chore(deps)(deps): bump the production-dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the production-dependencies group with 6 updates in the /backend directory:

Package	From	To
@aws-sdk/client-s3	3.1000.0	3.1053.0
prisma	7.4.2	7.8.0
@prisma/adapter-pg	7.4.2	7.8.0
@prisma/client	7.4.2	7.8.0
@types/formidable	3.4.7	3.5.1
pg	8.19.0	8.21.0

Updates @aws-sdk/client-s3 from 3.1000.0 to 3.1053.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1053.0

3.1053.0(2026-05-22)

Documentation Changes

• client-gameliftstreams: Added new Gen6 stream classes based on the EC2 G6e instance family. These classes are designed for streaming high-fidelity, graphically demanding games and applications that benefit from additional GPU memory and performance. (bf88fa50)

New Features

• clients: update client endpoints as of 2026-05-22 (3518814a)
• client-appconfig: Adding new BDD representation of endpoint ruleset (e757a915)
• client-repostspace: Adding new BDD representation of endpoint ruleset (15fec74b)
• client-ivs-realtime: Adding new BDD representation of endpoint ruleset (adeea78b)
• client-cloudcontrol: Adding new BDD representation of endpoint ruleset (2e7ef3bf)
• client-tnb: Adding new BDD representation of endpoint ruleset (f07457cb)
• client-sso-oidc: Adding new BDD representation of endpoint ruleset (2e909d25)
• client-s3vectors: Adding new BDD representation of endpoint ruleset (4071f1a4)
• client-internetmonitor: Adding new BDD representation of endpoint ruleset (117e04a9)
• client-freetier: Adding new BDD representation of endpoint ruleset (e3cf14a2)
• client-oam: Adding new BDD representation of endpoint ruleset (5a30b722)
• client-forecastquery: Adding new BDD representation of endpoint ruleset (ada5ae32)
• client-customer-profiles: Adding new BDD representation of endpoint ruleset (9de89c10)
• client-migration-hub-refactor-spaces: Adding new BDD representation of endpoint ruleset (a4e5e7ba)
• client-controltower: Adding new BDD representation of endpoint ruleset (b99b7a18)
• client-databrew: Adding new BDD representation of endpoint ruleset (4a1bcdb9)
• client-b2bi: Adding new BDD representation of endpoint ruleset (66bb63d1)
• client-simspaceweaver: Adding new BDD representation of endpoint ruleset (c6617b6d)
• client-emr-containers: Adding new BDD representation of endpoint ruleset (e99cccbd)
• client-bcm-recommended-actions: Adding new BDD representation of endpoint ruleset (45477f08)
• client-forecast: Adding new BDD representation of endpoint ruleset (5964d82b)
• client-neptunedata: Adding new BDD representation of endpoint ruleset (418745d5)
• client-qconnect: Added guardrail assessment results to inference spans in the ListSpans API. You can now see which AI Guardrail policies were evaluated, whether content was blocked or masked, and per-policy details for each Bedrock Converse call (0213a862)
• client-bcm-pricing-calculator: Adding new BDD representation of endpoint ruleset (69e44c0d)
• client-panorama: Adding new BDD representation of endpoint ruleset (d227732b)
• client-license-manager-user-subscriptions: Adding new BDD representation of endpoint ruleset (7fd5d202)
• client-partnercentral-account: Adding new BDD representation of endpoint ruleset (ad88edbb)
• client-schemas: Adding new BDD representation of endpoint ruleset (d8835cfc)
• client-pi: Added ListPerformanceAnalysisReportRecommendations API to retrieve recommendations for a performance analysis report. Added analysis configuration support to CreatePerformanceAnalysisReport for enhanced analysis types such as vacuum analysis. (b09c19bf)
• client-outposts: Adding new BDD representation of endpoint ruleset (6e7917a6)
• client-frauddetector: Adding new BDD representation of endpoint ruleset (9c130d58)
• client-network-firewall: Adding new BDD representation of endpoint ruleset (963a1286)
• client-geo-places: Adding new BDD representation of endpoint ruleset (965ac97a)
• client-sesv2: Adding new BDD representation of endpoint ruleset (6f1bd2e8)
• client-bedrock-agent-runtime: Adding new BDD representation of endpoint ruleset (7ac37e3a)
• client-rbin: Adding new BDD representation of endpoint ruleset (5e73fd45)
• client-codestar-notifications: Adding new BDD representation of endpoint ruleset (d95ca14c)
• client-application-signals: Adding new BDD representation of endpoint ruleset (38a20bfa)
• client-ec2: The ModifyInstanceAttribute API now supports modification of EnclaveOptions for the instance as a typed parameter. (bc91aa62)
• client-marketplace-discovery: Adding new BDD representation of endpoint ruleset (45132960)
• client-notificationscontacts: Adding new BDD representation of endpoint ruleset (e9ca97ab)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1053.0 (2026-05-22)

Note: Version bump only for package @​aws-sdk/client-s3

3.1052.0 (2026-05-21)

Note: Version bump only for package @​aws-sdk/client-s3

3.1051.0 (2026-05-20)

Note: Version bump only for package @​aws-sdk/client-s3

3.1050.0 (2026-05-19)

Note: Version bump only for package @​aws-sdk/client-s3

3.1049.0 (2026-05-18)

Bug Fixes

• client-sts: update imports to new module locations (#8025) (be183b6)

3.1048.0 (2026-05-15)

Note: Version bump only for package @​aws-sdk/client-s3

... (truncated)

Commits

• ef69ea6 Publish v3.1053.0
• 443d6be Publish v3.1052.0
• 0d6242d chore(codegen): update @​smithy dependencies (#8038)
• b825c13 Publish v3.1051.0
• bdc9fc6 Publish v3.1050.0
• 04d52f3 Publish v3.1049.0
• be183b6 fix(client-sts): update imports to new module locations (#8025)
• 313813d Publish v3.1048.0
• 1af9047 chore(codegen): updated import sources for aws-sdk core (#8015)
• eabae7d chore(codegen): sync for browser bundle fixes (#8022)
• Additional commits viewable in compare view

Updates prisma from 7.4.2 to 7.8.0

Release notes

Sourced from prisma's releases.

7.8.0

Today, we are excited to share the 7.8.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

Prisma Client

• Added a queryPlanCacheMaxSize option to the PrismaClient constructor for fine-grained control over the query plan cache. Pass 0 to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (#29503)

Bug Fixes

Prisma Client

• Fixed an equality filter panic and incorrect ::jsonb cast when filtering on PostgreSQL JSON list columns. Queries using where: { jsonListField: { equals: [...] } }prisma/prisma-engines#5804
• Fixed case-insensitive JSON field filtering (mode: insensitive), allowing where: { jsonField: { equals: "...", mode: "insensitive" } }prisma/prisma-engines#5806
• Fixed incorrect parameterization of enum values that have a custom database name set via @map. (#29422)
• Fixed a database parameter limit check (P2029), which could incorrectly reject or miss over-limit queries. (#29422)
• Fixed a regression that caused missing SQL Server VARCHARprisma/prisma-engines#5801

Schema Engine

• Fixed a misleading error message in prisma migrate diff that referenced the --shadow-database-url CLI flag, which was removed in Prisma 7. (#29455)
• Fixed prisma migrate dev (and shadow database migration replay in general) failing with CREATE INDEX CONCURRENTLY cannot run inside a transaction blockprisma/prisma-engines#5799
• Fixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form pg_catalog.nextval('sequence_name'::regclass) instead of the bare nextval(...). Columns backed by sequences now correctly appear as @default(autoincrement())prisma/prisma-engines#5802

Driver Adapters

• @​prisma/adapter-d1: Savepoint operations (createSavepoint, rollbackToSavepoint, releaseSavepoint) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (#29499)

Open roles at Prisma

Interested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that's right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

7.7.0

Today, we are excited to share the 7.7.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

... (truncated)

Commits

• 5723406 fix(cli): route bootstrap telemetry to Prisma Web Properties project (#29473)
• 8e71aa7 fix(cli): install missing @prisma/client in prisma bootstrap (#29444)
• ada077b fix(cli): bootstrap UX — auto-install deps, resumable flow, timeout handling ...
• 9b0b7f5 feat(cli): add prisma bootstrap command (#29374)
• 5fece0a chore: bump @​prisma/dev to 0.24.3 (#29396)
• 45d7e0f feat(cli): add prisma postgres link command (#29352)
• adbdf15 Pre-bundle Studio frontend assets and replace Hono (#29389)
• f8258ad chore: bump effect to fix vulnerability (#29384)
• 74839a9 feat(cli): update bundled @​prisma/studio-core to 0.27.3 (#29376)
• 309b4bc refactor: extract 'prisma-client-js' into PRISMA_CLIENT_JS_PROVIDER constant ...
• Additional commits viewable in compare view

Updates @prisma/adapter-pg from 7.4.2 to 7.8.0

Release notes

Sourced from @​prisma/adapter-pg's releases.

7.8.0

Today, we are excited to share the 7.8.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

Prisma Client

• Added a queryPlanCacheMaxSize option to the PrismaClient constructor for fine-grained control over the query plan cache. Pass 0 to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (#29503)

Bug Fixes

Prisma Client

• Fixed an equality filter panic and incorrect ::jsonb cast when filtering on PostgreSQL JSON list columns. Queries using where: { jsonListField: { equals: [...] } }prisma/prisma-engines#5804
• Fixed case-insensitive JSON field filtering (mode: insensitive), allowing where: { jsonField: { equals: "...", mode: "insensitive" } }prisma/prisma-engines#5806
• Fixed incorrect parameterization of enum values that have a custom database name set via @map. (#29422)
• Fixed a database parameter limit check (P2029), which could incorrectly reject or miss over-limit queries. (#29422)
• Fixed a regression that caused missing SQL Server VARCHARprisma/prisma-engines#5801

Schema Engine

• Fixed a misleading error message in prisma migrate diff that referenced the --shadow-database-url CLI flag, which was removed in Prisma 7. (#29455)
• Fixed prisma migrate dev (and shadow database migration replay in general) failing with CREATE INDEX CONCURRENTLY cannot run inside a transaction blockprisma/prisma-engines#5799
• Fixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form pg_catalog.nextval('sequence_name'::regclass) instead of the bare nextval(...). Columns backed by sequences now correctly appear as @default(autoincrement())prisma/prisma-engines#5802

Driver Adapters

• @​prisma/adapter-d1: Savepoint operations (createSavepoint, rollbackToSavepoint, releaseSavepoint) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (#29499)

Open roles at Prisma

Interested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that's right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

7.7.0

Today, we are excited to share the 7.7.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

... (truncated)

Commits

• f2ca67e feat: pg statement name generator (#29395)
• 4131568 fix: set @​types/pg to ^8.16.0 (#29390)
• 33667c3 fix(adapter-pg): handle both quoted/unquoted column names in ColumnNotFound e...
• e97b3e0 feat(adapter-pg): accept connection string URL in PrismaPg constructor (#29287)
• fc38fb7 Make @​types/pg a direct dependency of adapter-pg (#29277)
• 6091e02 feat: add support for nested transaction rollbacks via savepoints in sql (#21...
• See full diff in compare view

Updates @prisma/client from 7.4.2 to 7.8.0

Release notes

Sourced from @​prisma/client's releases.

7.8.0

Today, we are excited to share the 7.8.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

Prisma Client

• Added a queryPlanCacheMaxSize option to the PrismaClient constructor for fine-grained control over the query plan cache. Pass 0 to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (#29503)

Bug Fixes

Prisma Client

• Fixed an equality filter panic and incorrect ::jsonb cast when filtering on PostgreSQL JSON list columns. Queries using where: { jsonListField: { equals: [...] } }prisma/prisma-engines#5804
• Fixed case-insensitive JSON field filtering (mode: insensitive), allowing where: { jsonField: { equals: "...", mode: "insensitive" } }prisma/prisma-engines#5806
• Fixed incorrect parameterization of enum values that have a custom database name set via @map. (#29422)
• Fixed a database parameter limit check (P2029), which could incorrectly reject or miss over-limit queries. (#29422)
• Fixed a regression that caused missing SQL Server VARCHARprisma/prisma-engines#5801

Schema Engine

• Fixed a misleading error message in prisma migrate diff that referenced the --shadow-database-url CLI flag, which was removed in Prisma 7. (#29455)
• Fixed prisma migrate dev (and shadow database migration replay in general) failing with CREATE INDEX CONCURRENTLY cannot run inside a transaction blockprisma/prisma-engines#5799
• Fixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form pg_catalog.nextval('sequence_name'::regclass) instead of the bare nextval(...). Columns backed by sequences now correctly appear as @default(autoincrement())prisma/prisma-engines#5802

Driver Adapters

• @​prisma/adapter-d1: Savepoint operations (createSavepoint, rollbackToSavepoint, releaseSavepoint) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (#29499)

Open roles at Prisma

Interested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that's right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

7.7.0

Today, we are excited to share the 7.7.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

... (truncated)

Commits

• 62b44ac chore(deps): update engines to 7.8.0-5.e96eae70cf4ade6a15d7e6064d5b0b4f7d835d...
• 4104864 feat: add a query plan cache size parameter (#29503)
• 723ba7b chore(deps): update engines to 7.8.0-4.8c287008617e9b12f313df99e2c821ae61ea9a...
• cadbafe chore(deps): update engines to 7.8.0-2.3187e3937290320ba3c7dbd5aa94af67942b44...
• f705533 chore(deps): update engines to 7.8.0-1.7b80cc56c645c6e03c7541474e6a7c8d91b70d...
• fbab4e8 Fix 29271 (#29303)
• 6a3c3cc chore: extract parameterization to client-engine-runtime (#29422)
• 5b420f8 fix(client): prevent caching of createMany queries to avoid cache bloat and p...
• 30f0af6 feat: dmmf streaming with an E2E test (#29377)
• 14c3c2e fix: pin E2E typescript to prevent 6 upgrade (#29383)
• Additional commits viewable in compare view

Updates @types/formidable from 3.4.7 to 3.5.1

Commits

• See full diff in compare view

Updates pg from 8.19.0 to 8.21.0

Changelog

Sourced from pg's changelog.

pg@8.21.0

• Handle SASL SCRAM server error responses properly.
• Add support for node@26.
• Add scramMaxIterations config option.
• Add client.getTransactionStatus() method.

pg@8.20.0

• Add onConnect callback to pg.Pool constructor options allowing for async initialization of newly created & connected pooled clients.

Commits

• 544b1ce Publish
• cc03fa5 Add scramMaxIterations option to limit SCRAM iteration count (#3677)
• f776327 Remove compatibility code for unsupported versions of Node (<16) (#3678)
• f252870 cleanup: pg utils (#3675)
• c8da6ab Assorted test cleanup (#3673)
• fa47e73 fix: Client#end callback being called multiple times when first is no-op (#...
• 88a7e60 cleanup: Move declaration to more natural place
• 2095247 cleanup: Combine duplicated code in Client#query and avoid unneeded early n...
• 0ac3edd fix: apply SASLprep (RFC 4013) to passwords before SCRAM-SHA-256 PBKDF2 (#3669)
• be880d4 Assorted test fixes and cleanup (#3672)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: backend, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.