v2.36.0-beta.1

Changelog

Behaviour changes

• We have fixed GraphQL query validation where queries that assigned a null value to a variable with a declared non-nullable type were previously allowed.

  For example:

  query ($user_id: Int!) {
    users(where: {id: {_eq: $user_id}}){
      id name
    }
  }

  {
    "user_id": null
  }

  Now, queries with this aforementioned condition will be properly invalidated and rejected.

  Since, it is a behavior change, we are introducing a server option to preserve the old behavior when either of the following are set to true:

  • Environment variable: HASURA_GRAPHQL_BACKWARDS_COMPAT_NULL_IN_NONNULLABLE_VARIABLES
  • Flag: --null-in-nonnullable-variables

  The above configuration is optional, and the default value is false i.e, new fixed behavior is applied

Bug fixes and improvements

Server

• Change in PostgreSQL array introspection to improve query performance.
• For MS SQL Server, handle missing type information for columns when querying metadata.
• The pg_dump version has been upgraded to v16, so that it can extract data from PostgreSQL 16 databases.
• Fix websocket connection failure when hide_aggregation_predicates and hide_stream_fields experimental features are enabled.

Console

• Support creation of REST endpoint from a table in new data tab UI.
• Support computed fields in new permissions UI
• Truncate large JSON values in browse rows for data-connector backed databases.
• Fix a validation bug in the GDC connection form when advanced settings is not open.

Data Connectors

• hasura/graphql-data-connector image now supports all non-root user IDs and groups
• Fixes duplicate alias issue in Snowflake for multiple relationships to the same table in a single query. (Cloud / Enterprise edition only)

Build

• RedHat UBI-based graphql-engine docker images are now available.

  hasura/graphql-engine:v2.36.0-beta.1.ubi
  hasura/graphql-engine:v2.36.0-beta.1.cli-migrations-v2.ubi
  hasura/graphql-engine:v2.36.0-beta.1.cli-migrations-v3.ubi
  

v2.35.1

Changelog

This is a patch release for v2.35

Bug fixes and improvements

Server

• Fix bug where event triggers were not reloaded correctly when the metadata was reloaded.

v2.35.0

Changelog

Highlights

New model count summary

Adds a model count summary page to the data tab to easily see the count of tables, collections, and logical models available in your metadata.

Behaviour changes

• The Server HTTP header is no longer included in server responses by default. This change enhances security by withholding potentially sensitive information about the server version that could aid attackers in identifying known security vulnerabilities. This new default behavior aligns with the recommendations in RFC 2068.

• Disallow subscriptions on fields using remote relationship permission.

• Date parsing for query inputs for MongoDB queries is changed from RFC 3339 to ISO 8601.

Bug fixes and improvements

Server

• Fix an issue where Event Triggers for MS SQL Server failed for tables with columns named after reserved words.

• Allow relationship mappings to contain paths to fields of nested objects in document databases such as MongoDB.

• Using ' for strings is the only method guaranteed to function on MySQL. The behavior of " is dictated by the ANSI_QUOTES setting: https://dev.mysql.com/doc/refman/8.2/en/sql-mode.html#sqlmode_ansi_quotes

  This was causing errors during introspection:

  You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"$[*]\" COLUMNS(schemaname VARCHAR(255) PATH \"$.s\", tablename VARCHAR(255) PATH \"' at line 14"
  

• Add $session_variables to the context of response transforms.

• PostgreSQL 16 is now officially supported.

• PostgreSQL 11 is no longer officially supported, as it will be end of life as of November 9, 2023. Hasura GraphQL Engine will continue working with PostgreSQL 11 but functionality may break in the future.

• Adds a new Environment Variable HASURA_GRAPHQL_ASYNC_ACTIONS_FETCH_BATCH_SIZE (async-actions-fetch-batch-size) which sets the number of asynchronous action requests processed at a time (default: 10).

• Fix issue with SQL Server not being able to deal with large results when the target of a remote relationship.

• Disabled polling of the database when HASURA_GRAPHQL_EVENTS_FETCH_INTERVAL = 0. This prevents continuous polling by the event trigger.

• Added the _like and _nlike operators to the supported list of operators in BigQuery permissions.

• Support a new template_variables configuration property for Data Connector sources that allows the definition of variables, the values of which can be read from files. The intended use case is for environments that rotate secrets frequently, where otherwise we would have to restart. The environment variable HASURA_GRAPHQL_DYNAMIC_SECRETS_ALLOWED_PATH_PREFIX must be set to enable this feature and limits access to the file system. (Community / Enterprise edition only)

• Add PostgreSQL and CockroachDB datasource dynamic_from_file configuration. Whenever a new connection is established, Hasura will read the connection string found in the configuration file to establish the connection. The intended use case is for environments that rotate secrets frequently, where otherwise, we would have to restart. To use this feature, HASURA_GRAPHQL_DYNAMIC_SECRETS_ALLOWED_PATH_PREFIX must also be set and non-empty. To get the same dynamic behavior for the metadata database, we now support setting HASURA_GRAPHQL_METADATA_DATABASE_URL=dynamic-from-file:///path/to/file. (Community / Enterprise edition only)

• Add support for OpenTelemetry OTLP log export. (Cloud / Enterprise edition only)

• Add support for W3C Trace Context propagation for OpenTelemetry. (Cloud / Enterprise edition only)

• Adds new Prometheus metrics hasura_http_request_bytes_total and hasura_http_response_bytes_total. (Cloud / Enterprise edition only)

• Support env template for OpenTelemetry attributes. (Cloud / Enterprise edition only)

• Fix the source health check /healthz/sources API, where the health check for sources whose database URL is specified as an environment variable always results in a FAILED state. (fix #9904) (Cloud only)

Console

• Fix an edge case with column select permission when * wildcard is used instead of explicitly listing all column names.
• Make the “Insert Row” tab available for Data-Connector based databases which support mutations.
• Fix an issue with validating dynamic routing. (Cloud / Enterprise edition only)
• MongoDB enhancements: (Cloud / Enterprise edition only)
  • Improved support for $oid and $date objects.
  • Improved handling of array type introspection.
  • Added better error handling for mis-typed arrays.
  • Added improved namespacing when adding Collections using introspection to avoid naming collisions.
  • Added descriptive error handler for mis-matched array types in introspection (objects and scalars).

Data Connectors

• Added a connector for Redshift support.
• Bugfix for issue whereby relationships with predicates were failing in Snowflake when fully qualified table names were being used.

Build

• Update ubuntu base image to get the latest security updates.

v2.11.13

Changelog

This is a patch release for v2.11

Bug fixes and improvements

Server

• On enabling the HASURA_GRAPHQL_HTTP_LOG_QUERY_ONLY_ON_ERROR env var, add query field to http-log on failed requests irrespective of query-log being enabled.
• Add http_log_query_only_on_error field to start-up log.

v2.11.12

Changelog

This is a patch release for v2.11

Bug fixes and improvements

Server

• Introduce HASURA_GRAPHQL_HTTP_LOG_QUERY_ONLY_ON_ERROR env var and --http-log-query-only-on-error flag to attach query field to http-log logs only on failed requests.

v2.34.0

Changelog

Highlights

Bug fixes and improvements

Server

• The naming_convention experimental feature now also covers:

  • Type and field names of named constraints that appear in on_conflict upserts.
  • Type names of all Postgres scalar types.
  • Type and input field names of function arguments.

  Since these changes are breaking by nature, their use is gated by a feature flag, which can be enabled by setting the environment variable HASURA_FF_NAMING_CONVENTION_SEP_2023=True.

  (partially fixes: #8929)

• Add support for environment variable templating in OpenTelemetry endpoint URLs. (Cloud / Enterprise edition only)

• Fix a memory leak in EE wherein data would accumulate in memory at each replace_metadata call. (Enterprise edition only)

Console

• Console support for adding input validations on PostgreSQL sources is now available in the Data Tab's Permissions section.
• Fixed a UI bug which would duplicate column form values when attempting to clear the column type. (fix #9863)
• Added Console support for remote relationship permissions to PostgreSQL data sources.
• Resolved an issue of incorrect URL autosuggestion when editing existing RESTified endpoints.
• Clicking on any role on a schema change card now updates the page's URL, improving navigation and allowing sharing of specific schema change details.
• Visiting a schema registry URL automatically opens the corresponding schema change card at the top of the page, streamlining access to specific schema change information.
• Apollo Federation support can be enabled from the Console for PostgreSQL, SQL Server, and Big Query from the Data tab.
• Fixes an issue where an error notification would appear even upon successfully creating a remote relationship.
• Improve performance of the permissions UI for large data-connector based databases.
• Resolve an issue of incorrect name auto-suggestion when editing existing RESTified endpoints.
• Fix a bug on Insert/Modify Row where column inputs are not disabled if the column is an identity column (whose values are generated always/generated by default).

v2.11.11

Changelog

This is a patch release for v2.11

Bug fixes and improvements

Server

• Fix GraphQL query validation where queries that assigned a null value to a variable with a declared non-nullable type were previously allowed. Now, queries with this aforementioned condition will be properly invalidated and rejected.

Build

• Update build packages to get the latest security updates.

v2.33.4

Changelog

This is a patch release for v2.33

Bug fixes and improvements

Data Connectors

• Revert /schema GET request body, deprecate /schema GET, add post_schema capability and /schema POST with performance improvements and filter capabilities.

v2.34.0-beta.1

Changelog

Highlights

naming-convention GA

The naming-convention feature for PostgreSQL sources, previously in the experimental phase, is now generally available and fully enabled. Users can still specify HASURA_GRAPHQL_EXPERIMENTAL_FEATURES=naming_convention, although it is no longer necessary as it will have no impact and will eventually be removed.

Edit: Post this beta release, it was decided to leave this feature as experimental for the v2.34.0 stable release.

Bug fixes and improvements

Server

• The naming_convention experimental feature now also covers:

  • Type and field names of named constraints that appear in on_conflict upserts.
  • Type names of all Postgres scalar types.
  • Type and input field names of function arguments.

  Since these changes are breaking by nature, their use is gated by a feature flag, which can be enabled by setting the environment variable HASURA_FF_NAMING_CONVENTION_SEP_2023=True.

  (partially fixes: #8929)

• Add support for environment variable templating in OpenTelemetry endpoint URLs. (Cloud / Enterprise edition only)

• Fix a memory leak in EE wherein data would accumulate in memory at each replace_metadata call. (Enterprise edition only)

Console

• Console support for adding input validations on PostgreSQL sources is now available in the Data Tab's Permissions section.
• Fixed a UI bug which would duplicate column form values when attempting to clear the column type. (fix #9863)
• Added Console support for remote relationship permissions to PostgreSQL data sources.
• Resolved an issue of incorrect URL autosuggestion when editing existing RESTified endpoints.
• Clicking on any role on a schema change card now updates the page's URL, improving navigation and allowing sharing of specific schema change details.
• Visiting a schema registry URL automatically opens the corresponding schema change card at the top of the page, streamlining access to specific schema change information.
• Apollo Federation support can enabled from the Console for PostgreSQL, SQL Server, and Big Query from the Data tab.
• Fixes an issue where an error notification would appear even upon successfully creating a remote relationship.
• Improve performance of the permissions UI for large data-connector based databases.

v2.33.3

Changelog

This is a patch release for v2.33

Bug fixes and improvements

Server

• Revert unintentional changes to certain GraphQL types and fields when the graphql-default naming convention is enabled.