Skip to content

v2.29.0-beta.1

Pre-release
Pre-release
Compare
Choose a tag to compare
@hasura-bot hasura-bot released this 29 Jun 17:12
· 846 commits to master since this release
v2.29.0-beta.1
90048c8

Changelog

Highlights

Introducing Input Validation for GraphQL Mutations [Beta]

Hasura now offers a new permission layer called "Input Validations." This feature secures mutations by using pre-execution HTTP webhooks to validate data inputs. It enhances security, provides fine-grained control, and improves data integrity.

You can use the environment variable HASURA_GRAPHQL_EXPERIMENTAL_FEATURES = input_validations to enable this on the Server and you can configure input validations via the Console through the table permissions section! 🚀

input-validations

Behaviour changes

  • Remove Data-connector backed databases from the Raw SQL tab in Console as the feature is not supported for them as yet.

  • Remove feature flag for the new permissions UI on Postgres. Use the existing UI for Postgres DBs.

  • Removing a tracked source from the Console will now cascade delete any dependant metadata objects on other sources.

  • The cumulative header size limit for HTTP requests is set to 1MB. (Cloud only)

Bug fixes and improvements

Server

  • Implements support for using native GraphQL arrays with Postgres arrays, including filtering with _contains and _contained_in.
  • Restore function of the optimize_permission_filters experimental feature.
  • Add support for {{}} style templates for headers in Actions, Remote Schemas and Event Triggers. You can specify the template as the header value. e.g. bearer {{TOKEN_ENV_VAR}}
  • Check for, and disallow, conflicting array and object relationships on the same Native Query.
  • Properly handle MS SQL Server inserts with an empty array of values (resolves #8959)
  • Adds support for setting a default isolation level for MS SQL Server sources and set the default behaviour to read-committed.
  • Adds a new environment variable HASURA_GRAPHQL_MAX_TOTAL_HEADER_LENGTH, to configure the cumulative header size limit (in bytes) for HTTP requests, with a default value of 1MB. (Community / Enterprise edition only)
  • Fixes a bug with the Schema Registry where we sent older Metadata resource versions and inconsistent schemas. (Cloud only)

Console

  • Fix navigation when a data source is removed.
  • The table header for the browse row UI is now sticky.
  • Improve table tracking UI for Postgres/MS SQL Server. This is an experimental feature and can be enabled from Settings > Feature Flags > Enable new Table Tracking UI for Postgres & SQL Server
  • Add missing common operators in permissions for types: geography and geometry
  • Fix array relationship details not showing and allow untracking which was not working in certain edge conditions in new relationships UI. (resolves #9713, #9595)
  • Allows nesting of Logical Models on creation. Logical Models can also now be marked as arrays in order to have one-to-many relationships defined.
  • Adds a Logical Models Details view.
  • Enable browse rows and relationship tabs for MongoDB. (Cloud / Enterprise edition only)
  • Improves error handling for the database latency check when Hasura cannot connect to the project's connected data source. (Cloud only)

Build

  • Upgrades our Docker images to Ubuntu 22.04 to benefit from the latest security patches and improvements.
Assets 7