Changelog

Highlights

Introducing Hasura Actions

Actions are a way to extend Hasura’s auto-generated schema with user-defined queries and mutations. These custom queries and mutations are backed by REST APIs in which you can perform any kind of business logic.

A new Action can be created by defining it in GraphQL SDL in Console or CLI:

An Action can also be derived from an existing query or mutation:

And, you can get some codegen for Action handlers as well:

That is not all! You can also create relationships with the rest of the graph and put Actions under Hasura's role-based permission system as well.

Read more about Actions in the docs.

(#3042) (#3252) (#3859)

Debugging mode for non-admin roles

For any errors the server sends extra information in extensions field under internal key. Till now this was only available for admin role requests. To enable this for other roles, start the server with --dev-mode flag or set HASURA_GRAPHQL_DEV_MODE env variable to true:

$ graphql-engine --database-url <database-url> serve --dev-mode

In case you want to disable internal field for admin role requests, set --admin-internal-errors option to false or or set HASURA_GRAPHQL_ADMIN_INTERNAL_ERRORS env variable to false

$ graphql-engine --database-url <database-url> serve --admin-internal-errors false

This feature come in handy during development when you may want to see detailed errors irrespective of roles.

Post-update check in update permissions

Along with the check for filtering rows that can be updated, you can now set a post-update permission check that needs to be satisfied by the updated rows after the update is made. Read more in the RFC.

(close #384) (rfc #3750) (#3804) (close #4142) (#4313)

Backend-only insert permissions

Introduces optional backend_only (default: false) configuration in insert permissions. See api reference.

If this is set to true, the insert mutation is accessible to the role only if the request is accompanied by x-hasura-use-backend-only-permissions session variable whose value is set to true along with the x-hasura-admin-secret header.

Otherwise, the behavior of the permission remains unchanged.

This feature is useful for disabling insert_table mutation for frontend clients (for a role) while still being able to access it from a Action webhook handler (with the same role).

(rfc #4120) (#4224)

Support for more operators and postgres features:

• add support for _inc on real, double, numeric and money (#3573)
• add support special characters in JSON path query argument e.g obj['Hello World!'] (#3890) (#4482)
• add support for timestamps without timezones (fix #1217)
• Postgres materialized views can be added from the console ( #91) (#4270)

Downgrade command

A new command is added to the server for downgrading to earlier releases. Previously, if you ran a newer Hasura version and wanted to go back to an old version on the same database, you had to stop Hasura, run some SQL statements and start Hasura again. With the new downgrade command, these SQL statements can be run automatically.

Example: Downgrade from v1.2.0 to v1.0.0:

# stop hasura v1.2.0

# run the following command:
docker run hasura/graphql-engine:v1.2.0 graphql-engine --database-url <db-url> downgrade --to-v1.1.0

# start hasura v1.1.0

Read more about this command in the docs.

(close #1156) (#3760)

New migrations workflow: Config v2

A new workflow for managing migrations and metadata is introduced. In this workflow, called config v2, migrations are pure SQL files and metadata is a collection of declarative files. Read more about this workflow in the docs.

To see what has changed from previous (i.e. config v1) workflow, read this.

If you're have a project with version: 2 in config.yaml, you should use the new image: hasura/graphql-engine:v1.2.0.cli-migrations-v2. Mount the migrations at /hasura-migrations and metadata at /hasura-metadata.

The config v2 workflow has an order of magnitude better performance than config v1 as the metadata is built only once as opposed to for every migration in config v1. As a result, adding 1000 tables now takes about ~10 seconds as opposed to multiple minutes with config v1.

Support for .env file in CLI

ENV vars can now be read from .env file present at the project root directory. A global flag, --envfile, is added so you can explicitly provide the .env filename, which defaults to .env filename if no flag is provided.

Example:

hasura console --envfile production.env

The above command will read ENV vars from production.env file present at the project root directory.

(close #4129) (#4454)

Support servers with self-signed certificates in CLI

A new flag --certificate-authority is added so that the CA certificate can be
provided to trust the Hasura Endpoint with a self-signed SSL certificate.

Another flag --insecure-skip-tls-verification is added to skip verifying the certificate
in case you don't have access to the CA certificate. As the name suggests,
using this flag is insecure since verification is not carried out.

(close #4564) (#4582)

Docs on performing data validations

A new page in docs is added to illustrate the various ways of performing data validations with Hasura. Read it here.

(close #4085) (#4260 )

Other features, bug fixes and improvements

• server: Don't update catalog version if using --dryRun (#3970)
• server, cli: use prerelease tag as channel for console assets cdn (#3927)
• server: improve performance of replace_metadata tracking many tables (fix #3802)
• server: option to reload remote schemas in 'reload_metadata' API (fix #3792, #4117)
• server: fix various space leaks to avoid excessive memory consumption
• server: event triggers refactor with backpressure. HASURA_GRAPHQL_EVENTS_FETCH_INTERVAL changes semantics slightly (close #3839)
• server: fix postgres query error when computed fields included in mutation response (fix #4035)
• server: preserve cookie headers from sync action webhook (close #4021)
• server: support reusing Postgres scalars in Actions
• server: accept a new argument "claims_namespace_path" in JWT config
• server: fix bug with reserved keywords in column references (fix #3597) #3927
• server: fix postgres specific error message that exposed database type on invalid query parameters (#4294)
• server: manage inflight events when HGE instance is gracefully shutdown (close #3548)
• server: fix an edge case where some events wouldn't be processed because of internal erorrs (#4213)
• server: type field is not required if jwk_url is provided in JWT config
• server: support inserting unquoted bigint, and throw an error if value overflows the bounds of the integer type (fix #576) (fix #4368)
• server: add support for webhook auth connection expiration in websockets (close #3867) (#4196)
• console: show pre-release update notifications with opt out option (#3888)
• console: handle invalid keys in permission builder (close #3848) (#3863)
• console: enum field values can be selected through a dropdown in insert/edit rows page (close #3748) (#3810)
• console: exported metadata filenames are now unique(hasura_metadata_<timestamp>.json) (close #1772) (#4106)
• console: allow bulk deleting rows in 'Browse Rows' section (close #1739) (#3735)
• console: fix computed field permission selection (#4246)
• console: allow customising root fields of single row mutations (close #4203) (#4254)
• console: fix json string rendering in data browser (close #4201) (#4221)
• console: handle long column names in event trigger update columns (close #4123) (#4210)
• console: disable selecting roles without permissions for bulk actions (close #4178) (#4195)
• console: fix passing default value to JsonInput (#4175)
• console: fix parsing of wrapped types in SDL (close #4099) (#4167)
• console: misc actions fixes (#4059)
• console: action relationship page improvements (fix #4062, #4130) (#4133)
• console: manage Postgres check constraints from Create Table page
• console: persist page state in data browser across navigation
• console: allow customising graphql field names for columns of views
• console: fix clone permission migrations (close #3985) (#4277)
• console: decouple data rows and count fetch in data browser to account for really large tables (close #3793) (#4269)
• console: update cookie policy for API calls to "same-origin"
• console: redirect to /:table/browse from /:table (close #4330) (#4374)
• console: change react ace editor theme to eclipse (close #4437)
• console: fix columns reordering for relationship tables in data browser (#4483)
• console: format row count in data browser for readablity (#4433)
• console: move pre-release notification tooltip msg to top (#4433)
• console: remove extra localPresets key present in migration files on permissions change (close #3976) (#4433)
• console: make nullable and unique labels for columns clickable in insert and modify (#4433)
• console: fix row delete for relationships in data browser (#4433)
• console: prevent trailing spaces while creating new role (close #3871) (#4497)
• cli: bug fixes related to actions (#3951)
• cli(actions): preserve action definition in metadata apply (fix… (#3993)
• cli: fix flags in actions, migrate and metadata cmd (fix #3982) (#3991)
• cli: add version flag in update-cli command (#3996)
• cli: fix init command to generate correct config (fix #4036) (#4038)
• cli: fix parse error returned on console api (close #4126) (#4152)
• cli: fix typo in cli example for squash (fix #4047) (#4049)
• cli: set_table_is_enum metadata type for squashing migrations (close #4394) (#4395)
• cli: add retry_conf in event trigger for squashing migrations (close #4296) (#4324)
• cli: allow customization of server api paths (close #4016)
• cli: clean up migration files created during a failed migrate api (close #4312) (#4319)
• cli: add support for multiple versions of plugin (close #4105)
• cli: template assets path in console HTML for unversioned builds
• docs: add statement to grant hasura permissions for PG functions (#4238)
• docs: add docs for redeliver_event api (fix #4176) (#4177)
• docs: update permission.rst for check constraint api (#4124)
• docs: add note on pg versions for actions (#4034)
• docs: add latest prerelease build info (close #4041) (#4048)
• docs: add AuthGuardian JWT guide (#3958)
• docs: add One-Click Render deployment guide (close #3683) (#4209)
• docs: add API docs for using environment variables as webhook urls in event triggers (#4462)
• docs: add configuration reference docs for CLI (close #4327) (#4408)
• docs: add mapping of hasura operators to PG operators (close #4056) (#4502)

Using this release

Use the following docker image:

hasura/graphql-engine:v1.2.0

CLI

Download the binary:

• Linux
• macOS
• Windows

Using existing CLI:

hasura update-cli