Skip to content

v1.29.1

Compare
Choose a tag to compare
@apollo-bot2 apollo-bot2 released this 04 Sep 17:11
· 2532 commits to dev since this release
891d41e

🚀 Features

GraphOS Enterprise: Authorization (PR #3397, PR #3662)

⚠️ This is an Enterprise feature of the Apollo Router. It requires an organization with a GraphOS Enterprise plan.

If your organization doesn't currently have an Enterprise plan, you can test out this functionality by signing up for a free Enterprise trial.

We introduce two new directives, @requiresScopes and @authenticated, that define authorization policies for fields and types in the supergraph schema, composed with Federation version 2.5.3 or higher.

They are defined as follows:

scalar federation__Scope
directive @requiresScopes(scopes: [[federation__Scope!]!]!) on OBJECT | FIELD_DEFINITION | INTERFACE | SCALAR | ENUM

This directive allows granular access control through user-defined scopes.

directive @authenticated on OBJECT | FIELD_DEFINITION | INTERFACE | SCALAR | ENUM

This directive allows access to the annotated field or type for authenticated requests only.
For more information on how to use these directives, please read Apollo Router docs

By @Geal in #3397 #3662

🐛 Fixes

Subscriptions: Correct v1.28.x regression allowing panic via un-named subscription operation

Correct a regression that was introduced in Router v1.28.0 which made a Router panic possible when the following three conditions are all met:

  1. When sending an un-named (i.e., "anonymous") subscription operation (e.g., subscription { ... }); and;
  2. The Router has a subscription type defined in the Supergraph schema; and
  3. Have subscriptions enabled (they are disabled by default) in the Router's YAML configuration, either by setting enabled: true or by setting a mode within the subscriptions object (as seen in the subscriptions documentation.

By @o0Ignition0o in #3738

Update Deno to resolve Rust Docs generation failure (Issue #3305)

We've updated to the latest version of Deno (0.200) to fix errors when generating docs.rs/apollo-router.

By @o0Ignition0o in #3626

GraphQL response processing is now captured under the execution span (PR #3732)

Ensure processing is captured under the "execution" span. Previously, events would be reported under the supergraph span or — even more arbitrarily — any plugin's span (e.g., Rhai).

By @Geal in #3732

🛠 Maintenance

Apollo Uplink connections re-use the existing HTTP client (Issue #3333)

A single HTTP client will now be shared between requests of the same type when making requests to Apollo Uplink to fetch supergraphs, licenses and configuration from Studio. Previously, such requests created a new HTTP client on each periodic fetch which occasionally resulted in CPU spikes, especially on macOS.

By @BrynCooke in #3703

Remove unneeded schema parsing steps (PR #3547)

Access to a parsed schema is required in various parts of the Router. Previously were were parsing the schema multiple times, but this is now fixed.

By @Geal in #3547