From 7194ffce1ccfd00d59e1e29a81aa196046aedd90 Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 14 Sep 2023 09:14:15 +0000 Subject: [PATCH 1/8] prep release: v1.30.0 --- .changesets/docs_fix_broken_links.md | 5 - .../docs_geal_authorization_router_rhai.md | 5 - .../feat_garypen_2278_rhai_router_service.md | 34 --- .changesets/fix_bnjjj_fix_3683.md | 5 - .../fix_bnjjj_fix_empty_multipart_stream.md | 5 - ...njjj_subscription_default_configuration.md | 8 - .changesets/fix_bryn_fix_metrics_typing.md | 6 - .changesets/fix_dragonfly_ship_win_folder.md | 9 - .changesets/fix_geal_filter_events_too.md | 6 - .../fix_geal_fix_authenticated_reporting.md | 5 - ..._geal_remove_clones_from_headers_plugin.md | 5 - .changesets/fix_geal_telemetry_perf.md | 5 - .changesets/fix_igni_sigv4_http_level.md | 12 - .../fix_igni_typename_fragment_interfaces.md | 5 - .changesets/maint_bnjjj_caching_metrics.md | 38 --- .changesets/maint_geal_metadata_cleanup.md | 6 - .changesets/maint_igni_rust_1_72_0.md | 5 - .changesets/maint_nicolas_otlp_filter.md | 5 - .changesets/maint_simon_is_terminal.md | 8 - .changesets/maint_simon_pkiup.md | 11 - CHANGELOG.md | 220 ++++++++++++++++++ Cargo.lock | 6 +- apollo-router-benchmarks/Cargo.toml | 2 +- apollo-router-scaffold/Cargo.toml | 2 +- .../templates/base/Cargo.toml | 2 +- .../templates/base/xtask/Cargo.toml | 2 +- apollo-router/Cargo.toml | 2 +- .../tracing/docker-compose.datadog.yml | 2 +- dockerfiles/tracing/docker-compose.jaeger.yml | 2 +- dockerfiles/tracing/docker-compose.zipkin.yml | 2 +- docs/source/containerization/docker.mdx | 2 +- docs/source/containerization/kubernetes.mdx | 28 +-- helm/chart/router/Chart.yaml | 4 +- helm/chart/router/README.md | 6 +- licenses.html | 118 +++++++--- scripts/install.sh | 2 +- 36 files changed, 334 insertions(+), 256 deletions(-) delete mode 100644 .changesets/docs_fix_broken_links.md delete mode 100644 .changesets/docs_geal_authorization_router_rhai.md delete mode 100644 .changesets/feat_garypen_2278_rhai_router_service.md delete mode 100644 .changesets/fix_bnjjj_fix_3683.md delete mode 100644 .changesets/fix_bnjjj_fix_empty_multipart_stream.md delete mode 100644 .changesets/fix_bnjjj_subscription_default_configuration.md delete mode 100644 .changesets/fix_bryn_fix_metrics_typing.md delete mode 100644 .changesets/fix_dragonfly_ship_win_folder.md delete mode 100644 .changesets/fix_geal_filter_events_too.md delete mode 100644 .changesets/fix_geal_fix_authenticated_reporting.md delete mode 100644 .changesets/fix_geal_remove_clones_from_headers_plugin.md delete mode 100644 .changesets/fix_geal_telemetry_perf.md delete mode 100644 .changesets/fix_igni_sigv4_http_level.md delete mode 100644 .changesets/fix_igni_typename_fragment_interfaces.md delete mode 100644 .changesets/maint_bnjjj_caching_metrics.md delete mode 100644 .changesets/maint_geal_metadata_cleanup.md delete mode 100644 .changesets/maint_igni_rust_1_72_0.md delete mode 100644 .changesets/maint_nicolas_otlp_filter.md delete mode 100644 .changesets/maint_simon_is_terminal.md delete mode 100644 .changesets/maint_simon_pkiup.md diff --git a/.changesets/docs_fix_broken_links.md b/.changesets/docs_fix_broken_links.md deleted file mode 100644 index d395aa0c07..0000000000 --- a/.changesets/docs_fix_broken_links.md +++ /dev/null @@ -1,5 +0,0 @@ -### Fix broken links - -This documentation change fixes an incorrect anchor link in the [CORS documentation](https://www.apollographql.com/docs/router/configuration/cors/) and removes links to authorization docs which have not yet been released. - -By [@Meschreiber](https://github.com/Meschreiber) in https://github.com/apollographql/router/pull/3711 diff --git a/.changesets/docs_geal_authorization_router_rhai.md b/.changesets/docs_geal_authorization_router_rhai.md deleted file mode 100644 index 0e3596252b..0000000000 --- a/.changesets/docs_geal_authorization_router_rhai.md +++ /dev/null @@ -1,5 +0,0 @@ -### GraphOS authorization: add an example of scope manipulation with router service level rhai ([PR #3719](https://github.com/apollographql/router/pull/3719)) - -The router authorization directive `@requiresScopes` expects scopes to come from the `scope` claim in the OAuth2 access token format ( https://datatracker.ietf.org/doc/html/rfc6749#section-3.3 ). Some tokens may have scopes stored in a different way, like an array of strings, or even in different claims. This documents a way to extract the scopes and prepare them in the right format for consumption by `@requiresScopes`, ushing Rhai. - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3719 \ No newline at end of file diff --git a/.changesets/feat_garypen_2278_rhai_router_service.md b/.changesets/feat_garypen_2278_rhai_router_service.md deleted file mode 100644 index 526e802477..0000000000 --- a/.changesets/feat_garypen_2278_rhai_router_service.md +++ /dev/null @@ -1,34 +0,0 @@ -### Provide a rhai interface to the router service ([Issue #2278](https://github.com/apollographql/router/issues/2278)) - -Adds `Rhai` support for the `router_service`. - -It is now possible to interact with requests and responses at the `router_service` level from `Rhai`. The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may map requests and responses as follows: - -```rust -fn router_service(service) { - const request_callback = Fn("process_request"); - service.map_request(request_callback); - const response_callback = Fn("process_response"); - service.map_response(response_callback); -} - -``` -The main difference from existing services is that the router_service is dealing with HTTP Bodies, not well formatted GraphQL objects. This means that the `Request.body` or `Response.body` is not a well structured object that you may interact with, but is simply a String. - -This makes it more complex to deal with Request and Response bodies with the tradeoff being that a script author has more power and can perform tasks which are just not possible within the confines of a well-formed GraphQL object. - -This simple example, simply logs the bodies: - -```rust -// Generate a log for each request at this stage -fn process_request(request) { - print(`body: ${request.body}`); -} - -// Generate a log for each response at this stage -fn process_response(response) { - print(`body: ${response.body}`); -} -``` - -By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3234 diff --git a/.changesets/fix_bnjjj_fix_3683.md b/.changesets/fix_bnjjj_fix_3683.md deleted file mode 100644 index ff130ff6f4..0000000000 --- a/.changesets/fix_bnjjj_fix_3683.md +++ /dev/null @@ -1,5 +0,0 @@ -### fix(subscription): add x-accel-buffering header for multipart response ([Issue #3683](https://github.com/apollographql/router/issues/3683)) - -Set `x-accel-buffering` to `no` when it's a multipart response because proxies need this configuration. - -By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3749 diff --git a/.changesets/fix_bnjjj_fix_empty_multipart_stream.md b/.changesets/fix_bnjjj_fix_empty_multipart_stream.md deleted file mode 100644 index 68aa0de28a..0000000000 --- a/.changesets/fix_bnjjj_fix_empty_multipart_stream.md +++ /dev/null @@ -1,5 +0,0 @@ -### Handle multipart stream if the original stream is empty ([Issue #3293](https://github.com/apollographql/router/issues/3293)) - -For subscription and defer, in case the multipart response stream is empty then it should end correctly. - -By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3748 \ No newline at end of file diff --git a/.changesets/fix_bnjjj_subscription_default_configuration.md b/.changesets/fix_bnjjj_subscription_default_configuration.md deleted file mode 100644 index 2c4a5c207a..0000000000 --- a/.changesets/fix_bnjjj_subscription_default_configuration.md +++ /dev/null @@ -1,8 +0,0 @@ -### fix(subscription): force the deduplication to be enabled by default as it's documented ([PR #3773](https://github.com/apollographql/router/pull/3773)) - -A bug was introduced in router v1.25.0 which caused [subscription deduplication](https://www.apollographql.com/docs/router/executing-operations/subscription-support#subscription-deduplication) to be disabled by default. -As documented, the router will enable deduplication by default, providing you with subscriptions that scale. - -Should you decide to disable it, you can still explicitly set `enable_deduplication` to `false`. - -By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3773 diff --git a/.changesets/fix_bryn_fix_metrics_typing.md b/.changesets/fix_bryn_fix_metrics_typing.md deleted file mode 100644 index ab4d6eef03..0000000000 --- a/.changesets/fix_bryn_fix_metrics_typing.md +++ /dev/null @@ -1,6 +0,0 @@ -### Fix metrics attribute types ([Issue #3687](https://github.com/apollographql/router/issues/3687)) - -Metrics attributes were being coerced to strings. This is now fixed. -In addition, the logic around types accepted as metrics attributes has been simplified. It will log and ignore values of the wrong type. - -By [@BrynCooke](https://github.com/BrynCooke) in https://github.com/apollographql/router/pull/3724 diff --git a/.changesets/fix_dragonfly_ship_win_folder.md b/.changesets/fix_dragonfly_ship_win_folder.md deleted file mode 100644 index 892df67579..0000000000 --- a/.changesets/fix_dragonfly_ship_win_folder.md +++ /dev/null @@ -1,9 +0,0 @@ -### Subscriptions: Correct v1.28.x regression allowing panic via un-named subscription operation - -Correct a regression that was introduced in Router v1.28.0 which made a Router **panic** possible when the following _three_ conditions are _all_ met: - -1. When sending an un-named (i.e., "anonymous") `subscription` operation (e.g., `subscription { ... }`); **and**; -2. The Router has a `subscription` type defined in the Supergraph schema; **and** -3. Have subscriptions enabled (they are disabled by default) in the Router's YAML configuration, either by setting `enabled: true` _or_ by setting a `mode` within the `subscriptions` object (as seen in [the subscriptions documentation](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#router-setup). - -By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3738 diff --git a/.changesets/fix_geal_filter_events_too.md b/.changesets/fix_geal_filter_events_too.md deleted file mode 100644 index 579d457ea6..0000000000 --- a/.changesets/fix_geal_filter_events_too.md +++ /dev/null @@ -1,6 +0,0 @@ -### Do not record a trace if telemetry is not configured - -The OpenTelemetry handling code had a constant overhead on every request, due to the OpenTelemetryLayer recording data for every span, even when telemetry is not actually set up. We introduce a sampling filter that disables it entirely when no exporters are configured, which provides a performance boost in basic setups. -It also provides performance gains when exporters are set up: if a sampling ratio or client defined sampling are used, then the filter will only send the sampled traces to the rest of the stack, thus reducing the overhead again. - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/2999 diff --git a/.changesets/fix_geal_fix_authenticated_reporting.md b/.changesets/fix_geal_fix_authenticated_reporting.md deleted file mode 100644 index ff189e1d7f..0000000000 --- a/.changesets/fix_geal_fix_authenticated_reporting.md +++ /dev/null @@ -1,5 +0,0 @@ -### Fix authenticated directive reporting ([PR #3753](https://github.com/apollographql/router/pull/3753)) - -The context key for the `@authenticated` directive only affects usage reporting - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3753 \ No newline at end of file diff --git a/.changesets/fix_geal_remove_clones_from_headers_plugin.md b/.changesets/fix_geal_remove_clones_from_headers_plugin.md deleted file mode 100644 index 36881a1de4..0000000000 --- a/.changesets/fix_geal_remove_clones_from_headers_plugin.md +++ /dev/null @@ -1,5 +0,0 @@ -### remove clones from the header plugin ([Issue #3068](https://github.com/apollographql/router/issues/3068)) - -The list of header operations was cloned for every subgraph query, and this was increasing latency. We made sure the overhead is minimal by removing those allocations - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3721 \ No newline at end of file diff --git a/.changesets/fix_geal_telemetry_perf.md b/.changesets/fix_geal_telemetry_perf.md deleted file mode 100644 index f20ceee31a..0000000000 --- a/.changesets/fix_geal_telemetry_perf.md +++ /dev/null @@ -1,5 +0,0 @@ -### small performance improvements for telemetry ([PR #3656](https://github.com/apollographql/router/pull/3656)) - -The SpanMetricsExporter, used to report span timings hade a few inefficiencies in the way it recognized spans, and it brought a constant overhead to the router usage, even when telemetry was not configured. It has now been isolated and optimized - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3656 \ No newline at end of file diff --git a/.changesets/fix_igni_sigv4_http_level.md b/.changesets/fix_igni_sigv4_http_level.md deleted file mode 100644 index 5679499772..0000000000 --- a/.changesets/fix_igni_sigv4_http_level.md +++ /dev/null @@ -1,12 +0,0 @@ -### Subgraph authentication: Make sure Request signing happens after Compression and APQ ([Issue #3608](https://github.com/apollographql/router/issues/3608)) - -[Subgraph authentication](https://www.apollographql.com/docs/router/configuration/authn-subgraph) is available since router v1.27.0. - -Unfortunately this first version didn't work well with features that operate with the SubgraphService, for example: - - Subgraph APQ - - Subgraph HTTP compression - - Custom plugins that operate on the Subgraph level, written either via coprocessors, in rhai, or native. - -The router will now sign subgraph requests just before they are sent to subgraphs. - -By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3735 diff --git a/.changesets/fix_igni_typename_fragment_interfaces.md b/.changesets/fix_igni_typename_fragment_interfaces.md deleted file mode 100644 index 5ed53a9ee9..0000000000 --- a/.changesets/fix_igni_typename_fragment_interfaces.md +++ /dev/null @@ -1,5 +0,0 @@ -### Deal with interfaces on fragment spreads when no __typename is queried ([Issue #2587](https://github.com/apollographql/router/issues/2587)) - -Operations would over rely on the presence of __typename to resolve selection sets on interface implementers. This changeset checks for the parent type in an InlineFragment, so we don't drop relevant selection set when applicable. - -By [@o0Ignition0o](https://github.com/o0Ignition0o) and [@geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3718 diff --git a/.changesets/maint_bnjjj_caching_metrics.md b/.changesets/maint_bnjjj_caching_metrics.md deleted file mode 100644 index cd09700cfd..0000000000 --- a/.changesets/maint_bnjjj_caching_metrics.md +++ /dev/null @@ -1,38 +0,0 @@ -### Add experimental caching metrics ([PR #3532](https://github.com/apollographql/router/pull/3532)) - -It adds a metric only if you configure `telemetry.metrics.common.experimental_cache_metrics.enabled` to `true`. It will generate metrics to evaluate which entities would benefit from caching. It simulates a cache with a TTL, configurable at `telemetry.metrics.common.experimental_cache_metrics.ttl` (default: 5 seconds), and measures the cache hit rate per entity type and subgraph. - -example - -``` -# HELP apollo.router.operations.entity.cache_hit -# TYPE apollo_router_operations_entity.cache_hit histogram -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.05"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.25"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.5"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="2.5"} 3 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="5"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="10"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="20"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="1000"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="+Inf"} 4 -apollo_router_operations_entity_cache_hitsum{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version=""} 7 -apollo_router_operations_entity_cache_hitcount{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version=""} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.05"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.25"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.5"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="2.5"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="5"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="10"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="20"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="1000"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="+Inf"} 1 -apollo_router_operations_entity_cache_hitsum{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version=""} 1 -apollo_router_operations_entity_cache_hitcount{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version=""} 1 -``` - -By [@bnjjj](https://github.com/bnjjj) [@Geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3532 \ No newline at end of file diff --git a/.changesets/maint_geal_metadata_cleanup.md b/.changesets/maint_geal_metadata_cleanup.md deleted file mode 100644 index ee9628f870..0000000000 --- a/.changesets/maint_geal_metadata_cleanup.md +++ /dev/null @@ -1,6 +0,0 @@ -### Metadata cleanup ([PR #3746](https://github.com/apollographql/router/pull/3746)) - -* remove unused patch entries in Cargo.toml -* remove exemptions for the chrono security advisories (they are fixed now) - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3746 \ No newline at end of file diff --git a/.changesets/maint_igni_rust_1_72_0.md b/.changesets/maint_igni_rust_1_72_0.md deleted file mode 100644 index 9371f0dcfa..0000000000 --- a/.changesets/maint_igni_rust_1_72_0.md +++ /dev/null @@ -1,5 +0,0 @@ -### Update rust toolchain to 1.72.0 ([PR #3707](https://github.com/apollographql/router/pull/3707)) - -The router-bridge update now allows us to use the latest rust version. - -By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3707 diff --git a/.changesets/maint_nicolas_otlp_filter.md b/.changesets/maint_nicolas_otlp_filter.md deleted file mode 100644 index 7bb2f7070c..0000000000 --- a/.changesets/maint_nicolas_otlp_filter.md +++ /dev/null @@ -1,5 +0,0 @@ -### Add support GraphOS Cloud metrics ([Issue #3760](https://github.com/apollographql/router/issues/3760)) - -Add support for GraphOS Cloud metrics in the Apollo OTLP Exporter. - -By [@nmoutschen](https://github.com/nmoutschen) in https://github.com/apollographql/router/pull/3761 \ No newline at end of file diff --git a/.changesets/maint_simon_is_terminal.md b/.changesets/maint_simon_is_terminal.md deleted file mode 100644 index 7295cd62d3..0000000000 --- a/.changesets/maint_simon_is_terminal.md +++ /dev/null @@ -1,8 +0,0 @@ -### Replace atty crate with std ([PR #3729](https://github.com/apollographql/router/pull/3729)) - -The crate is unmaintained, and the standard library has equivalent functionality since Rust 1.70.0 - -* https://github.com/apollographql/router/security/dependabot/68 -* https://doc.rust-lang.org/stable/std/io/trait.IsTerminal.html - -By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3729 diff --git a/.changesets/maint_simon_pkiup.md b/.changesets/maint_simon_pkiup.md deleted file mode 100644 index 8e606d8631..0000000000 --- a/.changesets/maint_simon_pkiup.md +++ /dev/null @@ -1,11 +0,0 @@ -### Upgrade webpki and rustls-webpki crates ([PR #3728](https://github.com/apollographql/router/pull/3728)) - -Brings fixes for: - -* https://rustsec.org/advisories/RUSTSEC-2023-0052 -* https://rustsec.org/advisories/RUSTSEC-2023-0053 - -Because Apollo Router does not accept client certificates, it could only be affected -if a subgraph supplied a pathological TLS server certificate. - -By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3728 diff --git a/CHANGELOG.md b/CHANGELOG.md index 26f26fb183..a27afc8e33 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,226 @@ All notable changes to Router will be documented in this file. This project adheres to [Semantic Versioning v2.0.0](https://semver.org/spec/v2.0.0.html). +# [1.30.0] - 2023-09-14 + +## 🚀 Features + +### Provide a rhai interface to the router service ([Issue #2278](https://github.com/apollographql/router/issues/2278)) + +Adds `Rhai` support for the `router_service`. + +It is now possible to interact with requests and responses at the `router_service` level from `Rhai`. The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may map requests and responses as follows: + +```rust +fn router_service(service) { + const request_callback = Fn("process_request"); + service.map_request(request_callback); + const response_callback = Fn("process_response"); + service.map_response(response_callback); +} + +``` +The main difference from existing services is that the router_service is dealing with HTTP Bodies, not well formatted GraphQL objects. This means that the `Request.body` or `Response.body` is not a well structured object that you may interact with, but is simply a String. + +This makes it more complex to deal with Request and Response bodies with the tradeoff being that a script author has more power and can perform tasks which are just not possible within the confines of a well-formed GraphQL object. + +This simple example, simply logs the bodies: + +```rust +// Generate a log for each request at this stage +fn process_request(request) { + print(`body: `); +} + +// Generate a log for each response at this stage +fn process_response(response) { + print(`body: `); +} +``` + +By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3234 + +## 🐛 Fixes + +### small performance improvements for telemetry ([PR #3656](https://github.com/apollographql/router/pull/3656)) + +The SpanMetricsExporter, used to report span timings hade a few inefficiencies in the way it recognized spans, and it brought a constant overhead to the router usage, even when telemetry was not configured. It has now been isolated and optimized + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3656 + +### Deal with interfaces on fragment spreads when no __typename is queried ([Issue #2587](https://github.com/apollographql/router/issues/2587)) + +Operations would over rely on the presence of __typename to resolve selection sets on interface implementers. This changeset checks for the parent type in an InlineFragment, so we don't drop relevant selection set when applicable. + +By [@o0Ignition0o](https://github.com/o0Ignition0o) and [@geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3718 + +### fix(subscription): force the deduplication to be enabled by default as it's documented ([PR #3773](https://github.com/apollographql/router/pull/3773)) + +A bug was introduced in router v1.25.0 which caused [subscription deduplication](https://www.apollographql.com/docs/router/executing-operations/subscription-support#subscription-deduplication) to be disabled by default. +As documented, the router will enable deduplication by default, providing you with subscriptions that scale. + +Should you decide to disable it, you can still explicitly set `enable_deduplication` to `false`. + +By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3773 + +### Fix metrics attribute types ([Issue #3687](https://github.com/apollographql/router/issues/3687)) + +Metrics attributes were being coerced to strings. This is now fixed. +In addition, the logic around types accepted as metrics attributes has been simplified. It will log and ignore values of the wrong type. + +By [@BrynCooke](https://github.com/BrynCooke) in https://github.com/apollographql/router/pull/3724 + +### remove clones from the header plugin ([Issue #3068](https://github.com/apollographql/router/issues/3068)) + +The list of header operations was cloned for every subgraph query, and this was increasing latency. We made sure the overhead is minimal by removing those allocations + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3721 + +### Subscriptions: Correct v1.28.x regression allowing panic via un-named subscription operation + +Correct a regression that was introduced in Router v1.28.0 which made a Router **panic** possible when the following _three_ conditions are _all_ met: + +1. When sending an un-named (i.e., "anonymous") `subscription` operation (e.g., `subscription { ... }`); **and**; +2. The Router has a `subscription` type defined in the Supergraph schema; **and** +3. Have subscriptions enabled (they are disabled by default) in the Router's YAML configuration, either by setting `enabled: true` _or_ by setting a `mode` within the `subscriptions` object (as seen in [the subscriptions documentation](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#router-setup). + +By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3738 + +### Do not record a trace if telemetry is not configured + +The OpenTelemetry handling code had a constant overhead on every request, due to the OpenTelemetryLayer recording data for every span, even when telemetry is not actually set up. We introduce a sampling filter that disables it entirely when no exporters are configured, which provides a performance boost in basic setups. +It also provides performance gains when exporters are set up: if a sampling ratio or client defined sampling are used, then the filter will only send the sampled traces to the rest of the stack, thus reducing the overhead again. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/2999 + +### Subgraph authentication: Make sure Request signing happens after Compression and APQ ([Issue #3608](https://github.com/apollographql/router/issues/3608)) + +[Subgraph authentication](https://www.apollographql.com/docs/router/configuration/authn-subgraph) is available since router v1.27.0. + +Unfortunately this first version didn't work well with features that operate with the SubgraphService, for example: + - Subgraph APQ + - Subgraph HTTP compression + - Custom plugins that operate on the Subgraph level, written either via coprocessors, in rhai, or native. + +The router will now sign subgraph requests just before they are sent to subgraphs. + +By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3735 + +### Fix authenticated directive reporting ([PR #3753](https://github.com/apollographql/router/pull/3753)) + +The context key for the `@authenticated` directive only affects usage reporting + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3753 + +### Handle multipart stream if the original stream is empty ([Issue #3293](https://github.com/apollographql/router/issues/3293)) + +For subscription and defer, in case the multipart response stream is empty then it should end correctly. + +By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3748 + +### fix(subscription): add x-accel-buffering header for multipart response ([Issue #3683](https://github.com/apollographql/router/issues/3683)) + +Set `x-accel-buffering` to `no` when it's a multipart response because proxies need this configuration. + +By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3749 + +## 🛠 Maintenance + +### Update rust toolchain to 1.72.0 ([PR #3707](https://github.com/apollographql/router/pull/3707)) + +The router-bridge update now allows us to use the latest rust version. + +By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3707 + +### Add support GraphOS Cloud metrics ([Issue #3760](https://github.com/apollographql/router/issues/3760)) + +Add support for GraphOS Cloud metrics in the Apollo OTLP Exporter. + +By [@nmoutschen](https://github.com/nmoutschen) in https://github.com/apollographql/router/pull/3761 + +### Metadata cleanup ([PR #3746](https://github.com/apollographql/router/pull/3746)) + +* remove unused patch entries in Cargo.toml +* remove exemptions for the chrono security advisories (they are fixed now) + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3746 + +### Replace atty crate with std ([PR #3729](https://github.com/apollographql/router/pull/3729)) + +The crate is unmaintained, and the standard library has equivalent functionality since Rust 1.70.0 + +* https://github.com/apollographql/router/security/dependabot/68 +* https://doc.rust-lang.org/stable/std/io/trait.IsTerminal.html + +By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3729 + +### Add experimental caching metrics ([PR #3532](https://github.com/apollographql/router/pull/3532)) + +It adds a metric only if you configure `telemetry.metrics.common.experimental_cache_metrics.enabled` to `true`. It will generate metrics to evaluate which entities would benefit from caching. It simulates a cache with a TTL, configurable at `telemetry.metrics.common.experimental_cache_metrics.ttl` (default: 5 seconds), and measures the cache hit rate per entity type and subgraph. + +example + +``` +# HELP apollo.router.operations.entity.cache_hit +# TYPE apollo_router_operations_entity.cache_hit histogram +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.05"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.1"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.25"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.5"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="1"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="2.5"} 3 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="5"} 4 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="10"} 4 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="20"} 4 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="1000"} 4 +apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="+Inf"} 4 +apollo_router_operations_entity_cache_hitsum{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version=""} 7 +apollo_router_operations_entity_cache_hitcount{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version=""} 4 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.05"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.1"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.25"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.5"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="1"} 0 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="2.5"} 1 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="5"} 1 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="10"} 1 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="20"} 1 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="1000"} 1 +apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="+Inf"} 1 +apollo_router_operations_entity_cache_hitsum{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version=""} 1 +apollo_router_operations_entity_cache_hitcount{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version=""} 1 +``` + +By [@bnjjj](https://github.com/bnjjj) [@Geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3532 + +### Upgrade webpki and rustls-webpki crates ([PR #3728](https://github.com/apollographql/router/pull/3728)) + +Brings fixes for: + +* https://rustsec.org/advisories/RUSTSEC-2023-0052 +* https://rustsec.org/advisories/RUSTSEC-2023-0053 + +Because Apollo Router does not accept client certificates, it could only be affected +if a subgraph supplied a pathological TLS server certificate. + +By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3728 + +## 📚 Documentation + +### GraphOS authorization: add an example of scope manipulation with router service level rhai ([PR #3719](https://github.com/apollographql/router/pull/3719)) + +The router authorization directive `@requiresScopes` expects scopes to come from the `scope` claim in the OAuth2 access token format ( https://datatracker.ietf.org/doc/html/rfc6749#section-3.3 ). Some tokens may have scopes stored in a different way, like an array of strings, or even in different claims. This documents a way to extract the scopes and prepare them in the right format for consumption by `@requiresScopes`, ushing Rhai. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3719 + +### Fix broken links + +This documentation change fixes an incorrect anchor link in the [CORS documentation](https://www.apollographql.com/docs/router/configuration/cors/) and removes links to authorization docs which have not yet been released. + +By [@Meschreiber](https://github.com/Meschreiber) in https://github.com/apollographql/router/pull/3711 + + + # [1.29.1] - 2023-09-04 ## 🚀 Features diff --git a/Cargo.lock b/Cargo.lock index 0232f7b0fc..9534fb8c42 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -263,7 +263,7 @@ dependencies = [ [[package]] name = "apollo-router" -version = "1.30.0-alpha.1" +version = "1.30.0" dependencies = [ "access-json", "anyhow", @@ -409,7 +409,7 @@ dependencies = [ [[package]] name = "apollo-router-benchmarks" -version = "1.30.0-alpha.1" +version = "1.30.0" dependencies = [ "apollo-parser 0.6.1", "apollo-router", @@ -425,7 +425,7 @@ dependencies = [ [[package]] name = "apollo-router-scaffold" -version = "1.30.0-alpha.1" +version = "1.30.0" dependencies = [ "anyhow", "cargo-scaffold", diff --git a/apollo-router-benchmarks/Cargo.toml b/apollo-router-benchmarks/Cargo.toml index 9ae9234517..31ed86c518 100644 --- a/apollo-router-benchmarks/Cargo.toml +++ b/apollo-router-benchmarks/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router-benchmarks" -version = "1.30.0-alpha.1" +version = "1.30.0" authors = ["Apollo Graph, Inc. "] edition = "2021" license = "Elastic-2.0" diff --git a/apollo-router-scaffold/Cargo.toml b/apollo-router-scaffold/Cargo.toml index a58f350a3b..6290d88949 100644 --- a/apollo-router-scaffold/Cargo.toml +++ b/apollo-router-scaffold/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router-scaffold" -version = "1.30.0-alpha.1" +version = "1.30.0" authors = ["Apollo Graph, Inc. "] edition = "2021" license = "Elastic-2.0" diff --git a/apollo-router-scaffold/templates/base/Cargo.toml b/apollo-router-scaffold/templates/base/Cargo.toml index 2d6220f94c..27cb00b340 100644 --- a/apollo-router-scaffold/templates/base/Cargo.toml +++ b/apollo-router-scaffold/templates/base/Cargo.toml @@ -22,7 +22,7 @@ apollo-router = { path ="{{integration_test}}apollo-router" } apollo-router = { git="https://github.com/apollographql/router.git", branch="{{branch}}" } {{else}} # Note if you update these dependencies then also update xtask/Cargo.toml -apollo-router = "1.30.0-alpha.1" +apollo-router = "1.30.0" {{/if}} {{/if}} async-trait = "0.1.52" diff --git a/apollo-router-scaffold/templates/base/xtask/Cargo.toml b/apollo-router-scaffold/templates/base/xtask/Cargo.toml index aaa1dff37b..fb2f1d2470 100644 --- a/apollo-router-scaffold/templates/base/xtask/Cargo.toml +++ b/apollo-router-scaffold/templates/base/xtask/Cargo.toml @@ -13,7 +13,7 @@ apollo-router-scaffold = { path ="{{integration_test}}apollo-router-scaffold" } {{#if branch}} apollo-router-scaffold = { git="https://github.com/apollographql/router.git", branch="{{branch}}" } {{else}} -apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.30.0-alpha.1" } +apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.30.0" } {{/if}} {{/if}} anyhow = "1.0.58" diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml index 87ea47b7e4..9635c4b9ed 100644 --- a/apollo-router/Cargo.toml +++ b/apollo-router/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router" -version = "1.30.0-alpha.1" +version = "1.30.0" authors = ["Apollo Graph, Inc. "] repository = "https://github.com/apollographql/router/" documentation = "https://docs.rs/apollo-router" diff --git a/dockerfiles/tracing/docker-compose.datadog.yml b/dockerfiles/tracing/docker-compose.datadog.yml index 9355430d4b..1fe9e4facc 100644 --- a/dockerfiles/tracing/docker-compose.datadog.yml +++ b/dockerfiles/tracing/docker-compose.datadog.yml @@ -3,7 +3,7 @@ services: apollo-router: container_name: apollo-router - image: ghcr.io/apollographql/router:v1.30.0-alpha.1 + image: ghcr.io/apollographql/router:v1.30.0 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/datadog.router.yaml:/etc/config/configuration.yaml diff --git a/dockerfiles/tracing/docker-compose.jaeger.yml b/dockerfiles/tracing/docker-compose.jaeger.yml index 21b302be20..85230d7e3e 100644 --- a/dockerfiles/tracing/docker-compose.jaeger.yml +++ b/dockerfiles/tracing/docker-compose.jaeger.yml @@ -4,7 +4,7 @@ services: apollo-router: container_name: apollo-router #build: ./router - image: ghcr.io/apollographql/router:v1.30.0-alpha.1 + image: ghcr.io/apollographql/router:v1.30.0 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/jaeger.router.yaml:/etc/config/configuration.yaml diff --git a/dockerfiles/tracing/docker-compose.zipkin.yml b/dockerfiles/tracing/docker-compose.zipkin.yml index 6e6657c280..d31d365126 100644 --- a/dockerfiles/tracing/docker-compose.zipkin.yml +++ b/dockerfiles/tracing/docker-compose.zipkin.yml @@ -4,7 +4,7 @@ services: apollo-router: container_name: apollo-router build: ./router - image: ghcr.io/apollographql/router:v1.30.0-alpha.1 + image: ghcr.io/apollographql/router:v1.30.0 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/zipkin.router.yaml:/etc/config/configuration.yaml diff --git a/docs/source/containerization/docker.mdx b/docs/source/containerization/docker.mdx index dcee10e6dd..9ddd11a47a 100644 --- a/docs/source/containerization/docker.mdx +++ b/docs/source/containerization/docker.mdx @@ -11,7 +11,7 @@ The default behaviour of the router images is suitable for a quickstart or devel Note: The [docker documentation](https://docs.docker.com/engine/reference/run/) for the run command may be helpful when reading through the examples. -Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `` with your chosen version. e.g.: `v1.30.0-alpha.1` +Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `` with your chosen version. e.g.: `v1.30.0` ## Override the configuration diff --git a/docs/source/containerization/kubernetes.mdx b/docs/source/containerization/kubernetes.mdx index ef3774a62f..68a0fea56b 100644 --- a/docs/source/containerization/kubernetes.mdx +++ b/docs/source/containerization/kubernetes.mdx @@ -13,7 +13,7 @@ import { Link } from 'gatsby'; [Helm](https://helm.sh) is the package manager for kubernetes. -There is a complete [helm chart definition](https://github.com/apollographql/router/tree/v1.30.0-alpha.1/helm/chart/router) in the repo which illustrates how to use helm to deploy the router in kubernetes. +There is a complete [helm chart definition](https://github.com/apollographql/router/tree/v1.30.0/helm/chart/router) in the repo which illustrates how to use helm to deploy the router in kubernetes. In both the following examples, we are using helm to install the router: - into namespace "router-deploy" (create namespace if it doesn't exist) @@ -64,10 +64,10 @@ kind: ServiceAccount metadata: name: release-name-router labels: - helm.sh/chart: router-1.30.0-alpha.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.30.0-alpha.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm --- # Source: router/templates/secret.yaml @@ -76,10 +76,10 @@ kind: Secret metadata: name: "release-name-router" labels: - helm.sh/chart: router-1.30.0-alpha.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.30.0-alpha.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm data: managedFederationApiKey: "UkVEQUNURUQ=" @@ -90,10 +90,10 @@ kind: ConfigMap metadata: name: release-name-router labels: - helm.sh/chart: router-1.30.0-alpha.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.30.0-alpha.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm data: configuration.yaml: | @@ -117,10 +117,10 @@ kind: Service metadata: name: release-name-router labels: - helm.sh/chart: router-1.30.0-alpha.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.30.0-alpha.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP @@ -143,10 +143,10 @@ kind: Deployment metadata: name: release-name-router labels: - helm.sh/chart: router-1.30.0-alpha.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.30.0-alpha.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm annotations: @@ -174,7 +174,7 @@ spec: - name: router securityContext: {} - image: "ghcr.io/apollographql/router:v1.30.0-alpha.1" + image: "ghcr.io/apollographql/router:v1.30.0" imagePullPolicy: IfNotPresent args: - --hot-reload @@ -226,10 +226,10 @@ kind: Pod metadata: name: "release-name-router-test-connection" labels: - helm.sh/chart: router-1.30.0-alpha.1 + helm.sh/chart: router-1.30.0 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.30.0-alpha.1" + app.kubernetes.io/version: "v1.30.0" app.kubernetes.io/managed-by: Helm annotations: "helm.sh/hook": test diff --git a/helm/chart/router/Chart.yaml b/helm/chart/router/Chart.yaml index 8209043e7d..07dbc45a6a 100644 --- a/helm/chart/router/Chart.yaml +++ b/helm/chart/router/Chart.yaml @@ -20,10 +20,10 @@ type: application # so it matches the shape of our release process and release automation. # By proxy of that decision, this version uses SemVer 2.0.0, though the prefix # of "v" is not included. -version: 1.30.0-alpha.1 +version: 1.30.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "v1.30.0-alpha.1" \ No newline at end of file +appVersion: "v1.30.0" \ No newline at end of file diff --git a/helm/chart/router/README.md b/helm/chart/router/README.md index d93957af8d..d31ac65966 100644 --- a/helm/chart/router/README.md +++ b/helm/chart/router/README.md @@ -2,7 +2,7 @@ [router](https://github.com/apollographql/router) Rust Graph Routing runtime for Apollo Federation -![Version: 1.30.0-alpha.1](https://img.shields.io/badge/Version-1.30.0--alpha.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.30.0-alpha.1](https://img.shields.io/badge/AppVersion-v1.30.0--alpha.1-informational?style=flat-square) +![Version: 1.30.0](https://img.shields.io/badge/Version-1.30.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.30.0](https://img.shields.io/badge/AppVersion-v1.30.0-informational?style=flat-square) ## Prerequisites @@ -11,7 +11,7 @@ ## Get Repo Info ```console -helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.30.0-alpha.1 +helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.30.0 ``` ## Install Chart @@ -19,7 +19,7 @@ helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.30.0-alpha. **Important:** only helm3 is supported ```console -helm upgrade --install [RELEASE_NAME] oci://ghcr.io/apollographql/helm-charts/router --version 1.30.0-alpha.1 --values my-values.yaml +helm upgrade --install [RELEASE_NAME] oci://ghcr.io/apollographql/helm-charts/router --version 1.30.0 --values my-values.yaml ``` _See [configuration](#configuration) below._ diff --git a/licenses.html b/licenses.html index 744d6ecffe..28c09f483c 100644 --- a/licenses.html +++ b/licenses.html @@ -47,11 +47,11 @@

Overview of licenses:

  • MIT License (96)
  • Apache License 2.0 (62)
  • BSD 3-Clause "New" or "Revised" License (10)
  • -
  • ISC License (10)
  • +
  • ISC License (9)
  • +
  • Mozilla Public License 2.0 (3)
  • +
  • Creative Commons Zero v1.0 Universal (2)
  • Elastic License 2.0 (2)
  • -
  • Mozilla Public License 2.0 (2)
  • BSD 2-Clause "Simplified" License (1)
  • -
  • Creative Commons Zero v1.0 Universal (1)
  • OpenSSL License (1)
  • Unicode License Agreement - Data Files and Software (2016) (1)
  • @@ -10494,7 +10494,9 @@

    Apache License 2.0

    Used by:

    ../../LICENSE-APACHE
    @@ -11146,9 +11148,7 @@

    Apache License 2.0

    Used by:

    • apollo-compiler
    • -
    • apollo-encoder
    • apollo-parser
    • -
    • apollo-smith
    • curve25519-dalek-derive
    • deadpool-runtime
    • deno-proc-macro-rules
    • @@ -11778,6 +11778,53 @@

      Creative Commons Zero v1.0 Universal

      Used by:

      +
      Creative Commons CC0 1.0 Universal
      +
      +<<beginOptional;name=ccOptionalIntro>> CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED HEREUNDER.  <<endOptional>>
      +
      +Statement of Purpose
      +
      +The laws of most jurisdictions throughout the world automatically confer exclusive Copyright and Related Rights (defined below) upon the creator and subsequent owner(s) (each and all, an "owner") of an original work of authorship and/or a database (each, a "Work").
      +
      +Certain owners wish to permanently relinquish those rights to a Work for the purpose of contributing to a commons of creative, cultural and scientific works ("Commons") that the public can reliably and without fear of later claims of infringement build upon, modify, incorporate in other works, reuse and redistribute as freely as possible in any form whatsoever and for any purposes, including without limitation commercial purposes. These owners may contribute to the Commons to promote the ideal of a free culture and the further production of creative, cultural and scientific works, or to gain reputation or greater distribution for their Work in part through the use and efforts of others.
      +
      +For these and/or other purposes and motivations, and without any expectation of additional consideration or compensation, the person associating CC0 with a Work (the "Affirmer"), to the extent that he or she is an owner of Copyright and Related Rights in the Work, voluntarily elects to apply CC0 to the Work and publicly distribute the Work under its terms, with knowledge of his or her Copyright and Related Rights in the Work and the meaning and intended legal effect of CC0 on those rights.
      +
      +1. Copyright and Related Rights. A Work made available under CC0 may be protected by copyright and related or neighboring rights ("Copyright and Related Rights"). Copyright and Related Rights include, but are not limited to, the following:
      +
      +     i. the right to reproduce, adapt, distribute, perform, display, communicate, and translate a Work;
      +
      +     ii. moral rights retained by the original author(s) and/or performer(s);
      +
      +     iii. publicity and privacy rights pertaining to a person's image or likeness depicted in a Work;
      +
      +     iv. rights protecting against unfair competition in regards to a Work, subject to the limitations in paragraph 4(a), below;
      +
      +     v. rights protecting the extraction, dissemination, use and reuse of data in a Work;
      +
      +     vi. database rights (such as those arising under Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, and under any national implementation thereof, including any amended or successor version of such directive); and
      +
      +     vii. other similar, equivalent or corresponding rights throughout the world based on applicable law or treaty, and any national implementations thereof.
      +
      +2. Waiver. To the greatest extent permitted by, but not in contravention of, applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and unconditionally waives, abandons, and surrenders all of Affirmer's Copyright and Related Rights and associated claims and causes of action, whether now known or unknown (including existing as well as future claims and causes of action), in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each member of the public at large and to the detriment of Affirmer's heirs and successors, fully intending that such Waiver shall not be subject to revocation, rescission, cancellation, termination, or any other legal or equitable action to disrupt the quiet enjoyment of the Work by the public as contemplated by Affirmer's express Statement of Purpose.
      +
      +3. Public License Fallback. Should any part of the Waiver for any reason be judged legally invalid or ineffective under applicable law, then the Waiver shall be preserved to the maximum extent permitted taking into account Affirmer's express Statement of Purpose. In addition, to the extent the Waiver is so judged Affirmer hereby grants to each affected person a royalty-free, non transferable, non sublicensable, non exclusive, irrevocable and unconditional license to exercise Affirmer's Copyright and Related Rights in the Work (i) in all territories worldwide, (ii) for the maximum duration provided by applicable law or treaty (including future time extensions), (iii) in any current or future medium and for any number of copies, and (iv) for any purpose whatsoever, including without limitation commercial, advertising or promotional purposes (the "License"). The License shall be deemed effective as of the date CC0 was applied by Affirmer to the Work. Should any part of the License for any reason be judged legally invalid or ineffective under applicable law, such partial invalidity or ineffectiveness shall not invalidate the remainder of the License, and in such case Affirmer hereby affirms that he or she will not (i) exercise any of his or her remaining Copyright and Related Rights in the Work or (ii) assert any associated claims and causes of action with respect to the Work, in either case contrary to Affirmer's express Statement of Purpose.
      +
      +4. Limitations and Disclaimers.
      +
      +     a. No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.
      +
      +     b. Affirmer offers the Work as-is and makes no representations or warranties of any kind concerning the Work, express, implied, statutory or otherwise, including without limitation warranties of title, merchantability, fitness for a particular purpose, non infringement, or the absence of latent or other defects, accuracy, or the present or absence of errors, whether or not discoverable, all to the greatest extent permissible under applicable law.
      +
      +     c. Affirmer disclaims responsibility for clearing rights of other persons that may apply to the Work or any use thereof, including without limitation any person's Copyright and Related Rights in the Work. Further, Affirmer disclaims responsibility for obtaining any necessary consents, permissions or other rights required for any use of the Work.
      +
      +     d. Affirmer understands and acknowledges that Creative Commons is not a party to this document and has no duty or obligation with respect to this CC0 or use of the Work. 
      + +
    • +

      Creative Commons Zero v1.0 Universal

      +

      Used by:

      +
      Creative Commons Legal Code
      @@ -12203,36 +12250,6 @@ 

      Used by:

      // WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN // ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -
      -
    • -
    • -

      ISC License

      -

      Used by:

      - -
      // Copyright 2021 Brian Smith.
      -//
      -// Permission to use, copy, modify, and/or distribute this software for any
      -// purpose with or without fee is hereby granted, provided that the above
      -// copyright notice and this permission notice appear in all copies.
      -//
      -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES
      -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
      -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR
      -// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
      -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
      -// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
      -// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
      -
      -#[test]
      -fn cert_without_extensions_test() {
      -    // Check the certificate is valid with
      -    // `openssl x509 -in cert_without_extensions.der -inform DER -text -noout`
      -    const CERT_WITHOUT_EXTENSIONS_DER: &[u8] = include_bytes!("cert_without_extensions.der");
      -
      -    assert!(webpki::EndEntityCert::try_from(CERT_WITHOUT_EXTENSIONS_DER).is_ok());
      -}
       
    • @@ -12329,6 +12346,7 @@

      ISC License

      Used by:

      ISC License:
       
      @@ -15502,7 +15520,6 @@ 

      Mozilla Public License 2.0

      Used by:

      Mozilla Public License Version 2.0
       ==================================
      @@ -15877,6 +15894,35 @@ 

      Used by:

      This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. +
      +
    • +
    • +

      Mozilla Public License 2.0

      +

      Used by:

      + +
      This packge contains a modified version of ca-bundle.crt:
      +
      +ca-bundle.crt -- Bundle of CA Root Certificates
      +
      +Certificate data from Mozilla as of: Thu Nov  3 19:04:19 2011#
      +This is a bundle of X.509 certificates of public Certificate Authorities
      +(CA). These were automatically extracted from Mozilla's root certificates
      +file (certdata.txt).  This file can be found in the mozilla source tree:
      +http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1#
      +It contains the certificates in PEM format and therefore
      +can be directly used with curl / libcurl / php_curl, or with
      +an Apache+mod_ssl webserver for SSL client authentication.
      +Just configure this file as the SSLCACertificateFile.#
      +
      +***** BEGIN LICENSE BLOCK *****
      +This Source Code Form is subject to the terms of the Mozilla Public License,
      +v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain
      +one at http://mozilla.org/MPL/2.0/.
      +
      +***** END LICENSE BLOCK *****
      +@(#) $RCSfile: certdata.txt,v $ $Revision: 1.80 $ $Date: 2011/11/03 15:11:58 $
       
    • diff --git a/scripts/install.sh b/scripts/install.sh index a545a24875..318035641b 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -11,7 +11,7 @@ BINARY_DOWNLOAD_PREFIX="https://github.com/apollographql/router/releases/downloa # Router version defined in apollo-router's Cargo.toml # Note: Change this line manually during the release steps. -PACKAGE_VERSION="v1.30.0-alpha.1" +PACKAGE_VERSION="v1.30.0" download_binary() { downloader --check From 7f9c3ade35f3d3a975521cc3198ce8d9e9da7162 Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 14 Sep 2023 11:49:58 +0000 Subject: [PATCH 2/8] My own CHANGELOG.md edits --- CHANGELOG.md | 160 ++++++++++++++++----------------------------------- 1 file changed, 48 insertions(+), 112 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a27afc8e33..5f78b295a1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,11 +8,9 @@ This project adheres to [Semantic Versioning v2.0.0](https://semver.org/spec/v2. ## 🚀 Features -### Provide a rhai interface to the router service ([Issue #2278](https://github.com/apollographql/router/issues/2278)) +### Rhai Support at the `router_service` ([Issue #2278](https://github.com/apollographql/router/issues/2278)) -Adds `Rhai` support for the `router_service`. - -It is now possible to interact with requests and responses at the `router_service` level from `Rhai`. The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may map requests and responses as follows: +It is now possible to interact with requests and responses at the `router_service` level [using Rhai-based customizations](https://www.apollographql.com/docs/router/customizations/rhai/). The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may "map" requests and responses as follows: ```rust fn router_service(service) { @@ -21,13 +19,13 @@ fn router_service(service) { const response_callback = Fn("process_response"); service.map_response(response_callback); } - ``` -The main difference from existing services is that the router_service is dealing with HTTP Bodies, not well formatted GraphQL objects. This means that the `Request.body` or `Response.body` is not a well structured object that you may interact with, but is simply a String. -This makes it more complex to deal with Request and Response bodies with the tradeoff being that a script author has more power and can perform tasks which are just not possible within the confines of a well-formed GraphQL object. +The main difference from [existing services](https://www.apollographql.com/docs/router/customizations/rhai/#router-request-lifecycle) is that the `router_service` allows operating on _HTTP bodies_ rather than the more structured representations available at later service layers, like the [supergraph service](https://www.apollographql.com/docs/router/customizations/rhai/#supergraphservice). + +This means that `Request.body` and `Response.body` are both strings, which provides flexibility to make more substantial modifications to the body. Users should choose the most convenient service for the types of changes they're needing to make, since operating on the strings will require more work than operating on properties of the structured objects in the supergraph service. -This simple example, simply logs the bodies: +As another example, this logs the bodies of requests: ```rust // Generate a log for each request at this stage @@ -45,185 +43,123 @@ By [@garypen](https://github.com/garypen) in https://github.com/apollographql/ro ## 🐛 Fixes -### small performance improvements for telemetry ([PR #3656](https://github.com/apollographql/router/pull/3656)) +### Small performance improvements to telemetry ([PR #3656](https://github.com/apollographql/router/pull/3656)) -The SpanMetricsExporter, used to report span timings hade a few inefficiencies in the way it recognized spans, and it brought a constant overhead to the router usage, even when telemetry was not configured. It has now been isolated and optimized +We applied some small performance improvements to the `SpanMetricsExporter` (which is used to report span timings), some of which apply in cases where telemetry is disabled and could be apparent to most users. By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3656 -### Deal with interfaces on fragment spreads when no __typename is queried ([Issue #2587](https://github.com/apollographql/router/issues/2587)) +### Handle interfaces in fragment spreads when `__typename` is omitted ([Issue #2587](https://github.com/apollographql/router/issues/2587)) -Operations would over rely on the presence of __typename to resolve selection sets on interface implementers. This changeset checks for the parent type in an InlineFragment, so we don't drop relevant selection set when applicable. +We now check the parent type when using an inline-fragment, rather than relying on the expectation that `__typename` will be present, since that is not a guarantee. For cases where `__typename` was being omitted, this corrects cases where a portion of the selection set was silently dropped and not returned. By [@o0Ignition0o](https://github.com/o0Ignition0o) and [@geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3718 -### fix(subscription): force the deduplication to be enabled by default as it's documented ([PR #3773](https://github.com/apollographql/router/pull/3773)) +### Deduplication is, again, enabled by default as documented ([PR #3773](https://github.com/apollographql/router/pull/3773)) -A bug was introduced in router v1.25.0 which caused [subscription deduplication](https://www.apollographql.com/docs/router/executing-operations/subscription-support#subscription-deduplication) to be disabled by default. -As documented, the router will enable deduplication by default, providing you with subscriptions that scale. +[Subscription deduplication](https://www.apollographql.com/docs/router/executing-operations/subscription-support#subscription-deduplication) is again enabled by default as it was intended to be. This important performance feature for subscriptions at scale was inadvertently disabled in v1.25.0 due to a bug. -Should you decide to disable it, you can still explicitly set `enable_deduplication` to `false`. +Should you still wish to disable it, you can still explicitly [set `enable_deduplication` to `false` in your configuration](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#disabling-deduplication). By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3773 -### Fix metrics attribute types ([Issue #3687](https://github.com/apollographql/router/issues/3687)) +### Metrics are no longer coerced incorrectly ([Issue #3687](https://github.com/apollographql/router/issues/3687)) -Metrics attributes were being coerced to strings. This is now fixed. -In addition, the logic around types accepted as metrics attributes has been simplified. It will log and ignore values of the wrong type. +Metric attributes are no longer incorrectly coerced to strings. In addition, the logic around types which are accepted as metrics attributes has been simplified to avoid this in the future. Going forward, if the wrong type is specified, values will be ignored and a log message will be emitted. By [@BrynCooke](https://github.com/BrynCooke) in https://github.com/apollographql/router/pull/3724 -### remove clones from the header plugin ([Issue #3068](https://github.com/apollographql/router/issues/3068)) +### Optimizations applied to header-handling operations ([Issue #3068](https://github.com/apollographql/router/issues/3068)) -The list of header operations was cloned for every subgraph query, and this was increasing latency. We made sure the overhead is minimal by removing those allocations +We've taken advantage of an opportunity to reduce latency and overhead by reducing the allocations which take place when handling the list of headers passed to subgraph queries. By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3721 -### Subscriptions: Correct v1.28.x regression allowing panic via un-named subscription operation - -Correct a regression that was introduced in Router v1.28.0 which made a Router **panic** possible when the following _three_ conditions are _all_ met: +### Avoid request overhead when telemetry is not enabled -1. When sending an un-named (i.e., "anonymous") `subscription` operation (e.g., `subscription { ... }`); **and**; -2. The Router has a `subscription` type defined in the Supergraph schema; **and** -3. Have subscriptions enabled (they are disabled by default) in the Router's YAML configuration, either by setting `enabled: true` _or_ by setting a `mode` within the `subscriptions` object (as seen in [the subscriptions documentation](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#router-setup). - -By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3738 +We have removed overhead that was being incurred on every request within the OpenTelemetry code, even when telemetry was not enabled or configured. The introduction of a sampling filter now disables it entirely when no OpenTelemetry exporters are enabled, providing an improvement for basic setups where telemetry is not desired. -### Do not record a trace if telemetry is not configured - -The OpenTelemetry handling code had a constant overhead on every request, due to the OpenTelemetryLayer recording data for every span, even when telemetry is not actually set up. We introduce a sampling filter that disables it entirely when no exporters are configured, which provides a performance boost in basic setups. -It also provides performance gains when exporters are set up: if a sampling ratio or client defined sampling are used, then the filter will only send the sampled traces to the rest of the stack, thus reducing the overhead again. +This improvement also manifests when the sampling criteria is _not_ met since the sampling filter will only propagate sampled traces to the rest of the stack, further reducing overhead. By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/2999 -### Subgraph authentication: Make sure Request signing happens after Compression and APQ ([Issue #3608](https://github.com/apollographql/router/issues/3608)) +### Subgraph authentication: Apply signature after compression and APQ ([Issue #3608](https://github.com/apollographql/router/issues/3608)) + +The router will now _sign_ subgraph requests _just before_ they are sent to the subgraph (i.e., a bit later than previously), following up on the functionality of [subgraph authentication](https://www.apollographql.com/docs/router/configuration/authn-subgraph) which was first introduced in v1.27.0. -[Subgraph authentication](https://www.apollographql.com/docs/router/configuration/authn-subgraph) is available since router v1.27.0. +While the initial implementation did work in many cases, there were interactions with other subgraph features which might be enabled which required additional considerations, including interactions with: -Unfortunately this first version didn't work well with features that operate with the SubgraphService, for example: - - Subgraph APQ + - Subgraph Automatic Persisted Queries (APQ) - Subgraph HTTP compression - - Custom plugins that operate on the Subgraph level, written either via coprocessors, in rhai, or native. + - Custom plugins that operate on the subgraph service (whether via Co-Processors, Rhai or a compiled Rust plugin) -The router will now sign subgraph requests just before they are sent to subgraphs. +In most cases, the interactions between these features and the subgraph authentication feature were problematic and required disabling one or the other in order to generate a request that was correctly signed by the signature algorithm. This should all be resolved. By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3735 -### Fix authenticated directive reporting ([PR #3753](https://github.com/apollographql/router/pull/3753)) - -The context key for the `@authenticated` directive only affects usage reporting - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3753 - -### Handle multipart stream if the original stream is empty ([Issue #3293](https://github.com/apollographql/router/issues/3293)) +### Handle multipart stream if the original stream was empty ([Issue #3293](https://github.com/apollographql/router/issues/3293)) -For subscription and defer, in case the multipart response stream is empty then it should end correctly. +Multi-part response streams (which are used for [subscriptions](https://www.apollographql.com/docs/router/executing-operations/subscription-support/) and operations which include [`@defer` directive](https://www.apollographql.com/docs/router/executing-operations/defer-support/)) will now be handled correctly (and end correctly) when the response stream is empty. By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3748 -### fix(subscription): add x-accel-buffering header for multipart response ([Issue #3683](https://github.com/apollographql/router/issues/3683)) +### Subscriptions: Include `x-accel-buffering`` header on multipart responses ([Issue #3683](https://github.com/apollographql/router/issues/3683)) -Set `x-accel-buffering` to `no` when it's a multipart response because proxies need this configuration. +Setting the `x-accel-buffering` header to `no` for multipart responses allows certain proxies to configure themselves in a mode that is compatible with the buffering used by subscriptions. This should improve Subscriptions' compatibility with existing infrastructure. By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3749 ## 🛠 Maintenance -### Update rust toolchain to 1.72.0 ([PR #3707](https://github.com/apollographql/router/pull/3707)) +### Our Rust Toolchain has been updated to v1.72.0 ([PR #3707](https://github.com/apollographql/router/pull/3707)) -The router-bridge update now allows us to use the latest rust version. +Our Rust Toolchain has been updated to v1.72.0 after we've unblocked some downstream dependency juggling within our `router-bridge` dependency. For the majority of our users (those who do not compile their own Router from source), this change will not have any impact. If you are compiling the Router using the new Rust 1.72.0, it should now work. By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3707 -### Add support GraphOS Cloud metrics ([Issue #3760](https://github.com/apollographql/router/issues/3760)) +### `Cargo.toml` metadata cleanup ([PR #3746](https://github.com/apollographql/router/pull/3746)) -Add support for GraphOS Cloud metrics in the Apollo OTLP Exporter. +The following changes are not material for most users of the Router (especially those who are not compiling Rust themselves): -By [@nmoutschen](https://github.com/nmoutschen) in https://github.com/apollographql/router/pull/3761 - -### Metadata cleanup ([PR #3746](https://github.com/apollographql/router/pull/3746)) - -* remove unused patch entries in Cargo.toml -* remove exemptions for the chrono security advisories (they are fixed now) +* Removed unused `[patch]` entries in in our `Cargo.toml`. +* Removed prior exemptions for [`chrono`](https://crates.io/crates/chrono) security advisories which are now resolved. By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3746 -### Replace atty crate with std ([PR #3729](https://github.com/apollographql/router/pull/3729)) +### Replace `atty` crate with `std` ([PR #3729](https://github.com/apollographql/router/pull/3729)) -The crate is unmaintained, and the standard library has equivalent functionality since Rust 1.70.0 +To resolve a security advisory (for which our usage was _not_ affected), we've replaced `atty` with `std`. Instead, we now use equivalent functionality available in the Rust standard library, available since Rust v1.70.0. -* https://github.com/apollographql/router/security/dependabot/68 +* https://github.com/apollographql/router/security/dependabot/68 * https://doc.rust-lang.org/stable/std/io/trait.IsTerminal.html By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3729 -### Add experimental caching metrics ([PR #3532](https://github.com/apollographql/router/pull/3532)) - -It adds a metric only if you configure `telemetry.metrics.common.experimental_cache_metrics.enabled` to `true`. It will generate metrics to evaluate which entities would benefit from caching. It simulates a cache with a TTL, configurable at `telemetry.metrics.common.experimental_cache_metrics.ttl` (default: 5 seconds), and measures the cache hit rate per entity type and subgraph. - -example - -``` -# HELP apollo.router.operations.entity.cache_hit -# TYPE apollo_router_operations_entity.cache_hit histogram -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.05"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.25"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="0.5"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="2.5"} 3 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="5"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="10"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="20"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="1000"} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version="",le="+Inf"} 4 -apollo_router_operations_entity_cache_hitsum{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version=""} 7 -apollo_router_operations_entity_cache_hitcount{entity_type="Product",service_name="apollo-router",subgraph="products",otel_scope_name="apollo/router",otel_scope_version=""} 4 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.05"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.25"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="0.5"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="1"} 0 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="2.5"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="5"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="10"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="20"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="1000"} 1 -apollo_router_operations_entity_cache_hitbucket{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version="",le="+Inf"} 1 -apollo_router_operations_entity_cache_hitsum{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version=""} 1 -apollo_router_operations_entity_cache_hitcount{entity_type="User",service_name="apollo-router",subgraph="users",otel_scope_name="apollo/router",otel_scope_version=""} 1 -``` - -By [@bnjjj](https://github.com/bnjjj) [@Geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3532 - -### Upgrade webpki and rustls-webpki crates ([PR #3728](https://github.com/apollographql/router/pull/3728)) - -Brings fixes for: +### Upgrade `webpki` and `rustls-webpki` ([PR #3728](https://github.com/apollographql/router/pull/3728)) + +These two dependency updates brings fixes for two separate security advisories: * https://rustsec.org/advisories/RUSTSEC-2023-0052 * https://rustsec.org/advisories/RUSTSEC-2023-0053 -Because Apollo Router does not accept client certificates, it could only be affected -if a subgraph supplied a pathological TLS server certificate. +Since Apollo Router does _not_ accept client certificates, it could only have been affected if a subgraph had provided a pathological TLS server certificate. By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3728 ## 📚 Documentation -### GraphOS authorization: add an example of scope manipulation with router service level rhai ([PR #3719](https://github.com/apollographql/router/pull/3719)) +### GraphOS authorization: Exemplify scope manipulation with Rhai at the router service level ([PR #3719](https://github.com/apollographql/router/pull/3719)) -The router authorization directive `@requiresScopes` expects scopes to come from the `scope` claim in the OAuth2 access token format ( https://datatracker.ietf.org/doc/html/rfc6749#section-3.3 ). Some tokens may have scopes stored in a different way, like an array of strings, or even in different claims. This documents a way to extract the scopes and prepare them in the right format for consumption by `@requiresScopes`, ushing Rhai. +New [Authorization documentation](https://www.apollographql.com/docs/router/configuration/authorization/#requiresscopes) shows the how to use Rhai script to extract scopes and prepare them in the correct way, for use with `@requiresScope`. This becomes relevant since `@requiresScopes` expects scopes to come from the `scope` claim in the [OAuth2 access token format](https://datatracker.ietf.org/doc/html/rfc6749#section-3.3) while tokens may have scopes stored differently, e.g., as an array of strings, or even as different claims. If you have further questions on the right choice for you, please open a GitHub Discussion that provides an example of what you need to achieve. By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3719 -### Fix broken links +### Anchor links in CORS documentation have been fixed -This documentation change fixes an incorrect anchor link in the [CORS documentation](https://www.apollographql.com/docs/router/configuration/cors/) and removes links to authorization docs which have not yet been released. +This documentation change fixes an incorrect anchor link in the [CORS documentation](https://www.apollographql.com/docs/router/configuration/cors/) and removes links to authorization docs which have not yet been released. By [@Meschreiber](https://github.com/Meschreiber) in https://github.com/apollographql/router/pull/3711 - - # [1.29.1] - 2023-09-04 ## 🚀 Features From 06b766345ef7954b92f00cd2b1de325c94ef78de Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 14 Sep 2023 12:01:09 +0000 Subject: [PATCH 3/8] De-interpolate the polation on Polaris. --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5f78b295a1..845c2614d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -30,12 +30,12 @@ As another example, this logs the bodies of requests: ```rust // Generate a log for each request at this stage fn process_request(request) { - print(`body: `); + print(`body: ${request.body}`); } // Generate a log for each response at this stage fn process_response(response) { - print(`body: `); + print(`body: ${response.body}`); } ``` From 0ca3b74ad069aa0592b463d0402670d01e4f47f7 Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 14 Sep 2023 12:21:19 +0000 Subject: [PATCH 4/8] adjust changelog to avoid `body` for now Ref: https://github.com/apollographql/router/issues/3642 --- CHANGELOG.md | 22 ++++------------------ 1 file changed, 4 insertions(+), 18 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 845c2614d8..604d9f1626 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,9 +8,9 @@ This project adheres to [Semantic Versioning v2.0.0](https://semver.org/spec/v2. ## 🚀 Features -### Rhai Support at the `router_service` ([Issue #2278](https://github.com/apollographql/router/issues/2278)) +### Preliminary Rhai Support at the `router_service` ([Issue #2278](https://github.com/apollographql/router/issues/2278)) -It is now possible to interact with requests and responses at the `router_service` level [using Rhai-based customizations](https://www.apollographql.com/docs/router/customizations/rhai/). The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may "map" requests and responses as follows: +It is now possible to interact with some aspects of requests and responses at the `router_service` level [using Rhai-based customizations](https://www.apollographql.com/docs/router/customizations/rhai/). The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may "map" requests and responses as follows: ```rust fn router_service(service) { @@ -21,23 +21,9 @@ fn router_service(service) { } ``` -The main difference from [existing services](https://www.apollographql.com/docs/router/customizations/rhai/#router-request-lifecycle) is that the `router_service` allows operating on _HTTP bodies_ rather than the more structured representations available at later service layers, like the [supergraph service](https://www.apollographql.com/docs/router/customizations/rhai/#supergraphservice). +The main difference from [existing services](https://www.apollographql.com/docs/router/customizations/rhai/#router-request-lifecycle) is that the `router_service` allows operating at an HTTP transport layer rather than the more structured GraphQL representations available at later service layers, like the [supergraph service](https://www.apollographql.com/docs/router/customizations/rhai/#supergraphservice). -This means that `Request.body` and `Response.body` are both strings, which provides flexibility to make more substantial modifications to the body. Users should choose the most convenient service for the types of changes they're needing to make, since operating on the strings will require more work than operating on properties of the structured objects in the supergraph service. - -As another example, this logs the bodies of requests: - -```rust -// Generate a log for each request at this stage -fn process_request(request) { - print(`body: ${request.body}`); -} - -// Generate a log for each response at this stage -fn process_response(response) { - print(`body: ${response.body}`); -} -``` +Initially, we are **not** allowing access to the `body` property itself. [This issue](https://github.com/apollographql/router/issues/3642) tracks changing that in the future. For now, it is possible to access the `context` and `headers`. By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3234 From a978296fa7ab4657d64ab9a5df9d169648106f79 Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 14 Sep 2023 15:32:19 +0300 Subject: [PATCH 5/8] Apply suggestions from code review Co-authored-by: Bryn Cooke Co-authored-by: Geoffroy Couprie --- CHANGELOG.md | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 604d9f1626..40b47d0f08 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -45,19 +45,19 @@ By [@o0Ignition0o](https://github.com/o0Ignition0o) and [@geal](https://github.c [Subscription deduplication](https://www.apollographql.com/docs/router/executing-operations/subscription-support#subscription-deduplication) is again enabled by default as it was intended to be. This important performance feature for subscriptions at scale was inadvertently disabled in v1.25.0 due to a bug. -Should you still wish to disable it, you can still explicitly [set `enable_deduplication` to `false` in your configuration](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#disabling-deduplication). +To explicitly disable deduplication, [set `enable_deduplication` to `false` in your configuration](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#disabling-deduplication). By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3773 ### Metrics are no longer coerced incorrectly ([Issue #3687](https://github.com/apollographql/router/issues/3687)) -Metric attributes are no longer incorrectly coerced to strings. In addition, the logic around types which are accepted as metrics attributes has been simplified to avoid this in the future. Going forward, if the wrong type is specified, values will be ignored and a log message will be emitted. +Metric attributes are no longer incorrectly coerced to strings. In addition, the logic around types which are accepted as metrics attributes has been simplified to avoid this in the future. Going forward, if the wrong type is specified, values will be ignored and a log message (at debug level) will be emitted. By [@BrynCooke](https://github.com/BrynCooke) in https://github.com/apollographql/router/pull/3724 ### Optimizations applied to header-handling operations ([Issue #3068](https://github.com/apollographql/router/issues/3068)) -We've taken advantage of an opportunity to reduce latency and overhead by reducing the allocations which take place when handling the list of headers passed to subgraph queries. +Latency and overhead of passing headers to subgraph queries has been reduced. By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3721 @@ -103,14 +103,6 @@ Our Rust Toolchain has been updated to v1.72.0 after we've unblocked some downst By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3707 -### `Cargo.toml` metadata cleanup ([PR #3746](https://github.com/apollographql/router/pull/3746)) - -The following changes are not material for most users of the Router (especially those who are not compiling Rust themselves): - -* Removed unused `[patch]` entries in in our `Cargo.toml`. -* Removed prior exemptions for [`chrono`](https://crates.io/crates/chrono) security advisories which are now resolved. - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3746 ### Replace `atty` crate with `std` ([PR #3729](https://github.com/apollographql/router/pull/3729)) @@ -140,11 +132,6 @@ New [Authorization documentation](https://www.apollographql.com/docs/router/conf By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3719 -### Anchor links in CORS documentation have been fixed - -This documentation change fixes an incorrect anchor link in the [CORS documentation](https://www.apollographql.com/docs/router/configuration/cors/) and removes links to authorization docs which have not yet been released. - -By [@Meschreiber](https://github.com/Meschreiber) in https://github.com/apollographql/router/pull/3711 # [1.29.1] - 2023-09-04 From 0a540f09c7cd8d2a91bb76c1cb59d6d4f399ebe2 Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 14 Sep 2023 15:36:25 +0300 Subject: [PATCH 6/8] Apply suggestions from code review Co-authored-by: Coenen Benjamin --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 40b47d0f08..308c664bd2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -37,7 +37,7 @@ By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/p ### Handle interfaces in fragment spreads when `__typename` is omitted ([Issue #2587](https://github.com/apollographql/router/issues/2587)) -We now check the parent type when using an inline-fragment, rather than relying on the expectation that `__typename` will be present, since that is not a guarantee. For cases where `__typename` was being omitted, this corrects cases where a portion of the selection set was silently dropped and not returned. +We now check the parent type when using an inline-fragment, rather than relying on the expectation that `__typename` will be present. For cases where `__typename` was being omitted, this fixes responses where a portion of the selection set was silently dropped and not returned. By [@o0Ignition0o](https://github.com/o0Ignition0o) and [@geal](https://github.com/geal) in https://github.com/apollographql/router/pull/3718 @@ -89,7 +89,7 @@ Multi-part response streams (which are used for [subscriptions](https://www.apol By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3748 -### Subscriptions: Include `x-accel-buffering`` header on multipart responses ([Issue #3683](https://github.com/apollographql/router/issues/3683)) +### Subscriptions: Include `x-accel-buffering` header on multipart responses ([Issue #3683](https://github.com/apollographql/router/issues/3683)) Setting the `x-accel-buffering` header to `no` for multipart responses allows certain proxies to configure themselves in a mode that is compatible with the buffering used by subscriptions. This should improve Subscriptions' compatibility with existing infrastructure. From 7234e9b203f5be1de14470bd83fb84d2c836e34e Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 14 Sep 2023 16:33:19 +0300 Subject: [PATCH 7/8] Apply suggestions from code review Co-authored-by: Bryn Cooke --- CHANGELOG.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 308c664bd2..ee0aa13093 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -63,9 +63,9 @@ By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/p ### Avoid request overhead when telemetry is not enabled -We have removed overhead that was being incurred on every request within the OpenTelemetry code, even when telemetry was not enabled or configured. The introduction of a sampling filter now disables it entirely when no OpenTelemetry exporters are enabled, providing an improvement for basic setups where telemetry is not desired. +The overhead of OpenTelemetry has been removed when no tracing exporters are configured. -This improvement also manifests when the sampling criteria is _not_ met since the sampling filter will only propagate sampled traces to the rest of the stack, further reducing overhead. +This also improves performance when sampling criteria has _not_ been met by preventing unsampled sampled trace events from propagating to the rest of the OpenTelemetry stack. By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/2999 @@ -73,7 +73,7 @@ By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/p The router will now _sign_ subgraph requests _just before_ they are sent to the subgraph (i.e., a bit later than previously), following up on the functionality of [subgraph authentication](https://www.apollographql.com/docs/router/configuration/authn-subgraph) which was first introduced in v1.27.0. -While the initial implementation did work in many cases, there were interactions with other subgraph features which might be enabled which required additional considerations, including interactions with: +This fixes interactions with: - Subgraph Automatic Persisted Queries (APQ) - Subgraph HTTP compression @@ -85,13 +85,13 @@ By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollo ### Handle multipart stream if the original stream was empty ([Issue #3293](https://github.com/apollographql/router/issues/3293)) -Multi-part response streams (which are used for [subscriptions](https://www.apollographql.com/docs/router/executing-operations/subscription-support/) and operations which include [`@defer` directive](https://www.apollographql.com/docs/router/executing-operations/defer-support/)) will now be handled correctly (and end correctly) when the response stream is empty. +Multi-part response streams (which are used for [subscriptions](https://www.apollographql.com/docs/router/executing-operations/subscription-support/) and operations which include [`@defer` directive](https://www.apollographql.com/docs/router/executing-operations/defer-support/)) are now terminated correctly when the response stream is empty. By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3748 ### Subscriptions: Include `x-accel-buffering` header on multipart responses ([Issue #3683](https://github.com/apollographql/router/issues/3683)) -Setting the `x-accel-buffering` header to `no` for multipart responses allows certain proxies to configure themselves in a mode that is compatible with the buffering used by subscriptions. This should improve Subscriptions' compatibility with existing infrastructure. +Setting the `x-accel-buffering` header to `no` for multipart responses allows certain proxies to configure themselves in a mode that is compatible with the buffering used by subscriptions. This improves Subscriptions' compatibility with existing infrastructure. By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3749 @@ -99,7 +99,7 @@ By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router ### Our Rust Toolchain has been updated to v1.72.0 ([PR #3707](https://github.com/apollographql/router/pull/3707)) -Our Rust Toolchain has been updated to v1.72.0 after we've unblocked some downstream dependency juggling within our `router-bridge` dependency. For the majority of our users (those who do not compile their own Router from source), this change will not have any impact. If you are compiling the Router using the new Rust 1.72.0, it should now work. +Our Rust Toolchain has been updated to v1.72.0. For the majority of our users (those who do not compile their own Router from source), this change will not have any impact. Otherwise, Rust 1.72.0 can now be used. By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3707 From baae31e9a14ab11584950c49d0550f2d92120bec Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 14 Sep 2023 16:45:35 +0300 Subject: [PATCH 8/8] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ee0aa13093..dbe5ba1c2d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,7 +8,7 @@ This project adheres to [Semantic Versioning v2.0.0](https://semver.org/spec/v2. ## 🚀 Features -### Preliminary Rhai Support at the `router_service` ([Issue #2278](https://github.com/apollographql/router/issues/2278)) +### Rhai Support at the `router_service` ([Issue #2278](https://github.com/apollographql/router/issues/2278)) It is now possible to interact with some aspects of requests and responses at the `router_service` level [using Rhai-based customizations](https://www.apollographql.com/docs/router/customizations/rhai/). The functionality is very similar to that provided for interacting with existing services, for example `supergraph_service`. For instance, you may "map" requests and responses as follows: