Bumps [rmp-serde](https://github.com/3Hren/msgpack-rust) from 1.1.2 to
1.3.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/3Hren/msgpack-rust/commits/rmp-serde/v1.3.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: c03bfaa8c506b69a06b9a0563ce2e70df21df11e
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.201 to
1.0.202.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.202</h2>
<ul>
<li>Provide public access to RenameAllRules in serde_derive_internals
(<a
href="https://redirect.github.com/serde-rs/serde/issues/2743">#2743</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9e32a40b1c"><code>9e32a40</code></a>
Release 1.0.202</li>
<li><a
href="87f635e54d"><code>87f635e</code></a>
Release serde_derive_internals 0.29.1</li>
<li><a
href="d4b2dfbde2"><code>d4b2dfb</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2743">#2743</a>
from dtolnay/renameallrules</li>
<li><a
href="f6ab0bc56f"><code>f6ab0bc</code></a>
Provide public access to RenameAllRules in serde_derive_internals</li>
<li><a
href="48cc2a6327"><code>48cc2a6</code></a>
Replace use of a syn From impl</li>
<li><a
href="3202a6858a"><code>3202a68</code></a>
Skip rerunning build script on library code changes</li>
<li>See full diff in <a
href="https://github.com/serde-rs/serde/compare/v1.0.201...v1.0.202">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: f6b8f6681b607a89712676456bd688a4b3cb89c3
`axum::Json` can work with any serializable type. Constructing a
`serde_json::Value` using `json!` just adds an intermediate step,
slowing down the conversion from structured data to the response bytes.
V3_GIT_ORIGIN_REV_ID: 8ae6352cb9a576988df5bf417e78d64706c7eb6e
The massive `Error` enum from `execute.rs` disintegrates into the
following independent error types.
- `RequestError`: All exceptions occurred before executing the root
field plans. Each variant in this error enum contains the error type
stemming from isolated steps in the pipeline involving parsing,
validation, IR conversion, and plan generation.
- `FieldError`: Exception occurred when resolving a field through its
plan. Multiple root fields are executed isolated, and field errors are
collected in a list.
Code paths for `explain` and `execute` query are split into two
functions. This is done to avoid few error variants and unburden the
function that previously does both.
V3_GIT_ORIGIN_REV_ID: 21f2f43ee4805a955fa0ce7d9b45c4b1902def63
## Description
1. I've moved the architecture information we had in `CONTRIBUTING.md`
to a separate document `docs/architecture.md` so we can evolve both
separately in the future.
2. I've introduced a couple of sub directories: `utils` and `auth`, for
supporting crates that are not the core functionality of the engine so
it is easier to find the most relevant crates.
New structure:
```
crates
├── auth
│ ├── dev-auth-webhook
│ ├── hasura-authn-core
│ ├── hasura-authn-jwt
│ └── hasura-authn-webhook
├── custom-connector
├── engine
├── lang-graphql
├── metadata-schema-generator
├── open-dds
└── utils
├── opendds-derive
├── recursion_limit_macro
└── tracing-util
```
V3_GIT_ORIGIN_REV_ID: e0e9394da2fcd911f329c48107a76f8492fa304c
I found myself wanting to rewrite JSON files with `sed`. The problem is,
then I want to run a formatter over them afterwards, and this will
change the whole file, not just the area I touched.
I would like to propose the nuclear option in remedying this: format
everything now. This is a very large change that should make it easier
to keep files to a consistent format in the future.
I have chosen to use Prettier for this because (a) it has a useful
`--write` command and (b) it also does GraphQL, Markdown, YAML, etc.
I've elected to exclude two sets of files:
1. `crates/custom-connector/data/*.json`, because they are actually
multiple JSON objects, one per line, which Prettier cannot parse.
2. `crates/lang-graphql/tests/**/*.graphql`, because it contains invalid
GraphQL, and the parser is intended to work with strangely-formatted
GraphQL.
The main changes are standardizing whitespace, adding a newline at the
end of files, and putting JSON arrays on one line when they fit.
V3_GIT_ORIGIN_REV_ID: 92d4a535c34a3cc00721e8ddc6f17c5717e8ff76
<!-- Thank you for submitting this PR! :) -->
## Description
This implements the first part of passing boolean expressions as command
arguments. It adds a `BooleanExpression` arm to `ValueExpression`, and
allows them to be resolved in the context of an ObjectType rather than
an entire model.
This means that if a boolean expression is passed to a command argument
that uses a field that doesn't exist, this happens:
<img width="960" alt="Screenshot 2024-04-05 at 15 54 20"
src="https://github.com/hasura/v3-engine/assets/4729125/cd795bc1-9fda-4cfb-bad3-1e70dd6227a0">
The output of this PR is that we can resolve metadata for boolean
expressions in command arguments, and generate a GraphQL schema for
them, but will throw an error if one is actually used. This will be
resolved in the follow-up PR.
V3_GIT_ORIGIN_REV_ID: 20b8840c313d7ee1f56ebd5becdb28bbe7743350
<!-- Thank you for submitting this PR! :) -->
## Description
Benchmarks are running pretty slowly in Github, let's check it's not an
old library version problem.
---------
Co-authored-by: Samir Talwar <samir.talwar@hasura.io>
V3_GIT_ORIGIN_REV_ID: db1a70c5465cf475fa66d2afc981fd496eccacaa
<!-- Thank you for submitting this PR! :) -->
## Description
Previously boolean expressions were only used on where clauses for
models. We'd also like to use them for arguments for commands to make
permissions work. This PR splits a boolean expression from it's model.
This has the nice side effect of allowing the same boolean expression
type to used across multiple models, which is a sensible thing to want
to be able to do.
Before this change, using the same boolean expression type on two models
would give you this error:
<img width="783" alt="Screenshot 2024-04-19 at 11 53 23"
src="https://github.com/hasura/v3-engine/assets/4729125/bcc7a4b9-8b6f-4d82-9860-190621c0f5fd">
<!--
Questions to consider answering:
1. What user-facing changes are being made?
2. What are issues related to this PR? (Consider adding `(close
#<issue-no>)` to the PR title)
3. What is the conceptual design behind this PR?
4. How can this PR be tested/verified?
5. Does the PR have limitations?
6. Does the PR introduce breaking changes?
-->
## Changelog
- Add a changelog entry (in the "Changelog entry" section below) if the
changes in this PR have any user-facing impact. See [changelog
guide](https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide).
- If no changelog is required ignore/remove this section and add a
`no-changelog-required` label to the PR.
### Product
_(Select all products this will be available in)_
- [X] community-edition
- [X] cloud
<!-- product : end : DO NOT REMOVE -->
### Type
<!-- See changelog structure:
https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide#structure-of-our-changelog
-->
_(Select only one. In case of multiple, choose the most appropriate)_
- [ ] highlight
- [X] enhancement
- [ ] bugfix
- [ ] behaviour-change
- [ ] performance-enhancement
- [ ] security-fix
<!-- type : end : DO NOT REMOVE -->
### Changelog entry
<!--
- Add a user understandable changelog entry
- Include all details needed to understand the change. Try including
links to docs or issues if relevant
- For Highlights start with a H4 heading (#### <entry title>)
- Get the changelog entry reviewed by your team
-->
Allow the same `ObjectBooleanExpressionType` to be shared between
multiple models.
<!-- changelog-entry : end : DO NOT REMOVE -->
<!-- changelog : end : DO NOT REMOVE -->
V3_GIT_ORIGIN_REV_ID: 6c9979ddaad50d476c0996d1ece48f0cf1c8e99d
This ensures only Criterion benchmarks get called by `cargo bench`.
Previously, some tests were being loaded too. This is an issue because
if we want to provide command-line arguments to Criterion, it will fail
if we run a non-Criterion benchmark.
We need to specify `harness = false` for each benchmark so that they
don't get wrapped by Cargo, and `bench = false` for everything that
doesn't contain benchmarks but _could_ (i.e. unit and integration
tests). I find Cargo very strange in this regard.
In addition, I fixed the validation benchmark by providing a valid SDL
schema.
V3_GIT_ORIGIN_REV_ID: 338ac5b1411eec7af32923863c5b6f3933c0454b
<!-- Thank you for submitting this PR! :) -->
## Description
This PR fixes the bug where passing a null value to a nullable input
field resulted in an error. It also uncomments the test for that.
JIRA: https://hasurahq.atlassian.net/browse/V3ENGINE-97
According to [the graphql
spec](https://spec.graphql.org/October2021/#sec-Null-Value):
>
>
> ```graphql
> {
> field(arg: null)
> field
> }
> ```
> The first has explicitly provided null to the argument “arg”, while
the second has implicitly not provided a value to the argument “arg”.
These two forms may be interpreted differently.
We are also considering the two cases separately, i.e., if something is
absent and nullable vs if something is set to null and is nullable. We
are not manually adding the nullable fields and setting them to null if
not specified explicitly.
## Changelog
- Add a changelog entry (in the "Changelog entry" section below) if the
changes in this PR have any user-facing impact. See [changelog
guide](https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide).
- If no changelog is required ignore/remove this section and add a
`no-changelog-required` label to the PR.
### Product
_(Select all products this will be available in)_
- [x] community-edition
- [x] cloud
<!-- product : end : DO NOT REMOVE -->
### Type
<!-- See changelog structure:
https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide#structure-of-our-changelog
-->
_(Select only one. In case of multiple, choose the most appropriate)_
- [ ] highlight
- [ ] enhancement
- [x] bugfix
- [ ] behaviour-change
- [ ] performance-enhancement
- [ ] security-fix
<!-- type : end : DO NOT REMOVE -->
### Changelog entry
<!--
- Add a user understandable changelog entry
- Include all details needed to understand the change. Try including
links to docs or issues if relevant
- For Highlights start with a H4 heading (#### <entry title>)
- Get the changelog entry reviewed by your team
-->
allow null for nullable field
<!-- changelog-entry : end : DO NOT REMOVE -->
<!-- changelog : end : DO NOT REMOVE -->
---------
Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: 4aa181899379905aaca1a71f498b85515180ae1d
When trying to reduce the number of dependencies we use in the engine, I
was blocked by a few `.clone()` calls that, on inspection, turned out to
be completely unnecessary.
I have replaced those with passing by reference, and then gone on a
pedant spree. I enabled the `needless_pass_by_value` Clippy warning and
fixed it everywhere that it highlighted. In most places, this meant
adding `&`, but I also marked some types as `Copy`, which makes
pass-by-value the right move.
In one place, I replaced calls to `async_map` with `if` and `else`, to
avoid constructing closures that capture across async boundaries. This
means I could just delete `async_map`.
V3_GIT_ORIGIN_REV_ID: 6ff71f0c553b707889d89552eff3e8c001e898cc
Previously, negative values for `offset` and `limit` input fields
resulted in an internal error and not exposed in the API response. The
reason is that these errors are raised from normalized_ast conversion
after GraphQL validation. The validation will only check for the type,
but not the value of the input fields.
This Commit:
- Introduces a utility function to lift any unexpected value internal
error to external.
- Use the function for `limit` and `offset` input field value coercion.
V3_GIT_ORIGIN_REV_ID: a186eb89a836359427e58f7a847eab3e2f8fafa4
<!-- Thank you for submitting this PR! :) -->
## Description
In https://github.com/hasura/v3-engine/pull/441 we made all our skipped
Clippy rules explicit. This enables one (pretty arbitrarily) and fixes
what comes up.
V3_GIT_ORIGIN_REV_ID: 406692a2a134cb2a6cf5785acd0ac7c5b9f90c61
Bumps [nonempty](https://github.com/cloudhead/nonempty) from 0.8.1 to
0.10.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/cloudhead/nonempty/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: 11c6454b5e7e9877b52075f0e0efe6839ecf3be1
<!-- Thank you for submitting this PR! :) -->
## Description
Following the approach taken here:
https://github.com/hasura/ndc-postgres/pull/402
This moves the `clippy` settings into the Cargo workspace file instead
of passing them for each invocation.
We enable all pedantic settings, run `cargo clippy --fix` to auto fix a
few things, and then manually disable all other lints.
Plenty of them are worth enabling and fixing in future IMO.
---------
Co-authored-by: Samir Talwar <samir.talwar@hasura.io>
V3_GIT_ORIGIN_REV_ID: aa0e6ccb8d72a7393e14b5c58b82077a67d9cb15
<!-- Thank you for submitting this PR! :) -->
## Description
I have upgraded ndc-spec to v0.1.1. This pulls in an upgrade to
opentelemetry v0.22 so I've done that too.
We had issues with the `traceresponse` response header disappearing when
using an opentelemetry version > v0.20. This seems to be resolved here,
probably because we have pinned a single version of opentelemetry rather
than loading multiple at once. I added the `traceresponse` header to
verify this, and have left it in because it doesn't seem to hurt
anything.
I verified that everything works as expected with the OSS components,
but not multitenant.
## Changelog
- Add a changelog entry (in the "Changelog entry" section below) if the
changes in this PR have any user-facing impact. See [changelog
guide](https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide).
- If no changelog is required ignore/remove this section and add a
`no-changelog-required` label to the PR.
### Product
_(Select all products this will be available in)_
- [x] community-edition
- [x] cloud
<!-- product : end : DO NOT REMOVE -->
### Type
<!-- See changelog structure:
https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide#structure-of-our-changelog
-->
_(Select only one. In case of multiple, choose the most appropriate)_
- [ ] highlight
- [x] enhancement
- [ ] bugfix
- [ ] behaviour-change
- [ ] performance-enhancement
- [ ] security-fix
<!-- type : end : DO NOT REMOVE -->
### Changelog entry
<!--
- Add a user understandable changelog entry
- Include all details needed to understand the change. Try including
links to docs or issues if relevant
- For Highlights start with a H4 heading (#### <entry title>)
- Get the changelog entry reviewed by your team
-->
v3 engine GraphQL queries now include a "traceresponse" header.
<!-- changelog-entry : end : DO NOT REMOVE -->
<!-- changelog : end : DO NOT REMOVE -->
V3_GIT_ORIGIN_REV_ID: f37b6bdb1331b55c49f0bd953f522f5eca298d1d
`cargo machete` is a very useful tool that figures out when you aren't
using a dependency. I have run this locally to remove unused
dependencies.
I've also added a CI job to make sure we catch these in the future.
Sometimes it reports false positives, e.g. when a dependency isn't used
directly but in macro-generated code (e.g. with `strum`). I have added
`"ignored"` clauses to the `Cargo.toml` files where appropriate.
V3_GIT_ORIGIN_REV_ID: ed015089b695cec8eeb03ce455d6dd3cd312a016
When there are no allowed fields for a type (via `TypePermissions`),
engine creates related input object types (like `<TypeName>OrderBy`)
with no fields. This results in an invalid introspection result. Client
libraries fail with validation error.
This PR fixes the issue.
V3_GIT_ORIGIN_REV_ID: a45a56b1f503f6ab99f250884957b6fc723cf9c8
This was a simple solution to prevent crashes from the cases that I was
able to discover, refactored into a macro that can be used elsewhere;
but I suspect there's a more idiomatic rust solution
(entailing a big refactor?). There's also the stacker crate, and see
also discussion here:
https://hasurahq.slack.com/archives/C04PUMV4X16/p1707337409839869?thread_ts=1701302324.058369&cid=C04PUMV4X16
Note that the compiled binary was built and fuzzed with `--release`.
Many discovered cases caused crashes when run into non-optimized binary
(probably stack overflows but I did not look into it)
V3_GIT_ORIGIN_REV_ID: 31acfc9e358c807be80ba6a5efa78ace78306291
<!-- Thank you for submitting this PR! :) -->
## Description
This PR adds the capability to expose _entities and _service fields.
Apollo Federation uses these fields to extend types in other subgraphs
using the types from a subgraph. We can now use Hasura v3 as a subgraph
in an Apollo federated supergraph.
To make this possible, we had to do the following metadata changes:
- Add `apolloFederation` in `ObjectType.graphql`:
```yaml
apolloFederation:
keys:
- fields:
- id
```
- Add `apolloFederation` in `Model.graphql`:
```yaml
apolloFederation:
entitySource: true
```
- Add `apolloFederation` in `GraphqlConfig`:
```yaml
apolloFederation:
enableRootFields: true
```
https://github.com/hasura/v3-engine/assets/85472423/b3223c61-360a-4ed6-b8ab-b394469957ce
RFC:
https://github.com/hasura/graphql-engine/pull/10141/files#diff-a9f74850aca6ecad1556723e4b3c7395e59f26cd40d9de20bfef83cb9c64f028
## Changelog
- Add a changelog entry (in the "Changelog entry" section below) if the
changes in this PR have any user-facing impact. See [changelog
guide](https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide).
- If no changelog is required ignore/remove this section and add a
`no-changelog-required` label to the PR.
### Product
_(Select all products this will be available in)_
- [ ] community-edition
- [ ] cloud
<!-- product : end : DO NOT REMOVE -->
### Type
<!-- See changelog structure:
https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide#structure-of-our-changelog
-->
_(Select only one. In case of multiple, choose the most appropriate)_
- [ ] highlight
- [ ] enhancement
- [ ] bugfix
- [ ] behaviour-change
- [ ] performance-enhancement
- [ ] security-fix
<!-- type : end : DO NOT REMOVE -->
### Changelog entry
<!--
- Add a user understandable changelog entry
- Include all details needed to understand the change. Try including
links to docs or issues if relevant
- For Highlights start with a H4 heading (#### <entry title>)
- Get the changelog entry reviewed by your team
-->
_Replace with changelog entry_
<!-- changelog-entry : end : DO NOT REMOVE -->
<!-- changelog : end : DO NOT REMOVE -->
V3_GIT_ORIGIN_REV_ID: 73cb9e6c8ef4bfe64d0f0cd9ce3ccbd32e208712
This means that we can pass arguments to the Criterion benchmarks
because the test binaries do not try and run.
For example, if you run this:
```
cargo bench -- --warm-up-time=1 --measurement-time=1
```
… it will currently fail, because it will also pass these arguments to
the tests. Disabling the benchmarks for the tests fixes this.
V3_GIT_ORIGIN_REV_ID: 10fe0683b82c506e1a11b24ca0a0a4041e37b655
## Description
This PR adds a check which ensures that empty selection sets (i.e.,
selecting a field of object type (or list of object type)) in queries
raise an error.
## Changelog
- Add a changelog entry (in the "Changelog entry" section below) if the
changes in this PR have any user-facing impact. See [changelog
guide](https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide).
- If no changelog is required ignore/remove this section and add a
`no-changelog-required` label to the PR.
### Product
_(Select all products this will be available in)_
- [x] community-edition
- [x] cloud
<!-- product : end : DO NOT REMOVE -->
### Type
<!-- See changelog structure:
https://github.com/hasura/graphql-engine-mono/wiki/Changelog-Guide#structure-of-our-changelog
-->
_(Select only one. In case of multiple, choose the most appropriate)_
- [ ] highlight
- [ ] enhancement
- [x] bugfix
- [ ] behaviour-change
- [ ] performance-enhancement
- [ ] security-fix
<!-- type : end : DO NOT REMOVE -->
### Changelog entry
<!--
- Add a user understandable changelog entry
- Include all details needed to understand the change. Try including
links to docs or issues if relevant
- For Highlights start with a H4 heading (#### <entry title>)
- Get the changelog entry reviewed by your team
-->
Ensure to reject queries with empty selection sets
<!-- changelog-entry : end : DO NOT REMOVE -->
<!-- changelog : end : DO NOT REMOVE -->
V3_GIT_ORIGIN_REV_ID: 79049c39b58288f39ec29ecf713cc3622842d47e
Reverts hasura/v3-engine#367
This is causing downstream problems in `v3-metadata-build-service`,
let's roll back for now to unblock things.
V3_GIT_ORIGIN_REV_ID: 3261f2f12825c8eac3353a2282b982f0f3bac80e
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 2.3.3 to
3.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jonasbb/serde_with/releases">serde_with's
releases</a>.</em></p>
<blockquote>
<h2>serde_with v3.7.0</h2>
<h3>Added</h3>
<ul>
<li>Implement <code>JsonSchemaAs</code> for <code>EnumMap</code> by <a
href="https://github.com/swlynch99"><code>@swlynch99</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/697">#697</a>)</li>
<li>Implement <code>JsonSchemaAs</code> for
<code>IfIsHumanReadable</code> by <a
href="https://github.com/swlynch99"><code>@swlynch99</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/717">#717</a>)</li>
<li>Implement <code>JsonSchemaAs</code> for <code>KeyValueMap</code> by
<a href="https://github.com/swlynch99"><code>@swlynch99</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/713">#713</a>)</li>
<li>Implement <code>JsonSchemaAs</code> for <code>OneOrMany</code> by <a
href="https://github.com/swlynch99"><code>@swlynch99</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/719">#719</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Detect conflicting <code>schema_with</code> attributes on fields
with <code>schemars</code> annotations by <a
href="https://github.com/swlynch99"><code>@swlynch99</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/715">#715</a>)
This extends the existing avoidance mechanism to a new variant fixing <a
href="https://redirect.github.com/jonasbb/serde_with/issues/712">#712</a>.</li>
</ul>
<h2>serde_with v3.6.1</h2>
<h3>Changed</h3>
<ul>
<li>Eliminate dependency on serde's "derive" feature by <a
href="https://github.com/dtolnay"><code>@dtolnay</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/694">#694</a>)
This allows parallel compilation of <code>serde</code> and
<code>serde_derive</code> which can speed up the wallclock time.
It requires that downstream crates do not use the "derive"
feature either.</li>
</ul>
<h2>serde_with v3.6.0</h2>
<h3>Added</h3>
<ul>
<li>Add <code>IfIsHumanReadable</code> for conditional implementation by
<a href="https://github.com/irriden"><code>@irriden</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/690">#690</a>)
Used to specify different transformations for text-based and binary
formats.</li>
<li>Add more <code>JsonSchemaAs</code> impls for all
<code>Duration*</code> and <code>Timestamp*</code> adaptors by <a
href="https://github.com/swlynch99"><code>@swlynch99</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/685">#685</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Bump MSRV to 1.65, since that is required for the <code>regex</code>
dependency.</li>
</ul>
<h2>serde_with v3.5.1</h2>
<h3>Fixed</h3>
<ul>
<li>The <code>serde_as</code> macro now better detects existing
<code>schemars</code> attributes on fields and incorporates them by <a
href="https://github.com/swlynch99"><code>@swlynch99</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/682">#682</a>)
This avoids errors on existing <code>#[schemars(with = ...)]</code>
annotations.</li>
</ul>
<h2>serde_with v3.5.0</h2>
<h3>Added</h3>
<ul>
<li>Support for <code>schemars</code> integration added by <a
href="https://github.com/swlynch99"><code>@swlynch99</code></a> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/666">#666</a>)
The support uses a new <code>Schema</code> top-level item which
implements <code>JsonSchema</code>
The <code>serde_as</code> macro can now detect <code>schemars</code>
usage and emits matching annotations for all fields with
<code>serde_as</code> attribute.
Many types of this crate come already with support for the
<code>schemars</code>, but support is not complete and will be extended
over time.</li>
</ul>
<h2>serde_with v3.4.0</h2>
<ul>
<li>
<p>Lower minimum required serde version to 1.0.152 (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/653">#653</a>)
Thanks to <a href="https://github.com/banool"><code>@banool</code></a>
for submitting the PR.</p>
<p>This allows people that have a problem with 1.0.153 to still use
<code>serde_with</code>.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bcda3fa3ff"><code>bcda3fa</code></a>
Bump version to 3.7.0 (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/720">#720</a>)</li>
<li><a
href="a446da1e12"><code>a446da1</code></a>
Bump version to 3.7.0</li>
<li><a
href="7e9772ff1e"><code>7e9772f</code></a>
Implement <code>JsonSchemaAs</code> for <code>OneOrMany</code> (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/719">#719</a>)</li>
<li><a
href="5e360837b0"><code>5e36083</code></a>
Add impls and tests for OneOrMany</li>
<li><a
href="c5c35db655"><code>c5c35db</code></a>
Implement JsonSchemaAs for KeyValueMap (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/713">#713</a>)</li>
<li><a
href="046f820610"><code>046f820</code></a>
Bump the github-actions group with 1 update (<a
href="https://redirect.github.com/jonasbb/serde_with/issues/718">#718</a>)</li>
<li><a
href="7e87fe5632"><code>7e87fe5</code></a>
Bump the github-actions group with 1 update</li>
<li><a
href="ffade779c5"><code>ffade77</code></a>
Add <code>JsonSchemaAs</code> impl for <code>IfIsHumanReadable</code>
(<a
href="https://redirect.github.com/jonasbb/serde_with/issues/717">#717</a>)</li>
<li><a
href="bb2ab60a3a"><code>bb2ab60</code></a>
Add JsonSchemaAs impl for IfIsHumanReadable</li>
<li><a
href="a80425783f"><code>a804257</code></a>
Implement JsonSchemaAs for KeyValueMap</li>
<li>Additional commits viewable in <a
href="https://github.com/jonasbb/serde_with/compare/v2.3.3...v3.7.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: 1db291014bc664f7e9d46c8f187989994980ea85
Bumps [bson](https://github.com/mongodb/bson-rust) from 2.7.0 to 2.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mongodb/bson-rust/releases">bson's
releases</a>.</em></p>
<blockquote>
<h2>v2.9.0</h2>
<p>The MongoDB Rust driver team is pleased to announce the v2.9.0
release of the <code>bson</code> crate.</p>
<h2>Highlighted Changes</h2>
<p>This release adds several externally contributed improvements!</p>
<ul>
<li>A new <code>RawIter</code> type that iterates over elements in a
document without deserializing them,</li>
<li>An improvement to the <code>doc</code> and <code>bson</code> macros
(and their <code>raw</code> counterparts) that allows using types that
implement <code>Into<Bson></code> or
<code>Into<RawBson></code>,</li>
<li>An impl of <code>From<&mut T></code> for <code>Bson</code>
for types that implement <code>Into<Bson></code>,</li>
<li>A smaller dependency tree thanks to updating the indexmap
crate,</li>
<li>And a fix for the <code>serde_with</code> 3.x support for the
<code>Uuid</code> type.</li>
</ul>
<h2>Full Release Notes</h2>
<h2>New Features</h2>
<ul>
<li>RUST-1815 provide lazy iterator implementation (thanks <a
href="https://github.com/tychoish"><code>@tychoish</code></a>!)</li>
<li>RUST-1716 Add BSON Binary Data subtype Sensitive (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/454">#454</a>)</li>
</ul>
<h2>Improvements</h2>
<ul>
<li>RUST-1822 Allow using the {,raw}{bson,doc} with types implementing
Into<!-- raw HTML omitted --> (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/450">#450</a>)
(thanks <a
href="https://github.com/tyilo"><code>@tyilo</code></a>!)</li>
<li>RUST-1825 Implement From<!-- raw HTML omitted --> for Bson (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/452">#452</a>)
(thanks <a
href="https://github.com/tyilo"><code>@tyilo</code></a>!)</li>
<li>RUST-1814 minor: bump indexmap to 2.1.0 (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/448">#448</a>)
(thanks <a
href="https://github.com/froydnj"><code>@froydnj</code></a>!)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>RUST-1828 Fix feature name for serde_with Uuid implementation (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/453">#453</a>)
(thanks <a
href="https://github.com/jonasbb"><code>@jonasbb</code></a>!)</li>
</ul>
<h2>v2.8.1</h2>
<p>The MongoDB Rust driver team is pleased to announce the v2.8.1
release of the <code>bson</code> crate.</p>
<h2>Highlighted Changes</h2>
<p>This release fixes compilation for the <code>wasm32-wasi</code>
target, which broke in the 2.8.0 release.</p>
<h2>Full Release Notes</h2>
<h2>Bugfixes</h2>
<ul>
<li>Fix compilation on wasm32-wasi target <a
href="https://redirect.github.com/mongodb/bson-rust/issues/445">#445</a>
(thanks <a
href="https://github.com/tyranron"><code>@tyranron</code></a>!)</li>
</ul>
<h2>v2.8.0</h2>
<p>The MongoDB Rust driver team is pleased to announce the v2.8.0
release of the <code>bson</code> crate.</p>
<h2>Highlighted Changes</h2>
<p>This release adds optimizations to the <code>serde</code> integration
that show up to 50% deserialization speed improvement in our benchmarks,
as well as a variety of user-submitted fixes.</p>
<h2>Full Release Notes</h2>
<h2>Improvements</h2>
<ul>
<li>RUST-1132 Implement DeserializeSeed for owned and borrowed raw
documents (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/433">#433</a>)</li>
<li>RUST-1780 Bump MSRV to 1.61.0, upgrade ahash to 0.8.5 in
<code>Cargo.lock.msrv</code> (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/436">#436</a>)
(thanks <a
href="https://github.com/stIncMale"><code>@stIncMale</code></a>!)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="38ffff5343"><code>38ffff5</code></a>
release v2.9.0 (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/455">#455</a>)</li>
<li><a
href="230dab13f5"><code>230dab1</code></a>
RUST-1716 Add BSON Binary Data subtype Sensitive (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/454">#454</a>)</li>
<li><a
href="81a9895089"><code>81a9895</code></a>
Fix feature name for serde_with Uuid implementation (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/453">#453</a>)</li>
<li><a
href="8247d271b2"><code>8247d27</code></a>
Implement From<&mut T> for Bson (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/452">#452</a>)</li>
<li><a
href="622007da1d"><code>622007d</code></a>
minor: update clippy to 1.75 (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/451">#451</a>)</li>
<li><a
href="7e114303ae"><code>7e11430</code></a>
Allow using the {,raw}{bson,doc} with types implementing
Into<{,Raw}Bson> (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/450">#450</a>)</li>
<li><a
href="9294ee5b45"><code>9294ee5</code></a>
provide lazy iterator implementation (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/449">#449</a>)</li>
<li><a
href="d044889a9f"><code>d044889</code></a>
minor: bump indexmap to <code>2.1.0</code> (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/448">#448</a>)</li>
<li><a
href="4af5805248"><code>4af5805</code></a>
Fix compilation on <code>wasm32-wasi</code> target (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/445">#445</a>)</li>
<li><a
href="6981c342c7"><code>6981c34</code></a>
release v2.8.0 (<a
href="https://redirect.github.com/mongodb/bson-rust/issues/443">#443</a>)
(<a
href="https://redirect.github.com/mongodb/bson-rust/issues/444">#444</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/mongodb/bson-rust/compare/v2.7.0...v2.9.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
V3_GIT_ORIGIN_REV_ID: 8e483de7788695902efdfbb2c9fe0b9b185b4bf7
<!-- Thank you for submitting this PR! :) -->
## Description
This moves all the crates into a `/crates` folder. Everything appears to
just work, thanks Cargo!
V3_GIT_ORIGIN_REV_ID: 8e3ef287b1a46cabdb4d919a50e813ab2cddf8b1
