graphql-hive
diff --git a/‎.changeset/internal_refactor_that_prevents_the_need_to_create_some_structs_clientrequestdetails_twice_this_change_also_eliminates_the_need_to_have_clones.md‎
Lines changed: 0 additions & 5 deletions b/‎.changeset/internal_refactor_that_prevents_the_need_to_create_some_structs_clientrequestdetails_twice_this_change_also_eliminates_the_need_to_have_clones.md‎
Lines changed: 0 additions & 5 deletions
diff --git a/‎.changeset/jwt_improve_the_implementation_of_jwt_plugin_and_expose_it_to_expressions.md‎
Lines changed: 0 additions & 47 deletions b/‎.changeset/jwt_improve_the_implementation_of_jwt_plugin_and_expose_it_to_expressions.md‎
Lines changed: 0 additions & 47 deletions
diff --git a/‎Cargo.lock‎
Lines changed: 2 additions & 2 deletions b/‎Cargo.lock‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎bin/router/CHANGELOG.md‎
Lines changed: 48 additions & 0 deletions b/‎bin/router/CHANGELOG.md‎
Lines changed: 48 additions & 0 deletions
diff --git a/‎bin/router/Cargo.toml‎
Lines changed: 2 additions & 2 deletions b/‎bin/router/Cargo.toml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎lib/executor/CHANGELOG.md‎
Lines changed: 46 additions & 0 deletions b/‎lib/executor/CHANGELOG.md‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎lib/executor/Cargo.toml‎
Lines changed: 1 addition & 1 deletion b/‎lib/executor/Cargo.toml‎
Lines changed: 1 addition & 1 deletion
@@ -116,3 +116,51 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Other
 
 - *(deps)* update release-plz/action action to v0.5.113 ([#389](https://github.com/graphql-hive/router/pull/389))
+## 0.0.16 (2025-11-04)
+
+### Fixes
+
+- Internal refactor that prevents the need to create some structs (`ClientRequestDetails`) twice. This change also eliminates the need to have clones
+
+#### Improve the implementation of jwt plugin and expose it to expressions.
+
+The following properties are available in the request object exposed to VRL expressions:
+- `request.jwt` will always be an object
+- `request.jwt.authenticated` with value of true or false
+- `request.jwt.prefix` can either be a string or null (if prefix is not used)
+- `request.jwt.token` can be string (when authenticated=true) or null (when authenticated=false)
+- `request.jwt.claims` will always be an array (either empty or with values), containing the full JWT token claims payload.
+- `request.jwt.scopes` will always be an array (either empty or with values), containing the scopes extracted from the claims
+
+Here are examples on how to use the JWT properties in a VRL expression:
+
+```yaml
+## Passes the user-id held in `.sub` claims of the token to the subgraph, or EMPTY
+headers:
+  all:
+    request:
+      - insert:
+          name: X-User-ID
+          expression: |
+            if .request.jwt.authenticated == true {
+              .request.jwt.claims.sub
+            } else {
+              "EMPTY"
+            }
+```
+
+```yaml
+## Passes a custom header based on the status of the authentication and the status of the JWT scopes
+headers:
+ subgraphs:
+    accounts:
+      request:
+        - insert:
+            name: X-Can-Read
+            expression: |
+              if .request.jwt.authenticated == true && includes!(.request.jwt.scopes, "read:accounts") {
+                "Yes"
+              } else {
+                "No"
+              }
+```
@@ -1,6 +1,6 @@
 [package]
 name = "hive-router"
-version = "0.0.15"
+version = "0.0.16"
 edition = "2021"
 description = "GraphQL router/gateway for Federation"
 license = "MIT"
@@ -17,7 +17,7 @@ path = "src/main.rs"
 
 [dependencies]
 hive-router-query-planner = { path = "../../lib/query-planner", version = "2.0.2" }
-hive-router-plan-executor = { path = "../../lib/executor", version = "6.0.0" }
+hive-router-plan-executor = { path = "../../lib/executor", version = "6.0.1" }
 hive-router-config = { path = "../../lib/router-config", version = "0.0.10" }
 
 tokio = { workspace = true }
 
@@ -94,3 +94,49 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Other
 
 - *(deps)* update release-plz/action action to v0.5.113 ([#389](https://github.com/graphql-hive/router/pull/389))
+## 6.0.1 (2025-11-04)
+
+### Fixes
+
+#### Improve the implementation of jwt plugin and expose it to expressions.
+
+The following properties are available in the request object exposed to VRL expressions:
+- `request.jwt` will always be an object
+- `request.jwt.authenticated` with value of true or false
+- `request.jwt.prefix` can either be a string or null (if prefix is not used)
+- `request.jwt.token` can be string (when authenticated=true) or null (when authenticated=false)
+- `request.jwt.claims` will always be an array (either empty or with values), containing the full JWT token claims payload.
+- `request.jwt.scopes` will always be an array (either empty or with values), containing the scopes extracted from the claims
+
+Here are examples on how to use the JWT properties in a VRL expression:
+
+```yaml
+## Passes the user-id held in `.sub` claims of the token to the subgraph, or EMPTY
+headers:
+  all:
+    request:
+      - insert:
+          name: X-User-ID
+          expression: |
+            if .request.jwt.authenticated == true {
+              .request.jwt.claims.sub
+            } else {
+              "EMPTY"
+            }
+```
+
+```yaml
+## Passes a custom header based on the status of the authentication and the status of the JWT scopes
+headers:
+ subgraphs:
+    accounts:
+      request:
+        - insert:
+            name: X-Can-Read
+            expression: |
+              if .request.jwt.authenticated == true && includes!(.request.jwt.scopes, "read:accounts") {
+                "Yes"
+              } else {
+                "No"
+              }
+```
@@ -1,6 +1,6 @@
 [package]
 name = "hive-router-plan-executor"
-version = "6.0.0"
+version = "6.0.1"
 edition = "2021"
 description = "GraphQL query planner executor for Federation specification"
 license = "MIT"