merge dev to main (v3.0.0-beta.15)

[ymc9]

Summary by CodeRabbit

Release Notes - v3.0.0-beta.15

• Chores

  • Version bumped to 3.0.0-beta.15 across all packages
  • Internal package structure reorganized for improved modularity

• Automation

  • Added GitHub Actions workflow to automatically update sample repositories on release, ensuring consistency with the latest changes

[coderabbitai]

Walkthrough

This PR introduces version 3.0.0-beta.15 across multiple packages, establishes a new @zenstackhq/schema package consolidating schema types and utilities, refactors schema handling in packages/orm by relocating the AuthType type and updating schema imports, and adds a GitHub Actions workflow to automate sample repository updates upon release.

Changes

Cohort / File(s)	Summary
Version bump to 3.0.0-beta.15 across monorepo package.json, packages/cli/package.json, packages/common-helpers/package.json, packages/config/eslint-config/package.json, packages/config/typescript-config/package.json, packages/config/vitest-config/package.json, packages/create-zenstack/package.json, packages/dialects/sql.js/package.json, packages/language/package.json, packages/plugins/policy/package.json, packages/server/package.json, packages/tanstack-query/package.json, packages/zod/package.json, samples/blog/package.json, tests/e2e/package.json, tests/regression/package.json	All package.json version fields updated from 3.0.0-beta.14 to 3.0.0-beta.15.
New @zenstackhq/schema package creation packages/schema/package.json, packages/schema/eslint.config.js, packages/schema/tsconfig.json, packages/schema/tsup.config.ts, packages/schema/src/index.ts, packages/schema/src/expression-utils.ts	New standalone schema package with build configuration, exports schema types from ./expression, expression utilities, and OperandExpression from kysely.
ORM schema refactoring and consolidation packages/orm/package.json, packages/orm/src/client/client-impl.ts, packages/orm/src/client/contract.ts, packages/orm/src/schema.ts, packages/orm/src/schema/auth.ts, packages/orm/src/schema/index.ts, packages/orm/tsup.config.ts	Moves AuthType type from schema/auth.ts to client/contract.ts; creates new schema.ts re-export module; adds schema package dependency; consolidates imports; removes prior schema index exports.
SDK schema export removal packages/sdk/package.json, packages/sdk/tsup.config.ts	Removes "./schema" export entry from package exports and removes schema entry point from tsup build config.
Schema import path migrations in dependent packages packages/orm/src/client/crud/validator/utils.ts, packages/testtools/package.json, packages/testtools/src/schema.ts, tests/e2e/orm/schemas/basic/helper.ts, tests/e2e/package.json	Updates import paths from @zenstackhq/sdk/schema to @zenstackhq/schema; adds @zenstackhq/schema as workspace dependency.
GitHub Actions workflow for sample repository updates .github/workflows/update-samples.yml	New automated workflow triggered on release publish and manual dispatch to update sample repositories with latest @zenstackhq packages via npm install and zen generate.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

• Specific areas requiring extra attention:
  • Verify AuthType conditional type logic semantics after relocation from packages/orm/src/schema/auth.ts to packages/orm/src/client/contract.ts
  • Confirm all schema import paths across the monorepo have been consistently updated from @zenstackhq/sdk/schema to @zenstackhq/schema
  • Validate that new packages/schema/src/index.ts exports align with consumer imports
  • Review GitHub Actions workflow matrix and conditional logic for package detection and update safety
  • Ensure packages/orm/tsup.config.ts entry point change (src/schema/index.ts → src/schema.ts) produces correct bundle outputs
  • Verify dependency ordering and workspace resolution in newly added @zenstackhq/schema dependencies

Possibly related PRs

• PR refactor: extract a runtime schema package #350: Extracts the new @zenstackhq/schema package and updates corresponding imports/exports across the monorepo with matching refactoring patterns.
• PR chore: add sample update workflow #353: Adds the identical GitHub Actions workflow (.github/workflows/update-samples.yml) for automating sample repository updates.
• PR chore: enable lint and CI #17: Modifies schema surface exports and type handling, including removal/relocation of AuthType type definition.

Poem

🐰 A schema so pure, now stands on its own,
In a brand new package, its seed freshly sown,
With types consolidated and imports made clean,
And samples auto-updated—oh, what a dream!
Version bump, workflows spark, the refactor's complete,
ZenStack hops forward, the future's so sweet! 🌱

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.
Title Check	❓ Inconclusive	The pull request title "merge dev to main (v3.0.0-beta.15)" is generic and describes a branch operation rather than the actual technical changes in the changeset. While it does reference the version number, the title fails to convey the primary work being done: the creation of a new @zenstackhq/schema package and refactoring of the schema module structure, along with the addition of a GitHub Actions workflow. A developer scanning the commit history would not understand the substantive changes from this title alone. The phrasing could apply to any release merge and does not provide specific, meaningful information about what has changed.	Consider revising the pull request title to describe the primary technical change more specifically, such as "Extract schema package and refactor module structure (v3.0.0-beta.15)" or "Create @zenstackhq/schema package and update imports (v3.0.0-beta.15)". This would help team members understand the main objective of the changeset when reviewing the pull request history.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dev

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Claude finished @ymc9's task —— View job

---

Pull Request Review

Reviewing the merge from dev to main (v3.0.0-beta.15). This appears to be a significant release with architectural changes.

Review Tasks

• Analyze the schema package extraction refactoring
• Review version consistency across packages
• Examine the new GitHub workflow
• Check for code quality and potential issues
• Provide comprehensive feedback

Review Summary

This PR represents a well-structured release preparation with significant architectural improvements. Here's my detailed analysis:

✅ Strengths

1. Schema Package Extraction

• Excellent architectural decision: Extracting runtime schema types into @zenstackhq/schema improves modularity
• Clean separation: Schema definitions, expressions, and utilities are now properly isolated
• Dependency management: ORM now properly depends on the schema package (packages/orm/package.json:66)
• Export structure: Clean re-export pattern in packages/orm/src/schema.ts:1 maintains backward compatibility

2. Version Consistency

• Perfect synchronization: All packages consistently updated to 3.0.0-beta.15
• Workspace dependencies: Proper use of workspace:* for internal dependencies
• Catalog dependencies: Good use of catalog: for shared external dependencies

3. GitHub Workflow Enhancement

• Smart automation: New workflow automatically updates sample repositories on releases
• Robust filtering: Uses GitHub topics (v3-sample) to identify target repositories
• Error handling: Includes checks for package.json existence and change detection
• Security: Uses PAT token appropriately for cross-repo operations

🔍 Code Quality Observations

Import Updates (packages/testtools/src/schema.ts:3, packages/orm/src/client/contract.ts:2)

• Imports correctly updated to use the new schema package
• Type-only imports used appropriately to avoid runtime dependencies

Client Implementation (packages/orm/src/client/client-impl.ts:13)

• Import structure properly updated for schema types
• No breaking changes to the public API

⚠️ Minor Considerations

1. GitHub Workflow Security

• The workflow uses a PAT token which is appropriate
• Consider adding branch protection or review requirements for automated commits
• Line 115: Pushes directly to repos - consider adding a flag to create PRs instead

2. Package Dependencies

• packages/sdk/package.json: Good removal of unused dependencies (lines 31-41)
• Consider adding peer dependency constraints for the new schema package

3. Build Configuration

• packages/orm/tsup.config.ts:1: Build config updated appropriately
• Schema package has proper dual export setup (ESM/CJS)

🚀 Performance & Security

Performance:

• Schema extraction should improve build times and reduce bundle size
• Proper tree-shaking enabled with the new package structure

Security:

• No security concerns identified
• Workflow uses appropriate permissions and token scoping

📋 Test Coverage

• Import updates in test files (tests/e2e/orm/schemas/basic/helper.ts:1) properly reflect new architecture
• No test coverage gaps identified from the changes

🎯 Recommendations

1. Documentation: Consider updating architectural documentation to reflect the schema package extraction
2. Migration Guide: Document any breaking changes for users (though public API appears preserved)
3. Workflow Enhancement: Consider adding a dry-run mode for the sample update workflow
4. Dependency Audit: Run pnpm audit to ensure all dependency updates are secure

🏆 Overall Assessment

Excellent work! This is a well-executed release with:

• Clean architectural improvements
• Consistent versioning
• Thoughtful automation
• No apparent breaking changes
• Good separation of concerns

The schema package extraction is a particularly smart move that will improve the project's maintainability and modularity going forward.

Recommendation: ✅ Approve and merge

---

[Copilot]

Pull Request Overview

This PR extracts schema-related type definitions from the @zenstackhq/sdk package into a new standalone @zenstackhq/schema package and bumps all package versions from 3.0.0-beta.14 to 3.0.0-beta.15. The refactoring reduces dependencies between packages by isolating runtime schema types.

• Created new @zenstackhq/schema package with schema type definitions and expression utilities
• Updated import paths from @zenstackhq/sdk/schema to @zenstackhq/schema across the codebase
• Added GitHub workflow to automatically update sample repositories with new package releases

Reviewed Changes

Copilot reviewed 36 out of 39 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
packages/schema/**	New package containing schema type definitions, expression types, and utility functions
packages/sdk/package.json, packages/sdk/tsup.config.ts	Removed /schema export entry point
packages/orm/**	Updated to depend on @zenstackhq/schema instead of @zenstackhq/sdk for schema types
packages/testtools/**, tests/e2e/**	Updated import paths to use new @zenstackhq/schema package
pnpm-lock.yaml	Updated workspace dependencies to include new schema package
.github/workflows/update-samples.yml	New workflow for automatically updating sample repositories
package.json, packages/*/package.json	Version bumped to 3.0.0-beta.15

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

Comments suppressed due to low confidence (2)

packages/schema/src/index.ts:3

• The OperandExpression type from kysely that was previously exported (as shown in the old packages/orm/src/schema/index.ts) is no longer exported from this package. If consumers need OperandExpression, they'll need to import it directly from kysely, which could be a breaking change. Consider documenting this in migration notes or re-exporting it here for compatibility.
  packages/schema/src/expression-utils.ts:69
• Redundant property assignment. The receiver parameter can be shortened to just receiver using ES6 object property shorthand syntax.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/update-samples.yml (1)

64-96: Consider package manager detection and error handling.

The workflow assumes all sample repositories use npm, but they might use yarn, pnpm, or bun. Additionally, there's no error handling if npm install or npx zen generate fail.

Consider these improvements:

1. Detect package manager before running install commands:

+            - name: Detect package manager
+              if: steps.check-package.outputs.exists == 'true'
+              id: detect-pm
+              run: |
+                  if [ -f "pnpm-lock.yaml" ]; then
+                    echo "manager=pnpm" >> $GITHUB_OUTPUT
+                  elif [ -f "yarn.lock" ]; then
+                    echo "manager=yarn" >> $GITHUB_OUTPUT
+                  elif [ -f "bun.lockb" ]; then
+                    echo "manager=bun" >> $GITHUB_OUTPUT
+                  else
+                    echo "manager=npm" >> $GITHUB_OUTPUT
+                  fi

2. Add error handling to the update step:

             - name: Update @zenstackhq packages to next
               if: steps.check-package.outputs.exists == 'true'
               run: |
+                  set -e  # Exit on error
                   # Get all @zenstackhq packages in the repo
                   PACKAGES=$(cat package.json | jq -r '
                     [.dependencies, .devDependencies] |
                     add |
                     to_entries |
                     map(select(.key | startswith("@zenstackhq/"))) |
                     map(.key) |
                     .[]
                   ')
 
                   if [ -z "$PACKAGES" ]; then
                     echo "No @zenstackhq packages found in ${{ matrix.repo }}"
                     exit 0
                   fi
 
                   echo "Updating packages in ${{ matrix.repo }}:"
                   echo "$PACKAGES"
 
                   # Update each package to next tag
                   for pkg in $PACKAGES; do
                     echo "Updating $pkg to next"
-                    npm install "$pkg@next"
+                    npm install "$pkg@next" || { echo "Failed to install $pkg"; exit 1; }
                   done
 
                   # Finally run zenstack generate
-                  npx zen generate
+                  npx zen generate || { echo "Failed to run zen generate"; exit 1; }

3. Update the cache setup to use detected package manager:

             - name: Use Node.js
               if: steps.check-package.outputs.exists == 'true'
               uses: actions/setup-node@v4
               with:
                   node-version: 20.x
-                  cache: 'npm'
+                  cache: ${{ steps.detect-pm.outputs.manager }}

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7706cc3 and 1f2edf1.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (36)

• .github/workflows/update-samples.yml (1 hunks)
• package.json (1 hunks)
• packages/cli/package.json (1 hunks)
• packages/common-helpers/package.json (1 hunks)
• packages/config/eslint-config/package.json (1 hunks)
• packages/config/typescript-config/package.json (1 hunks)
• packages/config/vitest-config/package.json (1 hunks)
• packages/create-zenstack/package.json (1 hunks)
• packages/dialects/sql.js/package.json (1 hunks)
• packages/language/package.json (1 hunks)
• packages/orm/package.json (2 hunks)
• packages/orm/src/client/client-impl.ts (1 hunks)
• packages/orm/src/client/contract.ts (1 hunks)
• packages/orm/src/client/crud/validator/utils.ts (1 hunks)
• packages/orm/src/schema.ts (1 hunks)
• packages/orm/src/schema/auth.ts (0 hunks)
• packages/orm/src/schema/index.ts (0 hunks)
• packages/orm/tsup.config.ts (1 hunks)
• packages/plugins/policy/package.json (1 hunks)
• packages/schema/eslint.config.js (1 hunks)
• packages/schema/package.json (1 hunks)
• packages/schema/src/expression-utils.ts (1 hunks)
• packages/schema/src/index.ts (1 hunks)
• packages/schema/tsconfig.json (1 hunks)
• packages/schema/tsup.config.ts (1 hunks)
• packages/sdk/package.json (1 hunks)
• packages/sdk/tsup.config.ts (0 hunks)
• packages/server/package.json (1 hunks)
• packages/tanstack-query/package.json (1 hunks)
• packages/testtools/package.json (2 hunks)
• packages/testtools/src/schema.ts (1 hunks)
• packages/zod/package.json (1 hunks)
• samples/blog/package.json (1 hunks)
• tests/e2e/orm/schemas/basic/helper.ts (1 hunks)
• tests/e2e/package.json (2 hunks)
• tests/regression/package.json (1 hunks)

💤 Files with no reviewable changes (3)

• packages/orm/src/schema/auth.ts
• packages/sdk/tsup.config.ts
• packages/orm/src/schema/index.ts

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-10-21T16:09:31.218Z

Learnt from: ymc9
Repo: zenstackhq/zenstack-v3 PR: 319
File: packages/runtime/src/client/executor/zenstack-query-executor.ts:63-72
Timestamp: 2025-10-21T16:09:31.218Z
Learning: In ZenStack, TypeDefs can be inherited by models. When a TypeDef contains fields with `map` attributes, those mapped field names need to be processed by the QueryNameMapper since they become part of the inheriting model's schema. Therefore, when checking if a schema has mapped names (e.g., in `schemaHasMappedNames`), both `schema.models` and `schema.typeDefs` must be inspected for `@map` and `map` attributes.

Applied to files:

• packages/testtools/src/schema.ts

🧬 Code graph analysis (1)

packages/orm/src/client/contract.ts (2)

packages/schema/src/schema.ts (2)

• SchemaDef (10-18)
• GetModels (109-109)

packages/orm/src/client/crud-types.ts (1)

• ModelResult (135-179)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Cleanup artifacts
• GitHub Check: build-test (20.x, sqlite)
• GitHub Check: build-test (20.x, postgresql)

🔇 Additional comments (27)

packages/tanstack-query/package.json (1)

3-3: Version bump looks good.

Consistent with the broader 3.0.0-beta.15 release across the monorepo. Workspace dependency remains unchanged.

packages/zod/package.json (1)

3-3: Version bump is consistent.

Updated to 3.0.0-beta.15 as part of the release. No dependency or export changes.

packages/config/vitest-config/package.json (1)

4-4: Version bump is correct.

Updated to 3.0.0-beta.15. Exports and configuration remain stable.

packages/language/package.json (1)

4-4: Version bump is correct.

Updated to 3.0.0-beta.15. Public exports and API surface remain unchanged. DevDependencies (vitest-config) properly tracked.

packages/dialects/sql.js/package.json (1)

3-3: Version bump is good.

Updated to 3.0.0-beta.15. All exports and dependencies remain stable.

packages/schema/tsconfig.json (1)

1-7: New schema package TypeScript config looks good.

Follows the established pattern by extending the shared base TypeScript config. Disabling noUnusedLocals is reasonable during package consolidation. The include glob properly targets sources.

packages/server/package.json (1)

3-3: Version bump is correct.

Updated to 3.0.0-beta.15. All framework-specific exports and dependencies remain stable.

packages/cli/package.json (1)

6-6: Version bump is correct.

Updated to 3.0.0-beta.15. CLI bin entries and all dependencies remain stable. Workspace references properly maintained.

packages/orm/src/client/crud/validator/utils.ts (1)

2-10: No issues found—import migration is complete and correct.

All seven imported types (AttributeApplication, BinaryExpression, CallExpression, Expression, FieldExpression, MemberExpression, UnaryExpression) are properly re-exported from the @zenstackhq/schema package entry point via packages/schema/src/index.ts. Type definitions maintain compatible structures, the old import path has been completely removed from the codebase, and the dependency in packages/orm/package.json has been correctly updated.

packages/orm/package.json (1)

64-76: No issues found—schema export consolidation is properly implemented.

The ORM's ./schema export correctly re-exports from @zenstackhq/schema via packages/orm/src/schema.ts, with no circular dependencies or duplication. The consolidation follows a clean pattern: the dependency is properly added, schema types are made available through the export map, and no breaking changes are introduced.

package.json (1)

3-3: LGTM! Version bump to beta.15.

The version bump is clean and consistent with the PR objectives.

packages/schema/eslint.config.js (1)

1-4: LGTM! Standard ESLint configuration.

The ESLint config follows the standard pattern used across the monorepo packages.

packages/orm/src/schema.ts (1)

1-2: LGTM! Clean schema re-export module.

This module effectively consolidates schema exports from the new @zenstackhq/schema package and Kysely's OperandExpression type, providing a convenient single import point for ORM consumers.

packages/orm/tsup.config.ts (1)

6-6: LGTM! Build entry updated to match new schema structure.

The schema entry point has been correctly updated from the nested src/schema/index.ts to the flat src/schema.ts module, aligning with the schema refactoring.

packages/common-helpers/package.json (1)

3-3: LGTM! Version bump to beta.15.

Consistent version update across the monorepo.

packages/sdk/package.json (2)

3-3: LGTM! Version bump to beta.15.

---

18-29: Verification confirms safe and complete refactoring.

Migration to @zenstackhq/schema is complete:

• ✓ No imports from old @zenstackhq/sdk/schema path found anywhere
• ✓ New @zenstackhq/schema package actively used in 4 files (orm, testtools, e2e tests)
• ✓ Schema generation utilities preserved in main SDK export
• ✓ No broken references or orphaned code

The architectural consolidation is sound and poses no risk to the codebase.

packages/schema/tsup.config.ts (1)

1-13: LGTM! Standard build configuration for new schema package.

The tsup configuration follows the established patterns used across the monorepo, with appropriate settings for dual-format builds (CJS/ESM), source maps, and type declarations.

packages/orm/src/client/client-impl.ts (1)

15-21: Refactoring verified as complete and correct.

The verification confirms:

• AuthType is correctly imported from './contract' in client-impl.ts (line 16)
• AuthType is properly exported from contract.ts (line 808)
• No remaining references to the old schema/auth path exist in the codebase
• All usages throughout client-impl.ts and contract.ts are consistent with the new import path

packages/orm/src/client/contract.ts (1)

808-813: LGTM! AuthType relocation is clean.

The inline definition of AuthType maintains the same conditional logic as before. The type correctly handles three scenarios: generic string models, typed auth models, and invalid configurations.

packages/schema/package.json (1)

1-37: LGTM! Well-structured package manifest.

The new @zenstackhq/schema package is properly configured with dual module exports (ESM/CJS), appropriate build scripts, and minimal dependencies.

tests/e2e/orm/schemas/basic/helper.ts (1)

1-1: LGTM! Import path correctly updated.

The import path has been updated to use the new @zenstackhq/schema package, aligning with the schema consolidation effort.

packages/schema/src/expression-utils.ts (1)

14-18: LGTM! Improved import clarity and documentation.

The more explicit import path (./expression vs .) and the addition of JSDoc documentation improve code maintainability.

packages/testtools/src/schema.ts (1)

3-3: LGTM! Import path correctly updated.

The import path has been updated to use the new @zenstackhq/schema package, maintaining consistency with the schema consolidation effort across the codebase.

tests/e2e/package.json (1)

3-3: LGTM! Version and dependency updates are consistent.

The version bump to 3.0.0-beta.15 and the addition of the @zenstackhq/schema dependency align with the schema consolidation effort in this PR.

Also applies to: 18-18

packages/testtools/package.json (1)

3-3: LGTM! Version and dependency updates are consistent.

The version bump to 3.0.0-beta.15 and the addition of the @zenstackhq/schema dependency support the import path changes in src/schema.ts.

Also applies to: 36-36

packages/schema/src/index.ts (1)

1-3: LGTM! Clean refactoring of public exports.

The addition of export * from './expression-utils' appropriately uses a non-type export (unlike lines 1 and 3), which is correct for a utilities module that likely exports runtime functions. This refactoring consolidates expression-related utilities into a local module rather than re-exporting from external dependencies.