diff --git a/.changesets/docs_fix_broken_links.md b/.changesets/docs_fix_broken_links.md deleted file mode 100644 index d395aa0c07..0000000000 --- a/.changesets/docs_fix_broken_links.md +++ /dev/null @@ -1,5 +0,0 @@ -### Fix broken links - -This documentation change fixes an incorrect anchor link in the [CORS documentation](https://www.apollographql.com/docs/router/configuration/cors/) and removes links to authorization docs which have not yet been released. - -By [@Meschreiber](https://github.com/Meschreiber) in https://github.com/apollographql/router/pull/3711 diff --git a/.changesets/docs_geal_authorization_router_rhai.md b/.changesets/docs_geal_authorization_router_rhai.md deleted file mode 100644 index 0e3596252b..0000000000 --- a/.changesets/docs_geal_authorization_router_rhai.md +++ /dev/null @@ -1,5 +0,0 @@ -### GraphOS authorization: add an example of scope manipulation with router service level rhai ([PR #3719](https://github.com/apollographql/router/pull/3719)) - -The router authorization directive `@requiresScopes` expects scopes to come from the `scope` claim in the OAuth2 access token format ( https://datatracker.ietf.org/doc/html/rfc6749#section-3.3 ). Some tokens may have scopes stored in a different way, like an array of strings, or even in different claims. This documents a way to extract the scopes and prepare them in the right format for consumption by `@requiresScopes`, ushing Rhai. - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3719 \ No newline at end of file diff --git a/.changesets/feat_garypen_2278_rhai_router_service.md b/.changesets/feat_garypen_2278_rhai_router_service.md deleted file mode 100644 index c105892e4a..0000000000 --- a/.changesets/feat_garypen_2278_rhai_router_service.md +++ /dev/null @@ -1,43 +0,0 @@ -### Provide a rhai interface to the router service ([Issue #2278](https://github.com/apollographql/router/issues/2278)) - -Adds `Rhai` support for the `router_service`. - -It is now possible to interact with requests and responses at the `router_service` level from `Rhai`. The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may map requests and responses as follows: - -```rust -fn router_service(service) { - const request_callback = Fn("process_request"); - service.map_request(request_callback); - const response_callback = Fn("process_response"); - service.map_response(response_callback); -} - -``` -The main difference from existing services is that the router_service is dealing with HTTP Bodies, not well formatted GraphQL objects. This means that the `Request.body` or `Response.body` is not a well structured object that you may interact with, but is simply a String. - -This makes it more complex to deal with Request and Response bodies with the tradeoff being that a script author has more power and can perform tasks which are just not possible within the confines of a well-formed GraphQL object. - -This simple example, simply logs the bodies: - -```rust -// Generate a log for each request at this stage -fn process_request(request) { - print(`body: ${request.body}`); -} - -// Generate a log for each response at this stage -fn process_response(response) { - print(`body: ${response.body}`); -} -``` - -This PR also introduces two new Rhai functions: - -```rust -json_encode(Object) -json_decode(String) -> Object - -``` -Which will respectively encode a `Rhai` Object or decode a JSON string into a `Rhai` Object. These functions may be helpful when dealing with String bodies which represent encoded JSON objects. - -By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3234 diff --git a/.changesets/fix_bnjjj_fix_3683.md b/.changesets/fix_bnjjj_fix_3683.md deleted file mode 100644 index ff130ff6f4..0000000000 --- a/.changesets/fix_bnjjj_fix_3683.md +++ /dev/null @@ -1,5 +0,0 @@ -### fix(subscription): add x-accel-buffering header for multipart response ([Issue #3683](https://github.com/apollographql/router/issues/3683)) - -Set `x-accel-buffering` to `no` when it's a multipart response because proxies need this configuration. - -By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3749 diff --git a/.changesets/fix_bnjjj_fix_empty_multipart_stream.md b/.changesets/fix_bnjjj_fix_empty_multipart_stream.md deleted file mode 100644 index 68aa0de28a..0000000000 --- a/.changesets/fix_bnjjj_fix_empty_multipart_stream.md +++ /dev/null @@ -1,5 +0,0 @@ -### Handle multipart stream if the original stream is empty ([Issue #3293](https://github.com/apollographql/router/issues/3293)) - -For subscription and defer, in case the multipart response stream is empty then it should end correctly. - -By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3748 \ No newline at end of file diff --git a/.changesets/fix_bnjjj_subscription_default_configuration.md b/.changesets/fix_bnjjj_subscription_default_configuration.md deleted file mode 100644 index 2c4a5c207a..0000000000 --- a/.changesets/fix_bnjjj_subscription_default_configuration.md +++ /dev/null @@ -1,8 +0,0 @@ -### fix(subscription): force the deduplication to be enabled by default as it's documented ([PR #3773](https://github.com/apollographql/router/pull/3773)) - -A bug was introduced in router v1.25.0 which caused [subscription deduplication](https://www.apollographql.com/docs/router/executing-operations/subscription-support#subscription-deduplication) to be disabled by default. -As documented, the router will enable deduplication by default, providing you with subscriptions that scale. - -Should you decide to disable it, you can still explicitly set `enable_deduplication` to `false`. - -By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3773 diff --git a/.changesets/fix_bryn_fix_metrics_typing.md b/.changesets/fix_bryn_fix_metrics_typing.md deleted file mode 100644 index ab4d6eef03..0000000000 --- a/.changesets/fix_bryn_fix_metrics_typing.md +++ /dev/null @@ -1,6 +0,0 @@ -### Fix metrics attribute types ([Issue #3687](https://github.com/apollographql/router/issues/3687)) - -Metrics attributes were being coerced to strings. This is now fixed. -In addition, the logic around types accepted as metrics attributes has been simplified. It will log and ignore values of the wrong type. - -By [@BrynCooke](https://github.com/BrynCooke) in https://github.com/apollographql/router/pull/3724 diff --git a/.changesets/fix_dragonfly_ship_win_folder.md b/.changesets/fix_dragonfly_ship_win_folder.md deleted file mode 100644 index 892df67579..0000000000 --- a/.changesets/fix_dragonfly_ship_win_folder.md +++ /dev/null @@ -1,9 +0,0 @@ -### Subscriptions: Correct v1.28.x regression allowing panic via un-named subscription operation - -Correct a regression that was introduced in Router v1.28.0 which made a Router **panic** possible when the following _three_ conditions are _all_ met: - -1. When sending an un-named (i.e., "anonymous") `subscription` operation (e.g., `subscription { ... }`); **and**; -2. The Router has a `subscription` type defined in the Supergraph schema; **and** -3. Have subscriptions enabled (they are disabled by default) in the Router's YAML configuration, either by setting `enabled: true` _or_ by setting a `mode` within the `subscriptions` object (as seen in [the subscriptions documentation](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#router-setup). - -By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3738 diff --git a/.changesets/fix_geal_filter_events_too.md b/.changesets/fix_geal_filter_events_too.md deleted file mode 100644 index 579d457ea6..0000000000 --- a/.changesets/fix_geal_filter_events_too.md +++ /dev/null @@ -1,6 +0,0 @@ -### Do not record a trace if telemetry is not configured - -The OpenTelemetry handling code had a constant overhead on every request, due to the OpenTelemetryLayer recording data for every span, even when telemetry is not actually set up. We introduce a sampling filter that disables it entirely when no exporters are configured, which provides a performance boost in basic setups. -It also provides performance gains when exporters are set up: if a sampling ratio or client defined sampling are used, then the filter will only send the sampled traces to the rest of the stack, thus reducing the overhead again. - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/2999 diff --git a/.changesets/fix_geal_fix_authenticated_reporting.md b/.changesets/fix_geal_fix_authenticated_reporting.md deleted file mode 100644 index ff189e1d7f..0000000000 --- a/.changesets/fix_geal_fix_authenticated_reporting.md +++ /dev/null @@ -1,5 +0,0 @@ -### Fix authenticated directive reporting ([PR #3753](https://github.com/apollographql/router/pull/3753)) - -The context key for the `@authenticated` directive only affects usage reporting - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3753 \ No newline at end of file diff --git a/.changesets/fix_geal_remove_clones_from_headers_plugin.md b/.changesets/fix_geal_remove_clones_from_headers_plugin.md deleted file mode 100644 index 36881a1de4..0000000000 --- a/.changesets/fix_geal_remove_clones_from_headers_plugin.md +++ /dev/null @@ -1,5 +0,0 @@ -### remove clones from the header plugin ([Issue #3068](https://github.com/apollographql/router/issues/3068)) - -The list of header operations was cloned for every subgraph query, and this was increasing latency. We made sure the overhead is minimal by removing those allocations - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3721 \ No newline at end of file diff --git a/.changesets/fix_geal_telemetry_perf.md b/.changesets/fix_geal_telemetry_perf.md deleted file mode 100644 index f20ceee31a..0000000000 --- a/.changesets/fix_geal_telemetry_perf.md +++ /dev/null @@ -1,5 +0,0 @@ -### small performance improvements for telemetry ([PR #3656](https://github.com/apollographql/router/pull/3656)) - -The SpanMetricsExporter, used to report span timings hade a few inefficiencies in the way it recognized spans, and it brought a constant overhead to the router usage, even when telemetry was not configured. It has now been isolated and optimized - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3656 \ No newline at end of file diff --git a/.changesets/fix_igni_sigv4_http_level.md b/.changesets/fix_igni_sigv4_http_level.md deleted file mode 100644 index 5679499772..0000000000 --- a/.changesets/fix_igni_sigv4_http_level.md +++ /dev/null @@ -1,12 +0,0 @@ -### Subgraph authentication: Make sure Request signing happens after Compression and APQ ([Issue #3608](https://github.com/apollographql/router/issues/3608)) - -[Subgraph authentication](https://www.apollographql.com/docs/router/configuration/authn-subgraph) is available since router v1.27.0. - -Unfortunately this first version didn't work well with features that operate with the SubgraphService, for example: - - Subgraph APQ - - Subgraph HTTP compression - - Custom plugins that operate on the Subgraph level, written either via coprocessors, in rhai, or native. - -The router will now sign subgraph requests just before they are sent to subgraphs. - -By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3735 diff --git a/.changesets/fix_igni_typename_fragment_interfaces.md b/.changesets/fix_igni_typename_fragment_interfaces.md deleted file mode 100644 index 5ed53a9ee9..0000000000 --- a/.changesets/fix_igni_typename_fragment_interfaces.md +++ /dev/null @@ -1,5 +0,0 @@ -### Deal with interfaces on fragment spreads when no __typename is queried ([Issue #2587](https://github.com/apollographql/router/issues/2587)) - -Operations would over rely on the presence of __typename to resolve selection sets on interface implementers. This changeset checks for the parent type in an InlineFragment, so we don't drop relevant selection set when applicable. - -By [@o0Ignition0o](https://github.com/o0Ignition0o) and [@geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3718 diff --git a/.changesets/maint_bnjjj_caching_metrics.md b/.changesets/maint_bnjjj_caching_metrics.md deleted file mode 100644 index cd09700cfd..0000000000 --- a/.changesets/maint_bnjjj_caching_metrics.md +++ /dev/null @@ -1,38 +0,0 @@ -### Add experimental caching metrics ([PR #3532](https://github.com/apollographql/router/pull/3532)) - -It adds a metric only if you configure `telemetry.metrics.common.experimental_cache_metrics.enabled` to `true`. It will generate metrics to evaluate which entities would benefit from caching. It simulates a cache with a TTL, configurable at `telemetry.metrics.common.experimental_cache_metrics.ttl` (default: 5 seconds), and measures the cache hit rate per entity type and subgraph. - -example - -``` -# HELP apollo.router.operations.entity.cache_hit -# TYPE apollo_router_operations_entity.cache_hit histogram -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.05"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.25"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.5"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="2.5"} 3 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="5"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="10"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="20"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="1000"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="+Inf"} 4 -apollo_router_operations_entity_cache_hitsum{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version=""} 7 -apollo_router_operations_entity_cache_hitcount{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version=""} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.05"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.25"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.5"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="2.5"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="5"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="10"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="20"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="1000"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="+Inf"} 1 -apollo_router_operations_entity_cache_hitsum{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version=""} 1 -apollo_router_operations_entity_cache_hitcount{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version=""} 1 -``` - -By [@bnjjj](https://github.com/bnjjj) [@Geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3532 \ No newline at end of file diff --git a/.changesets/maint_geal_metadata_cleanup.md b/.changesets/maint_geal_metadata_cleanup.md deleted file mode 100644 index ee9628f870..0000000000 --- a/.changesets/maint_geal_metadata_cleanup.md +++ /dev/null @@ -1,6 +0,0 @@ -### Metadata cleanup ([PR #3746](https://github.com/apollographql/router/pull/3746)) - -* remove unused patch entries in Cargo.toml -* remove exemptions for the chrono security advisories (they are fixed now) - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3746 \ No newline at end of file diff --git a/.changesets/maint_igni_rust_1_72_0.md b/.changesets/maint_igni_rust_1_72_0.md deleted file mode 100644 index 9371f0dcfa..0000000000 --- a/.changesets/maint_igni_rust_1_72_0.md +++ /dev/null @@ -1,5 +0,0 @@ -### Update rust toolchain to 1.72.0 ([PR #3707](https://github.com/apollographql/router/pull/3707)) - -The router-bridge update now allows us to use the latest rust version. - -By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3707 diff --git a/.changesets/maint_nicolas_otlp_filter.md b/.changesets/maint_nicolas_otlp_filter.md deleted file mode 100644 index 7bb2f7070c..0000000000 --- a/.changesets/maint_nicolas_otlp_filter.md +++ /dev/null @@ -1,5 +0,0 @@ -### Add support GraphOS Cloud metrics ([Issue #3760](https://github.com/apollographql/router/issues/3760)) - -Add support for GraphOS Cloud metrics in the Apollo OTLP Exporter. - -By [@nmoutschen](https://github.com/nmoutschen) in https://github.com/apollographql/router/pull/3761 \ No newline at end of file diff --git a/.changesets/maint_simon_is_terminal.md b/.changesets/maint_simon_is_terminal.md deleted file mode 100644 index 7295cd62d3..0000000000 --- a/.changesets/maint_simon_is_terminal.md +++ /dev/null @@ -1,8 +0,0 @@ -### Replace atty crate with std ([PR #3729](https://github.com/apollographql/router/pull/3729)) - -The crate is unmaintained, and the standard library has equivalent functionality since Rust 1.70.0 - -* https://github.com/apollographql/router/security/dependabot/68 -* https://doc.rust-lang.org/stable/std/io/trait.IsTerminal.html - -By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3729 diff --git a/.changesets/maint_simon_pkiup.md b/.changesets/maint_simon_pkiup.md deleted file mode 100644 index 8e606d8631..0000000000 --- a/.changesets/maint_simon_pkiup.md +++ /dev/null @@ -1,11 +0,0 @@ -### Upgrade webpki and rustls-webpki crates ([PR #3728](https://github.com/apollographql/router/pull/3728)) - -Brings fixes for: - -* https://rustsec.org/advisories/RUSTSEC-2023-0052 -* https://rustsec.org/advisories/RUSTSEC-2023-0053 - -Because Apollo Router does not accept client certificates, it could only be affected -if a subgraph supplied a pathological TLS server certificate. - -By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3728 diff --git a/CHANGELOG.md b/CHANGELOG.md index 082c5f4c08..34bcd701c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,135 @@ All notable changes to Router will be documented in this file. This project adheres to [Semantic Versioning v2.0.0](https://semver.org/spec/v2.0.0.html). +# [1.30.0] - 2023-09-14 + +## πŸš€ Features + +### Rhai Support at the `router_service` ([Issue #2278](https://github.com/apollographql/router/issues/2278)) + +It is now possible to interact with some aspects of requests and responses at the `router_service` level [using Rhai-based customizations](https://www.apollographql.com/docs/router/customizations/rhai/). The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may "map" requests and responses as follows: + +```rust +fn router_service(service) { + const request_callback = Fn("process_request"); + service.map_request(request_callback); + const response_callback = Fn("process_response"); + service.map_response(response_callback); +} +``` + +The main difference from [existing services](https://www.apollographql.com/docs/router/customizations/rhai/#router-request-lifecycle) is that the `router_service` allows operating at an HTTP transport layer rather than the more structured GraphQL representations available at later service layers, like the [supergraph service](https://www.apollographql.com/docs/router/customizations/rhai/#supergraphservice). + +Initially, we are **not** allowing access to the `body` property itself. [This issue](https://github.com/apollographql/router/issues/3642) tracks changing that in the future. For now, it is possible to access the `context` and `headers`. + +By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3234 + +## πŸ› Fixes + +### Small performance improvements to telemetry ([PR #3656](https://github.com/apollographql/router/pull/3656)) + +We applied some small performance improvements to the `SpanMetricsExporter` (which is used to report span timings), some of which apply in cases where telemetry is disabled and could be apparent to most users. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3656 + +### Handle interfaces in fragment spreads when `__typename` is omitted ([Issue #2587](https://github.com/apollographql/router/issues/2587)) + +We now check the parent type when using an inline-fragment, rather than relying on the expectation that `__typename` will be present. For cases where `__typename` was being omitted, this fixes responses where a portion of the selection set was silently dropped and not returned. + +By [@o0Ignition0o](https://github.com/o0Ignition0o) and [@geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3718 + +### Deduplication is, again, enabled by default as documented ([PR #3773](https://github.com/apollographql/router/pull/3773)) + +[Subscription deduplication](https://www.apollographql.com/docs/router/executing-operations/subscription-support#subscription-deduplication) is again enabled by default as it was intended to be. This important performance feature for subscriptions at scale was inadvertently disabled in v1.25.0 due to a bug. + +To explicitly disable deduplication, [set `enable_deduplication` to `false` in your configuration](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#disabling-deduplication). + +By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3773 + +### Metrics are no longer coerced incorrectly ([Issue #3687](https://github.com/apollographql/router/issues/3687)) + +Metric attributes are no longer incorrectly coerced to strings. In addition, the logic around types which are accepted as metrics attributes has been simplified to avoid this in the future. Going forward, if the wrong type is specified, values will be ignored and a log message (at debug level) will be emitted. + +By [@BrynCooke](https://github.com/BrynCooke) in https://github.com/apollographql/router/pull/3724 + +### Optimizations applied to header-handling operations ([Issue #3068](https://github.com/apollographql/router/issues/3068)) + +Latency and overhead of passing headers to subgraph queries has been reduced. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3721 + +### Avoid request overhead when telemetry is not enabled + +The overhead of OpenTelemetry has been removed when no tracing exporters are configured. + +This also improves performance when sampling criteria has _not_ been met by preventing unsampled sampled trace events from propagating to the rest of the OpenTelemetry stack. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/2999 + +### Subgraph authentication: Apply signature after compression and APQ ([Issue #3608](https://github.com/apollographql/router/issues/3608)) + +The router will now _sign_ subgraph requests _just before_ they are sent to the subgraph (i.e., a bit later than previously), following up on the functionality of [subgraph authentication](https://www.apollographql.com/docs/router/configuration/authn-subgraph) which was first introduced in v1.27.0. + +This fixes interactions with: + + - Subgraph Automatic Persisted Queries (APQ) + - Subgraph HTTP compression + - Custom plugins that operate on the subgraph service (whether via Co-Processors, Rhai or a compiled Rust plugin) + +In most cases, the interactions between these features and the subgraph authentication feature were problematic and required disabling one or the other in order to generate a request that was correctly signed by the signature algorithm. This should all be resolved. + +By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3735 + +### Handle multipart stream if the original stream was empty ([Issue #3293](https://github.com/apollographql/router/issues/3293)) + +Multi-part response streams (which are used for [subscriptions](https://www.apollographql.com/docs/router/executing-operations/subscription-support/) and operations which include [`@defer` directive](https://www.apollographql.com/docs/router/executing-operations/defer-support/)) are now terminated correctly when the response stream is empty. + +By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3748 + +### Subscriptions: Include `x-accel-buffering` header on multipart responses ([Issue #3683](https://github.com/apollographql/router/issues/3683)) + +Setting the `x-accel-buffering` header to `no` for multipart responses allows certain proxies to configure themselves in a mode that is compatible with the buffering used by subscriptions. This improves Subscriptions' compatibility with existing infrastructure. + +By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3749 + +## πŸ›  Maintenance + +### Our Rust Toolchain has been updated to v1.72.0 ([PR #3707](https://github.com/apollographql/router/pull/3707)) + +Our Rust Toolchain has been updated to v1.72.0. For the majority of our users (those who do not compile their own Router from source), this change will not have any impact. Otherwise, Rust 1.72.0 can now be used. + +By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3707 + + +### Replace `atty` crate with `std` ([PR #3729](https://github.com/apollographql/router/pull/3729)) + +To resolve a security advisory (for which our usage was _not_ affected), we've replaced `atty` with `std`. Instead, we now use equivalent functionality available in the Rust standard library, available since Rust v1.70.0. + +* https://github.com/apollographql/router/security/dependabot/68 +* https://doc.rust-lang.org/stable/std/io/trait.IsTerminal.html + +By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3729 + +### Upgrade `webpki` and `rustls-webpki` ([PR #3728](https://github.com/apollographql/router/pull/3728)) + +These two dependency updates brings fixes for two separate security advisories: + +* https://rustsec.org/advisories/RUSTSEC-2023-0052 +* https://rustsec.org/advisories/RUSTSEC-2023-0053 + +Since Apollo Router does _not_ accept client certificates, it could only have been affected if a subgraph had provided a pathological TLS server certificate. + +By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3728 + +## πŸ“š Documentation + +### GraphOS authorization: Exemplify scope manipulation with Rhai at the router service level ([PR #3719](https://github.com/apollographql/router/pull/3719)) + +New [Authorization documentation](https://www.apollographql.com/docs/router/configuration/authorization/#requiresscopes) shows the how to use Rhai script to extract scopes and prepare them in the correct way, for use with `@requiresScope`. This becomes relevant since `@requiresScopes` expects scopes to come from the `scope` claim in the [OAuth2 access token format](https://datatracker.ietf.org/doc/html/rfc6749#section-3.3) while tokens may have scopes stored differently, e.g., as an array of strings, or even as different claims. If you have further questions on the right choice for you, please open a GitHub Discussion that provides an example of what you need to achieve. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3719 + + # [1.29.1] - 2023-09-04 ## πŸš€ Features diff --git a/Cargo.lock b/Cargo.lock index ebe2b00d53..687bc50e83 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -263,7 +263,7 @@ dependencies = [ [[package]] name = "apollo-router" -version = "1.29.1" +version = "1.30.0" dependencies = [ "access-json", "anyhow", @@ -410,7 +410,7 @@ dependencies = [ [[package]] name = "apollo-router-benchmarks" -version = "1.29.1" +version = "1.30.0" dependencies = [ "apollo-parser 0.6.1", "apollo-router", @@ -426,7 +426,7 @@ dependencies = [ [[package]] name = "apollo-router-scaffold" -version = "1.29.1" +version = "1.30.0" dependencies = [ "anyhow", "cargo-scaffold", diff --git a/apollo-router-benchmarks/Cargo.toml b/apollo-router-benchmarks/Cargo.toml index b0a6f0cf9e..31ed86c518 100644 --- a/apollo-router-benchmarks/Cargo.toml +++ b/apollo-router-benchmarks/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router-benchmarks" -version = "1.29.1" +version = "1.30.0" authors = ["Apollo Graph, Inc. "] edition = "2021" license = "Elastic-2.0" diff --git a/apollo-router-scaffold/Cargo.toml b/apollo-router-scaffold/Cargo.toml index 2d35f7e301..a601871a01 100644 --- a/apollo-router-scaffold/Cargo.toml +++ b/apollo-router-scaffold/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router-scaffold" -version = "1.29.1" +version = "1.30.0" authors = ["Apollo Graph, Inc. "] edition = "2021" license = "Elastic-2.0" diff --git a/apollo-router-scaffold/templates/base/Cargo.toml b/apollo-router-scaffold/templates/base/Cargo.toml index 0181336ac6..27cb00b340 100644 --- a/apollo-router-scaffold/templates/base/Cargo.toml +++ b/apollo-router-scaffold/templates/base/Cargo.toml @@ -22,7 +22,7 @@ apollo-router = { path ="{{integration_test}}apollo-router" } apollo-router = { git="https://github.com/apollographql/router.git", branch="{{branch}}" } {{else}} # Note if you update these dependencies then also update xtask/Cargo.toml -apollo-router = "1.29.1" +apollo-router = "1.30.0" {{/if}} {{/if}} async-trait = "0.1.52" diff --git a/apollo-router-scaffold/templates/base/xtask/Cargo.toml b/apollo-router-scaffold/templates/base/xtask/Cargo.toml index 080ab782cb..fb2f1d2470 100644 --- a/apollo-router-scaffold/templates/base/xtask/Cargo.toml +++ b/apollo-router-scaffold/templates/base/xtask/Cargo.toml @@ -13,7 +13,7 @@ apollo-router-scaffold = { path ="{{integration_test}}apollo-router-scaffold" } {{#if branch}} apollo-router-scaffold = { git="https://github.com/apollographql/router.git", branch="{{branch}}" } {{else}} -apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.29.1" } +apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.30.0" } {{/if}} {{/if}} anyhow = "1.0.58" diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml index 817cf8f255..f1082d64bd 100644 --- a/apollo-router/Cargo.toml +++ b/apollo-router/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router" -version = "1.29.1" +version = "1.30.0" authors = ["Apollo Graph, Inc. "] repository = "https://github.com/apollographql/router/" documentation = "https://docs.rs/apollo-router" diff --git a/apollo-router/src/plugins/rhai/engine.rs b/apollo-router/src/plugins/rhai/engine.rs index ab1dd67194..b4f55d1653 100644 --- a/apollo-router/src/plugins/rhai/engine.rs +++ b/apollo-router/src/plugins/rhai/engine.rs @@ -281,32 +281,6 @@ mod router_header_map { } } -#[export_module] -mod router_json { - pub(crate) type Object = crate::json_ext::Object; - pub(crate) type Value = crate::json_ext::Value; - - #[rhai_fn(name = "to_string", pure)] - pub(crate) fn object_to_string(x: &mut Object) -> String { - format!("{x:?}") - } - - #[rhai_fn(name = "to_string", pure)] - pub(crate) fn value_to_string(x: &mut Value) -> String { - format!("{x:?}") - } - - #[rhai_fn(pure, return_raw)] - pub(crate) fn json_encode(input: &mut Dynamic) -> Result> { - serde_json::to_string(input).map_err(|e| e.to_string().into()) - } - - #[rhai_fn(pure, return_raw)] - pub(crate) fn json_decode(input: &mut ImmutableString) -> Result> { - serde_json::from_str(input).map_err(|e| e.to_string().into()) - } -} - #[export_module] mod router_context { pub(crate) type Context = crate::Context; @@ -1487,7 +1461,6 @@ impl Rhai { let mut module = exported_module!(router_plugin); combine_with_exported_module!(&mut module, "header", router_header_map); combine_with_exported_module!(&mut module, "method", router_method); - combine_with_exported_module!(&mut module, "json", router_json); combine_with_exported_module!(&mut module, "context", router_context); let base64_module = exported_module!(router_base64); diff --git a/dockerfiles/tracing/docker-compose.datadog.yml b/dockerfiles/tracing/docker-compose.datadog.yml index 512b2ddceb..1fe9e4facc 100644 --- a/dockerfiles/tracing/docker-compose.datadog.yml +++ b/dockerfiles/tracing/docker-compose.datadog.yml @@ -3,7 +3,7 @@ services: apollo-router: container_name: apollo-router - image: ghcr.io/apollographql/router:v1.29.1 + image: ghcr.io/apollographql/router:v1.30.0 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/datadog.router.yaml:/etc/config/configuration.yaml diff --git a/dockerfiles/tracing/docker-compose.jaeger.yml b/dockerfiles/tracing/docker-compose.jaeger.yml index e2053883b7..85230d7e3e 100644 --- a/dockerfiles/tracing/docker-compose.jaeger.yml +++ b/dockerfiles/tracing/docker-compose.jaeger.yml @@ -4,7 +4,7 @@ services: apollo-router: container_name: apollo-router #build: ./router - image: ghcr.io/apollographql/router:v1.29.1 + image: ghcr.io/apollographql/router:v1.30.0 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/jaeger.router.yaml:/etc/config/configuration.yaml diff --git a/dockerfiles/tracing/docker-compose.zipkin.yml b/dockerfiles/tracing/docker-compose.zipkin.yml index 89539bc852..d31d365126 100644 --- a/dockerfiles/tracing/docker-compose.zipkin.yml +++ b/dockerfiles/tracing/docker-compose.zipkin.yml @@ -4,7 +4,7 @@ services: apollo-router: container_name: apollo-router build: ./router - image: ghcr.io/apollographql/router:v1.29.1 + image: ghcr.io/apollographql/router:v1.30.0 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/zipkin.router.yaml:/etc/config/configuration.yaml diff --git a/docs/source/configuration/authorization.mdx b/docs/source/configuration/authorization.mdx index 1a21b54a1c..92ce78568a 100644 --- a/docs/source/configuration/authorization.mdx +++ b/docs/source/configuration/authorization.mdx @@ -1,12 +1,12 @@ --- title: Authorization in the Apollo Router description: Strengthen service security with a centralized governance layer -minVersion: 1.29.0 +minVersion: 1.29.1 --- - + APIs provide access to business-critical data. Unrestricted access can result in data breaches, monetary losses, or potential denial of service. Even for internal services, checks can be essential to limit data to authorized parties. @@ -96,7 +96,7 @@ The router then enforces these directives on all incoming requests. > ⚠️ Only the Apollo Router supports authorization directives—[`@apollo/gateway`](/federation/v1/gateway/) does _not_. Check out the [migration guide](../migrating-from-gateway/) if you'd like to use them. Before using the authorization directives in your subgraph schemas, you must: -- Validate that your Apollo Router uses version `1.29.0` or later and is [connected to your GraphOS Enterprise organization](../enterprise-features/#enabling-enterprise-features) +- Validate that your Apollo Router uses version `1.29.1` or later and is [connected to your GraphOS Enterprise organization](../enterprise-features/#enabling-enterprise-features) - Include **[claims](#configure-request-claims)** in requests made to the router ### Configure request claims @@ -106,17 +106,17 @@ Claims are the individual details of a request's authentication and scope. They To provide the router with the claims it needs, you must either configure JSON Web Token (JWT) authentication or add an external coprocessor that adds claims to a request's context. In some cases (explained below), you may require both. - **JWT authentication configuration**: If you configure [JWT authentication](./authn-jwt), the Apollo Router [automatically adds a JWT token's claims](./authn-jwt#working-with-jwt-claims) to the request's context at the `apollo_authentication::JWT::claims` key. -- **Adding claims via coprocessor**: If you can't use JWT authentication, you can [add claims with a coprocessor](/customizations/coprocessor#adding-authorization-claims-via-coprocessor). Coprocessors let you hook into the Apollo Router's request-handling lifecycle with custom code. +- **Adding claims via coprocessor**: If you can't use JWT authentication, you can [add claims with a coprocessor](../customizations/coprocessor#adding-authorization-claims-via-coprocessor). Coprocessors let you hook into the Apollo Router's request-handling lifecycle with custom code. - **Augmenting JWT claims via coprocessor**: Your authorization policies may require information beyond what your JSON web tokens provide. For example, a token's claims may include user IDs, which you then use to look up user roles. For situations like this, you can [augment the claims](./authn-jwt#claim-augmentation-via-coprocessors) from your JSON web tokens with coprocessors. ## Authorization directives -**Authorization directives are enabled in your router by default**. If you want to _disable_ them, include the following in your router's [YAML config file](./overview/): +While in [preview](/resources/product-launch-stages/#preview), authorization directives are turned off by default. To enable them, include the following in your router's [YAML config file](./overview/): ```yaml title="router.yaml" authorization: preview_directives: - enabled: false + enabled: true ``` ### `@requiresScopes` @@ -303,7 +303,7 @@ type Query { type User { id: ID! username: String - email: String @requiresScopes(scopes: ["read:email"]) + email: String @requiresScopes(scopes: [["read:email"]]) posts: [Post!]! } diff --git a/docs/source/containerization/docker.mdx b/docs/source/containerization/docker.mdx index ebcb148767..9ddd11a47a 100644 --- a/docs/source/containerization/docker.mdx +++ b/docs/source/containerization/docker.mdx @@ -11,7 +11,7 @@ The default behaviour of the router images is suitable for a quickstart or devel Note: The [docker documentation](https://docs.docker.com/engine/reference/run/) for the run command may be helpful when reading through the examples. -Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `` with your chosen version. e.g.: `v1.29.1` +Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `` with your chosen version. e.g.: `v1.30.0` ## Override the configuration diff --git a/docs/source/containerization/kubernetes.mdx b/docs/source/containerization/kubernetes.mdx index c61cdea299..68a0fea56b 100644 --- a/docs/source/containerization/kubernetes.mdx +++ b/docs/source/containerization/kubernetes.mdx @@ -13,7 +13,7 @@ import { Link } from 'gatsby'; [Helm](https://helm.sh) is the package manager for kubernetes. -There is a complete [helm chart definition](https://github.com/apollographql/router/tree/v1.29.1/helm/chart/router) in the repo which illustrates how to use helm to deploy the router in kubernetes. +There is a complete [helm chart definition](https://github.com/apollographql/router/tree/v1.30.0/helm/chart/router) in the repo which illustrates how to use helm to deploy the router in kubernetes. In both the following examples, we are using helm to install the router: - into namespace "router-deploy" (create namespace if it doesn't exist) @@ -64,10 +64,10 @@ kind: ServiceAccount metadata: name: release-name-router labels: - helm.sh/chart: router-1.29.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.29.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm --- # Source: router/templates/secret.yaml @@ -76,10 +76,10 @@ kind: Secret metadata: name: "release-name-router" labels: - helm.sh/chart: router-1.29.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.29.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm data: managedFederationApiKey: "UkVEQUNURUQ=" @@ -90,10 +90,10 @@ kind: ConfigMap metadata: name: release-name-router labels: - helm.sh/chart: router-1.29.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.29.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm data: configuration.yaml: | @@ -117,10 +117,10 @@ kind: Service metadata: name: release-name-router labels: - helm.sh/chart: router-1.29.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.29.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP @@ -143,10 +143,10 @@ kind: Deployment metadata: name: release-name-router labels: - helm.sh/chart: router-1.29.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.29.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm annotations: @@ -174,7 +174,7 @@ spec: - name: router securityContext: {} - image: "ghcr.io/apollographql/router:v1.29.1" + image: "ghcr.io/apollographql/router:v1.30.0" imagePullPolicy: IfNotPresent args: - --hot-reload @@ -226,10 +226,10 @@ kind: Pod metadata: name: "release-name-router-test-connection" labels: - helm.sh/chart: router-1.29.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.29.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm annotations: "helm.sh/hook": test diff --git a/docs/source/customizations/coprocessor.mdx b/docs/source/customizations/coprocessor.mdx index 8fd14fe81f..13d20c7fb0 100644 --- a/docs/source/customizations/coprocessor.mdx +++ b/docs/source/customizations/coprocessor.mdx @@ -915,7 +915,7 @@ Subsequent response chunks omit the `headers` and `statusCode` fields: ## Adding authorization claims via coprocessor -For authorization purposes, your requests may need to include **claims**β€”the details of its authentication and scope. The most straightforward way to add claims is with [JWT authentication](../configuration/./authn-jwt). You can also add claims with a [`RouterService` coprocessor](#how-it-works) since it hooks into the request lifecycle directly after the router has received a client request. +To use the [authorization directives](../configuration/authorization#authorization-directives), a request needs to include **claims**β€”the details of its authentication and scope. The most straightforward way to add claims is with [JWT authentication](../configuration/./authn-jwt). You can also add claims with a [`RouterService` coprocessor](#how-it-works) since it hooks into the request lifecycle directly after the router has received a client request. The router configuration needs to include at least these settings: @@ -944,7 +944,7 @@ This configuration prompts the router to send an HTTP POST request to your copro } ``` -When your coprocessor receives this request from the router, it should add claims to the request's [`context`](#context) and return them in the response to the router. Specifically, the coprocessor should add an entry with a claims object. The key must be `apollo_authentication::JWT::claims`, and the value should be the claims required for authorization. For example: +When your coprocessor receives this request from the router, it should add claims to the request's [`context`](#context) and return them in the response to the router. Specifically, the coprocessor should add an entry with a claims object. The key must be `apollo_authentication::JWT::claims`, and the value should be the claims required by the authorization directives you intend to use. For example, if you want to use [`@requireScopes`](../configuration/authorization#requiresscopes), the response may look something like this: ```json { diff --git a/docs/source/enterprise-features.mdx b/docs/source/enterprise-features.mdx index 570aaee444..bbdcd9cd6f 100644 --- a/docs/source/enterprise-features.mdx +++ b/docs/source/enterprise-features.mdx @@ -11,7 +11,7 @@ The Apollo Router provides expanded performance, security, and customization fea - **Real-time updates** via [GraphQL subscriptions](./executing-operations/subscription-support/) - **Authentication of inbound requests** via [JSON Web Token (JWT)](./configuration/authn-jwt/) -- **Access control** of specific fields and types through the [`@requiresScopes`](./configuration/authorization#requiresscopes) and [`@authenticated`](./configuration/authorization#authenticated) directives +- [**Authorization** of specific fields and types](./configuration/authorization) through the [`@requiresScopes`](./configuration/authorization#requiresscopes) and [`@authenticated`](./configuration/authorization#authenticated) directives - Redis-backed [**distributed caching** of query plans and persisted queries](./configuration/distributed-caching/) - **Custom request handling** in any language via [external coprocessing](./customizations/coprocessor/) - **Mitigation of potentially malicious requests** via [operation limits](./configuration/operation-limits) and [safelisting with persisted queries](./configuration/persisted-queries) diff --git a/docs/source/federation-version-support.mdx b/docs/source/federation-version-support.mdx index b1bb21f24b..a44f7f12ef 100644 --- a/docs/source/federation-version-support.mdx +++ b/docs/source/federation-version-support.mdx @@ -27,7 +27,7 @@ The table below shows which version of federation each router release is compile - v1.29.0 and later (see latest releases) + v1.29.1 and later (see latest releases) 2.5.3 @@ -35,7 +35,15 @@ The table below shows which version of federation each router release is compile - v1.28.0 - v1.28.1 + ⚠️ v1.29.0 + + + 2.5.3 + + + + + ⚠️ v1.28.0 - v1.28.1 2.5.1 diff --git a/helm/chart/router/Chart.yaml b/helm/chart/router/Chart.yaml index 69bdb630a8..07dbc45a6a 100644 --- a/helm/chart/router/Chart.yaml +++ b/helm/chart/router/Chart.yaml @@ -20,10 +20,10 @@ type: application # so it matches the shape of our release process and release automation. # By proxy of that decision, this version uses SemVer 2.0.0, though the prefix # of "v" is not included. -version: 1.29.1 +version: 1.30.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "v1.29.1" \ No newline at end of file +appVersion: "v1.30.0" \ No newline at end of file diff --git a/helm/chart/router/README.md b/helm/chart/router/README.md index 983969d7a9..d31ac65966 100644 --- a/helm/chart/router/README.md +++ b/helm/chart/router/README.md @@ -2,7 +2,7 @@ [router](https://github.com/apollographql/router) Rust Graph Routing runtime for Apollo Federation -![Version: 1.29.1](https://img.shields.io/badge/Version-1.29.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.29.1](https://img.shields.io/badge/AppVersion-v1.29.1-informational?style=flat-square) +![Version: 1.30.0](https://img.shields.io/badge/Version-1.30.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.30.0](https://img.shields.io/badge/AppVersion-v1.30.0-informational?style=flat-square) ## Prerequisites @@ -11,7 +11,7 @@ ## Get Repo Info ```console -helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.29.1 +helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.30.0 ``` ## Install Chart @@ -19,7 +19,7 @@ helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.29.1 **Important:** only helm3 is supported ```console -helm upgrade --install [RELEASE_NAME] oci://ghcr.io/apollographql/helm-charts/router --version 1.29.1 --values my-values.yaml +helm upgrade --install [RELEASE_NAME] oci://ghcr.io/apollographql/helm-charts/router --version 1.30.0 --values my-values.yaml ``` _See [configuration](#configuration) below._ diff --git a/licenses.html b/licenses.html index bbaf4cfa5a..28c09f483c 100644 --- a/licenses.html +++ b/licenses.html @@ -48,9 +48,9 @@

Overview of licenses:

  • Apache License 2.0 (62)
  • BSD 3-Clause "New" or "Revised" License (10)
  • ISC License (9)
    • +
  • Mozilla Public License 2.0 (3)
  • Creative Commons Zero v1.0 Universal (2)
  • Elastic License 2.0 (2)
    • -
  • Mozilla Public License 2.0 (2)
  • BSD 2-Clause "Simplified" License (1)
  • OpenSSL License (1)
  • Unicode License Agreement - Data Files and Software (2016) (1)
    • @@ -10494,7 +10494,9 @@

    Apache License 2.0

    Used by:

    ../../LICENSE-APACHE
    @@ -10724,6 +10726,7 @@

    Used by:

    Apache License 2.0

    Used by:

    @@ -11145,9 +11148,7 @@

    Apache License 2.0

    Used by:

    • apollo-compiler
      • -
    • apollo-encoder
    • apollo-parser
      • -
    • apollo-smith
    • curve25519-dalek-derive
    • deadpool-runtime
    • deno-proc-macro-rules
      • @@ -11163,6 +11164,7 @@

      Used by:

    • md5
    • num-cmp
    • rhai_codegen
      • +
    • siphasher
    • thrift
    • try_match_inner
    • try_match_inner
      • @@ -12248,36 +12250,6 @@

      Used by:

      // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN // ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - - -
    • -

      ISC License

      -

      Used by:

      - - 
      // Copyright 2021 Brian Smith.
-//
-// Permission to use, copy, modify, and/or distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
-// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
-// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-#[test]
-fn cert_without_extensions_test() {
-    // Check the certificate is valid with
-    // `openssl x509 -in cert_without_extensions.der -inform DER -text -noout`
-    const CERT_WITHOUT_EXTENSIONS_DER: &[u8] = include_bytes!("cert_without_extensions.der");
-
-    assert!(webpki::EndEntityCert::try_from(CERT_WITHOUT_EXTENSIONS_DER).is_ok());
-}
    • @@ -12367,6 +12339,23 @@

      Used by:

      The files under third-party/chromium are licensed as described in third-party/chromium/LICENSE. + +
      • +
    • +

      ISC License

      +

      Used by:

      + + 
      ISC License:
+
+Copyright (c) 2004-2010 by Internet Systems Consortium, Inc. ("ISC")
+Copyright (c) 1995-2003 by Internet Software Consortium
+
+Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
    • @@ -15125,11 +15114,9 @@

      Used by:

    • aho-corasick
    • byteorder
    • globset
      • -
    • memchr
    • regex-automata
    • same-file
    • termcolor
      • -
    • walkdir
    • winapi-util
    This project is dual-licensed under the Unlicense and MIT licenses.
@@ -15533,7 +15520,6 @@ 
    Mozilla Public License 2.0
    
                 
    Used by:
    
                 
                 
    Mozilla Public License Version 2.0
 ==================================
@@ -15908,6 +15894,35 @@ 
    Used by:
    
 
   This Source Code Form is "Incompatible With Secondary Licenses", as
   defined by the Mozilla Public License, v. 2.0.
+
    
+            
+            
  • 
+                
    Mozilla Public License 2.0
    
+                
    Used by:
    
+                
+                
    This packge contains a modified version of ca-bundle.crt:
+
+ca-bundle.crt -- Bundle of CA Root Certificates
+
+Certificate data from Mozilla as of: Thu Nov  3 19:04:19 2011#
+This is a bundle of X.509 certificates of public Certificate Authorities
+(CA). These were automatically extracted from Mozilla's root certificates
+file (certdata.txt).  This file can be found in the mozilla source tree:
+http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1#
+It contains the certificates in PEM format and therefore
+can be directly used with curl / libcurl / php_curl, or with
+an Apache+mod_ssl webserver for SSL client authentication.
+Just configure this file as the SSLCACertificateFile.#
+
+***** BEGIN LICENSE BLOCK *****
+This Source Code Form is subject to the terms of the Mozilla Public License,
+v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain
+one at http://mozilla.org/MPL/2.0/.
+
+***** END LICENSE BLOCK *****
+@(#) $RCSfile: certdata.txt,v $ $Revision: 1.80 $ $Date: 2011/11/03 15:11:58 $
 
    
             
    • 
             
  • 
diff --git a/scripts/install.sh b/scripts/install.sh
index 47dc365d05..318035641b 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -11,7 +11,7 @@ BINARY_DOWNLOAD_PREFIX="https://github.com/apollographql/router/releases/downloa
 
 # Router version defined in apollo-router's Cargo.toml
 # Note: Change this line manually during the release steps.
-PACKAGE_VERSION="v1.29.1"
+PACKAGE_VERSION="v1.30.0"
 
 download_binary() {
     downloader --check