Hasura - v1.0.0-alpha26


This release introduced a bug that caused auth webhooks to stop working. The issue has been fixed (see #894) and is released as alpha27. Please avoid upgrading to this release and update to 27 instead.

IMPORTANT This release breaks the order_by API. Please read these notes before upgrading.

Breaking changes:

The syntax of order_by changes from order_by: id_asc to order_by: {id: asc}. This is needed to support more powerful order_by arguments. See 2 in features.


  1. Aggregations: Now you can do basic aggregations like count, sum, avg etc. using the GraphQL interface. For every table there will be a table_aggregate field:

graphql { articles_aggregate(where: {author_id: {_eq: 1}}) { aggregate { avg { rating } max { rating } } } }

Every array relationship will also have an associated _aggregate field.

You can also do counts for pagination

graphql { articles_aggregate(where: {title: {_ilike : "%hello%"}}) { aggregate { totalCount: count } } articles (where: {title: {_ilike : "%hello%"}} limit: 10) { id title } }

Try them out in GraphiQL ! Aggregations are only enabled for non admin roles through select permissions.

  1. more powerful order by: Now you can order by an object relationships's columns too. This unforutanetly changes the syntax of order_by and we consider this a major breaking change. We couldn't add the new feature with the existing syntax. The syntax changes from order_by: id_asc to order_by: {id: asc}.

For example, if you would like to sort articles based on author's name:

graphql { articles (order_by: {author: {name: asc}}) { id title } }

  1. column presets for insert: Often you would find yourself sending something like user_id from the client side during inserts even though it can be determined on the server from the Authorization header. In the insert permissions you can now configure to force set a column value to some value/or a value from a header. See #216.

  2. allow anonymous role without webhook: Sometimes you would like to assign a role (say anonymous) when a user is not authorized (say missing x-hasura-access-key or missing Authorization header in JWT mode). The server now allows you to specify a role in such instances with --unauthorized-role flag. #595

  3. capture user information in postgres: Often when adding triggers in Postgres to audit your tables you would also want the user information as seen by hasura. You can now access the user information with current_setting('hasura.user') in your pl/pgsql functions. See auditing tables.

  4. event triggers on update only happen when the specified columns change (close #547, close #680) (#550)

  5. retry-after header is respected if present in an event trigger response (#525)

Bug fixes

  • server: user information is now correctly logged in both http and websocket interfaces.
  • server: MultiPolygon GeoJSON types are now correctly parsed
  • cli: fix a typo in metadata command (#788)
  • console: add syntax highlighting for sql in query analysis (#819)
  • console: increase width of schema text section (fix #820) (#822)
  • console: quote schema identifier separately (close #837) (#838)


Oct. 26, 2018, 7:30 p.m.
Register or login to:
  • 🔍View and search all Hasura releases.
  • 🛠️Create and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • 🚀Much more coming soon!
Continue with GitHub
Continue with Google