Changelog

This is a patch release for v2.29

Bugfixes and Improvements

Server

• For Remote Schema queries, stop forwarding absent variable values as null to the Remote Schema, i.e. avoid coercing lack of a variable value to null in query arguments.

Changelog

Highlights

Create REST endpoints from a table with one click

With a single click in the Data view of the Console, you can create REST endpoints from tables 🎉 By simply navigating to a table, you can choose which CRUD operations to create, and then interact with these endpoints from the API tab of the Console.

Behaviour changes

• Update Hasura WebSockets to adhere to the graphql-ws protocol standards for cases where connection initialization fails. Upon encountering a failed initialization, the connection is now closed with a server error code 4403: Forbidden, in accordance with the specifications mentioned in the spec.

Bug fixes and improvements

Server

• Add operation_name to subscription Prometheus metrics and Query Tags from parsed executable document when not explicitly included in the body of the request from the client.
• Use the knowledge of a column's nullability to generate simpler permissions SQL expressions for columns that are not nullable (fixes #9637).
• You can now create multiple table relationships (using create_array_relationship and create_object_relationship) within a single metadata transaction using the bulk_atomic Metadata API.
• Extend livequery-poller-log to log the error details for both live queries and streaming subscriptions in the case of any error. Previously there was no way for a user to debug or know what went wrong when the poller thread goes in an error state.
• Adds more detailed error messages on HTTP exception errors in log lines for Event and Scheduled Triggers improving the clarity and ease of troubleshooting.
• Logical Model array/object fields are no longer required in order to create Native Query relationships.
• Support __typename for namespaced subscriptions (fixes #8174).
• Fix over-zealous validation for relationships with after_parent insertion order. This is expected to fix issues #8522, #9451, and #9709.
• A failing Postgres connection will now log a JSON object containing the number of times the connection has been retried, and the host to which a connection is being attempted. (Cloud / Enterprise edition only)
• Fix hasura_active_subscription_pollers_in_error_state metric not decrementing when subscriptions are closed. (Cloud / Enterprise edition only)

Console

• Fix manual relationship creation for CockroachDB on the Console.
• Permissions can be enabled for Snowflake functions from the Console.
• Display boolean comparator in permissions builder for Postgres Computed fields (fixes #9101).
• Support Function Custom Field customization for GDC-backed data sources.
• Fixes the "Next" button state for paginated row views on the Console. Previously, when there were no more rows, the "Next" button was still enabled.
• Fix an issue where the data tab tree view would not refresh after a SQL execution (fixes #8695).
• Adds support for customizing function root fields in Postgres and Citus.
• Fixes request and response transforms generated when importing from an OpenAPI spec and Kriti reserved keywords are present in field names (fixes #9734).
• Long column names truncated in the Insert & Edit row UI now have an icon that shows the full name on hover.

Data Connectors

• Feature enhancements to the Oracle connector: (Cloud / Enterprise edition only)
  • You now have the option to choose the schemas to include in introspection. It accepts a comma separated list that is case sensitive. If left blank it will only return the users owned schema.
  • Materialized views will now be returned during introspection and be allowed to track.
• Added multi-schema support for Snowflake. (Cloud / Enterprise edition only)

Build

• Updates base image to get the latest security updates

Changelog

This is a patch release for v2.29

Bugfixes and Improvements

Server

• Add disable_postgres_arrays experimental feature flag that can be used to preserve the earlier behavior to output types like _text for Postgres array fields instead of [String!] (fix #9756).

Changelog

This is a patch release for v2.11

Bug fixes and improvements

Build

• Update ubuntu focal base image to get the latest security updates.

Changelog

Highlights

Introducing Input Validation for GraphQL Mutations [Beta]

Hasura now offers a new permission layer called "Input Validations." This feature secures mutations by using pre-execution HTTP webhooks to validate data inputs. It enhances security, provides fine-grained control, and improves data integrity.

You can configure input validations via the Console through the table permissions section! 🚀

Support for native Postgres arrays

Adds support for using native GraphQL arrays with Postgres array fields. Also filtering using _contains and _contained_in operators on array fields is now supported. (fixes #348, #7187)

Note that while the earlier format for input to Postgres array fields (ie. "{dog,cat,bat}") is still supported, the output type of array fields have changed, for instance, text[] used to have the type _text, but will now have [String!].

edit: An experimental feature flag disable_postgres_arrays has been added in v2.29.1 to preserve the earlier behavior.

Behaviour changes

• Remove Data-connector backed databases from the Raw SQL tab in Console as the feature is not supported for them as yet.

• Remove feature flag for the new permissions UI on Postgres. Use the existing UI for Postgres DBs.

• Removing a tracked source from the Console will now cascade delete any dependant metadata objects on other sources.

• The output type of Postgres array fields has changed, for example, for text[] fields from _text to [String!]. See highlight for "Support for native Postgres arrays" above for more details.

• The cumulative header size limit for HTTP requests is set to 1MB. (Cloud only)

Bug fixes and improvements

Server

• Restore function of the optimize_permission_filters experimental feature.
• Add support for {{}} style templates for headers in Actions, Remote Schemas and Event Triggers. You can specify the template as the header value. e.g. bearer {{TOKEN_ENV_VAR}}
• Check for, and disallow, conflicting array and object relationships on the same Native Query.
• Properly handle MS SQL Server inserts with an empty array of values (resolves #8959).
• Add support for setting a default isolation level for MS SQL Server sources and set the default behaviour to read-committed.
• Fix a bug with the Schema Registry where we sent older Metadata resource versions and inconsistent schemas. (Cloud only)
• Add a new environment variable HASURA_GRAPHQL_MAX_TOTAL_HEADER_LENGTH, to configure the cumulative header size limit (in bytes) for HTTP requests, with a default value of 1MB. (Community / Enterprise edition only)

Console

• Fix navigation when a data source is removed.
• The table header for the browse row UI is now sticky.
• Improve table tracking UI for Postgres/MS SQL Server. This is an experimental feature and can be enabled from Settings > Feature Flags > Enable new Table Tracking UI for Postgres & SQL Server
• Add missing common operators in permissions for types: geography and geometry
• Fix array relationship details not showing and allow untracking which was not working in certain edge conditions in new relationships UI. (resolves #9713, #9595)
• Add a Logical Models Details view.
• Allows nesting of Logical Models on creation. Logical Models can also now be marked as arrays in order to have one-to-many relationships defined.
• Enable browse rows and relationship tabs for MongoDB. (Cloud / Enterprise edition only)
• Improves error handling for the database latency check when Hasura cannot connect to the project's connected data source. (Cloud only)

Data Connectors

• Add support for SQL contains comparisons (case-sensitive) for Strings. (Cloud / Enterprise edition only)

Build

• Update ubuntu jammy base image to get the latest security updates.

Changelog

This is a patch release for v2.28

Bugfixes and Improvements

Server

• Fix a regression where null values were rejected for nullable types in Remote Schemas and query validation errors were thrown.

Changelog

Highlights

Introducing Input Validation for GraphQL Mutations [Beta]

Hasura now offers a new permission layer called "Input Validations." This feature secures mutations by using pre-execution HTTP webhooks to validate data inputs. It enhances security, provides fine-grained control, and improves data integrity.

You can use the environment variable HASURA_GRAPHQL_EXPERIMENTAL_FEATURES = input_validations to enable this on the Server and you can configure input validations via the Console through the table permissions section! 🚀

Behaviour changes

• Remove Data-connector backed databases from the Raw SQL tab in Console as the feature is not supported for them as yet.

• Remove feature flag for the new permissions UI on Postgres. Use the existing UI for Postgres DBs.

• Removing a tracked source from the Console will now cascade delete any dependant metadata objects on other sources.

• The cumulative header size limit for HTTP requests is set to 1MB. (Cloud only)

Bug fixes and improvements

Server

• Implements support for using native GraphQL arrays with Postgres arrays, including filtering with _contains and _contained_in.
• Restore function of the optimize_permission_filters experimental feature.
• Add support for {{}} style templates for headers in Actions, Remote Schemas and Event Triggers. You can specify the template as the header value. e.g. bearer {{TOKEN_ENV_VAR}}
• Check for, and disallow, conflicting array and object relationships on the same Native Query.
• Properly handle MS SQL Server inserts with an empty array of values (resolves #8959)
• Adds support for setting a default isolation level for MS SQL Server sources and set the default behaviour to read-committed.
• Adds a new environment variable HASURA_GRAPHQL_MAX_TOTAL_HEADER_LENGTH, to configure the cumulative header size limit (in bytes) for HTTP requests, with a default value of 1MB. (Community / Enterprise edition only)
• Fixes a bug with the Schema Registry where we sent older Metadata resource versions and inconsistent schemas. (Cloud only)

Console

• Fix navigation when a data source is removed.
• The table header for the browse row UI is now sticky.
• Improve table tracking UI for Postgres/MS SQL Server. This is an experimental feature and can be enabled from Settings > Feature Flags > Enable new Table Tracking UI for Postgres & SQL Server
• Add missing common operators in permissions for types: geography and geometry
• Fix array relationship details not showing and allow untracking which was not working in certain edge conditions in new relationships UI. (resolves #9713, #9595)
• Allows nesting of Logical Models on creation. Logical Models can also now be marked as arrays in order to have one-to-many relationships defined.
• Adds a Logical Models Details view.
• Enable browse rows and relationship tabs for MongoDB. (Cloud / Enterprise edition only)
• Improves error handling for the database latency check when Hasura cannot connect to the project's connected data source. (Cloud only)

Build

• Upgrades our Docker images to Ubuntu 22.04 to benefit from the latest security patches and improvements.

Changelog

This is a patch release for v2.28

Bugfixes and Improvements

Server

• Ignore the following cloudflare related headers while building auth-hook token cache key: cf-connecting-ip, cf-ipcountry, cf-ray, cf-visitor.
• Improve performance of schema generation for MySQL, MariaDB and Oracle. (Cloud / Enterprise edition only)
• Fall back to non-cluster mode when Redis cluster support is not available instead of failing. (Enterprise edition only)

Changelog

Highlights

Native Queries and Logical Models are now GA

We are delighted to announce that Native Queries and Logical Models are now GA.

Also Native Queries and Logical Models for Postgres only are now available in Hasura Community Edition.

Redis Clusters for Caching and Rate Limiting (Enterprise edition only)

Hasura GraphQL Engine now supports Redis clusters for caching and rate limiting along with the standalone instances. Users can now provide either a standalone Redis instance or Redis cluster URL in the --redis-url & --rate-limit-redis-url server flags and GraphQL Engine will identify the redis server type and perform the subsequent operations accordingly.

We also have TLS support for redis clusters as a part of this feature. Users can connect to clusters hosted on AWS ElastiCache using TLS.

Behaviour changes

WebSocket connections are now closed on metadata change

All active WebSocket connections will be closed (with error code 1012) on any modifications to metadata. This is to ensure no active subscriptions still use older metadata.

To disable this, please use the close WebSockets on metadata change config.

Change in order of items in exported metadata

When exporting metadata, some items may change order, though this should not happen in any areas where the order is semantically important.

Forward null value passed to Remote Schemas

Forward null value passed to GraphQL query input fields to the upstream Remote Schema (fix #9476).

Previously, when a null value was sent for a nullable field argument in a Hasura query, the respective field was removed from the query before being sent to the Remote Schema. After this change, the null value for a field is forwarded as it is to the Remote Schema.

E.g. Previously, a GraphQL query having a null value given to a nullable field argument would be given to a Remote Schema as:

query MyQuery {
  foo {
    bar 
  }
}

After the changes, the null value is forwarded to the Remote Schema as follows (as it is provided in the Hasura GraphQL query - without omitting the null field).

query MyQuery { 
  foo(nullableField:null) { 
    bar
  } 
}

Stored source introspection (Cloud only)

During Metadata operations and restarts, Hasura introspects configured data sources to generate a GraphQL schema. But if those data sources are intermittently unavailable, this results in partial unavailability of the GraphQL schema in the form of Metadata inconsistencies.

We now avoid this downtime by storing those introspection results so the full GraphQL schema can now be published, even if data sources are temporarily unavailable. However, we consider these stored introspection results stale as they can be inconsistent. So if this mechanism is used, a new type of Metadata Inconsistency is raised. This Metadata Inconsistency can be resolved by a simple reload if the relevant data source has since become available.

Bug fixes and improvements

Server

• If a connection to a data connector-based data source times out while adding the database as a new data source, we now correctly fail to add the data source rather than add a broken data source.
• Make args input argument for computed fields optional if all arguments of the corresponding SQL functions have defaults.
• Fix encoding of null values when sending query parameters to BigQuery.
• Fix a regression where an old PG connection pool could get used, resulting in wrong PG metrics and some other bugs.
• Add support for ES-* (ES256, ES384, ES512) algorithms for signing the JWT.
• Enable function permissions API for Data Connector-based backends.
• The message property in errors returned by Hasura will now be the first property in the JSON object, rather than the last. This should help make errors more immediately readable by making the error message text the first thing that is seen.
• Allow defining Logical Models with Postgres field types that have a precision component or are upper-cased.
• Fix bug where having a semi-colon at the end of a Native Query SQL broke the query.
• Improves parsing of scalar type names for BigQuery to match everything shown in docs. (Cloud / Enterprise edition only)
• Improve performance when processing complex queries with BigQuery. (Cloud / Enterprise edition only)
• Increase the defaults of cache params in EE. (Enterprise edition only)
  The new defaults are -
  HASURA_GRAPHQL_CACHE_MAX_ENTRY_TTL - 3600 seconds
  HASURA_GRAPHQL_CACHE_MAX_ENTRY_SIZE - 1000 MB
  HASURA_GRAPHQL_CACHE_BUCKET_RATE - 10 MB/s
  HASURA_GRAPHQL_CACHE_BUCKET_SIZE - 1 GB

Console

• Add an Export OpenAPI Spec button on the REST Endpoints page to download the Open API spec for the REST Endpoints
• Improve loading UX on permissions editor.
• Adjust layout when enabling experimental permissions on the old UI.
• Fix conversion of legacy notification to the new toast system.
• On REST Endpoints page in Console, send the request variable value as a JSON object if the type of variable is JSON instead of a string.
• Fix custom GraphQL root-field placeholders for update_by_pk and delete_by_pk.
• Add OpenAPI 3.1 support and soft validation for importing Actions.
• Fix a bug where the Native Query detail page does not show associated logical model when viewing and existing Native Query.
• Customize logical model select permissions: Add roles, customize their permission checks, and enable or disable columns.
• Add ability to view details of existing Native Queries.
• Improve Snowflake User Defined Functions tracking experience in the Console. (Cloud / Enterprise edition only)
• Improve error handling for the database latency check when Hasura cannot connect to the project's connected data source. (Cloud only)

Data Connectors

• Views in Snowflake are no longer duplicated in the untracked tables list. (Cloud / Enterprise edition only)

Build

• Update ubuntu focal base image to get the latest security updates.

Changelog

This is a patch release for v2.11

Bug fixes and improvements

Build

• Update ubuntu focal base image to get the latest security updates.