Skip to content

Latest commit

 

History

History
1223 lines (837 loc) · 80 KB

CHANGELOG.md

File metadata and controls

1223 lines (837 loc) · 80 KB

CHANGELOG for @apollo/gateway

2.9.3

Patch Changes

2.9.2

Patch Changes

2.9.1

Patch Changes

2.9.0

Patch Changes

2.8.5

🔒 Security

CVE-2024-43414: Prevent uncontrolled recursion for complex queries

Correct a bug where complex queries can cause uncontrolled recursion due to failure to reduce the number of possible query plans (classified as CWE-674). (#3128)

This weakness impacts all v2 versions of @apollo/gateway prior to this release. See the associated Github Advisory, GHSA-fmj9-77q8-g6c4, for more information.

2.8.4

Patch Changes

2.8.3

Patch Changes

2.8.3-beta.2

Patch Changes

2.8.3-beta.1

Patch Changes

2.8.3-beta.0

Patch Changes

2.8.2

Patch Changes

2.8.1

Patch Changes

2.8.0

Minor Changes

  • Implement new directives to allow getting and setting context. This allows resolvers to reference and access data referenced by entities that exist in the GraphPath that was used to access the field. The following example demonstrates the ability to access the prop field within the Child resolver. (#2988)

    type Query {
      p: Parent!
    }
    type Parent @key(fields: "id") @context(name: "context") {
      id: ID!
      child: Child!
      prop: String!
    }
    type Child @key(fields: "id") {
      id: ID!
      b: String!
      field(a: String @fromContext(field: "$context { prop }")): Int!
    }

Patch Changes

2.8.0-alpha.1

Patch Changes

  • Updated dependencies []:
    • @apollo/composition@2.8.0-alpha.1
    • @apollo/query-planner@2.8.0-alpha.1
    • @apollo/federation-internals@2.8.0-alpha.1

2.8.0-alpha.0

Minor Changes

  • Implement new directives to allow getting and setting context. This allows resolvers to reference and access data referenced by entities that exist in the GraphPath that was used to access the field. The following example demonstrates the ability to access the prop field within the Child resolver. (#2988)

    type Query {
      p: Parent!
    }
    type Parent @key(fields: "id") @context(name: "context") {
      id: ID!
      child: Child!
      prop: String!
    }
    type Child @key(fields: "id") {
      id: ID!
      b: String!
      field(a: String @fromContext(field: "$context { prop }")): Int!
    }

Patch Changes

2.7.8

Patch Changes

  • Triggering a clean 2.7.8 release now that harmonizer build has been fixed. (#3010)

  • Updated dependencies [2ad72802044310a528e8944f4538efe519424504]:

    • @apollo/composition@2.7.8
    • @apollo/federation-internals@2.7.8
    • @apollo/query-planner@2.7.8

2.7.7

Patch Changes

  • No logical changes since 2.7.5 or 2.7.6, but we fixed a bug in the release process, so we need to publish a new patch version (2.7.7). (#2999)

  • Updated dependencies [bee0b0828b4fb6a1d3172ac330560e2ab6c046bb]:

    • @apollo/composition@2.7.7
    • @apollo/federation-internals@2.7.7
    • @apollo/query-planner@2.7.7

2.7.6

Patch Changes

2.7.5

Patch Changes

2.7.4

Patch Changes

2.7.3

Patch Changes

2.7.2

Patch Changes

2.7.1

Patch Changes

2.7.0

Minor Changes

  • Implement progressive @override functionality (#2911)

    The progressive @override feature brings a new argument to the @override directive: label: String. When a label is added to an @override application, the override becomes conditional, depending on parameters provided to the query planner (a set of which labels should be overridden). Note that this feature will be supported in router for enterprise users only.

    Out-of-the-box, the router will support a percentage-based use case for progressive @override. For example:

    type Query {
      hello: String @override(from: "original", label: "percent(5)")
    }

    The above example will override the root hello field from the "original" subgraph 5% of the time.

    More complex use cases will be supported by the router via the use of coprocessors/rhai to resolve arbitrary labels to true/false values (i.e. via a feature flag service).

Patch Changes

2.6.3

Patch Changes

2.6.2

Patch Changes

2.6.1

Patch Changes

  • Updated dependencies [0d5ab01a]:
    • @apollo/federation-internals@2.6.1
    • @apollo/composition@2.6.1
    • @apollo/query-planner@2.6.1

2.6.0

Minor Changes

  • Add more information to OpenTelemetry spans. (#2700)

    Rename operationName to graphql.operation.name and add a graphql.operation.type attribute, in conformance with the OpenTelemetry Semantic Conventions for GraphQL. The operationName attribute is now deprecated, but it is still emitted alongside graphql.operation.name.

    Add a graphql.document span attribute to the gateway.request span, containing the entire GraphQL source sent in the request. This feature is disable by default.

    When one or more GraphQL or internal errors occur, report them in the OpenTelemetry span in which they took place, as an exception event. This feature is disabled by default.

    To enable the graphql.document span attribute and the exception event reporting, add the following entries to your ApolloGateway instance configuration:

    const gateway = new ApolloGateway({
      // ...
      telemetry: {
        // Set to `true` to include the `graphql.document` attribute
        includeDocument: true,
        // Set to `true` to report all exception events, or set to a number
        // to report at most that number of exception events per span
        reportExceptions: true,
        // or: reportExceptions: 1
      },
    });
  • Update license field in package.json to use Elastic-2.0 SPDX identifier (#2741)

  • Introduce the new @policy scope for composition (#2818)

    Note that this directive will only be fully supported by the Apollo Router as a GraphOS Enterprise feature at runtime. Also note that composition of valid @policy directive applications will succeed, but the resulting supergraph will not be executable by the Gateway or an Apollo Router which doesn't have the GraphOS Enterprise entitlement.

    Users may now compose @policy applications from their subgraphs into a supergraph.

    The directive is defined as follows:

    scalar federation__Policy
    
    directive @policy(
      policies: [[federation__Policy!]!]!
    ) on FIELD_DEFINITION | OBJECT | INTERFACE | SCALAR | ENUM

    The Policy scalar is effectively a String, similar to the FieldSet type.

    In order to compose your @policy usages, you must update your subgraph's federation spec version to v2.6 and add the @policy import to your existing imports like so:

    @link(url: "https://specs.apollo.dev/federation/v2.6", import: [..., "@policy"])
  • Add graphql.operation.name attribute on gateway.plan span (#2807)

Patch Changes

  • Updated dependencies [b18841be, e325b499]:
    • @apollo/query-planner@2.6.0
    • @apollo/composition@2.6.0
    • @apollo/federation-internals@2.6.0

2.5.7

Patch Changes

  • Updated dependencies [a0bdd7cb]:
    • @apollo/query-planner@2.5.7
    • @apollo/composition@2.5.7
    • @apollo/federation-internals@2.5.7

2.5.6

Patch Changes

  • Updated dependencies [c719214a]:
    • @apollo/composition@2.5.6
    • @apollo/federation-internals@2.5.6
    • @apollo/query-planner@2.5.6

2.5.5

Patch Changes

  • Fix specific case for requesting __typename on interface entity type (#2775)

    In certain cases, when resolving a __typename on an interface entity (due to it actual being requested in the operation), that fetch group could previously be trimmed / treated as useless. At a glance, it appears to be a redundant step, i.e.:

    { ... on Product { __typename id }} => { ... on Product { __typename} }
    

    It's actually necessary to preserve this in the case that we're coming from an interface object to an (entity) interface so that we can resolve the concrete __typename correctly.

  • Don't preserve useless fetches which downgrade __typename from a concrete type back to its interface type. (#2778)

    In certain cases, the query planner was preserving some fetches which were "useless" that would rewrite **typename from its already-resolved concrete type back to its interface type. This could result in (at least) requested fields being "filtered" from the final result due to the interface's **typename in the data where the concrete type's __typename was expected.

    Specifically, the solution was compute the path between newly created groups and their parents when we know that it's trivial ([]). Further along in the planning process, this allows to actually remove the known-useless group.

  • Propagate type information when renaming entity fields (#2776)

    Aliased entity fields might have been incorrectly overwritten if multiple fields/aliases shared the same name. Query planner automatically renames conflicting fields to ensure we can always generate a valid GraphQL query. The underlying issue was that this key rewriting logic was assuming the same type of an object. In case of entity queries asking for those aliased fields, we ended up always attempting to apply field renaming logic regardless, whether or not a given entity was of the correct type. This fix ensures that the query planner logic correctly accounts for the object type when applying field renaming logic.

  • Updated dependencies [66d7e4ce, a37bbbf6]:

    • @apollo/query-planner@2.5.5
    • @apollo/composition@2.5.5
    • @apollo/federation-internals@2.5.5

2.5.4

Patch Changes

  • Adds header to change the format of exposed query plans, and allows formatting it as json. (#2724)

    When the gateway is configured to allow it, adding the Apollo-Query-Plan-Experimental header to a request already allowed a "prettified" text version of the query plan used for the query is returned in the response extension. This changes adds support for a new (optional) accompanying header, Apollo-Query-Plan-Experimental-Format, which can be set to the value "internal" to have the query plan returned as a json object (that correspond to the internal representation of that query plan) instead of the text version otherwise sent. Note that if that new header is not provided, then the query plan continues to be send in the previous prettified text version.

  • Fix some potentially incorrect query plans with @requires when some dependencies are involved. (#2726)

    In some rare case of @requires, an over-eager optimisation was incorrectly considering that a dependency between 2 subgraph fetches was unnecessary, leading to doing 2 subgraphs queries in parallel when those should be done sequentially (because the 2nd query rely on results from the 1st one). This effectively resulted in the required fields not being provided (the consequence of which depends a bit on the resolver detail, but if the resolver expected the required fields to be populated (as they should), then this could typically result in a message of the form GraphQLError: Cannot read properties of null).

  • Updated dependencies [203b0a44]:

    • @apollo/query-planner@2.5.4
    • @apollo/composition@2.5.4
    • @apollo/federation-internals@2.5.4

2.5.3

Patch Changes

  • Fix execution error in some cases where aliases are used and some values are null. (#2716)

    The error would manifest itself as an INTERNAL_SERVER_ERROR with a message of the form Cannot read properties of null.

  • Updated dependencies [4b9a512b, c6e0e76d, 1add932c, 6f1fddb2]:

    • @apollo/composition@2.5.3
    • @apollo/federation-internals@2.5.3
    • @apollo/query-planner@2.5.3

2.5.2

Patch Changes

  • Remove extraneous call to span.setStatus() on a span which has already ended. (#2697)

    In cases where a subgraph responded with an error, we would sometimes try to set the status of a span which had already ended. This resulted in a warning log to the console (but no effect otherwise). This warning should no longer happen.

  • Fix fallbackPollIntervalInMs behavior. (#2709)

    The fallbackPollIntervalInMs serves 2 purposes:

    • it allows users to provide an Uplink poll interval if Uplink doesn't provide one
    • it allows users to use a longer poll interval that what's prescribed by Uplink

    The second bullet is how the configuration option is documented, but not how it was previously implemented. This change corrects the behavior to respect this configuration if it's provided AND is longer than the Uplink interval.

  • Updated dependencies [35179f08]:

    • @apollo/query-planner@2.5.2
    • @apollo/federation-internals@2.5.2
    • @apollo/composition@2.5.2

2.5.1

Patch Changes

  • Reapply #2639: (#2687)

    Try reusing named fragments in subgraph fetches even if those fragment only apply partially to the subgraph. Before this change, only named fragments that were applying entirely to a subgraph were tried, leading to less reuse that expected. Concretely, this change can sometimes allow the generation of smaller subgraph fetches.

    Additionally, resolve a bug which surfaced in the fragment optimization logic which could result in invalid/incorrect optimizations / fragment reuse.

  • Updated dependencies [b9052fdd]:

    • @apollo/query-planner@2.5.1
    • @apollo/federation-internals@2.5.1
    • @apollo/composition@2.5.1

2.5.0

Minor Changes

  • Do not run the full suite of graphQL validations on supergraphs and their extracted subgraphs by default in production environment. (#2657)

    Running those validations on every updates of the schema takes a non-negligible amount of time (especially on large schema) and mainly only serves in catching bugs early in the supergraph handling code, and in some limited cases, provide slightly better messages when a corrupted supergraph is received, neither of which is worth the cost in production environment.

    A new validateSupergraph option is also introduced in the gateway configuration to force this behaviour.

  • Support responses from subgraphs which use the application/graphql-response+json content-type header. (#2162)

    See graphql-over-http spec for more details: https://graphql.github.io/graphql-over-http/draft/#sec-application-graphql-response-json

  • Introduce the new @authenticated directive for composition (#2644)

    Note that this directive will only be fully supported by the Apollo Router as a GraphOS Enterprise feature at runtime. Also note that composition of valid @authenticated directive applications will succeed, but the resulting supergraph will not be executable by the Gateway or an Apollo Router which doesn't have the GraphOS Enterprise entitlement.

    Users may now compose @authenticated applications from their subgraphs into a supergraph. This addition will support a future version of Apollo Router that enables authenticated access to specific types and fields via directive applications.

    The directive is defined as follows:

    directive @authenticated on FIELD_DEFINITION | OBJECT | INTERFACE | SCALAR | ENUM

    In order to compose your @authenticated usages, you must update your subgraph's federation spec version to v2.5 and add the @authenticated import to your existing imports like so:

    @link(url: "https://specs.apollo.dev/federation/v2.5", import: [..., "@authenticated"])
  • Introduce the new @requiresScopes directive for composition (#2649)

    Note that this directive will only be fully supported by the Apollo Router as a GraphOS Enterprise feature at runtime. Also note that composition of valid @requiresScopes directive applications will succeed, but the resulting supergraph will not be executable by the Gateway or an Apollo Router which doesn't have the GraphOS Enterprise entitlement.

    Users may now compose @requiresScopes applications from their subgraphs into a supergraph. This addition will support a future version of Apollo Router that enables scoped access to specific types and fields via directive applications.

    The directive is defined as follows:

    scalar federation__Scope
    
    directive @requiresScopes(
      scopes: [federation__Scope!]!
    ) on FIELD_DEFINITION | OBJECT | INTERFACE | SCALAR | ENUM

    The Scope scalar is effectively a String, similar to the FieldSet type.

    In order to compose your @requiresScopes usages, you must update your subgraph's federation spec version to v2.5 and add the @requiresScopes import to your existing imports like so:

    @link(url: "https://specs.apollo.dev/federation/v2.5", import: [..., "@requiresScopes"])

Patch Changes

2.4.10

Patch Changes

  • Revert #2639 from v2.4.9 (#2681)

    PR #2639 attempts to resolve issues with query fragment reuse, but we've since turned up multiple issues (at least 1 of which is a regression - see #2680. For now, this reverts it until we resolve the regression for a future patch release.

  • Updated dependencies [b6be9f96]:

    • @apollo/query-planner@2.4.10
    • @apollo/federation-internals@2.4.10
    • @apollo/composition@2.4.10

2.4.9

Patch Changes

  • Try reusing named fragments in subgraph fetches even if those fragment only apply partially to the subgraph. Before this change, only named fragments that were applying entirely to a subgraph were tried, leading to less reuse that expected. Concretely, this change can sometimes allow the generation of smaller subgraph fetches. (#2639)

  • Updated dependencies [7ac83456, d60349b3, 1bb7c512, 02eab3ac, fd4545c2]:

    • @apollo/query-planner@2.4.9
    • @apollo/federation-internals@2.4.9
    • @apollo/composition@2.4.9

2.4.8

Patch Changes

2.4.7

Patch Changes

  • Re-work the code use to try to reuse query named fragments to improve performance (thus sometimes improving query (#2604) planning performance), to fix a possibly raised assertion error (with a message of form like Cannot add selection of field X to selection set of parent type Y), and to fix a rare issue where an interface or union field was not being queried for all the types it should be.
  • Updated dependencies [2d44f346]:
    • @apollo/query-planner@2.4.7
    • @apollo/composition@2.4.7
    • @apollo/federation-internals@2.4.7

2.4.6

Patch Changes

  • Updated dependencies [5cd17e69, 8ca107ac, e136ad87]:
    • @apollo/query-planner@2.4.6
    • @apollo/federation-internals@2.4.6
    • @apollo/composition@2.4.6

2.4.5

Patch Changes

  • Supersedes v2.4.4 due to a publishing error with no dist/ folder (#2583)

  • Updated dependencies [c96e24c4]:

    • @apollo/composition@2.4.5
    • @apollo/federation-internals@2.4.5
    • @apollo/query-planner@2.4.5

2.4.4

Patch Changes

  • Fix incorrect import the assert function in the DataRewrite.ts. The incorrect method was imported (due to a bad (#2581) import auto-completion) and went unnoticed, leading to potential build issue.
  • Updated dependencies [cb7f414d]:
    • @apollo/query-planner@2.4.4
    • @apollo/composition@2.4.4
    • @apollo/federation-internals@2.4.4

2.4.3

Patch Changes

  • Updated dependencies [f6a8c1ce]:
    • @apollo/query-planner@2.4.3
    • @apollo/federation-internals@2.4.3
    • @apollo/composition@2.4.3

2.4.2

Patch Changes

  • Fix potential bug when an @interfaceObject type has a @requires. When an @interfaceObject type has a field with a (#2524) @requires and the query requests that field only for some specific implementations of the corresponding interface, then the generated query plan was sometimes invalid and could result in an invalid query to a subgraph (against a subgraph that rely on @apollo/subgraph, this lead the subgraph to produce an error message looking like "The _entities resolver tried to load an entity for type X, but no object or interface type of that name was found in the schema").
  • Updated dependencies [2c370508, 179b4602]:
    • @apollo/composition@2.4.2
    • @apollo/federation-internals@2.4.2
    • @apollo/query-planner@2.4.2

2.4.1

Patch Changes

  • Fix issues (incorrectly rejected composition and/or subgraph errors) with @interfaceObject. Those issues may occur (#2494) either due to some use of @requires in an @interfaceObject type, or when some subgraph S defines a type that is an implementation of an interface I in the supergraph, and there is an @interfaceObject for I in another subgraph, but S does not itself defines I.

  • Fix handling of aliases and variables in introspection queries. (#2506)

  • Start building packages with TS 5.x, which should have no effect on consumers (#2480)

  • Improves reuse of named fragments in subgraph fetches. When a question has named fragments, the code tries to reuse (#2497) those fragment in subgraph fetches is those can apply (so when the fragment is fully queried in a single subgraph fetch). However, the existing was only able to reuse those fragment in a small subset of cases. This change makes it much more likely that if a fragment can be reused, it will be.

  • Updated dependencies [450b9578, afde3158, eafebc3c, 01fe3f83]:

    • @apollo/query-planner@2.4.1
    • @apollo/federation-internals@2.4.1
    • @apollo/composition@2.4.1

2.4.0

Minor Changes

  • This change introduces a configurable query plan cache. This option allows (#2385) developers to provide their own query plan cache like so:

    new ApolloGateway({
      queryPlannerConfig: {
        cache: new MyCustomQueryPlanCache(),
      },
    });
    

    The current default implementation is effectively as follows:

    import { InMemoryLRUCache } from "@apollo/utils.keyvaluecache";
    
    const cache = new InMemoryLRUCache<string>({
      maxSize: Math.pow(2, 20) * 30,
      sizeCalculation<T>(obj: T): number {
        return Buffer.byteLength(JSON.stringify(obj), "utf8");
      },
    });
    

    TypeScript users should implement the QueryPlanCache type which is now exported by @apollo/query-planner:

    import { QueryPlanCache } from '@apollo/query-planner';
    
    class MyCustomQueryPlanCache implements QueryPlanCache {
      // ...
    }
    
  • Adds debug/testing query planner options (debug.bypassPlannerForSingleSubgraph) to bypass the query planning (#2441) process for federated supergraph having only a single subgraph. The option is disabled by default, is not recommended for production, and is not supported (it may be removed later). It is meant for debugging/testing purposes.

Patch Changes

  • Refactor the internal implementation of selection sets used by the query planner to decrease the code complexity and (#2387) improve query plan generation performance in many cases.

  • Optimises query plan generation for parts of queries that can statically be known to not cross across subgraphs (#2449)

  • Updated dependencies [260c357c, 7bc0f8e8, d4426ff9, a9385bdb, 1a555d98, ade7ceb8, 09382e74, cab383b2]:

    • @apollo/composition@2.4.0
    • @apollo/federation-internals@2.4.0
    • @apollo/query-planner@2.4.0

2.4.0-alpha.1

Patch Changes

  • Updated dependencies [7bc0f8e8]:
    • @apollo/federation-internals@2.4.0-alpha.1
    • @apollo/composition@2.4.0-alpha.1
    • @apollo/query-planner@2.4.0-alpha.1

2.4.0-alpha.0

Minor Changes

  • This change introduces a configurable query plan cache. This option allows (#2385) developers to provide their own query plan cache like so:

    new ApolloGateway({
      queryPlannerConfig: {
        cache: new MyCustomQueryPlanCache(),
      },
    });
    

    The current default implementation is effectively as follows:

    import { InMemoryLRUCache } from "@apollo/utils.keyvaluecache";
    
    const cache = new InMemoryLRUCache<string>({
      maxSize: Math.pow(2, 20) * 30,
      sizeCalculation<T>(obj: T): number {
        return Buffer.byteLength(JSON.stringify(obj), "utf8");
      },
    });
    

    TypeScript users should implement the QueryPlanCache type which is now exported by @apollo/query-planner:

    import { QueryPlanCache } from '@apollo/query-planner';
    
    class MyCustomQueryPlanCache implements QueryPlanCache {
      // ...
    }
    
  • Adds debug/testing query planner options (debug.bypassPlannerForSingleSubgraph) to bypass the query planning (#2441) process for federated supergraph having only a single subgraph. The option is disabled by default, is not recommended for production, and is not supported (it may be removed later). It is meant for debugging/testing purposes.

Patch Changes

2.3.5

Patch Changes

  • Updated dependencies [09382e74]:
    • @apollo/query-planner@2.3.5
    • @apollo/composition@2.3.5
    • @apollo/federation-internals@2.3.5

2.3.4

Patch Changes

  • Handle defaulted variables correctly during post-processing. (#2443)

    Users who tried to use built-in conditional directives (skip/include) with defaulted variables and no variable provided would encounter an error thrown by operation post-processing saying that the variables weren't provided. The defaulted values went unaccounted for, so the operation would validate but then fail an assertion while resolving the conditional.

    With this change, defaulted variable values are now collected and provided to post-processing (with defaults being overwritten by variables that are actually provided).

  • Updated dependencies [6e2d24b5]:

    • @apollo/federation-internals@2.3.4
    • @apollo/composition@2.3.4
    • @apollo/query-planner@2.3.4

2.3.3

Patch Changes

  • Update @apollo/utils.logger typings dependency (#2269)

  • Exposes, for each subgraph request, the path in the overall gateway operation at which that subgraph request gets inserted. This path is now available as the pathInIncomingRequest field in the arguments of RemoteGraphQLDataSource.willSendRequest and RemoteGraphQLDataSource.didReceiveResponse. (#2384)

  • Previously the queryPlanStoreKey was a hash of the query concatenated with an unhashed operationName if it was present. This resulted in variable length cache keys that could become unnecessarily long, occupying additional space in the query plan cache. (#2310)

    This change incorporates the operationName into the hash itself (if operationName is present).

  • Update @apollo/utils.createhash package, which drops support for node 12 (#2266)

  • Update @apollo/utils.isnodelike package, which dropped support for node 12 (#2268)

  • Update @apollo/utils.fetcher package, which drops support for node 12 (#2267)

  • Updated dependencies [71a07f30]:

    • @apollo/composition@2.3.3
    • @apollo/query-planner@2.3.3
    • @apollo/federation-internals@2.3.3

2.3.2

Patch Changes

  • Move gateway post-processing errors from errors into extensions.valueCompletion of the response (#2380)

    [https://github.com/apollographql/federation/pull/2335](PR #2335) introduced a breaking change that broke existing usages with respect to nullability and gateway error handling. In response to [https://github.com/apollographql/federation/issues/2374](Issue #2374), we are reverting the breaking portion of this change by continuing to swallow post processing errors as the gateway did prior to v2.3.0. Instead, those errors will now be included on the extensions.valueCompletion object in the response object.

    Gateway v2.3.0 and v2.3.1 are both affected by this change in behavior.

  • Updated dependencies []:

    • @apollo/composition@2.3.2
    • @apollo/federation-internals@2.3.2
    • @apollo/query-planner@2.3.2

2.3.1

Patch Changes

  • Capture non-ftv1 error information in metrics data. This (#2242) error information allows the inline trace plugin to correctly aggregate stats about errors (where no federated trace data is available) and stop reporting incomplete traces which are missing unavailable error information.

    This PR is a precursor to apollographql/apollo-server#7136

  • Fix issue where the query planner was incorrectly not querying __typename in a subgraph fetch when @interfaceObject is involved (#2366)

  • Updated dependencies [7e2ca46f, eb5a8bc0]:

    • @apollo/query-planner@2.3.1
    • @apollo/composition@2.3.1
    • @apollo/federation-internals@2.3.1

This CHANGELOG pertains only to Apollo Federation packages in the 2.x range. The Federation v0.x equivalent for this package can be found here on the version-0.x branch of this repo.

2.3.0

  • Fix unexpected composition error about @shareable field when @external is on a type in a fed1 schema (one without @link) PR #2343.
  • Fix issue with some @interfaceObject queries due to missing "input rewrites" PR #2346.

2.3.0-beta.3

  • Rewrites gateway response post-processing to avoid @interfaceObject related issues PR 2335.
  • Generates correct response error paths for errors thrown during entity fetches PR #2304.

2.3.0-beta.2

  • Improves generation of plans once all path options are computed PR #2316.
  • Fixes composition issues with @interfaceObject PR #2318.
  • Fix potential issue with nested @defer in non-deferrable case PR #2312.
  • Adds support for the 0.3 version of the tag spec, which adds @tag directive support for the SCHEMA location PR #2314.
  • Error on composition when a @shareable field runtime types don't intersect between subgraphs: a @shareable field must resolve the same way in all the subgraphs, but this is impossible if the concrete runtime types have no intersection at all PR #1556.

2.3.0-alpha.0

  • BREAKING: composition now rejects @override on interface fields. The @override directive was not meant to be supported on interfaces and was not having any impact whatsoever. If an existing subgraph does have a @override on an interface field, this will now be rejected, but the @override can simply and safely be removed since it previously was ignored.
  • Adds support for @interfaceObject and keys on interfaces PR #2279.
  • Preserves source of union members and enum values in supergraph PR #2288.

2.2.3

  • Fix possible assertion error during query planning PR #2299
  • Fix potential issue with nested @defer in non-deferrable case PR #2312

2.2.2

  • Fix issue with path in query plan's deferred nodes PR #2281.

2.2.1

  • Fix federation spec always being expanded to the last version PR #2274.

2.2.0

  • BREAKING: Disable exposing full document to sub-query by default (introduced 2.1.0):
    • This change decreases memory consumption in general (which is the reason for disabling this by default), but users that have custom code making use of GraphQLDataSourceProcessOptions.document will now need to explicitly set GatewayConfig.queryPlannerConfig.exposeDocumentNodeInFetchNode.
  • BREAKING: composition now rejects @shareable on interface fields. The @shareable directive is about controlling if multiple subgraphs can resolve a particular field, and as interface field are never directly resolved (it's their implementation that are), having @shareable on interface fields is not completely meaningful and was never meant to be supported. If an existing subgraph does have a @shareable on an interface field, this will now be rejected, but the @shareable can simply and safely be removed since it previously was ignored.
  • Allows @shareable to be repeatable so it can be allowed on both a type definition and its extensions PR #2175.
    • Note that this require the use of the new 2.2 version of the federation spec introduced in this change.
  • Preserve default values of input object fields PR #2218.
  • Drop support for node12 PR #2202
  • Fix issue where QP was generating invalid plan missing some data #361.
  • Avoid reusing named fragments that are invalid for the subgraph PR #2255.
  • Fix QP not always type-exploding interface when necessary PR #2246.
  • Fix potential QP issue with shareable root fields PR #2239.
  • Correctly reject field names starting with __ PR #2237.
  • Fix error when a skipped enum value had directives applied PR #2232.
  • Preserve default values of input object fields PR #2218.

2.1.4

  • Ensures supergraph @defer/@stream definitions of supergraph are not included in the API schema PR #2212.
  • Optimize plan for defer where only keys are fetched PR #2182.
  • Improves error message to help with misspelled source of an @override PR #2181.
  • Fix validation of variable on input field not taking default into account PR #2176.

2.1.3

  • Fix building subgraph selections using the wrong underlying schema PR #2155.

2.1.2

  • Allow fields with arguments in @requires PR #2120.
  • Fix potential inefficient planning due to __typename PR #2137.
  • Fix potential assertion during query planning PR #2133.
  • Fix some defer query plans having invalid result sets (with empty branches) PR #2125.
  • Fix defer information lost when cloning fetch group (resulting in non-deferred parts) PR #2129.
  • Fix directives on fragment spread being lost PR #2126.

2.1.1

  • Fix build-time regression caused by #1970 (removal of @types/node-fetch from runtime dependencies) PR #2116

2.1.0

  • The method RemoteGraphQLDataSource.errorFromResponse now returns a GraphQLError (as defined by graphql) rather than an ApolloError (as defined by apollo-server-errors). PR #2028
    • BREAKING: If you call RemoteGraphQLDataSource.errorFromResponse manually and expect its return value to be a particular subclass of GraphQLError, or if you expect the error received by didEncounterError to be a particular subclass of GraphQLError, then this change may affect you. We recommend checking error.extensions.code instead.
  • The LocalGraphQLDataSource class no longer supports the undocumented __resolveObject Apollo Server feature. PR #2007
    • BREAKING: If you relied on the undocumented __resolveObject feature with LocalGraphQLDataSource, it will no longer work. If this affects you, file an issue and we can help you find a workaround.
  • Fix issue when using a type condition on an inaccessible type in @require #1873.
    • BREAKING: this fix required passing a new argument to the executeQueryPlan method, which is technically exported by the gateway. Most users of the gateway should not call this method directly (which is exported mainly for testing purposes in the first place) and will thus be unaffected, but if you do call this method directly, you will have to pass the new argument when upgrading. See the method documentation for details.
  • Reject directive applications within fields of @key, @provides and @requiresPR #1975.
    • BREAKING: previously, directive applications within a @key, @provides or @requires were parsed but not honored in any way. As this change reject such applications (at composition time), it could theoretically require to remove some existing (ignored) directive applications within a @key, @provides or @requires.
  • Fix issue where fragment expansion can erase applied directives (most notably @defer) PR #2093.
  • Fix abnormally high memory usage when extracting subgraphs for some fed1 supergraphs (and small other memory footprint improvements) PR #2089.
  • Fix issue with fragment reusing code something mistakenly re-expanding fragments PR #2098.
  • Fix issue when type is only reachable through a @provides PR #2083.
  • Fix case where some key field necessary to a @require fetch were not previously fetched PR #2075.
  • Add type definitions to schema extensions PR #2081
  • Update peer dependency graphql to ^16.5.0 to use GraphQLErrorOptions PR #2060
  • Upgrade underlying @apollo/utils.fetcher to support aborting a request. This is a type-only change, and will not impact the underlying runtime. PR #2017.
  • Some TypeScript types, such as the arguments and return value of GraphQLDataSource.process, are defined using types from the @apollo/server-gateway-interface package instead of from apollo-server-types and apollo-server-core. This is intended to be fully backwards-compatible; please file an issue if this leads to TypeScript compilation issues. PR #2044
  • Don't require @link when using @composeDirective PR #2046
  • Don't do debug logging by default PR #2048
  • Add @composeDirective directive to specify directives that should be merged to the supergraph during composition PR #1996.
  • Fix fragment reuse in subgraph fetches PR #1911.
  • Custom fetchers should now accept a Request object which has a signal: AbortSignal property https://fetch.spec.whatwg.org/#requestinit for request timeout purposes. PR #2017
  • Expose document representation of sub-query request within GraphQLDataSourceProcessOptions so that it is available to RemoteGraphQLDataSource.process and RemoteGraphQLDataSource.willSendRequest PR#1878
  • Cleanup error related code, adding missing error code to a few errors PR #1914.
  • Fix issue generating plan for a "diamond-shaped" dependency PR #1900.
  • Fix issue computing query plan costs that can lead to extra unnecessary fetches PR #1937.
  • Move DEFAULT_UPLINK_ENDPOINTS to static member of UplinkSupergraphManager PR #1977.
  • Add node-fetch as a runtime dependency PR #1970.
  • Add timeouts when making requests to Apollo Uplink PR #1950.
  • Avoid type-explosion with fed1 supergraphs using a fed2 query planner PR #1994.
  • Add callback when fetching a supergraph from Apollo Uplink fails PR #1812.
  • Expand support for Node.js v18 PR #1884

2.0.5

  • Fix bug with unsatisfiable query branch when handling federation 1 supergraph PR #1908.

2.0.4

  • Fix issue when all root operations were defined in an extend schema PR #1875.

2.0.3

  • Fix bug with type extension of empty type definition PR #1821
  • Fix output of printSubgraphSchema method, ensuring it can be read back by composition and buildSubgraphSchema PR #1831.
  • Fix issue with @requires and conditional queries (@include/@skip) 1835.
  • Fix bug with field covariance when the underlying plan use type-explosion 1859.

2.0.2

  • BREAKING: We no longer export a getDefaultFetcher function. This function returned the default fetch implementation used to talk to Uplink (which is distinct from the default fetch implementation used by RemoteGraphQLDataSource to talk to subgraphs). It was the fetcher from make-fetch-happen v8 with some preset configuration relating to caching and request headers. However, the caching configuration was not actually being used when talking to Uplink (as we talk to Uplink over POST requests, and the Uplink protocol has an application-level mechanism for avoiding unnecessary large responses), and the request headers were already being provided explicitly by the Uplink client code. Since this release is also upgrading make-fetch-happen, it is impossible to promise that there would be no behavior change at all to the fetcher returned from make-fetch-happen, and as none of the preset configuration is actually relevant to the internal use of getDefaultFetcher (which now just uses make-fetch-happens without extra configuration), we have removed the function. If you were using this function, you can replace const fetcher = getDefaultFetcher() with import fetcher from 'make-fetch-happen'. PR #1805
  • The fetch implementation used by default by UplinkFetcher and RemoteGraphQLDataSource is now imported from make-fetch-happen v10 instead of v8. The fetcher used by RemoteGraphQLDataSource no longer limits the number of simultaneous requests per subgraph (or specifically, per host/port pair) to 15 by default; instead, there is no limit. (If you want to restore the previous behavior, install make-fetch-happen, import fetcher from it, and pass new RemoteGraphQLDataSource({ fetcher: fetcher.defaults(maxSockets: 15)})) in your buildService option.) Note that if you invoke the fetcher yourself in a RemoteGraphQLDataSource subclass, you should ensure that you pass "plain" objects rather than Headers or Request objects, as the newer version has slightly different logic about how to recognize Headers and Request objects. We have adjusted the TypeScript types for fetcher so that only these "plain" objects (which result in consistent behavior across all fetcher implementations) are permitted. PR #1805
  • Fix Schema.clone when directive application happens before definition PR #1785
  • More helpful error message for errors encountered while reading supergraphs generated pre-federation 2 PR #1796
  • Fix handling of @require "chains" (a @require whose fields have @require themselves) PR #1790
  • Fix bug applying an imported federation directive on another directive definition PR #1797.
  • Fix bug where planning a query with @require impacts the plans of followup queries PR #1783.
  • Improve fed1 schema support during composition PR #1735
  • Add missing @apollo/federation-internals dependency to gateway PR #1721
  • Improve merging of groups during @require handling in query planning PR #1732
  • Move __resolveReference resolvers on to extensions PR #1746
  • Add gateway version to schema extensions PR #1751
  • Honor directive imports when directive name is spec name PR #1720
  • Migrate to @apollo/utils packages for createSHA and isNodeLike PR #1765

v2.0.1

  • Use for: SECURITY in the core/link directive application in the supergraph for @inaccessible PR #1715

v2.0.0

  • Previous preview release promoted to general availability. Please see previous changelog entries for full info.

v2.0.0-preview.14

  • Implement buildSubgraphSchema using federation internals PR #1697

v2.0.0-preview.13

  • Revert previous @apollo/core-schema update due to incompatibilities with some existing schemas PR #1704

v2.0.0-preview.12

  • Generate a core schema in buildSubgraphSchema, incorporating the latest changes from @apollo/core-schema PR #1554

v2.0.0-preview.11

  • Fix issues validating default values PR #1692).
  • Add a level to hints, uppercase their code and related fixes PR #1683.
  • Add support for @inaccessible v0.2 PR #1678

v2.0.0-preview.10

  • Fix merging of Input objects and enum types PR #1672.
  • Relax validation of directive redefinition for scalar PR #1674.
  • Fix regression in composition validation introduced by #1653 PR #1673 .
  • Update logging PR #1688 and test PR #1685 dependencies.

v2.0.0-preview.9

  • Adds support for the @override directive on fields to indicate that a field should be moved from one subgraph to another. PR #1484
  • Fix handling of core/link when definitions are provided or partially so PR #1662.
  • Optimize composition validation when many entities spans many subgraphs PR #1653.
  • Support for Node 17 PR #1541.
  • Adds support for @tag/v0.2, which allows the @tag directive to be additionally placed on arguments, scalars, enums, enum values, input objects, and input object fields. PR #1652.
  • Fix introspection query by adding missing includeDeprecated argument for args and inputFields when defining introspection fields PR #1584
  • Throw a GraphQLSchemaValidationError for issues with the @inaccessible directive when calling toApiSchema. The error will contain a list of all validation errors pertaining to @inaccessible PR #1563.

v2.0.0-preview.8

NOTE: Be sure to update to this version of gateway before upgrading composition. See below and the changelog for @apollo/composition.

  • Adds support for @inaccessible in subgraphs PR #1638.
  • Fix merging of @tag directive when it is renamed in subgraphs PR #1637.
  • Handles supergraphs with @link instead of @core. Note that you should upgrade gateway to this version before upgrading composition PR #1628.

v2.0.0-preview.7

  • Automatically add the @tag directive definition in buildSubgraphSchema (but still support it if the definition is present in the input document) PR #1600.

v2.0.0-preview.5

  • Fix propagation of @tag to the supergraph and allows @tag to be repeated. Additionally, merged directives (only @tag and @deprecated currently) are not allowed on external fields anymore PR #1592.

v2.0.0-preview.4

  • Make error messages more actionable when constructing subgraphs from a supergraph PR #1586
  • Respect the minDelaySeconds returning from Uplink when polling and retrying to fetch the supergraph schema from Uplink PR #1564
  • Remove the previously deprecated experimental_pollInterval config option and deprecate pollIntervalInMs in favour of fallbackPollIntervalInMs (for managed mode only). PR #1564
  • Correctly detect promises wrapped by proxies in entities resolver PR #1584

v2.0.0-preview.3

  • Fix issue that created type extensions with descriptions, which is invalid graphQL syntax PR #1582.

v2.0.0-preview.2

  • Re-publishing release which published to npm with stale build artifacts from version-0.x release.

v2.0.0-preview.1

  • No-op publish to account for publishing difficulties.

v2.0.0-preview.0

  • Fix merging of arguments by composition PR #1567.
  • Adds an optional resolvable argument to the @key directive PR #1561.
  • Generates operation names in query plans when the original query is named PR #1550;
  • Allow @key to be used on fields with a list type PR #1510
  • Identifies federation 2 schema using new @link directive to link to the federation 2 spec. Schema not linking to federation 2 are interpreted as federation 0.x schema and automatically converted before composition PR #1510.
  • Adds @shareable directive to control when fields are allowed to be resolved by multiple subgraphs PR #1510.

v2.0.0-alpha.6

  • Use specific error classes when throwing errors due Apollo Uplink being unreacheable or returning an invalid response PR #1473
  • FIX Correct retry logic while fetching the supergraph schema from Uplink PR #1503
  • Avoid incomplete subgraphs when extracting them from the supergraph. PR #1511 (via fix to @apollo/query-planner and @apollo/federation-internals)

v2.0.0-alpha.5

  • Reject mismatching types for interface field implementation if some of those implementations are @external, since this can lead to invalid subgraph queries at runtime PR #1318. This limitation should be lifted in the future once the root cause (the invalid runtime queries) is fixed by issue #1257.
  • Fix potentially inefficient query plans with multiple @requires PR #1431.
  • Remove graphql@15 from peer dependencies PR #1472.

v2.0.0-alpha.4

  • BREAKING: This change improves the supergraphSdl configuration option to provide a clean and flexible interface for updating gateway schema on load and at runtime. This PR brings a number of updates and deprecations to the gateway. Previous options for loading the gateway's supergraph (serviceList, localServiceList, experimental_updateServiceDefinitions, experimental_supergraphSdl) are all deprecated going forward. The migration paths all point to the updated supergraphSdl configuration option.

The most notable change here is the introduction of the concept of a SupergraphManager (one new possible type of supergraphSdl). This interface (when implemented) provides a means for userland code to update the gateway supergraph dynamically, perform subgraph healthchecks, and access subgraph datasources. All of the mentioned deprecated configurations now either use an implementation of a SupergraphManager internally or export one to be configured by the user (IntrospectAndCompose and LocalCompose).

For now: all of the mentioned deprecated configurations will still continue to work as expected. Their usage will come with deprecation warnings advising a switch to supergraphSdl.

  • serviceList users should switch to the now-exported IntrospectAndCompose class.
  • localServiceList users should switch to the similar LocalCompose class.
  • experimental_{updateServiceDefinitions|supergraphSdl} users should migrate their implementation to a custom SupergraphSdlHook or SupergraphManager.

Since the gateway itself is no longer responsible for composition:

  • experimental_didUpdateComposition has been renamed more appropriately to experimental_didUpdateSupergraph (no signature change)
  • experimental_compositionDidFail hook is removed

experimental_pollInterval is deprecated and will issue a warning. Its renamed equivalent is pollIntervalInMs.

Some defensive code around gateway shutdown has been removed which was only relevant to users who are running the gateway within ApolloServer before v2.18. If you are still running one of these versions, server shutdown may not happen as smoothly.

#1246

  • Upgrading graphql dependency to 16.2.0 PR #1129.

v2.0.0-alpha.3

  • RemoteGraphQLDataSource will now use make-fetch-happen by default rather than node-fetch PR #1284
  • NOOP: Fix OOB testing w.r.t. nock hygiene. Pushed error reporting endpoint responsibilities up into the gateway class, but there should be no effect on the runtime at all. PR #1309
  • Multi-cloud Uplink capability PR #1283: now, by default two separate Uplink services will be used for schema fetching, the system will round-robin and if one service fails, a retry will occur and the other service will be called.
    • The Uplink URLs are https://uplink.api.apollographql.com/ (GCP) and https://aws.uplink.api.apollographql.com/ (AWS).
    • To override these defaults and configure what Uplink services, there are two options:
      • Option #1: use the existing environment variable APOLLO_SCHEMA_CONFIG_DELIVERY_ENDPOINT which will now be treated as a comma-separated list of URLs.
      • Option #2: use the new uplinkEndpoints, which must be single URL or a comma-separated list of URLs for the Uplink End-points to be used, and uplinkMaxRetries which is how many times the Uplink URLs should be retried.
    • The old schemaConfigDeliveryEndpoint configuration value still work, but is deprecated and will be removed in a subsequent release.
  • Continue resolving when an @external reference cannot be resolved #376.
  • Fix issue reading some 0.x generated supergraphs PR #1351.
  • Assign and document error codes for all errors PR #1274.
  • Fix bug in handling of large number of query plan options 1316.
  • Remove unused dependency on @apollographql/apollo-tools 1304.

v2.0.0-alpha.2

  • BREAKING: Bump graphql peer dependency to ^15.7.0 PR #1200
  • BREAKING: Remove legacy GCS fetcher for schema updates. If you're currently opted-in to the backwards compatibility provided by setting schemaConfigDeliveryEndpoint: null, you may be affected by this update. Please see the PR for additional details. PR #1226
  • Conditional schema update based on ifAfterId PR #1152
  • Fix the handling of nested @provides directives PR #1148.
  • Remove outdated composition code. A concrete consequence of which is the removal of the @apollo/federation package. If your code was importing the ServiceDefinition interface from @apollo/federation, this can now be imported from @apollo/gateway PR #1208.
  • Fix query planner sending queries to a subgraph involving interfaces it doesn't know #817.

v2.0.0-alpha.1

  • 🎉 Initial alpha release of Federation 2.0. For more information, see our documentation. We look forward to your feedback!

⚠️ 0.x Changelog Entries

Changelog entries for gateway 0.x are published on the version-0.x branch.