrade @prisma/client together with prisma (or keep both on 5.x) to avoid breaking those flows.

Useful? React with 👍 / 👎.

[github-actions]

⚠️ Lighthouse checks were skipped (site returned 403 - likely blocked GitHub Actions IPs)