merge dev to main (v3.0.0-beta.31)

[ymc9]

Summary by CodeRabbit

• Chores

  • Bumped version from 3.0.0-beta.30 to 3.0.0-beta.31 across all packages.

• New Features

  • Updated CLI starter template with new import path and variable naming.
  • Enhanced default schema validation logic for data models and enums.
  • Improved type-def field handling in PostgreSQL operations.
  • Added model existence validation in policy enforcement.

• Tests

  • Added tests for custom schema scenarios, nonexistent model access, and JSON field support.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

A version bump from 3.0.0-beta.30 to 3.0.0-beta.31 across the monorepo, accompanied by updates to template generation, schema validation logic for implicit public schemas, PostgreSQL dialect type-def handling, and policy validation for nonexistent models, along with corresponding test coverage.

Changes

Cohort / File(s)	Change Summary
Version bumps TODO.md, package.json, packages/auth-adapters/better-auth/package.json, packages/cli/package.json, packages/clients/tanstack-query/package.json, packages/common-helpers/package.json, packages/config/eslint-config/package.json, packages/config/typescript-config/package.json, packages/config/vitest-config/package.json, packages/create-zenstack/package.json, packages/language/package.json, packages/orm/package.json, packages/plugins/policy/package.json, packages/schema/package.json, packages/sdk/package.json, packages/server/package.json, packages/testtools/package.json, packages/zod/package.json, samples/next.js/package.json, samples/orm/package.json, tests/e2e/package.json, tests/regression/package.json, tests/runtimes/bun/package.json, tests/runtimes/edge-runtime/package.json	Version bumped from 3.0.0-beta.30 to 3.0.0-beta.31; TODO item marked as complete
CLI template updates packages/cli/src/actions/templates.ts	Updated STARTER\_MAIN\_TS template: changed SqliteDialect import path from 'kysely' to '@zenstackhq/orm/dialects/sqlite' and renamed client variable to db with corresponding call-site updates
Schema validation logic packages/language/src/validators/datasource-validator.ts	Added isDataModel and isEnum imports; enhanced schemas validation to handle implicit "public" schema usage when models/enums lack explicit @@Schema attributes; enforces inclusion of "public" in schemas array if implicitly used
PostgreSQL dialect type-def handling packages/orm/src/client/crud/dialects/postgresql.ts	Introduced isTypeDef import and added branching logic in transformPrimitive to stringify typed-JSON field values; retains existing Array.isArray handling for Json[] fields
Policy nonexistent model validation packages/plugins/policy/src/policy-handler.ts	Added private helper tryRejectNonexistentModel() invoked after resolving models in mutation, join, and read operations to reject access early for undefined models not in schema
Custom schema and policy tests tests/e2e/orm/client-api/pg-custom-schema.test.ts, tests/e2e/orm/policy/nonexistent-models.test.ts	Added e2e tests for PostgreSQL implicit "public" schema requirement and policy rejection of nonexistent models across CRUD operations
JSON/typedef regression test tests/regression/test/issue-493.test.ts	Added regression test exercising JSON and typed-JSON handling for PostgreSQL with nested custom types and @json fields

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• datasource-validator.ts: Carefully verify the conditional logic for implicit "public" schema detection and ensure isDataModel/isEnum imports work correctly across AST traversals
• policy-handler.ts: Validate that tryRejectNonexistentModel correctly identifies join tables and doesn't inadvertently block legitimate access paths
• postgresql.ts: Confirm isTypeDef branching handles scalar and array type-def fields correctly without breaking existing Json[] behavior
• Templates update: Verify the new import path for SqliteDialect is correctly resolved and db variable renaming is complete across all template examples

Possibly related PRs

• PR #74: Modifies PostgreSQL dialect transformPrimitive for JSON/typed-JSON field handling with isTypeDef branching
• PR #491: Changes packages/cli/src/actions/templates.ts with identical SqliteDialect import migration and client→db renaming
• PR #499: Adds tryRejectNonexistentModel validation to policy-handler.ts with accompanying e2e tests for undefined model rejection

Poem

🐰 Bumped versions dance in harmony,
Schemas now embrace their public key,
Type-defs stringify with careful grace,
Policies guard each model's place,
Beta thirty-one hops into the fray! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'merge dev to main (v3.0.0-beta.31)' accurately reflects the pull request's main purpose: merging the dev branch to main with a version bump to beta.31.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dev

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Claude finished @ymc9's task —— View job

---

PR Review: Merge dev to main (v3.0.0-beta.31)

Reviewing this release merge PR for code quality, security, performance, and test coverage.

Review Tasks:

• Analyze version consistency across packages
• Review policy handler security changes
• Examine PostgreSQL dialect modifications
• Check datasource validator updates
• Review new test coverage
• Assess template and CLI changes
• Provide comprehensive feedback

Review Summary

This appears to be a clean release merge with consistent version bumps and solid improvements. Here's my detailed assessment:

✅ Version Consistency

All 23 packages correctly bumped to 3.0.0-beta.31 - excellent consistency across the monorepo.

✅ Security & Policy Improvements

packages/plugins/policy/src/policy-handler.ts (lines 93, 336, 879, 1020):

• Added tryRejectNonexistentModel() calls at key entry points
• Prevents access to undefined models with proper error handling
• Good security hardening against unauthorized table access
• Clean implementation using QueryUtils.hasModel() and join table checks

✅ Database & Performance Enhancements

packages/orm/src/client/crud/dialects/postgresql.ts (lines 466, 517-520):

• Added PostgreSQL array literal support with buildArrayLiteralSQL()
• Added supportInsertWithDefault capability
• Proper SQL generation: ARRAY['val1', 'val2'] for non-empty arrays, {} for empty
• Performance improvement for PostgreSQL array operations

✅ Schema Validation Improvements

packages/language/src/validators/datasource-validator.ts (lines 84-94):

• Enhanced PostgreSQL schema validation logic
• Validates implicit "public" schema usage when no explicit schema declared
• Prevents runtime errors by catching schema misconfigurations at compile time
• Good error messaging for developers

✅ Comprehensive Test Coverage

New test files provide excellent regression coverage:

1. tests/e2e/orm/policy/nonexistent-models.test.ts: Tests policy rejection for undefined models/tables - validates the security improvements in policy handler

2. tests/regression/test/issue-493.test.ts: Comprehensive PostgreSQL JSON/typed-JSON array testing - ensures the dialect improvements work correctly with complex nested data structures

3. tests/e2e/orm/client-api/pg-custom-schema.test.ts: Additional PostgreSQL custom schema tests

✅ Template Updates

packages/cli/src/actions/templates.ts: Updated starter template to use @zenstackhq/orm instead of @zenstackhq/client - maintains consistency with the new architecture.

Minor Observations

1. Performance: The PostgreSQL array literal generation could potentially be optimized for very large arrays, but current implementation is solid for typical use cases.

2. Security: The policy handler improvements are defensive and follow the principle of least privilege - rejecting access to undefined models by default.

3. Maintainability: Code changes are well-structured and follow existing patterns. Good use of helper functions and error handling.

Recommendation: ✅ APPROVE

This is a high-quality release merge with:

• Consistent version management
• Important security improvements
• Performance enhancements
• Comprehensive test coverage
• No breaking changes or security concerns identified

The changes are well-implemented, properly tested, and ready for production release.

---

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

tests/e2e/orm/policy/nonexistent-models.test.ts (1)

56-57: Consider adding a test for delete with using (optional).

There's a test for "update with from" (lines 46-54) but no corresponding test for "delete with using", which is also supported per transformDeleteQuery in the policy handler. Adding this would ensure parity in test coverage.

         // delete
         await expect(db.$qb.deleteFrom('Bar').where('id', '=', '1').execute()).toBeRejectedByPolicy();
+
+        // delete with using (join)
+        await expect(
+            db.$qb
+                .deleteFrom('Foo')
+                .using('Bar')
+                .whereRef('Bar.fooId', '=', 'Foo.id')
+                .execute(),
+        ).toBeRejectedByPolicy();
     });
 });

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 39fb7d3 and 299da7f.

📒 Files selected for processing (31)

• TODO.md (1 hunks)
• package.json (1 hunks)
• packages/auth-adapters/better-auth/package.json (1 hunks)
• packages/cli/package.json (1 hunks)
• packages/cli/src/actions/templates.ts (1 hunks)
• packages/clients/tanstack-query/package.json (1 hunks)
• packages/common-helpers/package.json (1 hunks)
• packages/config/eslint-config/package.json (1 hunks)
• packages/config/typescript-config/package.json (1 hunks)
• packages/config/vitest-config/package.json (1 hunks)
• packages/create-zenstack/package.json (1 hunks)
• packages/language/package.json (1 hunks)
• packages/language/src/validators/datasource-validator.ts (2 hunks)
• packages/orm/package.json (1 hunks)
• packages/orm/src/client/crud/dialects/postgresql.ts (2 hunks)
• packages/plugins/policy/package.json (1 hunks)
• packages/plugins/policy/src/policy-handler.ts (4 hunks)
• packages/schema/package.json (1 hunks)
• packages/sdk/package.json (1 hunks)
• packages/server/package.json (1 hunks)
• packages/testtools/package.json (1 hunks)
• packages/zod/package.json (1 hunks)
• samples/next.js/package.json (1 hunks)
• samples/orm/package.json (1 hunks)
• tests/e2e/orm/client-api/pg-custom-schema.test.ts (1 hunks)
• tests/e2e/orm/policy/nonexistent-models.test.ts (1 hunks)
• tests/e2e/package.json (1 hunks)
• tests/regression/package.json (1 hunks)
• tests/regression/test/issue-493.test.ts (1 hunks)
• tests/runtimes/bun/package.json (1 hunks)
• tests/runtimes/edge-runtime/package.json (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

tests/e2e/**/*.{ts,tsx}

📄 CodeRabbit inference engine (CLAUDE.md)

E2E tests should validate real-world schema compatibility with established projects

Files:

• tests/e2e/orm/policy/nonexistent-models.test.ts
• tests/e2e/orm/client-api/pg-custom-schema.test.ts

🧠 Learnings (10)

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Applies to **/*.zmodel : ZModel schema files should define database structure and policies that compile to TypeScript via `zenstack generate`

Applied to files:

• packages/language/package.json
• packages/schema/package.json
• packages/plugins/policy/src/policy-handler.ts
• packages/zod/package.json
• packages/language/src/validators/datasource-validator.ts
• packages/cli/src/actions/templates.ts

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Applies to tests/e2e/**/*.{ts,tsx} : E2E tests should validate real-world schema compatibility with established projects

Applied to files:

• tests/e2e/package.json
• tests/regression/test/issue-493.test.ts
• tests/e2e/orm/policy/nonexistent-models.test.ts
• tests/e2e/orm/client-api/pg-custom-schema.test.ts
• packages/language/src/validators/datasource-validator.ts

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Applies to tests/**/type*.{ts,tsx} : Ensure TypeScript inference and type coverage are validated through type coverage tests

Applied to files:

• tests/regression/test/issue-493.test.ts

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Applies to packages/zenstackhq/orm/**/*.test.{ts,tsx} : ORM package tests should include comprehensive client API tests and policy tests

Applied to files:

• tests/regression/test/issue-493.test.ts
• tests/e2e/orm/policy/nonexistent-models.test.ts
• tests/e2e/orm/client-api/pg-custom-schema.test.ts
• packages/cli/src/actions/templates.ts
• packages/orm/package.json

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Applies to packages/zenstackhq/orm/**/*.{ts,tsx} : Implement plugin hooks at ORM, Kysely, and entity mutation levels for query interception and customization

Applied to files:

• tests/e2e/orm/client-api/pg-custom-schema.test.ts
• packages/orm/src/client/crud/dialects/postgresql.ts
• samples/orm/package.json
• packages/cli/src/actions/templates.ts
• packages/orm/package.json

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Applies to packages/zenstackhq/orm/**/*.{ts,tsx} : Use Kysely as the query builder interface for low-level database queries, avoiding raw SQL when possible

Applied to files:

• packages/orm/src/client/crud/dialects/postgresql.ts
• packages/cli/src/actions/templates.ts
• packages/orm/package.json

📚 Learning: 2025-10-21T16:09:31.218Z

Learnt from: ymc9
Repo: zenstackhq/zenstack-v3 PR: 319
File: packages/runtime/src/client/executor/zenstack-query-executor.ts:63-72
Timestamp: 2025-10-21T16:09:31.218Z
Learning: In ZenStack, TypeDefs can be inherited by models. When a TypeDef contains fields with `map` attributes, those mapped field names need to be processed by the QueryNameMapper since they become part of the inheriting model's schema. Therefore, when checking if a schema has mapped names (e.g., in `schemaHasMappedNames`), both `schema.models` and `schema.typeDefs` must be inspected for `@map` and `map` attributes.

Applied to files:

• packages/orm/src/client/crud/dialects/postgresql.ts

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Applies to ide/vscode/**/{package.json,version.ts} : The VSCode IDE extension package should maintain a different version from other packages to comply with VSCode Marketplace requirements

Applied to files:

• packages/config/typescript-config/package.json

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Database migrations should use Prisma CLI under the hood via ZenStack commands

Applied to files:

• packages/cli/src/actions/templates.ts

📚 Learning: 2025-11-26T01:55:04.540Z

Learnt from: CR
Repo: zenstackhq/zenstack-v3 PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-26T01:55:04.540Z
Learning: Use `pnpm` with workspaces for package management, pinned to version `pnpm10.12.1`

Applied to files:

• package.json

🧬 Code graph analysis (4)

tests/regression/test/issue-493.test.ts (1)

packages/testtools/src/client.ts (1)

• createTestClient (101-248)

packages/plugins/policy/src/policy-handler.ts (3)

packages/plugins/policy/src/utils.ts (1)

• createRejectedByPolicyError (162-171)

packages/orm/src/client/errors.ts (1)

• createRejectedByPolicyError (131-141)

packages/orm/src/client/index.ts (1)

• RejectedByPolicyReason (6-6)

tests/e2e/orm/policy/nonexistent-models.test.ts (1)

packages/testtools/src/client.ts (1)

• createPolicyTestClient (258-269)

packages/orm/src/client/crud/dialects/postgresql.ts (1)

packages/orm/src/client/query-utils.ts (1)

• isTypeDef (201-203)

🪛 markdownlint-cli2 (0.18.1)

TODO.md

107-107: Unordered list indentation
Expected: 2; Actual: 4

(MD007, ul-indent)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: Agent
• GitHub Check: build-test (20.x, postgresql)
• GitHub Check: build-test (20.x, sqlite)

🔇 Additional comments (35)

packages/schema/package.json (1)

3-3: Version bump consistent with PR objective.

packages/zod/package.json (1)

3-3: Version bump consistent; dependencies unchanged.

packages/config/vitest-config/package.json (1)

4-4: Version bump is consistent.

samples/orm/package.json (1)

3-3: Version bump consistent with monorepo release.

packages/sdk/package.json (1)

3-3: Version bump consistent; core SDK package updated.

packages/testtools/package.json (1)

3-3: Version bump consistent; testtools package updated.

packages/language/package.json (1)

4-4: Version bump consistent; language package updated.

packages/cli/package.json (1)

6-6: Version bump consistent; CLI package updated.

tests/e2e/package.json (1)

3-3: Version bump consistent with release cycle.

Version updated to 3.0.0-beta.31 with no functional changes to test configuration or dependencies.

packages/orm/package.json (1)

3-3: Version bump consistent with release cycle.

Version updated to 3.0.0-beta.31 with no changes to exports, dependencies, or public API.

tests/regression/package.json (1)

3-3: Version bump consistent with release cycle.

Version updated to 3.0.0-beta.31 with no changes to test configuration or dependencies.

packages/server/package.json (1)

3-3: Version bump consistent with release cycle.

Version updated to 3.0.0-beta.31 with no changes to exports, dependencies, or framework adapter compatibility.

packages/clients/tanstack-query/package.json (1)

3-3: Version bump consistent with release cycle.

Version updated to 3.0.0-beta.31 with no changes to exports, dependencies, or framework support (React, Vue, Svelte).

package.json (1)

3-3: Version bump consistent with release cycle.

Root version updated to 3.0.0-beta.31 with no changes to scripts, dependencies, or workspace configuration.

samples/next.js/package.json (1)

3-3: Version bump consistent with release cycle.

Version updated to 3.0.0-beta.31 with no changes to sample configuration or dependencies.

packages/config/typescript-config/package.json (1)

3-3: LGTM! Version bump aligned with release.

The version increment to 3.0.0-beta.31 is consistent with the PR's release objectives.

tests/runtimes/bun/package.json (1)

3-3: LGTM! Version bump aligned with release.

packages/plugins/policy/package.json (1)

3-3: LGTM! Version bump aligned with release.

packages/config/eslint-config/package.json (1)

3-3: LGTM! Version bump aligned with release.

packages/common-helpers/package.json (1)

3-3: LGTM! Version bump aligned with release.

packages/auth-adapters/better-auth/package.json (1)

3-3: LGTM! Version bump aligned with release.

packages/create-zenstack/package.json (1)

3-3: LGTM! Version bump aligned with release.

tests/e2e/orm/client-api/pg-custom-schema.test.ts (2)

250-279: Excellent edge case coverage for implicit public schema validation.

This test validates that when models or enums lack an explicit @@schema attribute, the implicit public schema must be declared in the schemas array. The test structure is clear and the assertion correctly verifies the expected error message.

---

281-317: Excellent validation of explicit schema declarations.

This test validates the complementary case where all models and enums have explicit @@schema attributes, correctly demonstrating that the public schema is not required in the schemas array. The test successfully executes create operations and uses appropriate assertions.

tests/runtimes/edge-runtime/package.json (1)

3-3: LGTM!

Version bump to 3.0.0-beta.31 aligns with the release.

packages/language/src/validators/datasource-validator.ts (1)

3-3: LGTM!

Import additions for isDataModel and isEnum are necessary for the new implicit public schema validation logic.

packages/orm/src/client/crud/dialects/postgresql.ts (2)

25-25: LGTM!

Import addition for isTypeDef utility function.

---

56-76: Good fix for node-pg JSON handling with TypeDef fields.

The change correctly addresses the node-pg issue (#374) where array values passed to non-array JSON fields are mishandled. The TypeDef branch ensures:

• TypeDef fields (stored as scalar Json) are stringified regardless of whether they're arrays or scalars.
• Pre-stringified values (e.g., from defaults) are passed through unchanged.
• The existing Json[] array field handling is preserved.

Based on learnings, TypeDefs can be inherited by models, so this fix ensures consistent behavior across the inheritance hierarchy.

tests/regression/test/issue-493.test.ts (1)

1-93: Excellent regression test coverage for issue 493.

The test comprehensively validates JSON and typed-JSON handling for PostgreSQL:

1. Plain Json field with object value
2. Plain Json field with array value (the node-pg edge case)
3. Typed-JSON with nested custom types (BotButton[] containing InlineButton[])

The schema design effectively exercises nested type-def scenarios that align with the transformPrimitive fix in the PostgreSQL dialect.

packages/cli/src/actions/templates.ts (2)

35-40: LGTM!

Renaming client to db follows common convention for database instance naming and improves readability of the starter template.

---

30-30: Good improvement to use ZenStack's re-exported dialect.

Changing the import from kysely to @zenstackhq/orm/dialects/sqlite provides a cleaner API surface for users and avoids exposing internal Kysely dependencies in starter templates. The dialect is properly re-exported through ZenStack's package, maintaining the abstraction layer.

packages/plugins/policy/src/policy-handler.ts (3)

91-93: Appropriate placement of the nonexistent model check for mutations.

The check is correctly placed after getMutationModel() and before any policy evaluation or mutation work begins. This ensures early rejection for invalid models in insert, update, and delete operations.

---

329-337: Join transformation correctly validates model existence.

The check after extractTableName ensures that joins against nonexistent models are rejected. The fallback for subqueries (returning early when table is undefined) is preserved, allowing nested transformation to handle those cases.

---

874-885: Policy filter creation validates models in FROM clause.

The validation inside createPolicyFilterForTables ensures that any table referenced in FROM or USING clauses is checked before building policy filters. This covers read operations via selectFrom and delete operations with using.

tests/e2e/orm/policy/nonexistent-models.test.ts (1)

4-58: Comprehensive test coverage for nonexistent model rejection.

The test effectively validates the new tryRejectNonexistentModel guard across all CRUD operations:

• Read via selectFrom
• Join via innerJoin
• Create via insertInto
• Update via updateTable
• Update with FROM clause
• Delete via deleteFrom

The setup correctly creates an out-of-schema table to simulate real-world scenarios where raw SQL might reference tables not defined in the ZModel schema. This aligns with the E2E testing guideline to validate real-world schema compatibility.

[Copilot]

Pull request overview

This PR merges the dev branch to main for the v3.0.0-beta.31 release. It includes bug fixes for PostgreSQL typed-JSON handling, security improvements for policy enforcement with nonexistent models, and validation enhancements for PostgreSQL schema configuration.

Key changes:

• Fixed PostgreSQL dialect to properly stringify TypeDef (typed-JSON) fields before storage, addressing issue #493
• Enhanced policy handler to reject queries on nonexistent models for security
• Improved datasource validator to require "public" schema in schemas array when models/enums implicitly use it

Reviewed changes

Copilot reviewed 31 out of 31 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
package.json	Version bump to 3.0.0-beta.31
packages/orm/src/client/crud/dialects/postgresql.ts	Fixed TypeDef field handling: now checks isTypeDef before array type to properly stringify typed-JSON fields
packages/plugins/policy/src/policy-handler.ts	Added tryRejectNonexistentModel method to reject queries on models not in schema for security
packages/language/src/validators/datasource-validator.ts	Added validation to require "public" in schemas array when models/enums use it implicitly
packages/cli/src/actions/templates.ts	Updated template to import SqliteDialect from @zenstackhq/orm/dialects/sqlite and use "db" naming convention
tests/regression/test/issue-493.test.ts	New regression test for PostgreSQL JSON and typed-JSON array field handling
tests/e2e/orm/policy/nonexistent-models.test.ts	New test verifying policy rejection for nonexistent models
tests/e2e/orm/client-api/pg-custom-schema.test.ts	New tests for implicit public schema validation in PostgreSQL
TODO.md	Marked "Accessing tables not in the schema" as complete
All other package.json files	Version bumps to 3.0.0-beta.31

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.