Hasura - v2.35.0




New model count summary

Adds a model count summary page to the data tab to easily see the count of tables, collections, and logical models available in your metadata.

Behaviour changes

  • The Server HTTP header is no longer included in server responses by default. This change enhances security by withholding potentially sensitive information about the server version that could aid attackers in identifying known security vulnerabilities. This new default behavior aligns with the recommendations in RFC 2068.

  • Disallow subscriptions on fields using remote relationship permission.

Bug fixes and improvements


  • Fix an issue where Event Triggers for MS SQL Server failed for tables with columns named after reserved words.
  • Allow relationship mappings to contain paths to fields of nested objects in document databases such as MongoDB.
  • Using ' for strings is the only method guaranteed to function on MySQL. The behavior of " is dictated by the ANSI_QUOTES setting: https://dev.mysql.com/doc/refman/8.2/en/sql-mode.html#sqlmode_ansi_quotes

This was causing errors during introspection:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"$[*]\" COLUMNS(schemaname VARCHAR(255) PATH \"$.s\", tablename VARCHAR(255) PATH \"' at line 14"
- Add $session_variables to the context of response transforms.
- PostgreSQL 16 is now officially supported.
- PostgreSQL 11 is no longer officially supported, as it will be end of life as of November 9, 2023. Hasura GraphQL Engine will continue working with PostgreSQL 11 but functionality may break in the future.
- Adds a new Environment Variable HASURA_GRAPHQL_ASYNC_ACTIONS_FETCH_BATCH_SIZE (async-actions-fetch-batch-size) which sets the number of asynchronous action requests processed at a time (default: 10).
- Fix issue with SQL Server not being able to deal with large results when the target of a remote relationship.
- Disabled polling of the database when HASURA_GRAPHQL_EVENTS_FETCH_INTERVAL = 0. This prevents continuous polling by the event trigger.
- Added the _like and _nlike operators to the supported list of operators in BigQuery permissions.
- Support a new template_variables configuration property for Data Connector sources that allows the definition of variables, the values of which can be read from files. The intended use case is for environments that rotate secrets frequently, where otherwise we would have to restart. The environment variable HASURA_DYNAMIC_DATA_SOURCE_ALLOWED_PATH_PREFIX must be set to enable this feature and limits access to the file system. (Community / Enterprise edition only)
- Add PostgreSQL and CockroachDB datasource dynamic_from_file configuration. Whenever a new connection is established, Hasura will read the connection string found in the configuration file to establish the connection. The intended use case is for environments that rotate secrets frequently, where otherwise, we would have to restart. To use this feature, HASURA_DYNAMIC_DATA_SOURCE_ALLOWED_PATH_PREFIX must also be set and non-empty. To get the same dynamic behavior for the metadata database, we now support setting HASURA_GRAPHQL_DATABASE_URL=dynamic-from-file:///path/to/file. (Community / Enterprise edition only)
- Add support for OpenTelemetry OTLP log export. (Cloud / Enterprise edition only)
- Add support for W3C Trace Context propagation for OpenTelemetry. (Cloud / Enterprise edition only)
- Adds new Prometheus metrics hasura_http_request_bytes_total and hasura_http_response_bytes_total. (Cloud / Enterprise edition only)
- Support env template for OpenTelemetry attributes. (Cloud / Enterprise edition only)
- Fix the source health check /healthz/sources API, where the health check for sources whose database URL is specified as an environment variable always results in a FAILED state. (fix #9904) (Cloud only)


  • Fix an edge case with column select permission when * wildcard is used instead of explicitly listing all column names.
  • Make the β€œInsert Row” tab available for Data-Connector based databases which support mutations.
  • Fix an issue with validating dynamic routing. (Cloud / Enterprise edition only)
  • MongoDB enhancements: (Cloud / Enterprise edition only)
  • Improved support for $oid and $date objects.
  • Improved handling of array type introspection.
  • Added better error handling for mis-typed arrays.
  • Added improved namespacing when adding Collections using introspection to avoid naming collisions.
  • Added descriptive error handler for mis-matched array types in introspection (objects and scalars).

Data Connectors

  • Added a connector for Redshift support.
  • Bugfix for issue whereby relationships with predicates were failing in Snowflake when fully qualified table names were being used.


Security wording was detected, but no CVEs were found.


Oct. 31, 2023, 11:53 a.m.
Register or login to:
  • πŸ”View and search all Hasura releases.
  • πŸ› οΈCreate and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • πŸš€Much more coming soon!
Continue with GitHub
Continue with Google