feat: agentic engineering at prisma blogs

[mhartington]

Summary by CodeRabbit

• New Features

  • Mermaid diagrams now render in blog posts and docs with a graceful fallback to source when rendering fails.
  • MDX processing updated to support Mermaid content across the site.

• Documentation

  • Published "Agentic Engineering at Prisma" — outlines agentic workflows, documentation layers, and the project lifecycle.
  • Published "Drive and the Maker" — details the Drive process, Maker responsibilities, project stages, and process-as-code practices.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
blog	Ready	Preview, Comment	May 20, 2026 11:59am
docs	Ready	Preview, Comment	May 20, 2026 11:59am
eclipse	Ready	Preview, Comment	May 20, 2026 11:59am
site	Ready	Preview, Comment	May 20, 2026 11:59am

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: ec133e36-1168-4824-bad6-3f2e11aae357

📥 Commits

Reviewing files that changed from the base of the PR and between 667b7e3 and 0ac9a6f.

📒 Files selected for processing (1)

• apps/blog/source.config.ts

---

Walkthrough

Adds an Agentic Engineering MDX blog post and wires Mermaid support into the blog MDX pipeline by importing and enabling remarkMdxMermaid.

Changes

Blog Content & Rendering

Layer / File(s)	Summary
Blog posts apps/blog/content/blog/agentic-engineering-at-prisma/index.mdx, apps/blog/content/blog/drive-and-the-maker/index.mdx	Two new MDX posts with full frontmatter and multi-section content describing agentic engineering, Drive, project lifecycle, documentation layers, and operational signals.
Dependency catalog apps/blog/package.json, pnpm-workspace.yaml	Adds beautiful-mermaid to the blog package dependencies and the workspace catalog.
MDX plugin configuration apps/blog/source.config.ts	Imports and adds remarkMdxMermaid to the MDX remarkPlugins to enable Mermaid block processing during MDX compilation.
Mermaid UI component & MDX registration apps/blog/src/components/Mermaid.tsx, apps/blog/src/mdx-components.tsx	New exported Mermaid React component that renders chart strings to SVG with a code-block fallback on error, and is registered in the MDX component map.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: agentic engineering at prisma blogs' directly matches the main changeset, which introduces two comprehensive blog posts on Prisma's agentic engineering approach and the Drive process.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[argos-ci]

The latest updates on your projects. Learn more about Argos notifications ↗︎

Build	Status	Details	Updated (UTC)
default (Inspect)	✅ No changes detected	-	May 20, 2026, 12:08 PM

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@apps/blog/src/components/Mermaid.tsx`:
- Around line 3-29: The component declaration and use of useMemo in export async
function Mermaid(...) violates Rules of Hooks; change Mermaid to a plain
synchronous component (remove async) and remove useMemo, call
renderMermaidSVG(chart, ...) directly inside a try/catch; on catch return the
existing CodeBlock/Pre fallback (using the chart) and on success return the div
with dangerouslySetInnerHTML using the svg string; keep references to the same
props shape ({ chart }: { chart: string }) and reuse renderMermaidSVG,
CodeBlock, and Pre identifiers.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: ac3d8316-f3e6-492c-ac04-7ec457a477fb

📥 Commits

Reviewing files that changed from the base of the PR and between 0b7278c and a51d5cc.

⛔ Files ignored due to path filters (6)

• apps/blog/public/agentic-engineering-at-prisma/imgs/hero.svg is excluded by !**/*.svg
• apps/blog/public/agentic-engineering-at-prisma/imgs/meta.png is excluded by !**/*.png
• apps/blog/public/authors/tyler-hogarth.png is excluded by !**/*.png
• apps/blog/public/drive-and-the-maker/imgs/hero.svg is excluded by !**/*.svg
• apps/blog/public/drive-and-the-maker/imgs/meta.png is excluded by !**/*.png
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (7)

• apps/blog/content/blog/agentic-engineering-at-prisma/index.mdx
• apps/blog/content/blog/drive-and-the-maker/index.mdx
• apps/blog/package.json
• apps/blog/source.config.ts
• apps/blog/src/components/Mermaid.tsx
• apps/blog/src/mdx-components.tsx
• pnpm-workspace.yaml

[coderabbitai]

🧹 Nitpick comments (1)

apps/blog/src/components/Mermaid.tsx (1)

12-12: Evaluate whether SVG sanitization is necessary for Mermaid charts.

Line 12 uses dangerouslySetInnerHTML with unsanitized SVG from renderMermaidSVG. While this is an injection point, the actual risk depends on the data source: chart data comes from curated MDX files within the repository, not from untrusted external input. The beautiful-mermaid@1.1.3 library has no known vulnerabilities per Snyk, though it doesn't explicitly guarantee XSS-safe output in its documentation.

If chart data will remain sourced only from internal documentation files, the current implementation is acceptable. However, if there's any possibility of chart data ever coming from user input, API responses, or untrusted sources in the future, adding client-side SVG sanitization (e.g., DOMPurify) would be prudent defensive programming to future-proof the component.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/blog/src/components/Mermaid.tsx` at line 12, The Mermaid component
currently injects raw SVG via dangerouslySetInnerHTML using renderMermaidSVG
output; to harden this, import a sanitizer (e.g., DOMPurify or
isomorphic-dompurify) and run the SVG through it before assigning to
dangerouslySetInnerHTML — either sanitize inside the Mermaid component just
before returning the <div> or inside renderMermaidSVG when it produces the
string; ensure you call sanitize(svg, { SAFE_FOR_TEMPLATES: true }) (or
equivalent) and use the sanitized string for __html, and if your app does
server-side rendering use isomorphic-dompurify or guard for window before using
DOMPurify and add the dependency to package.json.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@apps/blog/src/components/Mermaid.tsx`:
- Line 12: The Mermaid component currently injects raw SVG via
dangerouslySetInnerHTML using renderMermaidSVG output; to harden this, import a
sanitizer (e.g., DOMPurify or isomorphic-dompurify) and run the SVG through it
before assigning to dangerouslySetInnerHTML — either sanitize inside the Mermaid
component just before returning the <div> or inside renderMermaidSVG when it
produces the string; ensure you call sanitize(svg, { SAFE_FOR_TEMPLATES: true })
(or equivalent) and use the sanitized string for __html, and if your app does
server-side rendering use isomorphic-dompurify or guard for window before using
DOMPurify and add the dependency to package.json.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: fca44d95-e509-424d-bdf8-5d2e1b875322

📥 Commits

Reviewing files that changed from the base of the PR and between a51d5cc and 87577ab.

📒 Files selected for processing (1)

• apps/blog/src/components/Mermaid.tsx