Hasura - v2.29.0-beta.1

Changelog

Highlights

Introducing Input Validation for GraphQL Mutations [Beta]

Hasura now offers a new permission layer called "Input Validations." This feature secures mutations by using pre-execution HTTP webhooks to validate data inputs. It enhances security, provides fine-grained control, and improves data integrity. You can now configure this via console through table permissions section! 🚀

Behaviour changes

• Remove Data-connector backed databases from the Raw SQL tab in Console as the feature is not supported for them as yet.

• Remove feature flag for the new permissions UI on Postgres. Use the existing UI for Postgres DBs.

• Removing a tracked source from the Console will now cascade delete any dependant metadata objects on other sources.

• The cumulative header size limit for HTTP requests is set to 1MB. (Cloud only)

Bug fixes and improvements

Server

• Implements support for using native GraphQL arrays with Postgres arrays, including filtering with _contains and _contained_in.
• Restore function of the optimize_permission_filters experimental feature.
• Add support for {{}} style templates for headers in Actions, Remote Schemas and Event Triggers. You can specify the template as the header value. e.g. bearer {{TOKEN_ENV_VAR}}
• Check for, and disallow, conflicting array and object relationships on the same Native Query.
• Properly handle MS SQL Server inserts with an empty array of values (resolves #8959)
• Adds support for setting a default isolation level for MS SQL Server sources and set the default behaviour to read-committed.
• Adds a new environment variable HASURA_GRAPHQL_MAX_TOTAL_HEADER_LENGTH, to configure the cumulative header size limit (in bytes) for HTTP requests, with a default value of 1MB. (Community / Enterprise edition only)
• Fixes a bug with the Schema Registry where we sent older Metadata resource versions and inconsistent schemas. (Cloud only)

Console

• Fix navigation when a data source is removed.
• The table header for the browse row UI is now sticky.
• Improve table tracking UI for Postgres/MS SQL Server. This is an experimental feature and can be enabled from Settings > Feature Flags > Enable new Table Tracking UI for Postgres & SQL Server
• Add missing common operators in permissions for types: geography and geometry
• Fix array relationship details not showing and allow untracking which was not working in certain edge conditions in new relationships UI. (Resolves: #9713, #9595)
• Enable browse rows and relationship tabs for MongoDB. (Cloud / Enterprise edition only)
• Allows nesting of Logical Models on creation. Logical Models can also now be marked as arrays in order to have one-to-many relationships defined. (Cloud / Enterprise edition only)
• Adds a Logical Models Details view. (Cloud / Enterprise edition only)
• Improves error handling for the database latency check when Hasura cannot connect to the project's connected data source. (Cloud only)

Build

• Upgrades our Docker images to Ubuntu 22.04 to benefit from the latest security patches and improvements.