Open
Conversation
…ins spaces PR-URL: hasura/graphql-engine-mono#11298 GitOrigin-RevId: eecbbb45d9fd6d0e0278861a86dcaa814654469d
V3_GIT_ORIGIN_REV_ID: 27d62d7ca1834d65dc29ca7e18ce74bd3c0dd6e3
<!-- The PR description should answer 2 important questions: --> ### What In hasura/v3-engine#1954 we started using `authorization_rules` internally for type output permissions. Here, we do the same for select permissions for models, using `authorization_rules` in `plan` to calculate: - can we select from this `Model`? - are there any filters we need to apply? - are we allowed to do subscriptions with it? - which argument presets do we need? - which relational mutations are we allowed (`update`, `delete`, `insert`)? ### Performance Benchmarks is measured against current `main`. `Total Execution Time` is a bit slower for simpler queries, but faster for more complex queries, particularly those using relationships. This tracks with the changes as: - we cache the results of evaluating `Conditions` to optimise for running `x-hasura-role == foo` checks over and over again, but we are still doing more work than a simple map lookup. - when collecting filters for `ModelPermissions`, we return `Vec<&ModelPredicate>` and pass that around, only cloning them when actually needed. This reduces a bunch of unnecessary cloning, particularly where relationships are concerned, as we'd check a user could access the model underneath a relationship but never use the filters for anything else. ``` simple_select/bench_execute/Total Execution time time: [648.73 µs 659.03 µs 669.90 µs] change: [+11.312% +14.294% +17.206%] (p = 0.00 < 0.05) Performance has regressed. select_many/bench_execute/Total Execution time time: [608.95 µs 619.06 µs 629.69 µs] change: [+8.5431% +10.842% +13.304%] (p = 0.00 < 0.05) Performance has regressed. select_many_where/bench_execute/Total Execution time time: [1.2079 ms 1.2287 ms 1.2506 ms] change: [+0.0203% +2.1676% +4.6082%] (p = 0.05 < 0.05) Change within noise threshold. object_relationship/bench_execute/Total Execution time time: [831.13 µs 843.36 µs 855.92 µs] change: [-0.4508% +1.6093% +3.5083%] (p = 0.12 > 0.05) No change in performance detected. array_relationship/bench_execute/Total Execution time time: [779.65 µs 792.49 µs 806.21 µs] change: [-17.943% -15.474% -12.910%] (p = 0.00 < 0.05) Performance has improved. relay_node_field/bench_execute/Total Execution time time: [605.03 µs 614.19 µs 623.73 µs] change: [-29.244% -26.453% -23.661%] (p = 0.00 < 0.05) Performance has improved. ``` --------- Co-authored-by: Brandon Simmons <brandon.m.simmons@gmail.com> V3_GIT_ORIGIN_REV_ID: 6d96e5ccbdd6c095112c58cda430ce30b01b3544
<!-- The PR description should answer 2 important questions: -->
### What
<!-- What is this PR trying to accomplish (and why, if it's not
obvious)? -->
<!-- Consider: do we need to add a changelog entry? -->
<!-- Does this PR introduce new validation that might break old builds?
-->
<!-- Consider: do we need to put new checks behind a flag? -->
Add sync mode pre-response plugin support that allows plugins to modify
responses before they are sent to the client.
An example plugin config is:
```yaml
kind: LifecyclePluginHook
version: v1
definition:
pre: response
name: test-1
url:
value: http://localhost:5001/extensions/add_ai_summary
config:
request:
session: {}
rawRequest:
query: {}
variables: {}
mode:
type: synchronous
onPluginFailure: continue # or this can be set to `fail`
```
This introduces synchronous pre-response plugins that can:
- Intercept and modify GraphQL responses
- Return custom responses or errors based on response content
- Chain multiple plugins with response transformations
- Support soft-fail behaviour for error handling
Example of what we can do with sync mode pre-response plugins:
<img width="3699" height="2153" alt="image"
src="https://github.com/user-attachments/assets/2e0bf5db-22ba-4822-bb44-6b81376a8bbb"
/>
### How
<!-- How is it trying to accomplish it (what are the implementation
steps)? -->
**Sync Mode Pre-Response Plugins:**
- Added `ResolvedLifecyclePreResponseSyncPluginHook` with synchronous
execution model
- Implemented response chaining where each plugin can modify the
response for the next plugin
- Added support for different HTTP status codes:
- `204 No Content`: Continue with original response
- `200 OK`: Continue with modified response (JSON body)
- `400 Bad Request`: Return user error
- `500 Internal Server Error`: Return internal error
- Introduced soft-fail configuration to allow plugins to fail gracefully
without breaking the request
- Plugins execute sequentially, allowing response transformations to
build upon each other
**Architecture Changes:**
- Maintained both sync and async pre-response plugin support with
unified configuration
- Updated plugin configuration types to support mode selection
(synchronous/asynchronous)
- Enhanced error handling and tracing for both plugin types
- Updated all test files and benchmarks to use the new plugin
configuration structure
V3_GIT_ORIGIN_REV_ID: dbee433e38346c44cc342edb1bb87345907d2bb0
<!-- The PR description should answer 2 important questions: --> ### What Don't send the `from_type` value if it's not supported by the connector. V3_GIT_ORIGIN_REV_ID: 5714686f3aaec3d11e80d2ea87237911e28cd04b
PR-URL: hasura/graphql-engine-mono#11300 Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com> GitOrigin-RevId: 53b9ffd6717b7b99d6d3cbee0c9025778ad46346
PR-URL: hasura/graphql-engine-mono#11302 GitOrigin-RevId: b3334074c0e2b38cfbbbcf097162b5f079af7f43
PR-URL: hasura/graphql-engine-mono#11305 GitOrigin-RevId: e26fb0f7c8d3ab2194290d8a2d5f6e4572cf8362
<!-- The PR description should answer 2 important questions: --> ### What We throw `DataFusionError` all over the place meaning we lose context and don't have much granularity over how we report on and treat errors. Let's make proper enums. This is an arbitrary cut to keep the PRs small. The only external change is removing some stuff like `error in data fusion: Error during planning: ` stuff from the start of error messages. V3_GIT_ORIGIN_REV_ID: 860261349e2c505eebd6e6424b91984d14197102
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.46.1 to 1.47.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.47.0</h2> <h1>1.47.0 (July 25th, 2025)</h1> <p>This release adds <code>poll_proceed</code> and <code>cooperative</code> to the <code>coop</code> module for cooperative scheduling, adds <code>SetOnce</code> to the <code>sync</code> module which provides similar functionality to [<code>std::sync::OnceLock</code>], and adds a new method <code>sync::Notify::notified_owned()</code> which returns an <code>OwnedNotified</code> without a lifetime parameter.</p> <h2>Added</h2> <ul> <li>coop: add <code>cooperative</code> and <code>poll_proceed</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>)</li> <li>sync: add <code>SetOnce</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>)</li> <li>sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> </ul> <h2>Changed</h2> <ul> <li>deps: upgrade windows-sys 0.52 → 0.59 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7117">#7117</a>)</li> <li>deps: update to socket2 v0.6 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7443">#7443</a>)</li> <li>sync: improve <code>AtomicWaker::wake</code> performance (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>)</li> </ul> <h2>Documented</h2> <ul> <li>metrics: fix listed feature requirements for some metrics (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>)</li> <li>runtime: improve safety comments of <code>Readiness<'_></code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7405">tokio-rs/tokio#7405</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7415">tokio-rs/tokio#7415</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7418">tokio-rs/tokio#7418</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7449">tokio-rs/tokio#7449</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7450">tokio-rs/tokio#7450</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7465">tokio-rs/tokio#7465</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/3911cb8523f190142f61c64b66881c07c0d3e7be"><code>3911cb8</code></a> chore: prepare Tokio v1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7482">#7482</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d545aa2601e3008ce49c8c0191b0f172ce577452"><code>d545aa2</code></a> sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/911ab21d7012a50e53971ad1292a9f18de22d4c8"><code>911ab21</code></a> sync: add <code>SetOnce</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/9e94fa7e15cfe6ebbd06e9ebad4642896620d924"><code>9e94fa7</code></a> task: remove raw-entry feature from hashbrown dep (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7252">#7252</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/0d234c3cf9231288bd7ea3d8f2df65fa24b87a80"><code>0d234c3</code></a> ci: unfreeze wasm-unknown-unknown from rustc 1.81 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7471">#7471</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/3754e059b61553dd51064b433fb61465c4b93afe"><code>3754e05</code></a> ci: use ubuntu-24.04-arm instead of ubuntu-22.04-arm (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7470">#7470</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/6d868d96ce9df27c5ec1be3bba960ebe80ee4793"><code>6d868d9</code></a> sync: fix <code>CancellationToken</code> failing to cancel the ready futures (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7462">#7462</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/0a3fe460862720d005b8fa39cdde30575a063785"><code>0a3fe46</code></a> sync: remove duplicated code in <code>OnceCell</code> tests (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7458">#7458</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/154d7d5fe663302c96e25d2b6064813996264a91"><code>154d7d5</code></a> ci: cleanup legacy <code>R-loom-multi-thread-alt</code> label from the labeler (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7457">#7457</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/611b7933561670c8349ddd5c100fdc76c474e3db"><code>611b793</code></a> coop: add <code>cooperative</code> and <code>poll_proceed</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.46.1...tokio-1.47.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: b7e0c353b618bfb12e73450126a0628339e06af6
Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.5.2 to 0.6.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tower-rs/tower-http/releases">tower-http's releases</a>.</em></p> <blockquote> <h2>tower-http-0.6.6</h2> <h2>Fixed</h2> <ul> <li>compression: fix panic when looking in vary header (<a href="https://redirect.github.com/tower-rs/tower-http/issues/578">#578</a>)</li> </ul> <p><a href="https://redirect.github.com/tower-rs/tower-http/issues/578">#578</a>: <a href="https://redirect.github.com/tower-rs/tower-http/pull/578">tower-rs/tower-http#578</a></p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/sulami"><code>@sulami</code></a> made their first contribution in <a href="https://redirect.github.com/tower-rs/tower-http/pull/578">tower-rs/tower-http#578</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tower-rs/tower-http/compare/tower-http-0.6.5...tower-http-0.6.6">https://github.com/tower-rs/tower-http/compare/tower-http-0.6.5...tower-http-0.6.6</a></p> <h2>tower-http-0.6.5</h2> <h2>Added</h2> <ul> <li>normalize_path: add <code>append_trailing_slash()</code> mode (<a href="https://redirect.github.com/tower-rs/tower-http/issues/547">#547</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>redirect: remove payload headers if redirect changes method to GET (<a href="https://redirect.github.com/tower-rs/tower-http/issues/575">#575</a>)</li> <li>compression: avoid setting <code>vary: accept-encoding</code> if already set (<a href="https://redirect.github.com/tower-rs/tower-http/issues/572">#572</a>)</li> </ul> <p><a href="https://redirect.github.com/tower-rs/tower-http/issues/547">#547</a>: <a href="https://redirect.github.com/tower-rs/tower-http/pull/547">tower-rs/tower-http#547</a> <a href="https://redirect.github.com/tower-rs/tower-http/issues/572">#572</a>: <a href="https://redirect.github.com/tower-rs/tower-http/pull/572">tower-rs/tower-http#572</a> <a href="https://redirect.github.com/tower-rs/tower-http/issues/575">#575</a>: <a href="https://redirect.github.com/tower-rs/tower-http/pull/575">tower-rs/tower-http#575</a></p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/daalfox"><code>@daalfox</code></a> made their first contribution in <a href="https://redirect.github.com/tower-rs/tower-http/pull/547">tower-rs/tower-http#547</a></li> <li><a href="https://github.com/mherrerarendon"><code>@mherrerarendon</code></a> made their first contribution in <a href="https://redirect.github.com/tower-rs/tower-http/pull/574">tower-rs/tower-http#574</a></li> <li><a href="https://github.com/linyihai"><code>@linyihai</code></a> made their first contribution in <a href="https://redirect.github.com/tower-rs/tower-http/pull/575">tower-rs/tower-http#575</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tower-rs/tower-http/compare/tower-http-0.6.4...tower-http-0.6.5">https://github.com/tower-rs/tower-http/compare/tower-http-0.6.4...tower-http-0.6.5</a></p> <h2>tower-http 0.6.4</h2> <h2>Added</h2> <ul> <li>decompression: Support HTTP responses containing multiple ZSTD frames (<a href="https://redirect.github.com/tower-rs/tower-http/issues/548">#548</a>)</li> <li>The <code>ServiceExt</code> trait for chaining layers onto an arbitrary http service just like <code>ServiceBuilderExt</code> allows for <code>ServiceBuilder</code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/563">#563</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>Remove unnecessary trait bounds on <code>S::Error</code> for <code>Service</code> impls of <code>RequestBodyTimeout<S></code> and <code>ResponseBodyTimeout<S></code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/533">#533</a>)</li> <li>compression: Respect <code>is_end_stream</code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/535">#535</a>)</li> <li>Fix a rare panic in <code>fs::ServeDir</code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/553">#553</a>)</li> <li>Fix invalid <code>content-lenght</code> of 1 in response to range requests to empty files (<a href="https://redirect.github.com/tower-rs/tower-http/issues/556">#556</a>)</li> <li>In <code>AsyncRequireAuthorization</code>, use the original inner service after it is</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tower-rs/tower-http/commit/635692d757f29dfa3041c02cd66c195be07bc8b3"><code>635692d</code></a> v0.6.6</li> <li><a href="https://github.com/tower-rs/tower-http/commit/359d997420ac06f08e780471edd3e94a8757940f"><code>359d997</code></a> Fix an indexing panic in compression (<a href="https://redirect.github.com/tower-rs/tower-http/issues/578">#578</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/24c0f0b4f92cfd05dbef689459f573845a295c16"><code>24c0f0b</code></a> refactor: slightly reduce use of <code>futures-util</code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/577">#577</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/51723d48476cd8bcfc718f299fb6a5c21c5dc03e"><code>51723d4</code></a> v0.6.5</li> <li><a href="https://github.com/tower-rs/tower-http/commit/0187232a11641536b45736513dd606590555186e"><code>0187232</code></a> feat(compression): avoid setting <code>Vary: Accept-Encoding</code> when already set (<a href="https://redirect.github.com/tower-rs/tower-http/issues/572">#572</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/f64fbe6bc077765e9263f0e372088d5f8c58e26b"><code>f64fbe6</code></a> fix(redirect): Removed <code>headers</code> after empty payload set. (<a href="https://redirect.github.com/tower-rs/tower-http/issues/575">#575</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/7388e7687c92c1439fccbe978c6e179a0034995c"><code>7388e76</code></a> docs: Clarify TimeoutBody is a timeout per frame, not total (<a href="https://redirect.github.com/tower-rs/tower-http/issues/574">#574</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/86615aabc803b36901711658f9517972bdcb648e"><code>86615aa</code></a> normalize_path: Add <code>Append</code> mode (<a href="https://redirect.github.com/tower-rs/tower-http/issues/547">#547</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/fa8848e9d128f6ec2d5571fdb8cd74575bf3c834"><code>fa8848e</code></a> Release v0.6.4 (<a href="https://redirect.github.com/tower-rs/tower-http/issues/568">#568</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/2608a513ddaf44e93936c35f07a120f77823d608"><code>2608a51</code></a> Make type inference work for ServiceExt (<a href="https://redirect.github.com/tower-rs/tower-http/issues/566">#566</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tower-rs/tower-http/compare/tower-http-0.5.2...tower-http-0.6.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 59c976cb6db421e732ca7d506e18d45eda0f50e1
V3_GIT_ORIGIN_REV_ID: 588a405aa0240d7ded6bfd02fc7165a2cee2a7f3
V3_GIT_ORIGIN_REV_ID: 27804ed1ef2a8fe477e5dece15bfa59b3705e7b1
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: b207c27f7ca5b31165867311840a00fb538b40e5
<!-- The PR description should answer 2 important questions: --> ### What This PR updates the changelog for `v2025.07.29` ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: 8df4dd0f9f128e7fa98c4694d9cabc4b0eda7fbc
PR-URL: hasura/graphql-engine-mono#11308 GitOrigin-RevId: 24b3da8b2d164ab85c08e546b4551062192471ba
PR-URL: hasura/graphql-engine-mono#11307 GitOrigin-RevId: 4dba8ddd8341000fdf1c4548c3eb344a0a7bd384
<!-- The PR description should answer 2 important questions: --> ### What Add function to custom connector for relationship argument paths. V3_GIT_ORIGIN_REV_ID: 8b7f86cfb3c794a2642189f7cb9cb0838f99aa28
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.41 to 4.5.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.5.42</h2> <h2>[4.5.42] - 2025-07-30</h2> <h3>Fixes</h3> <ul> <li>Include subcommand visible long aliases in <code>--help</code></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.5.42] - 2025-07-30</h2> <h3>Fixes</h3> <ul> <li>Include subcommand visible long aliases in <code>--help</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/clap-rs/clap/commit/27cc4b7f59f4b9658881514ccf4e4ab3c41c9af5"><code>27cc4b7</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/16a4fc7190c1e807793475989e762fb4ebb6bffe"><code>16a4fc7</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/07f9f15eda15f03e7d95032365c3562538686c3d"><code>07f9f15</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5874">#5874</a> from tetzng/fix-fish-completions</li> <li><a href="https://github.com/clap-rs/clap/commit/721deab943d431a917edca0a4d840d8597a43e95"><code>721deab</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/a4be55bf6441b4fa1c1c7eb104fa235eff55f970"><code>a4be55b</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/fd5e6915f0fbb94b0959b7245dd244ac5686d7f3"><code>fd5e691</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5877">#5877</a> from therealprof/features/use-btreemap-instead-of-so...</li> <li><a href="https://github.com/clap-rs/clap/commit/6604e79ee7bddc0ecee0cb70b380aa8a3d6efd79"><code>6604e79</code></a> Use BTreeMap instead of a sorted Vec</li> <li><a href="https://github.com/clap-rs/clap/commit/28e163a8e75be9a2f57079abbccb9d6bb5bdea7e"><code>28e163a</code></a> fix(complete): Remove {} and replace commas with newlines</li> <li><a href="https://github.com/clap-rs/clap/commit/b5a47c46acda0c3166df80e1deb61fe1f017b26b"><code>b5a47c4</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/b154a7a114de1ce6f0dee9b68bc5de1ec676cdc4"><code>b154a7a</code></a> docs: Update changelog</li> <li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.41...clap_complete-v4.5.42">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 62f167b751e60033f6916b4fefa3e817ac72ad8b
Bumps [tokio-util](https://github.com/tokio-rs/tokio) from 0.7.15 to 0.7.16. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/cf6b50a3fd44684d63fd758aae1ee2955f16c798"><code>cf6b50a</code></a> chore: prepare tokio-util v0.7.16 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7507">#7507</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/416e36b0dff3214a9fd9dee26f9e554d7d162b46"><code>416e36b</code></a> task: stabilise <code>JoinMap</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7075">#7075</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/9741c90f9f8b14a7d78d7629a29a281602d5f2b9"><code>9741c90</code></a> sync: document cancel safety on <code>SetOnce::wait</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7506">#7506</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4e3f17bce3addf0bbf626e4847bab73e28328181"><code>4e3f17b</code></a> codec: also apply capacity to read buffer in <code>Framed::with_capacity</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7500">#7500</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/86cbf81e151772fad0f2fc8afa0fa7094d00b81d"><code>86cbf81</code></a> Merge 'tokio-1.47.1' into 'master'</li> <li><a href="https://github.com/tokio-rs/tokio/commit/be8ee45b3fc2d107174e586141b1cb12c93e2ddf"><code>be8ee45</code></a> chore: prepare Tokio v1.47.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d9b19166cde30b8d4a65f31a94b5ee09d2dd7b8c"><code>d9b1916</code></a> Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/db8edc620fb369f6cc92dd9dcfdd03b832c2b02f"><code>db8edc6</code></a> chore: prepare Tokio v1.43.2 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/e47565b086436a9024812d5cc0ba5672ab515e47"><code>e47565b</code></a> blocking: clarify that spawn_blocking is aborted if not yet started (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7501">#7501</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4730984d66e708b36efe84245cbf15bd483a886f"><code>4730984</code></a> readme: add 1.47 as LTS release (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-util-0.7.15...tokio-util-0.7.16">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 794c05921914acf2a268d08ffcb5e6ee60b302e1
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.47.0 to 1.47.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.47.1</h2> <h1>1.47.1 (August 1st, 2025)</h1> <h3>Fixed</h3> <ul> <li>process: fix panic from spurious pidfd wakeup (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li> <li>sync: fix broken link of Python <code>asyncio.Event</code> in <code>SetOnce</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7485">tokio-rs/tokio#7485</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7494">tokio-rs/tokio#7494</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/be8ee45b3fc2d107174e586141b1cb12c93e2ddf"><code>be8ee45</code></a> chore: prepare Tokio v1.47.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d9b19166cde30b8d4a65f31a94b5ee09d2dd7b8c"><code>d9b1916</code></a> Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/db8edc620fb369f6cc92dd9dcfdd03b832c2b02f"><code>db8edc6</code></a> chore: prepare Tokio v1.43.2 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4730984d66e708b36efe84245cbf15bd483a886f"><code>4730984</code></a> readme: add 1.47 as LTS release (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/1979615cbf1cc4b4d296814957394703827362d0"><code>1979615</code></a> process: fix panic from spurious pidfd wakeup (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/f669a609cf1eaa94d2bc135212f57ff913eca898"><code>f669a60</code></a> ci: add lockfile for LTS branch</li> <li><a href="https://github.com/tokio-rs/tokio/commit/ce41896f8dcbc6249df3279600f45f7a65915cf6"><code>ce41896</code></a> sync: fix broken link of Python <code>asyncio.Event</code> in <code>SetOnce</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/c8ab78a84fff284958dc84b77b5222fecd0f44b2"><code>c8ab78a</code></a> changelog: fix incorrect PR number for 1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7484">#7484</a>)</li> <li>See full diff in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.47.0...tokio-1.47.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: a4a45463c8ea7b0c33fa51b0032e5dd53b3891c7
Bumps [serde_arrow](https://github.com/chmp/serde_arrow) from 0.13.4 to 0.13.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chmp/serde_arrow/releases">serde_arrow's releases</a>.</em></p> <blockquote> <h2>0.13.5</h2> <ul> <li>Add <code>arrow=56</code> support</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/chmp/serde_arrow/blob/main/Changes.md">serde_arrow's changelog</a>.</em></p> <blockquote> <h2>0.13.5</h2> <ul> <li>Add <code>arrow=56</code> support</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chmp/serde_arrow/commit/13d4766453f0c07d69ad7454d38dbc7d9c7a08c8"><code>13d4766</code></a> Merge pull request <a href="https://redirect.github.com/chmp/serde_arrow/issues/280">#280</a> from chmp/release/0.13.5</li> <li><a href="https://github.com/chmp/serde_arrow/commit/b089ee00e6a6608868548a0e9eb115810115dd5e"><code>b089ee0</code></a> Update Cargo.lock</li> <li><a href="https://github.com/chmp/serde_arrow/commit/1a95ea4206f49b1417ace70332260b7dcb2b249f"><code>1a95ea4</code></a> Add arrow=56</li> <li><a href="https://github.com/chmp/serde_arrow/commit/13e41afefc7e2749f1aadbf1f23276e8e9ceb933"><code>13e41af</code></a> Merge pull request <a href="https://redirect.github.com/chmp/serde_arrow/issues/279">#279</a> from ryzhyk/patch-1</li> <li><a href="https://github.com/chmp/serde_arrow/commit/5746823022cc5cb6cf67d280e6606b910a5e99b2"><code>5746823</code></a> Fix typo in list_deserializer.rs</li> <li>See full diff in <a href="https://github.com/chmp/serde_arrow/compare/v0.13.4...v0.13.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: e9cd34016dc98a6f4e9dcf9b86d413e1db6ec9ef
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.141 to 1.0.142. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.142</h2> <ul> <li>impl Default for &Value (<a href="https://redirect.github.com/serde-rs/json/issues/1265">#1265</a>, thanks <a href="https://github.com/aatifsyed"><code>@aatifsyed</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/1731167cd5dd6358944aabf8ab8504a2f5162018"><code>1731167</code></a> Release 1.0.142</li> <li><a href="https://github.com/serde-rs/json/commit/e51c81450a3018a5524f6b1afba7192ddbafcc69"><code>e51c814</code></a> Touch up PR 1265</li> <li><a href="https://github.com/serde-rs/json/commit/84abbdb613ce8faa2e93eddcc96f5514eb31a1d1"><code>84abbdb</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1265">#1265</a> from aatifsyed/master</li> <li><a href="https://github.com/serde-rs/json/commit/9206cc0150fa17d44296db96149f00a142691ead"><code>9206cc0</code></a> feat: impl Default for &Value</li> <li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.141...v1.0.142">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 9426f6b847d84b3eb541263d829e5c9f382aee11
<!-- The PR description should answer 2 important questions: --> ### What We were not converting the field names of struct types before sending them to NDC, now we are. V3_GIT_ORIGIN_REV_ID: da9e615036526a68d1dd7fb8b81907fa3e306c0e
…ror (#2098) <!-- The PR description should answer 2 important questions: --> ### What `Built-in operators require a boolean expression type` shows up as an internal error, when it's really because a boolean expression type hasn't been provided for a type. Change the type to reflect this, and include the object type name in question to make it easier to fix. V3_GIT_ORIGIN_REV_ID: 89fae7521fd9fe1135bfb5c8c9d44c07fc1d93cb
<!-- The PR description should answer 2 important questions: --> ### What We never put this in the public JSONSchema, and we never used it for anything, removing. V3_GIT_ORIGIN_REV_ID: 7cd01e5cc3b84b3e20ec26400ca53e6ef1a48d61
<!-- The PR description should answer 2 important questions: --> ### What With rules based auth the role might not be the reason a model / command / type is not accessible, so let's remove that from the permission errors as it's potentially misleading. V3_GIT_ORIGIN_REV_ID: 4ea73bbc11767aac74bfe9fc877dcb7f0ea4f7ac
<!-- The PR description should answer 2 important questions: --> ### What Allow users to define output type permissions using rule-based permissions. Currently behind a feature flag, and the metadata is hidden from the JSONSchema. V3_GIT_ORIGIN_REV_ID: 2838b902243709e69f535b09b2cadee6c0e9a5ea
Bumps [rand](https://github.com/rust-random/rand) from 0.9.2 to 0.10.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-random/rand/blob/master/CHANGELOG.md">rand's changelog</a>.</em></p> <blockquote> <h2>[0.10.0] - 2026-02-08</h2> <h3>Changes</h3> <ul> <li>The dependency on <code>rand_chacha</code> has been replaced with a dependency on <code>chacha20</code>. This changes the implementation behind <code>StdRng</code>, but the output remains the same. There may be some API breakage when using the ChaCha-types directly as these are now the ones in <code>chacha20</code> instead of <code>rand_chacha</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1642">#1642</a>).</li> <li>Rename fns <code>IndexedRandom::choose_multiple</code> -> <code>sample</code>, <code>choose_multiple_array</code> -> <code>sample_array</code>, <code>choose_multiple_weighted</code> -> <code>sample_weighted</code>, struct <code>SliceChooseIter</code> -> <code>IndexedSamples</code> and fns <code>IteratorRandom::choose_multiple</code> -> <code>sample</code>, <code>choose_multiple_fill</code> -> <code>sample_fill</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1632">#1632</a>)</li> <li>Use Edition 2024 and MSRV 1.85 (<a href="https://redirect.github.com/rust-random/rand/issues/1653">#1653</a>)</li> <li>Let <code>Fill</code> be implemented for element types, not sliceable types (<a href="https://redirect.github.com/rust-random/rand/issues/1652">#1652</a>)</li> <li>Fix <code>OsError::raw_os_error</code> on UEFI targets by returning <code>Option<usize></code> (<a href="https://redirect.github.com/rust-random/rand/issues/1665">#1665</a>)</li> <li>Replace fn <code>TryRngCore::read_adapter(..) -> RngReadAdapter</code> with simpler struct <code>RngReader</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1669">#1669</a>)</li> <li>Remove fns <code>SeedableRng::from_os_rng</code>, <code>try_from_os_rng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1674">#1674</a>)</li> <li>Remove <code>Clone</code> support for <code>StdRng</code>, <code>ReseedingRng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1677">#1677</a>)</li> <li>Use <code>postcard</code> instead of <code>bincode</code> to test the serde feature (<a href="https://redirect.github.com/rust-random/rand/issues/1693">#1693</a>)</li> <li>Avoid excessive allocation in <code>IteratorRandom::sample</code> when <code>amount</code> is much larger than iterator size (<a href="https://redirect.github.com/rust-random/rand/issues/1695">#1695</a>)</li> <li>Rename <code>os_rng</code> -> <code>sys_rng</code>, <code>OsRng</code> -> <code>SysRng</code>, <code>OsError</code> -> <code>SysError</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1697">#1697</a>)</li> <li>Rename <code>Rng</code> -> <code>RngExt</code> as upstream <code>rand_core</code> has renamed <code>RngCore</code> -> <code>Rng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1717">#1717</a>)</li> </ul> <h3>Additions</h3> <ul> <li>Add fns <code>IndexedRandom::choose_iter</code>, <code>choose_weighted_iter</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1632">#1632</a>)</li> <li>Pub export <code>Xoshiro128PlusPlus</code>, <code>Xoshiro256PlusPlus</code> prngs (<a href="https://redirect.github.com/rust-random/rand/issues/1649">#1649</a>)</li> <li>Pub export <code>ChaCha8Rng</code>, <code>ChaCha12Rng</code>, <code>ChaCha20Rng</code> behind <code>chacha</code> feature (<a href="https://redirect.github.com/rust-random/rand/issues/1659">#1659</a>)</li> <li>Fn <code>rand::make_rng() -> R where R: SeedableRng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1734">#1734</a>)</li> </ul> <h3>Removals</h3> <ul> <li>Removed <code>ReseedingRng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1722">#1722</a>)</li> <li>Removed unused feature "nightly" (<a href="https://redirect.github.com/rust-random/rand/issues/1732">#1732</a>)</li> <li>Removed feature <code>small_rng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1732">#1732</a>)</li> </ul> <p><a href="https://redirect.github.com/rust-random/rand/issues/1632">#1632</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1632">rust-random/rand#1632</a> <a href="https://redirect.github.com/rust-random/rand/issues/1642">#1642</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1642">rust-random/rand#1642</a> <a href="https://redirect.github.com/rust-random/rand/issues/1649">#1649</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1649">rust-random/rand#1649</a> <a href="https://redirect.github.com/rust-random/rand/issues/1652">#1652</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1652">rust-random/rand#1652</a> <a href="https://redirect.github.com/rust-random/rand/issues/1653">#1653</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1653">rust-random/rand#1653</a> <a href="https://redirect.github.com/rust-random/rand/issues/1659">#1659</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1659">rust-random/rand#1659</a> <a href="https://redirect.github.com/rust-random/rand/issues/1665">#1665</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1665">rust-random/rand#1665</a> <a href="https://redirect.github.com/rust-random/rand/issues/1669">#1669</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1669">rust-random/rand#1669</a> <a href="https://redirect.github.com/rust-random/rand/issues/1674">#1674</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1674">rust-random/rand#1674</a> <a href="https://redirect.github.com/rust-random/rand/issues/1677">#1677</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1677">rust-random/rand#1677</a> <a href="https://redirect.github.com/rust-random/rand/issues/1693">#1693</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1693">rust-random/rand#1693</a> <a href="https://redirect.github.com/rust-random/rand/issues/1695">#1695</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1695">rust-random/rand#1695</a> <a href="https://redirect.github.com/rust-random/rand/issues/1697">#1697</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1697">rust-random/rand#1697</a> <a href="https://redirect.github.com/rust-random/rand/issues/1717">#1717</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1717">rust-random/rand#1717</a> <a href="https://redirect.github.com/rust-random/rand/issues/1722">#1722</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1722">rust-random/rand#1722</a> <a href="https://redirect.github.com/rust-random/rand/issues/1732">#1732</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1732">rust-random/rand#1732</a> <a href="https://redirect.github.com/rust-random/rand/issues/1734">#1734</a>: <a href="https://redirect.github.com/rust-random/rand/pull/1734">rust-random/rand#1734</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-random/rand/commit/acc5f246d3338ffea40aa0f25a46f84d6d19db8d"><code>acc5f24</code></a> Prepare v0.10.0 releases (<a href="https://redirect.github.com/rust-random/rand/issues/1729">#1729</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/95c51651c904ca8e77cdec5ebb6f218bb505f18f"><code>95c5165</code></a> Add fn rand::make_rng (<a href="https://redirect.github.com/rust-random/rand/issues/1734">#1734</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/146da581490e534332a6018c15d7765b4c16851e"><code>146da58</code></a> CHANGELOG: add PR links (<a href="https://redirect.github.com/rust-random/rand/issues/1738">#1738</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/8cacd6da6df9256d13d8ceb499310844227379fd"><code>8cacd6d</code></a> README tweaks (<a href="https://redirect.github.com/rust-random/rand/issues/1737">#1737</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/28e3df866fdf2a1892abce84a0832c1eb15511ef"><code>28e3df8</code></a> Update chacha20: use ChaChaCore directly; remove bytes_until_reseed field (<a href="https://redirect.github.com/rust-random/rand/issues/1">#1</a>...</li> <li><a href="https://github.com/rust-random/rand/commit/03db3110d0224cf5c9ae7b4462e58f4dca4a5293"><code>03db311</code></a> Replace fn reseed_and_generate with try_to_reseed</li> <li><a href="https://github.com/rust-random/rand/commit/b14483e6abd464c2745ed701cebf214a0f6fb374"><code>b14483e</code></a> Apply inline attr to fn generate</li> <li><a href="https://github.com/rust-random/rand/commit/fda8f74872f759cf72514c84dec30033c04f60d1"><code>fda8f74</code></a> Remove bytes_until_reseed field</li> <li><a href="https://github.com/rust-random/rand/commit/213bb3bd4270df73bdd4885c2bf5682dce73c03d"><code>213bb3b</code></a> Bump chacha20 to 0.10.0-rc.11</li> <li><a href="https://github.com/rust-random/rand/commit/72afe1e973fcd83d840cf597888223072bbdb04c"><code>72afe1e</code></a> Minor tweaks; prepare v0.10.0-rc.9 (<a href="https://redirect.github.com/rust-random/rand/issues/1736">#1736</a>)</li> <li>Additional commits viewable in <a href="https://github.com/rust-random/rand/compare/rand_core-0.9.2...0.10.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Daniel Harvey <danieljamesharvey@gmail.com> V3_GIT_ORIGIN_REV_ID: 0923581a3824870a0d5b9c5fcf0296c2d0949f01
V3_GIT_ORIGIN_REV_ID: 47807000deed23bf9bba3911b78ace2c4086fdfb
) <!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: 34369d44a6c317e0fd5856f8c32bcef7ebf55bb2
…ables PR-URL: hasura/graphql-engine-mono#11431 GitOrigin-RevId: 90005d85c79a05ef1fba39aadfee1349a419342f
Bumps [criterion](https://github.com/criterion-rs/criterion.rs) from 0.8.1 to 0.8.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/criterion-rs/criterion.rs/releases">criterion's releases</a>.</em></p> <blockquote> <h2>criterion-plot-v0.8.2</h2> <h3>Other</h3> <ul> <li>Update Readme</li> </ul> <h2>criterion-v0.8.2</h2> <h3>Fixed</h3> <ul> <li>don't build alloca on unsupported targets</li> </ul> <h3>Other</h3> <ul> <li><em>(deps)</em> bump crate-ci/typos from 1.40.0 to 1.43.0</li> <li>Fix panic with uniform iteration durations in benchmarks</li> <li>Update Readme</li> <li>Exclude development scripts from published package</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/criterion-rs/criterion.rs/blob/master/CHANGELOG.md">criterion's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/criterion-rs/criterion.rs/compare/criterion-v0.8.1...criterion-v0.8.2">0.8.2</a> - 2026-02-04</h2> <h3>Fixed</h3> <ul> <li>don't build alloca on unsupported targets</li> </ul> <h3>Other</h3> <ul> <li><em>(deps)</em> bump crate-ci/typos from 1.40.0 to 1.43.0</li> <li>Fix panic with uniform iteration durations in benchmarks</li> <li>Update Readme</li> <li>Exclude development scripts from published package</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/7f0d745532e3c7b2e11bbf9de9b911f91790d3b1"><code>7f0d745</code></a> chore: release v0.8.2</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/4a467ce964052ae9bd9266c0706b470b817613e0"><code>4a467ce</code></a> chore(deps): bump crate-ci/typos from 1.40.0 to 1.43.0</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/b277a751453cf9ce0595e41bddf819210a6d6e47"><code>b277a75</code></a> Fix panic with uniform iteration durations in benchmarks</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/828af1450d648c599a92a077b75e292747761d99"><code>828af14</code></a> fix: don't build alloca on unsupported targets</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/b01316b76e42028f3b1cf3731f643bea7f354f39"><code>b01316b</code></a> Update Readme</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/4c02a3b4e560fe1f296c0ed1e9b53e3154a3cac6"><code>4c02a3b</code></a> Exclude development scripts from published package</li> <li>See full diff in <a href="https://github.com/criterion-rs/criterion.rs/compare/criterion-v0.8.1...criterion-v0.8.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: d59b1db472a69f6205ee2e970b0a1ebbdfb8e98d
Bumps [derive_more](https://github.com/JelteF/derive_more) from 2.1.0 to 2.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/JelteF/derive_more/releases">derive_more's releases</a>.</em></p> <blockquote> <h2>2.1.1</h2> <p><a href="https://docs.rs/derive_more/2.1.1">API docs</a> <a href="https://github.com/JelteF/derive_more/blob/v2.1.1/CHANGELOG.md#211---2025-12-22">Changelog</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/JelteF/derive_more/blob/master/CHANGELOG.md">derive_more's changelog</a>.</em></p> <blockquote> <h2>2.1.1 - 2025-12-22</h2> <h3>Fixed</h3> <ul> <li><code>.as_dyn_error()</code> method hygiene inside <code>Error</code> derive expansion. (<a href="https://redirect.github.com/JelteF/derive_more/pull/527">#527</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/JelteF/derive_more/commit/f7bb41ac054c060caaf5ff3212e74e42794cb4b4"><code>f7bb41a</code></a> Correct release date</li> <li><a href="https://github.com/JelteF/derive_more/commit/289988ab6791cf447ca208bdc467fc6b75b77ed6"><code>289988a</code></a> Prepare 2.1.1 release (<a href="https://redirect.github.com/JelteF/derive_more/issues/529">#529</a>)</li> <li><a href="https://github.com/JelteF/derive_more/commit/d820ec6e3a827132c7d273f823653f99c9123bb8"><code>d820ec6</code></a> Fix <code>derive(Error)</code> expansion hygiene (<a href="https://redirect.github.com/JelteF/derive_more/issues/527">#527</a>, <a href="https://redirect.github.com/JelteF/derive_more/issues/526">#526</a>)</li> <li><a href="https://github.com/JelteF/derive_more/commit/562728278427745ced3e22715b70abdc0dfbac07"><code>5627282</code></a> Remove glob imports in <code>derive(From)</code> tests to mend 1.94 nightly Rust regress...</li> <li>See full diff in <a href="https://github.com/JelteF/derive_more/compare/v2.1.0...v2.1.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 2cac8ddc3193f49badba87838f342fefa4dcaedb
Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.11.8 to 0.11.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-cli/env_logger/releases">env_logger's releases</a>.</em></p> <blockquote> <h2>v0.11.9</h2> <h2>[0.11.9] - 2026-02-11</h2> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md">env_logger's changelog</a>.</em></p> <blockquote> <h2>[0.11.9] - 2026-02-11</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-cli/env_logger/commit/2f06b4c7cf359b348cf92f95f83176897cedc838"><code>2f06b4c</code></a> chore: Release</li> <li><a href="https://github.com/rust-cli/env_logger/commit/57e13acb42cac437ace7d3b9819f46de1d5f5d5a"><code>57e13ac</code></a> chore: Release</li> <li><a href="https://github.com/rust-cli/env_logger/commit/4f9066d8af43095cf95bb9ddae046095af117dd6"><code>4f9066d</code></a> Merge pull request <a href="https://redirect.github.com/rust-cli/env_logger/issues/393">#393</a> from rust-cli/renovate/crate-ci-typos-1.x</li> <li><a href="https://github.com/rust-cli/env_logger/commit/3e4709a2665c93f39c0cf63b84ceaea8da42864e"><code>3e4709a</code></a> chore(deps): Update Rust crate snapbox to v0.6.24 (<a href="https://redirect.github.com/rust-cli/env_logger/issues/394">#394</a>)</li> <li><a href="https://github.com/rust-cli/env_logger/commit/80ff83adba5f55a293a484e684cd10b88c6739de"><code>80ff83a</code></a> chore(deps): Update pre-commit hook crate-ci/typos to v1.42.3</li> <li><a href="https://github.com/rust-cli/env_logger/commit/76891b9e32d7e0c2a43a6f843a20caaf5adb0782"><code>76891b9</code></a> Merge pull request <a href="https://redirect.github.com/rust-cli/env_logger/issues/392">#392</a> from epage/template</li> <li><a href="https://github.com/rust-cli/env_logger/commit/14cda4a666db7f262fbc87f752ee2bc4d977100f"><code>14cda4a</code></a> chore: Update from _rust template</li> <li><a href="https://github.com/rust-cli/env_logger/commit/e4f2b351a3d5290a8f26db395bf736e0f80a5856"><code>e4f2b35</code></a> chore(ci): Update action</li> <li><a href="https://github.com/rust-cli/env_logger/commit/6d0d36b0723b29856d380eb89b3c571a9f9c570f"><code>6d0d36b</code></a> chore(ci): Clean up previous branch in case it was leaked</li> <li><a href="https://github.com/rust-cli/env_logger/commit/30b3b14bd665d443f45123729dc69d1f085575f9"><code>30b3b14</code></a> chore(ci): Fix how rustfmt jobs run</li> <li>Additional commits viewable in <a href="https://github.com/rust-cli/env_logger/compare/v0.11.8...v0.11.9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 9c2bcd30b4037372a7ff877765a063b3a8e1e57c
Following hasura/ddn-cloud#2027 this is no longer necessary. V3_GIT_ORIGIN_REV_ID: 37d122c1034696883ab096db6933e107d32c5926
Asked `auggie` to improve performance and I think it did, let's push the unchanged benchmarks first before the changes. V3_GIT_ORIGIN_REV_ID: 67b47f3769adda0839e136f1b7135d2463dbba70
PR-URL: hasura/graphql-engine-mono#11432 GitOrigin-RevId: 7967adbc07c6d32d5adbad83b7797a206a5a006f
…2367) Add ICEBERG_AUTH_MODE CLI arg / env var (none|s3|gcs) to both local-dev and multitenant engines. For S3, uses the AWS SDK default credential chain (supports EKS Pod Identity, IRSA, env vars, IMDS) via a custom AwsCredentialLoad implementation injected into iceberg's FileIO. For GCS, relies on opendal's built-in credential discovery (GCE metadata server for GKE Workload Identity). New iceberg-setup crate provides IcebergAuthMode enum and AWS credential loader, following the pattern from promptql-cloud but without REST catalog dependency. <!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> --------- Co-authored-by: Phil Freeman <phil@hasura.io> V3_GIT_ORIGIN_REV_ID: f7708a292a169dc765231ea0fde9b231ab34c023
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: ed3ed38d9a300e99b54353cd82345f4aa3bdf277
This reverts commit 37d122c1034696883ab096db6933e107d32c5926. V3_GIT_ORIGIN_REV_ID: 6291bc37872d246223ebac6f4e5ee20850935eca
PR-URL: hasura/graphql-engine-mono#11433 GitOrigin-RevId: 586bf4d9d18bd21236dd057b027ef0809a01b1ea
## Summary - Set `SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt` in the Docker image config for `engine`, `ddn-engine-local-dev`, and `multitenant-engine` - Fixes HTTPS requests (e.g., to auth webhooks) failing with `"unable to get local issuer certificate"` inside Nix-built containers ## Root Cause The `Cargo.lock` update bumped `native-tls` from 0.2.14 → 0.2.16, which pulled in `openssl-probe` 0.2.1 (was 0.1.6). This crate is responsible for locating CA certificates so that `native-tls`/OpenSSL can verify TLS connections. **`openssl-probe` 0.1.6** searched by combining a list of candidate directories with candidate filenames: ``` directories: /etc/ssl, /usr/lib/ssl, /etc/pki/tls, ... filenames: certs/ca-bundle.crt, certs/ca-certificates.crt, cert.pem, ... ``` This found Nix's cert at `/etc/ssl` + `certs/ca-bundle.crt` = `/etc/ssl/certs/ca-bundle.crt` ✅ **`openssl-probe` 0.2.1** switched to hardcoded platform-specific absolute paths on Linux: ``` /etc/ssl/certs/ca-certificates.crt ← Debian/Ubuntu /etc/pki/tls/certs/ca-bundle.crt ← RHEL/Fedora /etc/ssl/ca-bundle.pem /etc/ssl/cert.pem ... ``` `/etc/ssl/certs/ca-bundle.crt` (the Nix convention) is **not** in this list ❌ Without finding the cert file, `openssl-probe` doesn't set `SSL_CERT_FILE`, and OpenSSL falls back to its compiled-in default (`/usr/lib/ssl/certs`), which doesn't exist in the minimal Nix image → **certificate verify failed**. ## Investigation | Test environment | Result | |---|---| | Host machine (has system CA certs) | ✅ PASS | | Container **without** `ca-certificates` package | ❌ FAIL — same error | | Container with certs at `/etc/ssl/certs/ca-bundle.crt` only | ❌ FAIL — `openssl-probe` 0.2.1 doesn't find it | | Same container + `SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt` | ✅ PASS | This is arguably a bug in `openssl-probe` 0.2.1 (dropping a previously-supported cert path). A bug report will be filed upstream. ## Test plan - [ ] Verify the Nix Docker images build successfully - [ ] Verify `SSL_CERT_FILE` is set in the container: `docker run --rm --entrypoint "" <image> env | grep SSL` - [ ] Verify HTTPS requests to external endpoints work from inside the container 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: 6834ef242638d3df0341b596a90a1e297698865d
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: 317bc43619b0534c8db848183b1549f2a36f0ff2
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: a7e203856bfea1bf6fe7ebe9bf2e3d856a9a8976
PR-URL: hasura/graphql-engine-mono#11434 GitOrigin-RevId: febe00ad22fdfe214a8ec6de2a3cec0804b1dd14
### What Enable Azure ADLS Gen2 support for the Iceberg storage backend. 1. Add the `storage-azdls` feature flag to the `iceberg` dependency so that the Iceberg client can read/write to Azure Data Lake Storage. 2. Patch opendal to fix Azure Workload Identity authentication for the `azdls` backend. ### How - Added `storage-azdls` to the iceberg feature flags in `Cargo.toml`. - Patched opendal v0.55.0 via `[patch.crates-io]` pointing to [hasura/opendal `fix/azdls-workload-identity`](https://github.com/hasura/opendal/tree/fix/azdls-workload-identity). The upstream `azdls` backend does not call `AzureStorageConfig::from_env()`, so Azure Workload Identity env vars (`AZURE_FEDERATED_TOKEN_FILE`, `AZURE_CLIENT_ID`, `AZURE_TENANT_ID`, `AZURE_AUTHORITY_HOST`) are never loaded. This causes `reqsign` to skip the workload identity credential provider and fall through to IMDS, which fails on AKS. The patch matches the pattern already used by the `azblob` backend. Upstream tracking: apache/opendal#5534 --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: 111924567bcf2b8cbe0267c62de689c59d0d110d
Bumps [syn](https://github.com/dtolnay/syn) from 2.0.116 to 2.0.117. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/syn/releases">syn's releases</a>.</em></p> <blockquote> <h2>2.0.117</h2> <ul> <li>Fix parsing of <code>self::</code> pattern in first function argument (<a href="https://redirect.github.com/dtolnay/syn/issues/1970">#1970</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/syn/commit/7bcb37cdb3399977658c8b52d2441d37e42e48f2"><code>7bcb37c</code></a> Release 2.0.117</li> <li><a href="https://github.com/dtolnay/syn/commit/9c6e7d3b8df7b30909d60395f88a6ca07688e1c1"><code>9c6e7d3</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/syn/issues/1970">#1970</a> from dtolnay/receiver</li> <li><a href="https://github.com/dtolnay/syn/commit/019a84847eded0cdb1f7856e0752ba618155cfc9"><code>019a848</code></a> Fix self:: pattern in first function argument</li> <li><a href="https://github.com/dtolnay/syn/commit/23f54f3cf61ddedd5daea4f347eca2d4b84c8abb"><code>23f54f3</code></a> Update test suite to nightly-2026-02-18</li> <li><a href="https://github.com/dtolnay/syn/commit/b99b9a627c46580343398472e7b08a131357a994"><code>b99b9a6</code></a> Unpin CI miri toolchain</li> <li>See full diff in <a href="https://github.com/dtolnay/syn/compare/2.0.116...2.0.117">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: cf0b63b23bdf095203fb7fbd6fb870b7715adde6
PR-URL: hasura/graphql-engine-mono#11438 GitOrigin-RevId: 480a286fa3394a7ff4437699b1451b67212cfd13
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: 282623e3f1a946452e4fa530487e9e8613af44ae
GitOrigin-RevId: 4fc17ed07365a90ac9d5311b1613b00368db14f7
## Summary - When a session variable required by a permission condition is not found (e.g. `x-hasura-promptql-user-id`), the error was categorized as `Internal` (500). This is actually a user configuration issue — the user hasn't provided the required session variable. Now the error category is `Permission`. - ## Test plan - [ ] Verify that a missing session variable in a permission condition returns a 400 permission error instead of a 500 internal error - [ ] Verify that other condition evaluation errors (e.g. missing condition hash) still return 500 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: 627e6a35d8dddea38652ea92c5401e65d3aa0982
Bumps [convert_case](https://github.com/rutrum/convert-case) from 0.10.0 to 0.11.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/rutrum/convert-case/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 9b51aee27b084ec4ee8993231c38d1a8655caa64
Result streams return a `200` if they start correctly, so it's difficult
to signal later errors.
Regular output is JSON lines, ie
```json
{ "name": "mr horse", "age": 100 }
{ "name": "mrs horse", "age": 95 }
```
But now if something goes wrong, the connector could insert
```json
[500, "terrible internal error!"]
```
Which would be treated as if the connector had returned a 500 code with
"terrible internal error!" as the message.
V3_GIT_ORIGIN_REV_ID: 5ea933c652a1870c92c8dbd4ebab64721143c998
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: 408d14ad76680125c2e43b2bb4020d4331b74129
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: 5696da9250c64c3885e5d4e5efc31e78b1927c3e
<!-- The PR description should answer 2 important questions: --> ### What <!-- What is this PR trying to accomplish (and why, if it's not obvious)? --> <!-- Consider: do we need to add a changelog entry? --> <!-- Does this PR introduce new validation that might break old builds? --> <!-- Consider: do we need to put new checks behind a flag? --> ### How <!-- How is it trying to accomplish it (what are the implementation steps)? --> V3_GIT_ORIGIN_REV_ID: 24b321b9db6dd72f8197bc46b9e3a0cfdf5e75b2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )