<!-- The PR description should answer 2 important questions: -->
### What
Updated changelog for release `v2024.12.03`
V3_GIT_ORIGIN_REV_ID: 77e0aceb7294cb9006b429dcc70c2626c1078a91
<!-- The PR description should answer 2 important questions: -->
### What
This PR corrects an issue where model permissions are not applied to
models used via relationships in order by expressions.
### How
The permissions are now correctly read out of the GraphQL schema
annotations and applied it to the predicate inside the relationship path
in order by targets in `crates/graphql/ir/src/order_by.rs`.
Because there are now predicates inside order by expressions, the
execution pipeline had to be updated to handle evaluating remote
predicates inside order by expressions too.
The tests in
`crates/engine/tests/execute/models/select_many/order_by/relationships/`
have been updated to test applied model permissions affecting ordering.
V3_GIT_ORIGIN_REV_ID: 783c204c44099e5319580e51e7549527d7a56245
### What
Enforce type permissions while building sub-selection for a nested field
in OpenDD query planning.
### How
<!-- How is it trying to accomplish it (what are the implementation
steps)? -->
- While populating sub-selection for a nested field, include only
accessible fields to the role.
- Raise permission exception if the type is not accessible to the role.
V3_GIT_ORIGIN_REV_ID: 86f81f469627ca6bcb2f34878dfb80baab02af73
<!-- The PR description should answer 2 important questions: -->
### What
Clean up after remote predicates changes.
- Make OpenDD pipeline use new planning / execution, and remove a lot of
unnecessary `async`.
- Fix benchmarks to use new code.
- Move lots of GraphQL-only concerns from `execute` to
`graphql-frontend`.
Functional no-op.
V3_GIT_ORIGIN_REV_ID: b4631cfb0d6ab18f201a59189f460977bbda5d07
<!-- The PR description should answer 2 important questions: -->
### What
Historically we've had a few extra deps we've needed in our Docker
containers, and they've been added to all of them. However we now need
to add `curl` to the artifact server, which somewhat increases the
capacities of any attacker, so let's be more granular and only add the
extra packages each image needs.
### How
Some (hopefully reasonably self-explanatory) Nix.
V3_GIT_ORIGIN_REV_ID: 0b5dd6bda92223c9c2261b47fda7773d19ccfe79
<!-- The PR description should answer 2 important questions: -->
### What
Stacks on top of #1393
This makes GraphQL explain use the new execution pipeline.
### How
For each remote predicate, we run them twice, once in execute mode, as
we need the results to fill in the main query. The second time is run in
explain mode so we can return that information to the user.
They were being run implicitly when resolving them previously, now
`explain` steps must do this explicitly.
V3_GIT_ORIGIN_REV_ID: 3fde7f3804b5024e3ac460228f962d39649b71c2
<!-- The PR description should answer 2 important questions: -->
### What
We need a unique identifier for remote predicates, and used `uuid`.
However this makes snapshot tests of `explain` unstable because the
ordering changes all the time, so we switch it for a counter, threaded
through the planning code.
### How
Make a counter with a private inner value that we pass around, that
provides a fresh `u64` when required.
V3_GIT_ORIGIN_REV_ID: 386c6d47935b8da497e1471a3ca44bd52a12f72a
Bumps [syn](https://github.com/dtolnay/syn) from 2.0.89 to 2.0.90.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/syn/releases">syn's
releases</a>.</em></p>
<blockquote>
<h2>2.0.90</h2>
<ul>
<li>Fix automatic parenthesization of subexpressions containing outer
attributes, such as <code>(#[attr] thing).field</code> (<a
href="https://redirect.github.com/dtolnay/syn/issues/1785">#1785</a>)</li>
<li>Fix automatic parenthesization of function calls via a struct field,
such as <code>(thing.field)()</code> and <code>thing.0()</code> (<a
href="https://redirect.github.com/dtolnay/syn/issues/1786">#1786</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ac5b41c852"><code>ac5b41c</code></a>
Release 2.0.90</li>
<li><a
href="9037abbef0"><code>9037abb</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/syn/issues/1787">#1787</a>
from dtolnay/unparenthesizetest</li>
<li><a
href="1a549c0772"><code>1a549c0</code></a>
Improve test_unparenthesize to catch more false negatives</li>
<li><a
href="f9aa20671b"><code>f9aa206</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/syn/issues/1786">#1786</a>
from dtolnay/fieldcall</li>
<li><a
href="1445ccf586"><code>1445ccf</code></a>
Do not parenthesize unnamed tuple struct fields in call</li>
<li><a
href="48d0101557"><code>48d0101</code></a>
Fix parenthesization of field expressions in function calls</li>
<li><a
href="0e5c568650"><code>0e5c568</code></a>
Add test of parentheses needed in call of field</li>
<li><a
href="1cf735ef91"><code>1cf735e</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/syn/issues/1785">#1785</a>
from dtolnay/attrprecedence</li>
<li><a
href="204c1556e4"><code>204c155</code></a>
Lower precedence of expressions containing outer attrs</li>
<li><a
href="401399fbb6"><code>401399f</code></a>
Add test of attr precedence inside subexpression</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/syn/compare/2.0.89...2.0.90">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: d19bb92683949c94fa8b9db17117603abe3c539a
Bumps [bytes](https://github.com/tokio-rs/bytes) from 1.8.0 to 1.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tokio-rs/bytes/releases">bytes's
releases</a>.</em></p>
<blockquote>
<h2>Bytes v1.9.0</h2>
<h1>1.9.0 (November 27, 2024)</h1>
<h3>Added</h3>
<ul>
<li>Add <code>Bytes::from_owner</code> to enable externally-allocated
memory (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/742">#742</a>)</li>
</ul>
<h3>Documented</h3>
<ul>
<li>Fix typo in Buf::chunk() comment (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/744">#744</a>)</li>
</ul>
<h3>Internal changes</h3>
<ul>
<li>Replace BufMut::put with BufMut::put_slice in Writer impl (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/745">#745</a>)</li>
<li>Rename hex_impl! to fmt_impl! and reuse it for fmt::Debug (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/743">#743</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md">bytes's
changelog</a>.</em></p>
<blockquote>
<h1>1.9.0 (November 27, 2024)</h1>
<h3>Added</h3>
<ul>
<li>Add <code>Bytes::from_owner</code> to enable externally-allocated
memory (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/742">#742</a>)</li>
</ul>
<h3>Documented</h3>
<ul>
<li>Fix typo in Buf::chunk() comment (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/744">#744</a>)</li>
</ul>
<h3>Internal changes</h3>
<ul>
<li>Replace BufMut::put with BufMut::put_slice in Writer impl (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/745">#745</a>)</li>
<li>Rename hex_impl! to fmt_impl! and reuse it for fmt::Debug (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/743">#743</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d0a14deeb5"><code>d0a14de</code></a>
chore: prepare bytes v1.9.0 (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/748">#748</a>)</li>
<li><a
href="54f1c26f69"><code>54f1c26</code></a>
Rename hex_impl! to fmt_impl! and reuse it for fmt::Debug (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/743">#743</a>)</li>
<li><a
href="4cd8969e85"><code>4cd8969</code></a>
Replace <code>BufMut::put</code> with <code>BufMut::put_slice</code> in
Writer impl (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/745">#745</a>)</li>
<li><a
href="2d996a2b41"><code>2d996a2</code></a>
Fix typo in <code>Buf::chunk()</code> comment (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/744">#744</a>)</li>
<li><a
href="30ee8e9cba"><code>30ee8e9</code></a>
Add <code>Bytes::from_owner</code> (<a
href="https://redirect.github.com/tokio-rs/bytes/issues/742">#742</a>)</li>
<li>See full diff in <a
href="https://github.com/tokio-rs/bytes/compare/v1.8.0...v1.9.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: ca797909524a0ba6402e5c71f0476d9e275c04ff
Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.6.0 to
2.7.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/indexmap-rs/indexmap/blob/master/RELEASES.md">indexmap's
changelog</a>.</em></p>
<blockquote>
<h2>2.7.0 (2024-11-30)</h2>
<ul>
<li>Added methods <code>Entry::insert_entry</code> and
<code>VacantEntry::insert_entry</code>, returning
an <code>OccupiedEntry</code> after insertion.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="539b401151"><code>539b401</code></a>
Merge pull request <a
href="https://redirect.github.com/indexmap-rs/indexmap/issues/361">#361</a>
from cuviper/insert_entry</li>
<li><a
href="998edb12fe"><code>998edb1</code></a>
Release 2.7.0</li>
<li><a
href="2a0ca97417"><code>2a0ca97</code></a>
Add <code>{Entry,VacantEntry}::insert_entry</code></li>
<li><a
href="dceb0f0598"><code>dceb0f0</code></a>
Merge pull request <a
href="https://redirect.github.com/indexmap-rs/indexmap/issues/360">#360</a>
from cuviper/collect_vec_list</li>
<li><a
href="c095322249"><code>c095322</code></a>
ci: downgrade hashbrown for 1.63</li>
<li><a
href="7d8cef8b4b"><code>7d8cef8</code></a>
Use rayon-1.9.0's <code>collect_vec_list</code></li>
<li>See full diff in <a
href="https://github.com/indexmap-rs/indexmap/compare/2.6.0...2.7.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: 3b27a7e567ef5bc1021625413c4c3cbff62ee6da
<!-- The PR description should answer 2 important questions: -->
### What
Stacks on top of #1392
Make subscriptions use new execution steps. Functional no-op. We don't
delete much yet because we need to move `explain` over first.
V3_GIT_ORIGIN_REV_ID: acd88105599953b377225542eea6e4518e1501d0
<!-- The PR description should answer 2 important questions: -->
### What
This PR completes the new code paths in `execute` for running remote
predicates during execution rather than during a resolve stage. All of
the tests pass, so we switch it on. We do not delete the old code yet as
it's still used by `explain` and `subscriptions`.
### How
We do the following:
- make sure we thread all generated remote predicates through planning
in `graphql_ir`
- run all the generated remote predicates in the new
`execute/src/execute.rs`
- convert the results into `ResolvedFilterExpression` (this code already
existed)
- traverse the `QueryExecutionPlan`s, replacing the placeholder `uuid`
values with the results of remote predicates
- run the `QueryExecutionPlan`s
V3_GIT_ORIGIN_REV_ID: 6dbee497addd6c871e89f73737d5f1659c92dbd5
<!-- The PR description should answer 2 important questions: -->
### What
<!-- What is this PR trying to accomplish (and why, if it's not
obvious)? -->
<!-- Consider: do we need to add a changelog entry? -->
<!-- Does this PR introduce new validation that might break old builds?
-->
<!-- Consider: do we need to put new checks behind a flag? -->
This PR add support for sparse fieldset parameter for the object types
of nested fields. Specify the fields to fetch using
`fields[NestedObjectType]` query parameter.
E.g:
```http
GET /v1/rest/default/institutions?fields[institution]=name,location,staff&fields[location]=city,country&fields[staff_member]=first_name,specialities&page[limit]=5
```
In the above example, `location` and `staff_member` are nested object
types of `location` and `staff` fields respectively.
### How
- Resolve the nested fields while building OpenDD query IR for a
json:api request.
- During planning, always resolve nested selection, if exists, instead
of selecting all available fields from the nested type. (This is only
applicable for model selection, the commands are still using older
approach for nested fields. This will be fixed in the future
iterations).
- Resolve sub-selections of graphql fields in opendd pipeline. Related
test snaps are corrected.
- Include sparse fieldset parameters for nested types in the openapi
schema
<!-- How is it trying to accomplish it (what are the implementation
steps)? -->
V3_GIT_ORIGIN_REV_ID: 587eecb79b6b8fac45f2eb6ffb37bf5fdcc7e374
### What
This PR corrects an issue where model permissions are not applied to
models used via relationships in boolean expressions.
### How
The permissions are now correctly read out of the GraphQL schema
annotations and combined with the query's predicate in
`crates/graphql/ir/src/filter.rs`.
Existing tests that test relationships in boolean expressions have been
updated to test this scenario.
V3_GIT_ORIGIN_REV_ID: a6b39ec81695dcfe5a84b40369d04ac26acad7fb
<!-- The PR description should answer 2 important questions: -->
### What
Add and fix missing parts of new `graphql-frontend` execution steps
added in #1380
Takes broken tests from
<img width="938" alt="Screenshot 2024-11-25 at 17 00 16"
src="https://github.com/user-attachments/assets/ac78c6b1-20b3-4ad1-9d25-882c61d46550">
to
<img width="733" alt="Screenshot 2024-11-26 at 12 44 47"
src="https://github.com/user-attachments/assets/3b7aea84-ccb2-484c-bde8-5aad8c2a6caa">
...which is nice.
The remaining breakages should be because of missing remote predicates
in the new pipeline.
Functional no-op.
V3_GIT_ORIGIN_REV_ID: df9721d8c6c198908ca161e4e0ca1e91301c3541
<!-- The PR description should answer 2 important questions: -->
### What
This is default behaviour which we remove by using `--package ..`, this
re-adds it.
V3_GIT_ORIGIN_REV_ID: bfe33094716354d7ff96f110fb70696ce6630cd5
<!-- The PR description should answer 2 important questions: -->
### What
Required in execution refactor, pulled into separate no-op PR to reduce
noise there.
V3_GIT_ORIGIN_REV_ID: 79459c2e11364ff32836d435593525a09197a33b
~~Note: currently stacked on #1367, will rebase on main when that
merges.~~ Rebased on main.
### What
The following invalid situations are currently allowed:
* In scalar bool exps, duplicate comparision operators are allowed
* In bool exps, logical operator names are allowed to be the same as
other fields
* In scalar bool exps, the is null operator name is allowed to be the
same as other fields
* In object bool exps, comparable fields are allowed to be duplicated
* In object bool exps, comparable relationships are allowed to be
duplicated
These edge cases are now properly validated for and blocked with an
error. The error is raised as an issue, so that for old builds it can be
allowed through as a warning. This is based on a new compatibility flag.
### How
New validation code has been added to
`crates/metadata-resolve/src/stages/scalar_boolean_expressions/scalar.rs`
and `crates/metadata-resolve/src/stages/boolean_expressions/graphql.rs`
that checks for duplicate field names and raises issues.
V3_GIT_ORIGIN_REV_ID: fc4cdb9e34d8810c5e715a18eab866c53deb3fb9
<!-- The PR description should answer 2 important questions: -->
### What
The `execute` crate doesn't need to know about generating
`QueryExecutionPlan` etc from GraphQL IR. We move the planning to
`graphql-ir`. It is mostly moved, this is a large enough set to merge to
keep the size down.
This creates a new pipeline that is only switched when a static value is
changed. This allows iterating on it without breaking the engine.
V3_GIT_ORIGIN_REV_ID: a45874c026778071be2300bc915954824618fe14
<!-- The PR description should answer 2 important questions: -->
### What
Changelog update for `v2024.11.25`
V3_GIT_ORIGIN_REV_ID: 310a0f5254af814185403b213ea388c4be68ecf8
<!-- The PR description should answer 2 important questions: -->
### What
<!-- What is this PR trying to accomplish (and why, if it's not
obvious)? -->
<!-- Consider: do we need to add a changelog entry? -->
<!-- Does this PR introduce new validation that might break old builds?
-->
<!-- Consider: do we need to put new checks behind a flag? -->
Note: Changelog not required as the relationships support in json:API is
not yet released.
In JSON:API - fix the output schema in the openapi schema generation by
including the components of the relationships schema.
### How
- Add functions to handle the relationship fields from the `ObjectType`
in schema generation code.
- Update the existing tests.
<!-- How is it trying to accomplish it (what are the implementation
steps)? -->
V3_GIT_ORIGIN_REV_ID: 97f98af94a2e6551068bf786c8b20101128b1c33
<!-- The PR description should answer 2 important questions: -->
### What
We already do this logic in two places, to save me doing it in a third,
resolving this earlier.
If a relationship field on a boolean expression is not specified, we
fall back to the filter expression on the target model.
Functional no-op.
V3_GIT_ORIGIN_REV_ID: 435f73426362bfb72096059d3b212208aa1b0b84
### What
This PR adds support for logical operators at the scalar boolean
expression level. Metadata already let you declare that you wanted this,
but we never actually implemented it. This has been rectified!
The feature has been gated behind a compatibility flag because users
very likely have it already turned on in Metadata, so actually doing
what they asked for will result in a GraphQL schema diff breaking
change. A warning is raised if the user has this enabled but doesn't
actually work because their compatibility date is too young.
### How
Logical operator metadata resolve code has been moved from
`aggregate_boolean_expressions` into `scalar_boolean_expressions` so it
can be reused for both (scalars come before aggregate bool exps). This
is then used to resolve the logical operators setting on scalar boolean
expressions.
In `graphql/schema` the logical operator annotations have been
rearranged to allow for reuse of code. The same function
`build_logical_operators_schema` is used to generate these annotations
across object and scalar boolean expressions.
These annotations are then consumed by `graphql/ir` which now handles
them for scalar boolean expressions.
The metadata resolve test
`passing/boolean_expression_type/basic_with_scalar_logical_operators/metadata.json`
tests resolving logical operators in scalar boolean expressions. All
other tests snapshots have the new warning captured in them.
The engine test `execute/models/select_many/where/simple/request.gql`
has been updated to also test the new functionality. It got converted
from using ObjectBooleanExpressionType to BooleanExpressionType in order
to do this. I also beefed up its testing of permissions by actually
having some defined.
V3_GIT_ORIGIN_REV_ID: 0a7541bea5ff67dbf07ee373ba3cc8c230eea853
### What
This PR makes the docker-compose.yaml useful for both running the engine
in docker as well as when the engine is running locally on the host.
This enables a new `just start-engine` target that runs the engine
locally while using the same deps and configuration as in
docker-compose.yaml. Running engine this way is faster than constantly
rebuilding in Docker.
### How
The various component in docker-compose.yaml are configured to talk to
one another via `local.hasura.dev` in the same way as Hasura projects
are done via `ddn`. This enables the engine to not care whether it is
running on the host machine directly via cargo or inside a docker
container.
The Dockerfile has also been simplified a little and now only builds the
engine, not every single crate.
V3_GIT_ORIGIN_REV_ID: b17b066fc204fd76b74633990b9862f5db4f180a
Bumps [url](https://github.com/servo/rust-url) from 2.5.3 to 2.5.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/servo/rust-url/releases">url's
releases</a>.</em></p>
<blockquote>
<h2>v2.5.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Revert "Normalize URL paths: convert /.//p, /..//p, and //p to
p (<a
href="https://redirect.github.com/servo/rust-url/issues/943">#943</a>)"
by <a href="https://github.com/valenting"><code>@valenting</code></a>
in <a
href="https://redirect.github.com/servo/rust-url/pull/999">servo/rust-url#999</a></li>
<li>Updates the MSRV to 1.63 required though the libc v0.2.164
dependency</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/servo/rust-url/compare/v2.5.3...v2.5.4">https://github.com/servo/rust-url/compare/v2.5.3...v2.5.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d77dfb467f"><code>d77dfb4</code></a>
Revert "Normalize URL paths: convert /.//p, /..//p, and //p to p
(<a
href="https://redirect.github.com/servo/rust-url/issues/943">#943</a>)"
(<a
href="https://redirect.github.com/servo/rust-url/issues/999">#999</a>)</li>
<li><a
href="da649031b9"><code>da64903</code></a>
Change no_std to no-std in Cargo.toml (<a
href="https://redirect.github.com/servo/rust-url/issues/991">#991</a>)</li>
<li>See full diff in <a
href="https://github.com/servo/rust-url/compare/v2.5.3...v2.5.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: f7ec4dceef4056ffe2f69065720b6075797b8404
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.20 to 4.5.21.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.5.21</h2>
<h2>[4.5.21] - 2024-11-13</h2>
<h3>Fixes</h3>
<ul>
<li><em>(parser)</em> Ensure defaults are filled in on error with
<code>ignore_errors(true)</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.5.21] - 2024-11-13</h2>
<h3>Fixes</h3>
<ul>
<li><em>(parser)</em> Ensure defaults are filled in on error with
<code>ignore_errors(true)</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="03d722625a"><code>03d7226</code></a>
chore: Release</li>
<li><a
href="3df70fb2b6"><code>3df70fb</code></a>
docs: Update changelog</li>
<li><a
href="3266c36abf"><code>3266c36</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5691">#5691</a>
from epage/custom</li>
<li><a
href="951762db57"><code>951762d</code></a>
feat(complete): Allow any OsString-compatible type to be a
CompletionCandidate</li>
<li><a
href="bb6493e890"><code>bb6493e</code></a>
feat(complete): Offer - as a path option</li>
<li><a
href="27b348dbcb"><code>27b348d</code></a>
refactor(complete): Simplify ArgValueCandidates code</li>
<li><a
href="49b8108f8c"><code>49b8108</code></a>
feat(complete): Add PathCompleter</li>
<li><a
href="82a360aa54"><code>82a360a</code></a>
feat(complete): Add ArgValueCompleter</li>
<li><a
href="47aedc6906"><code>47aedc6</code></a>
fix(complete): Ensure paths are sorted</li>
<li><a
href="431e2bc931"><code>431e2bc</code></a>
test(complete): Ensure ArgValueCandidates get filtered</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.20...clap_complete-v4.5.21">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: 52969c82c421ad5a486076cd9c96aa8d6e3146e8
Bumps [syn](https://github.com/dtolnay/syn) from 2.0.87 to 2.0.89.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/syn/releases">syn's
releases</a>.</em></p>
<blockquote>
<h2>2.0.89</h2>
<ul>
<li>Fix <em>"compiler/fallback mismatch 949"</em> panic (<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/483">dtolnay/proc-macro2#483</a>)</li>
</ul>
<h2>2.0.88</h2>
<ul>
<li>Improve error recovery in <code>parse_str</code> (<a
href="https://redirect.github.com/dtolnay/syn/issues/1783">#1783</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="06af36b972"><code>06af36b</code></a>
Release 2.0.89</li>
<li><a
href="42b4747250"><code>42b4747</code></a>
Fix "compiler/fallback mismatch 949" panic</li>
<li><a
href="424e484905"><code>424e484</code></a>
Release 2.0.88</li>
<li><a
href="2375d9ac01"><code>2375d9a</code></a>
Pull in proc-macro2 FromStr's more robust error recovery</li>
<li><a
href="f46a6f3224"><code>f46a6f3</code></a>
Update test suite to nightly-2024-11-18</li>
<li><a
href="fc133ebb03"><code>fc133eb</code></a>
Resolve unnecessary_map_or clippy lint</li>
<li><a
href="0ccac34ff9"><code>0ccac34</code></a>
Resolve question_mark clippy lint</li>
<li><a
href="5c1c057bfb"><code>5c1c057</code></a>
Disable toml "display" feature</li>
<li><a
href="5bbe46a8c8"><code>5bbe46a</code></a>
Prevent upload-artifact step from causing CI failure</li>
<li><a
href="2b45e9331e"><code>2b45e93</code></a>
Raise minimum version for syn-codegen crate to Rust 1.65</li>
<li>See full diff in <a
href="https://github.com/dtolnay/syn/compare/2.0.87...2.0.89">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: aaafda56a5aec6c9369d9f0c9f43cc270bae0b15
Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.89
to 1.0.92.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/proc-macro2/releases">proc-macro2's
releases</a>.</em></p>
<blockquote>
<h2>1.0.92</h2>
<ul>
<li>Improve compiler/fallback mismatch panic message (<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/487">#487</a>)</li>
</ul>
<h2>1.0.91</h2>
<ul>
<li>Fix panic <em>"compiler/fallback mismatch 949"</em> when
using TokenStream::from_str from inside a proc macro to parse a string
containing doc comment (<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/484">#484</a>)</li>
</ul>
<h2>1.0.90</h2>
<ul>
<li>Improve error recovery in TokenStream's and Literal's FromStr
implementations to work around <a
href="https://redirect.github.com/rust-lang/rust/issues/58736">rust-lang/rust#58736</a>
such that rustc does not poison compilation on codepaths that should be
recoverable errors (<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/477">#477</a>,
<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/478">#478</a>,
<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/479">#479</a>,
<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/480">#480</a>,
<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/481">#481</a>,
<a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/482">#482</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="acc7d36820"><code>acc7d36</code></a>
Release 1.0.92</li>
<li><a
href="0cb443d935"><code>0cb443d</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/487">#487</a>
from dtolnay/mismatchline</li>
<li><a
href="ae478edd07"><code>ae478ed</code></a>
Change mismatch panic message to avoid github linkifying</li>
<li><a
href="5046761b96"><code>5046761</code></a>
Release 1.0.91</li>
<li><a
href="27c54948b3"><code>27c5494</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/486">#486</a>
from dtolnay/compilerlex</li>
<li><a
href="a9146d6cb5"><code>a9146d6</code></a>
Ensure that compiler tokenstream parsing only produces a compiler
lexerror</li>
<li><a
href="1ce5f04a7e"><code>1ce5f04</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/485">#485</a>
from dtolnay/fallbackident</li>
<li><a
href="75d0818922"><code>75d0818</code></a>
Make parser's fallback Ident symmetric with Group and Literal</li>
<li><a
href="56c3e31df2"><code>56c3e31</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/proc-macro2/issues/484">#484</a>
from dtolnay/fbliteral</li>
<li><a
href="d2c0e611fd"><code>d2c0e61</code></a>
Fix spanned fallback literal construction</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/proc-macro2/compare/1.0.89...1.0.92">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: ab770bbcd6920bc7886c2c041626bb9ef1659409
<!-- The PR description should answer 2 important questions: -->
### What
Don't know how these got here, they make git clone difficult.
V3_GIT_ORIGIN_REV_ID: d3aad62587f9f4d2ebdac8aa2c5070a07acffcda
<!-- The PR description should answer 2 important questions: -->
### What
This PR removes the parametric `TFilterExpression` that lives all over
`execute` in favour of explicit types from `plan-types`. It means we can
remove a bunch of NDC request code we recently duplicated too, great.
Functional no-op.
Stacked on top of #1368
V3_GIT_ORIGIN_REV_ID: 6c8a94d507fb74be9d6f529023423dad2b1899af
<!-- The PR description should answer 2 important questions: -->
### What
Incrementally moving to new execution plan stuff - this removes more
duplicates types from `execute::plan` and makes the new OpenDD pipeline
use the new types and execution functions.
Functional no-op.
V3_GIT_ORIGIN_REV_ID: c258e5e2991504fc8fbea6cce8e3135a2170f2f3
This gets us much smaller artifacts with very little additional latency.
Artifact sizes become:
**74% smaller** for chinook
**94% smaller** for the realistic big schema (38MB vs. 611MB)
...with only a 5% or so latency regression.
Also did quite a bit of refactoring to try to tighten things up and
clarify the encoding story.
<!-- The PR description should answer 2 important questions: -->
V3_GIT_ORIGIN_REV_ID: af810506e0c1831d357d725a5530466788017165
<!-- The PR description should answer 2 important questions: -->
### What
These cause trouble when pulling the Git repo:
https://github.com/hasura/graphql-engine/issues/10539
V3_GIT_ORIGIN_REV_ID: 28b9ee6a7860c2712dcc4032729511a211a13d01
<!-- The PR description should answer 2 important questions: -->
### What
Changing all of this code in situ is going to be extremely painful, so
instead we're taking the approach of copying small sections, making them
typecheck with the new set of types, and integrating them bit by bit.
This adds a version of the execution steps in `execute`, using the new
types. The next PR to follow will change the OpenDD pipeline to use
them, as remote predicates aren't implemented there so we can defer
implementing them in the new system.
V3_GIT_ORIGIN_REV_ID: 98d1bfa4753edf7d9a9f0b9d1e617a0a760d5862
<!-- The PR description should answer 2 important questions: -->
### What
It's helpful (given the CLI's version of our metadata format) to talk
about configuration in terms of subgraphs as well as the JSON structure
that MBS ingests. This PR updates the error contexts to contain that
name. Here's an example:
```json
{
"errors": [
{
"context": [
{
"message": "Data connector name given here",
"path": [
{
"Key": "subgraphs"
},
{
"Index": 0
},
{
"Key": "objects"
},
{
"Index": 0
},
{
"Key": "definition"
},
{
"Key": "source"
},
{
"Key": "dataConnectorName"
}
],
"subgraph": "default"
}
],
"path": null,
"code": "opendds-validation",
"message": "invalid metadata: error building schema: invalid metadata: the source data connector b (in subgraph default) for model Artists (in subgraph default) has not been defined"
}
]
}
```
As we can see, the `subgraph` key tells us what the subgraph is. Note
that the path contains the fact that we have a subgraphs array, so this
will need removing by a CLI tool if a subgraph is present. Not doing
this on the server side means we can write non-CLI tooling around these
errors as well.
### How
We just add the `subgraph` key to the error context, and fix the raw
metadata deserializers. I'm not sure why these are separate to the
standard opendd deserializers.
V3_GIT_ORIGIN_REV_ID: 3c50bcc649e2842b35a2f05059c2f795c620ea23
### What
This PR reworks the GraphQL schema annotation types and IR parsing for
boolean expressions. This was required because the existing code was
quite tangled and broken as it did not properly handled nested fields.
For example, it had the following issues:
* If you use more than one nested field in a single where, an invalid
NDC query is generated with mangled field paths
* If you use logical operators inside a nested field, an internal error
occurs
The new annotation structure and IR parsing code cleanly matches the two
types of boolean expressions we currently have: object boolean
expressions and scalar boolean expressions. The new parsing code
correctly tracks nested fields and allows arbitrary nesting of object
boolean expressions (and therefore logical operators at the object
boolean expression level).
### How
In `crates/graphql/schema/src/types.rs` `BooleanExpressionAnnotation`
has been reworked to capture the two different types of boolean
expressions. It now has the two `ObjectBooleanExpressionField` and
`ScalarBooleanExpressionField` variants, which are used to denote fields
on each of the different types of boolean expression objects. Previously
scalar boolean expression annotations lived on `ModelInputAnnotation`,
muddying the waters.
Then in `crates/graphql/ir/src/filter.rs`, we have
`resolve_object_boolean_expression` and
`resolve_scalar_boolean_expression` which are capable of reading the
respective variants of boolean expressions.
`resolve_object_boolean_expression` is recursive, and so nested logical
operators are handled naturally. As nested fields are descended through,
this is kept track of with `column_path`.
Some new fields were added to the existing nested object test
(`crates/engine/tests/execute/models/select_many/where/nested_select/object/request.gql`)
to capture and test the previously broken scenarios.
A minor fix was made to `crates/graphql/frontend/src/to_opendd_ir.rs`
because it did not handle multiple root fields properly, as it did not
use the root field aliases and ended up overwriting the same query over
and over. This resulted in many snapshots getting updated, even though
they are unrelated to the real change in this PR.
V3_GIT_ORIGIN_REV_ID: f7cbbe8c86f542150e0ce247c6597df717836c06
