Urgent security patch for 1.2

🚨 🚨 Urgent security patch for 1.2.0 🚨 🚨

If you’re on v1.2.0-beta.5 or v1.2.0, please upgrade to v1.2.1 immediately since you may be impacted. Please reach out to us at support@hasura.io or on our website chat if you have any questions and need help.

Security advisory and details published here: GHSA-j622-hw7j-c72x

v1.2.0

Changelog

Highlights

Introducing Hasura Actions

Actions are a way to extend Hasura’s auto-generated schema with user-defined queries and mutations. These custom queries and mutations are backed by REST APIs in which you can perform any kind of business logic.

A new Action can be created by defining it in GraphQL SDL in Console or CLI:

An Action can also be derived from an existing query or mutation:

And, you can get some codegen for Action handlers as well:

That is not all! You can also create relationships with the rest of the graph and put Actions under Hasura's role-based permission system as well.

Read more about Actions in the docs.

(#3042) (#3252) (#3859)

Debugging mode for non-admin roles

For any errors the server sends extra information in extensions field under internal key. Till now this was only available for admin role requests. To enable this for other roles, start the server with --dev-mode flag or set HASURA_GRAPHQL_DEV_MODE env variable to true:

$ graphql-engine --database-url <database-url> serve --dev-mode

In case you want to disable internal field for admin role requests, set --admin-internal-errors option to false or or set HASURA_GRAPHQL_ADMIN_INTERNAL_ERRORS env variable to false

$ graphql-engine --database-url <database-url> serve --admin-internal-errors false

This feature come in handy during development when you may want to see detailed errors irrespective of roles.

Post-update check in update permissions

Along with the check for filtering rows that can be updated, you can now set a post-update permission check that needs to be satisfied by the updated rows after the update is made. Read more in the RFC.

(close #384) (rfc #3750) (#3804) (close #4142) (#4313)

Backend-only insert permissions

Introduces optional backend_only (default: false) configuration in insert permissions. See api reference.

If this is set to true, the insert mutation is accessible to the role only if the request is accompanied by x-hasura-use-backend-only-permissions session variable whose value is set to true along with the x-hasura-admin-secret header.

Otherwise, the behavior of the permission remains unchanged.

This feature is useful for disabling insert_table mutation for frontend clients (for a role) while still being able to access it from a Action webhook handler (with the same role).

(rfc #4120) (#4224)

Support for more operators and postgres features:

• add support for _inc on real, double, numeric and money (#3573)
• add support special characters in JSON path query argument e.g obj['Hello World!'] (#3890) (#4482)
• add support for timestamps without timezones (fix #1217)
• Postgres materialized views can be added from the console ( #91) (#4270)

Downgrade command

A new command is added to the server for downgrading to earlier releases. Previously, if you ran a newer Hasura version and wanted to go back to an old version on the same database, you had to stop Hasura, run some SQL statements and start Hasura again. With the new downgrade command, these SQL statements can be run automatically.

Example: Downgrade from v1.2.0 to v1.0.0:

# stop hasura v1.2.0

# run the following command:
docker run hasura/graphql-engine:v1.2.0 graphql-engine --database-url <db-url> downgrade --to-v1.1.0

# start hasura v1.1.0

Read more about this command in the docs.

(close #1156) (#3760)

New migrations workflow: Config v2

A new workflow for managing migrations and metadata is introduced. In this workflow, called config v2, migrations are pure SQL files and metadata is a collection of declarative files. Read more about this workflow in the docs.

To see what has changed from previous (i.e. config v1) workflow, read this.

If you're have a project with version: 2 in config.yaml, you should use the new image: hasura/graphql-engine:v1.2.0.cli-migrations-v2. Mount the migrations at /hasura-migrations and metadata at /hasura-metadata.

The config v2 workflow has an order of magnitude better performance than config v1 as the metadata is built only once as opposed to for every migration in config v1. As a result, adding 1000 tables now takes about ~10 seconds as opposed to multiple minutes with config v1.

Support for .env file in CLI

ENV vars can now be read from .env file present at the project root directory. A global flag, --envfile, is added so you can explicitly provide the .env filename, which defaults to .env filename if no flag is provided.

Example:

hasura console --envfile production.env

The above command will read ENV vars from production.env file present at the project root directory.

(close #4129) (#4454)

Support servers with self-signed certificates in CLI

A new flag --certificate-authority is added so that the CA certificate can be
provided to trust the Hasura Endpoint with a self-signed SSL certificate.

Another flag --insecure-skip-tls-verification is added to skip verifying the certificate
in case you don't have access to the CA certificate. As the name suggests,
using this flag is insecure since verification is not carried out.

(close #4564) (#4582)

Docs on performing data validations

A new page in docs is added to illustrate the various ways of performing data validations with Hasura. Read it here.

(close #4085) (#4260 )

Other features, bug fixes and improvements

• server: Don't update catalog version if using --dryRun (#3970)
• server, cli: use prerelease tag as channel for console assets cdn (#3927)
• server: improve performance of replace_metadata tracking many tables (fix #3802)
• server: option to reload remote schemas in 'reload_metadata' API (fix #3792, #4117)
• server: fix various space leaks to avoid excessive memory consumption
• server: event triggers refactor with backpressure. HASURA_GRAPHQL_EVENTS_FETCH_INTERVAL changes semantics slightly (close #3839)
• server: fix postgres query error when computed fields included in mutation response (fix #4035)
• server: preserve cookie headers from sync action webhook (close #4021)
• server: support reusing Postgres scalars in Actions
• server: accept a new argument "claims_namespace_path" in JWT config
• server: fix bug with reserved keywords in column references (fix #3597) #3927
• server: fix postgres specific error message that exposed database type on invalid query parameters (#4294)
• server: manage inflight events when HGE instance is gracefully shutdown (close #3548)
• server: fix an edge case where some events wouldn't be processed because of internal erorrs (#4213)
• server: type field is not required if jwk_url is provided in JWT config
• server: support inserting unquoted bigint, and throw an error if value overflows the bounds of the integer type (fix #576) (fix #4368)
• server: add support for webhook auth connection expiration in websockets (close #3867) (#4196)
• console: show pre-release update notifications with opt out option (#3888)
• console: handle invalid keys in permission builder (close #3848) (#3863)
• console: enum field values can be selected through a dropdown in insert/edit rows page (close #3748) (#3810)
• console: exported metadata filenames are now unique(hasura_metadata_<timestamp>.json) (close #1772) (#4106)
• console: allow bulk deleting rows in 'Browse Rows' section (close #1739) (#3735)
• console: fix computed field permission selection (#4246)
• console: allow customising root fields of single row mutations (close #4203) (#4254)
• console: fix json string rendering in data browser (close #4201) (#4221)
• console: handle long column names in event trigger update columns (close #4123) (#4210)
• console: disable selecting roles without permissions for bulk actions (close #4178) (#4195)
• console: fix passing default value to JsonInput (#4175)
• console: fix parsing of wrapped types in SDL (close #4099) (#4167)
• console: misc actions fixes (#4059)
• console: action relationship page improvements (fix #4062, #4130) (#4133)
• console: manage Postgres check constraints from Create Table page
• console: persist page state in data browser across navigation
• console: allow customising graphql field names for columns of views
• console: fix clone permission migrations (close #3985) (#4277)
• console: decouple data rows and count fetch in data browser to account for really large tables (close #379...

v1.2.0-beta.5

Changelog

(This is the final beta release for v1.2)

Highlights

server: debugging mode for non-admin roles

For any errors the server sends extra information in extensions field under internal key. Till now this was only available for admin role requests. To enable this for other roles, start the server with --dev-mode flag or set HASURA_GRAPHQL_DEV_MODE env variable to true:

$ graphql-engine --database-url <database-url> serve --dev-mode

In case you want to disable internal field for admin role requests, set --admin-internal-errors option to false or or set HASURA_GRAPHQL_ADMIN_INTERNAL_ERRORS env variable to false

$ graphql-engine --database-url <database-url> serve --admin-internal-errors false

This feature come in handy during development when you may want to see detailed errors irrespective of roles.

Improved internal errors for Actions:

(This is a small breaking change with previous 1.2.0-beta releases)

The internal field for action errors is improved with more debug information. It now includes request,
response and error fields instead of just webhook_response field.

Before:

{
  "errors": [
    {
      "extensions": {
        "internal": {
          "webhook_response": {
            "age": 25,
            "name": "Alice",
            "id": "some-id"
          }
        },
        "path": "$",
        "code": "unexpected"
      },
      "message": "unexpected fields in webhook response: age"
    }
  ]
}

After:

{
  "errors": [
    {
      "extensions": {
        "internal": {
          "error": "unexpected response",
          "response": {
            "status": 200,
            "body": {
              "age": 25,
              "name": "Alice",
              "id": "some-id"
            },
            "headers": [
              {
                "value": "application/json",
                "name": "Content-Type"
              },
              {
                "value": "abcd",
                "name": "Set-Cookie"
              }
            ]
          },
          "request": {
            "body": {
              "session_variables": {
                "x-hasura-role": "admin"
              },
              "input": {
                "arg": {
                  "age": 25,
                  "name": "Alice",
                  "id": "some-id"
                }
              },
              "action": {
                "name": "mirror"
              }
            },
            "url": "http://127.0.0.1:5593/mirror-action",
            "headers": []
          }
        },
        "path": "$",
        "code": "unexpected"
      },
      "message": "unexpected fields in webhook response: age"
    }
  ]
}

server: backend only insert permissions

Introduces optional backend_only (default: false) configuration in insert permissions. See api reference.

If this is set to true, the insert mutation is accessible to the role only if the request is accompanied by x-hasura-use-backend-only-permissions session variable whose value is set to true along with the x-hasura-admin-secret header.

Otherwise, the behavior of the permission remains unchanged.

This feature is useful for disabling insert_table mutation for frontend clients (for a role) while still being able to access it from a Action webhook handler (with the same role).

(rfc #4120) (#4224)

server: add support for _inc on real, double, numeric and money

(fix #3573)

server: support special characters in JSON path query argument

The path argument in json/jsonb fields can accept bracket [] notation, e.g obj['Hello World!']

(#3890) (#4482)

server: add support for timestamps without timezones

(fix #1217)

console: allow setting post-update check in update permissions

Along with the check for filtering rows that can be updated, you can now set a post-update permission check that needs to be satisfied by the updated rows after the update is made. Read more in the RFC.

(close #4142) (#4313)

console: support for Postgres materialized views

Postgres materialized views are views that are persisted in a table-like form. They are now supported in the Hasura Console, in the same way as views. They will appear on the 'Schema' page, under the 'Data' tab, in the 'Untracked tables or views' section.

(close #91) (#4270)

cli: add support for .env file

ENV vars can now be read from .env file present at the project root directory. A global flag, --envfile, is added so you can explicitly provide the .env filename, which defaults to .env filename if no flag is provided.

Example:

hasura console --envfile production.env

The above command will read ENV vars from production.env file present at the project root directory.

(close #4129) (#4454)

docs: map Hasura operators to corresponding Postgres operators

Document the mapping of Hasura operators to corresponding Postgres operators at various places in docs and link to Postgres documentation for reference. For example, see this.

(#4502) (close #4056)

Bug fixes and improvements

• server: support inserting unquoted bigint, and throw an error if value overflows the bounds of the integer type (fix #576) (fix #4368)
• server: fix bug with recreating action's permissions (close #4377)
• console: change react ace editor theme to eclipse (close #4437)
• console: fix columns reordering for relationship tables in data browser (#4483)
• console: format row count in data browser for readablity (#4433)
• console: move pre-release notification tooltip msg to top (#4433)
• console: remove extra localPresets key present in migration files on permissions change (close #3976) (#4433)
• console: make nullable and unique labels for columns clickable in insert and modify (#4433)
• console: fix row delete for relationships in data browser (#4433)
• console: prevent trailing spaces while creating new role (close #3871) (#4497)
• docs: add API docs for using environment variables as webhook urls in event triggers (#4462)
• docs: add configuration reference docs for CLI (close #4327) (#4408)

Using this release

Use the following docker image:

hasura/graphql-engine:v1.2.0-beta.5

CLI

Download the binary:

• Linux
• macOS
• Windows

Using existing CLI ( since v1.2.0-beta.2):

hasura update-cli --version v1.2.0-beta.5

v1.2.0-beta.4

Changelog

Highlights

server: add query support in Actions

Now, you can have Actions with queries! Read more in the docs.

(close #4032) (#4309, #4318)

server: support reusing Postgres scalars in Actions

You can now use types like uuid, timestamptz in your Action without defining them.

(close #4125)

server: accept a new argument "claims_namespace_path" in JWT config

You can now provide a JSONPath to Hasura claims in your JWT. Read more in the docs.

For e.g. values like $.hasura.claims or $ (i.e. root of the payload)

(close #4349) (#4365)

console: persist page state in data browser across navigation

The order, collapsed state of columns and rows limit is now persisted across page navigation

(close #3390) (#3753)

console: allow customising graphql field names for columns of views

(close #3689) (#4255)

Bug fixes and improvements

• cli: set_table_is_enum metadata type for squashing migrations (close #4394) (#4395)
• cli: add retry_conf in event trigger for squashing migrations (close #4296) (#4324)
• cli: allow customization of server api paths (close #4016)
• cli: clean up migration files created during a failed migrate api (close #4312) (#4319)
• cli: add support for multiple versions of plugin (close #4105)
• cli: template assets path in console HTML for unversioned builds
• console: recover from SDL parse in actions type definition editor (fix #4385) (#4389)
• console: fix clone permission migrations (close #3985) (#4277)
• console: decouple data rows and count fetch in data browser to account for really large tables (close #3793) (#4269)
• console: update cookie policy for API calls to "same-origin"
• console: redirect to /:table/browse from /:table (close #4330) (#4374)
• docs: add One-Click Render deployment guide (close #3683) (#4209)
• server: reserved keywords in column references break parser (fix #3597) #3927
• server: fix postgres specific error message that exposed database type on invalid query parameters (#4294)
• server: manage inflight events when HGE instance is gracefully shutdown (close #3548)
• server: fix an edge case where some events wouldn't be processed because of internal erorrs (#4213)
• server: fix downgrade not working to version v1.1.1 (#4354)
• server: type field is not required if jwk_url is provided in JWT config

Using this release

Use the following docker image:

hasura/graphql-engine:v1.2.0-beta.4

CLI

Download the binary:

• Linux
• macOS
• Windows

Using existing CLI ( since v1.2.0-beta.2):

hasura update-cli --version v1.2.0-beta.4

v1.2.0-beta.3

Changelog

console: manage Postgres check constraints from Create Table page

Check constraints were already part of Modify Table page. They have been brought to Create Table page as well.

Example:
When a product is created, ensure that the price is greater than zero. The SQL would look like this:

CREATE TABLE products (
    product_id UUID DEFAULT gen_random_uuid(),
    name TEXT,
    price NUMERIC CONSTRAINT positive_price CHECK (price > 0)
);

To create this table with Hasura Console, on the 'Add a new table' screen, after adding all the columns, scroll down to 'Check constraints' section and 'Add a new check constraint' with the following properties:

• Constraint name: positive_price
• Check expression: price > 0

Read more about check constraints on Postgres Docs.

(close #1700) (#3881)

CLI: V2 migrations architecture

A new CLI migrations image is introduced to account for the new migrations workflow. If you're have a project with version: 2 in config.yaml, you should use the new image: hasura/graphql-engine:v1.2.0-cli-migrations-v2. Mount the migrations at /hasura-migrations and metadata at /hasura-metadata.

Docs will be updated soon.

(close #3969) (#4145)

Bug fixes and improvements

• server: improve performance of replace_metadata tracking many tables (fix #3802)
• server: option to reload remote schemas in 'reload_metadata' API (fix #3792, #4117)
• server: fix various space leaks to avoid excessive memory consumption
• server: event triggers refactor with backpressure. HASURA_GRAPHQL_EVENTS_FETCH_INTERVAL changes semantics slightly: we sleep for the interval only when there were previously no events to process (close #3839)
• server: fix postgres query error when computed fields included in mutation response (fix #4035)
• server: fix __typename not being included for custom object types (fix #4063)
• server: preserve cookie headers from sync action webhook (close #4021)
• server: validate action webhook response to conform to action output type (fix #3977)
• server: add 'ID' to default scalars in custom types (fix #4061)
• console: enum field values can be selected through a dropdown in insert/edit rows page (close #3748) (#3810)
• console: exported metadata filenames are now unique(hasura_metadata_<timestamp>.json) (close #1772) (#4106)
• console: allow bulk deleting rows in 'Browse Rows' section (close #1739) (#3735)
• console: fix computed field permission selection (#4246)
• console: allow customising root fields of single row mutations (close #4203) (#4254)
• console: fix json string rendering in data browser (close #4201) (#4221)
• console: handle long column names in event trigger update columns (close #4123) (#4210)
• console: disable selecting roles without permissions for bulk actions (close #4178) (#4195)
• console: fix passing default value to JsonInput (#4175)
• console: fix parsing of wrapped types in SDL (close #4099) (#4167)
• console: misc actions fixes (#4059)
• console: action relationship page improvements (fix #4062, #4130) (#4133)
• cli: fix init command to generate correct config (fix #4036) (#4038)
• cli: fix parse error returned on console api (close #4126) (#4152)
• cli: fix typo in cli example for squash (fix #4047) (#4049)
• docs: add statement to grant hasura permissions for PG functions (#4238)
• docs: add docs for redeliver_event api (fix #4176) (#4177)
• docs: update permission.rst for check constraint api (#4124)
• docs: add note on pg versions for actions (#4034)
• docs: add latest prerelease build info (close #4041) (#4048)
• docs: add AuthGuardian JWT guide (#3958)

Using this release

Use the following docker image:

hasura/graphql-engine:v1.2.0-beta.3

CLI

Download the binary:

• Linux
• macOS
• Windows

Using existing CLI ( since v1.2.0-beta.2):

hasura update-cli --version v1.2.0-beta.3

First patch release for 1.1

This release brings few server-only changes that resolve potential space leaks:

• Event Triggers refactor with backpressure. HASURA_GRAPHQL_EVENTS_FETCH_INTERVAL changes semantics slightly: we sleep for the interval only when there were previously no events to process: c425b55
• More robust forking of threads: c52bfc5
• Better assertions while doing mutable writes: 3a284c0

2nd beta release for 1.2.0

This release fixes bugs that were identified in the 1st beta release.

Changelog

• server: Don't update catalog version if using --dryRun (#3970)
• server, cli: use prerelease tag as channel for console assets cdn (#3927)
• cli: bug fixes related to actions (#3951)
• cli(actions): preserve action definition in metadata apply (fix… (#3993)
• cli: fix flags in actions, migrate and metadata cmd (fix #3982) (#3991)
• cli: add version flag in update-cli command (#3996)

Using this release

Use the following docker image:

hasura/graphql-engine:v1.2.0-beta.2

CLI

Download the binary:

• Linux
• macOS
• Windows

1st beta release for 1.2.0

Hasura Actions

Actions are a way to extend Hasura’s auto-generated mutations with entirely custom ones which can handle various use cases such as data validation, data enrichment from external sources and any other complex business logic.

A new mutation can be created either by defining its GraphQL SDL or by deriving it from an existing Hasura-generated mutation. The resolver is exposed to Hasura as a webhook which can be called synchronously or asynchronously. This release also includes an ever evolving codegen workflow to make managing the custom resolvers easier.

Read more about actions in the docs.

(#3042) (#3252) (#3859)

Downgrade command

A new command is added to the server executable for downgrading to earlier releases. Previously, if you ran a newer Hasura version and wanted to go back to an old version on the same database, you had to stop Hasura, run some SQL statements and start Hasura again. With the new downgrade command, these SQL statements can be run automatically.

Example: Downgrade from v1.2.0 to v1.0.0:

# stop hasura v1.2.0

# run the following command:
docker run hasura/graphql-engine:v1.2.0 graphql-engine --database-url <db-url> downgrade --to-v1.0.0

# start hasura v1.0.0

Read more about this command in the docs.

(close #1156) (#3760)

Bug fixes and improvements

• server: check expression in update permissions (close #384) (rfc #3750) (#3804)
• console: show pre-release update notifications with opt out option (#3888)
• console: handle invalid keys in permission builder (close #3848) (#3863)

Using this release

Use the following docker image:

hasura/graphql-engine:v1.2.0-beta.1

CLI

Download the binary:

• Linux
• macOS
• Windows

v1.1.0

Changelog

Server 🗄️

Batching queries 📚

It's now possible to batch queries (close #1812) (#3490):

query getAuthors {
  authors {
    name
  }
}

query getArticles {
  articles {
    title
  }
}

This will return an array of query results:

[
    {
      "data": {
        "authors": [
          {
            "name": "Sarah"
          },
          {
            "name": "Rachel"
          }
        ]
      }
    },
    {
      "data": {
        "articles": [
          {
            "title": "How to make fajitas"
          },
          {
            "title": "Birthday surprises"
          }
        ]
      }
    }
]

Improved logging

• Log time spent consuming request bytes from socket (close #3547) (#3622)
• Add request timings and count histograms to telemetry (close #3552) (#3622)

Improved caching

• Fix unnecessary conditional logic in cache implementations
• Fix Hasura.Cache.Bounded.mkCacheSize to make sure we don't silently wrap or accept 0
• Initial benchmarks for caching (close #3530)

Other server enhancements

• Allow fine(er)-grained dependency tracking when building permissions
• Caching is now available for recreating event trigger functions
• Metadata is now exported without nulls, empty arrays & default values (#3393)
• Improved performance for querying functions (close #3349) (#3504)
• Read cache control header to refresh JWK (close #3301) (#3446)
• Check database connection in /healthz endpoint (close #2645) (#3440)
• Refactor schema cache (#3394)
• Add fast path for server internal metadata migrations (#3686)

Bug fixes 🐞

• Fix Postgres query error when updating a column with multiple operators (fix #3432) (#3458)
• Fix error of permission views not being unique for long role names (fix #3444) (#3486)
• Fix JSON/JSONB colums being returned as type String in nested returning of mutations (fix #3365) (#3375)
• Fix absence of "args" input field omits session variable argument and causes custom functions to fail (fix #3576)(#3585)
• Include scalars types returning by computed fields in generated schema (fix #3650) (#3651)
• Fix cache-control header parsing for JWK (fix #3655) (#3779)
• Fix connection handler in websocket transport not using the UserAuthentication interface to resolve user info (#3509)

Console 🖥️

Computed fields support on console (close #3203) (#3565)

Computed fields can now be created and managed on the console.

Other console enhancements

• add custom root fields section for views
• display Postgres version in the about page of the console (close #3461)
• add bigint id to frequently used columns (close #3524)
• add info button to inform about Hasura Pro
• pretty print JSON metadata file during export from the console (close #3690)
• accept query params for filter/sort in browse table page (close #833)
• allow manually editing table row permission rules on console
• persist RawSql content across screen changes
• show pre-release update notifications with opt out option

Bug fixes 🐞

• Fix blank image on remote schemas section in console (fix #2209) (#3574)
• Fix console generating incorrect SQL rollback statement for column default value change (fix #3291) (#3441)
• Fix update event trigger & dropping triggers on run_sql (fix #3803 #3784) (#3833)

CLI ⌨️

Use directory name as argument for init command (#3590)

The directory name is now available as an argument to init command:

hasura init my-project

The --directory flag has been marked as deprecated but can still be used.

Drop metadata inconsistencies from CLI (close #2766) (#2973)

So far, metadata inconsistencies had to be handled using console. As of this release, it's possible to manage metadata inconsistencies using the CLI as well.

The following new commands are now available:

hasura metadata inconsistency status
hasura metadata inconsistency list
hasura metadata inconsistency drop

There is also an alias ic: hasura metadata ic list

Add browser flag to console command (close #3333) (#3601)

It's now possible to automatically open the hasura console on your favourite browser instead of the default one by running the following command:

$ hasura console --browser firefox
INFO console running at: http://localhost:9695/ on firefox

Goto a particular migration version (close #2689) (#3715)

A --goto flag is now available with the hasura migrate apply command. All up or down migrations till the version mentioned in goto will be applied in order.

If we have the following state:

$ hasura migrate status
VERSION        SOURCE STATUS  DATABASE STATUS
...
1564701126000  Present        Present
1564701547000  Present        Present
1564702123000  Present        Present
1564702123002  Present        Present
1564702123003  Present        Present
1564738682051  Present        Present
1564738682052  Present        Not Present
1564738682053  Present        Not Present

and we execute the following command:

hasura migrate apply --goto 1564702123002

It will result in the following status:

$ hasura migrate status
VERSION        SOURCE STATUS  DATABASE STATUS
...
1564701126000  Present        Present
1564701547000  Present        Present
1564702123000  Present        Present
1564702123002  Present        Present
1564702123003  Present        Not Present
1564738682051  Present        Not Present
1564738682052  Present        Not Present
1564738682053  Present        Not Present

Other CLI Enhancements

• Examples are now available for all CLI commands (close #3475) (#3492)
• Logs are now displayed as JSON on non-CLI environments (close #2770) (#3528)
• Better error handling on unknown API errors: the CLI now prints out the response code and body (close #2954) (#3104)
• cli(installer): add -f flag to curl (fix #1871) (#3477)
• export metadata without nulls, empty arrays & default values (#3393)

Bug fixes 🐞

• Fix version constraint for update check (close #3719) (#3730)
• Fix various version-related issues with CLI (close #3706) (#3709)
• Update go-binddata, fix realize (close #3588) (#3687)
• Execute down migration in the correct order (#3625)
• Better error handling on non-json api responses (close #2954) (#3104)
• Fix squash command not adding the last down (close #3401) (#3569)
• Mark from flag as required for squash (close #3400) (#3500)

Docs & community 📄🌈

• Document explain API (close #870) (#3739)
• Add information on HASURA_GRAPHQL_PG_CONNECTIONS to docs
• Update server/CONTRIBUTING.md and include manual build and test steps
• Update the console README
• Fix Auth0 integration instructions (fix #2655) (#3214) (#3367)
• Add Netlify event-trigger echo boilerplate (#2985)
• Update docs colour scheme (#3586)

3rd beta release for 1.1.0

This is mostly a bug fix release and unless new critical bugs are discovered, this will be promoted to v1.1.0.

Fixes

• server: disable explain end-points when metadata API is disabled (#3717)
• server: fix postgres errors when using certain columns/relationshps in a mutation's returning clause (#3609, #3642, #3271)
• server: fix parsing JWK expiry time from headers on startup (#3655)
• server: new enum values are now reflected in the schema with 'reload enum values' (#3759)
• server: fix webhook not being called on a trigger definition update (#3791)
• server: fix webhook not being called after migrations/upgrade (#3791)
• server: allow disabling CORS headers through an environment variable (#3782)
• console: handle uncategorized types in permission builder (close #3603) (#3712)
• console: allow "_is_null" operator for all types in permissions (close #3777) (#3813)
• console: handle empty columns / computed fields in permissions (close #3789) (#3813)
• console: separate operators for json and jsonb column types & allow null as valid JSON type in permissions (#3823)
• console: handle "create if not exists" syntax for track table (close #3766) (#3816)

Feature additions

• console: use user friendly terms for filter operators in browse rows page (#3699)
• console: update graphiql explorer (#3073)
• console: allow manually editing permissions (close #1734) (#3823)
• console: accept url query params for filter/sort in browse table page (close #833) (#3041)