[pull] master from hasura:master by pull[bot] · Pull Request #7 · 13banda/graphql-engine

pull · 2024-06-04T14:35:53Z

See Commits and Changes for more details.

Can you help keep this open source service alive? 💖 Please sponsor : )

…ROM (#2046)  ### What Depends on hasura/ndc-spec#233     ### How  V3_GIT_ORIGIN_REV_ID: 7a6ba1a995e3c462912c123fa4a0de5320128be0

### What     ### How  --------- Co-authored-by: Daniel Harvey <danieljamesharvey@gmail.com> V3_GIT_ORIGIN_REV_ID: 6bcd648a535455533627c9ba3d00cac801b13831

### What Allows pre-parse plugins to modify incoming GraphQL requests before processing. Plugins can return HTTP status code `299` with a modified request body to continue with the updated request. An example of what we can do with request modification: <img width="3692" height="2086" alt="image" src="https://github.com/user-attachments/assets/db9ff0c2-09d9-4168-99c1-1fae2686bdfe" /> The example above uses a python plugin based on LLM to add a limit to the graphql queries. - Backwards compatible with existing plugins - Works for both HTTP and WebSocket requests     ### How  - Added `PreExecutePluginResponse::ContinueWithRequest(RawRequest)` variant for modified requests - Plugins return HTTP status code `299` with modified request body to signal continuation - Updated middleware in both single-tenant and multi-tenant engines to handle request recreation - Uses `Cow<RawRequest>` for efficient handling when no modification occurs V3_GIT_ORIGIN_REV_ID: da6ca3d9628cd8a3bc7a84fd847e20a212306115

PR-URL: hasura/graphql-engine-mono#11295 GitOrigin-RevId: eff8ccd5df91906423f4c3253e7b1ba527828b39

GITHUB_PR_NUMBER: 10746 GITHUB_PR_URL: #10746 PR-URL: hasura/graphql-engine-mono#11294 Co-authored-by: Aidan McAlister <105178005+aidankmcalister@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> GitOrigin-RevId: a07d8aba18de3198df60c6c6ce7a5109fb2b68b5

### What We have the same pattern for models, commands and object types used in an output context, so let's do the same for objects in an input context. Essentially a no-op that makes implementing input type permissions for authorization rules simpler. V3_GIT_ORIGIN_REV_ID: 2ce644dd9f661fd940122ec41289f281ec412c63

### What We can apply field presets on types. This changes those to use authorization rules internally. Functional no-op. V3_GIT_ORIGIN_REV_ID: 68fc42af9b33a706271289d7a26d01ebc1b1d91b

Update changelog V3_GIT_ORIGIN_REV_ID: afe96935234e96d33cd06f9f16a97688a3611811

Bumps [rand](https://github.com/rust-random/rand) from 0.9.0 to 0.9.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-random/rand/blob/master/CHANGELOG.md">rand's changelog</a>.</em></p> <blockquote> <h2>[0.9.2 — 2025-07-20]</h2> <h3>Deprecated</h3> <ul> <li>Deprecate <code>rand::rngs::mock</code> module and <code>StepRng</code> generator (<a href="https://redirect.github.com/rust-random/rand/issues/1634">#1634</a>)</li> </ul> <h3>Additions</h3> <ul> <li>Enable <code>WeightedIndex<usize></code> (de)serialization (<a href="https://redirect.github.com/rust-random/rand/issues/1646">#1646</a>)</li> </ul> <h2>[0.9.1] - 2025-04-17</h2> <h3>Security and unsafe</h3> <ul> <li>Revise "not a crypto library" policy again (<a href="https://redirect.github.com/rust-random/rand/issues/1565">#1565</a>)</li> <li>Remove <code>zerocopy</code> dependency from <code>rand</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1579">#1579</a>)</li> </ul> <h3>Fixes</h3> <ul> <li>Fix feature <code>simd_support</code> for recent nightly rust (<a href="https://redirect.github.com/rust-random/rand/issues/1586">#1586</a>)</li> </ul> <h3>Changes</h3> <ul> <li>Allow <code>fn rand::seq::index::sample_weighted</code> and <code>fn IndexedRandom::choose_multiple_weighted</code> to return fewer than <code>amount</code> results (<a href="https://redirect.github.com/rust-random/rand/issues/1623">#1623</a>), reverting an undocumented change (<a href="https://redirect.github.com/rust-random/rand/issues/1382">#1382</a>) to the previous release.</li> </ul> <h3>Additions</h3> <ul> <li>Add <code>rand::distr::Alphabetic</code> distribution. (<a href="https://redirect.github.com/rust-random/rand/issues/1587">#1587</a>)</li> <li>Re-export <code>rand_core</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1604">#1604</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-random/rand/commit/d3dd4157052e5431ce42e157b544968560a68b95"><code>d3dd415</code></a> Prepare rand_core 0.9.2 (<a href="https://redirect.github.com/rust-random/rand/issues/1605">#1605</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/99fabd20e9b39d0af7c2ed6c31dbcad83a1703fd"><code>99fabd2</code></a> Prepare rand_core 0.9.2</li> <li><a href="https://github.com/rust-random/rand/commit/c7fe1c43b5ba53aacad5fbac94a8b88788564049"><code>c7fe1c4</code></a> rand: re-export <code>rand_core</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1604">#1604</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/db2b1e0bb41b0a1435b9fecaa1b7bdb531183204"><code>db2b1e0</code></a> rand: re-export <code>rand_core</code></li> <li><a href="https://github.com/rust-random/rand/commit/ee1d96f9f527dbe6f873c8a5ccf47d60a6b8f7b7"><code>ee1d96f</code></a> rand_core: implement reborrow for <code>UnwrapMut</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1595">#1595</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/e0eb2ee0fcc0b07afb901465f4a8ba7f07128f87"><code>e0eb2ee</code></a> rand_core: implement reborrow for <code>UnwrapMut</code></li> <li><a href="https://github.com/rust-random/rand/commit/975f602f5dbbdab0a024e0c5e8b527907426bd8c"><code>975f602</code></a> fixup clippy 1.85 warnings</li> <li><a href="https://github.com/rust-random/rand/commit/775b05be1b8a4fdef17c6601cd223551fbf67edc"><code>775b05b</code></a> Relax <code>Sized</code> requirements for blanket impls (<a href="https://redirect.github.com/rust-random/rand/issues/1593">#1593</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/ec6d5c06a5384c14563a2164bb4a038100a5bb78"><code>ec6d5c0</code></a> Prepare rand_core v0.9.1 (<a href="https://redirect.github.com/rust-random/rand/issues/1591">#1591</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/6a06056e8a892bfa181ec24a8ea16aa9f2fe97d3"><code>6a06056</code></a> rand_core: introduce an UnwrapMut wrapper (<a href="https://redirect.github.com/rust-random/rand/issues/1589">#1589</a>)</li> <li>Additional commits viewable in <a href="https://github.com/rust-random/rand/compare/0.9.0...rand_core-0.9.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rand&package-manager=cargo&previous-version=0.9.0&new-version=0.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 4cb90b81ffcce67607181ccae797bfc87cf30243

Bumps [clap](https://github.com/clap-rs/clap) from 4.5.40 to 4.5.41. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.5.41] - 2025-07-09</h2> <h3>Features</h3> <ul> <li>Add <code>Styles::context</code> and <code>Styles::context_value</code> to customize the styling of <code>[default: value]</code> like notes in the <code>--help</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/clap-rs/clap/commit/92fcd83b7687a16005f91465ad64ca647929e76f"><code>92fcd83</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/aca91b99c1f934c1f6b29924bb052e2c51854d05"><code>aca91b9</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/8434510cee78d9591277c187c128c6ca7db8acc1"><code>8434510</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5869">#5869</a> from tw4452852/patch-1</li> <li><a href="https://github.com/clap-rs/clap/commit/33b1fc304ec6f551e0f2b082eafe1b6f44212179"><code>33b1fc3</code></a> fix(complete): Fix env leakage in elvish dynamic completion</li> <li><a href="https://github.com/clap-rs/clap/commit/e5f1f4884c48fd472529baa253c6384929f2ac0d"><code>e5f1f48</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/9466a552fbf938f7969245f5bac99c38ea446e9b"><code>9466a55</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/d74b79351212ad10eb89b9f842e678b8b2fdbee9"><code>d74b793</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5865">#5865</a> from gifnksm/nushell-completion-value-types</li> <li><a href="https://github.com/clap-rs/clap/commit/ecbc775d3b4d8874786738fa4f342e6796446ff0"><code>ecbc775</code></a> fix(nu): Set argument type based on <code>ValueHint</code></li> <li><a href="https://github.com/clap-rs/clap/commit/6784054536a18549d90221ecd300084f02ca6386"><code>6784054</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5857">#5857</a> from epage/empty</li> <li><a href="https://github.com/clap-rs/clap/commit/cca5f32b3a9dc0982fbc63e856a49ad3c7688b68"><code>cca5f32</code></a> test(complete): Show empty option-value behavior</li> <li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.40...clap_complete-v4.5.41">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.5.40&new-version=4.5.41)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: f7c6e729ca46b71df0e75bda2ea930d82dc6208f

Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.140 to 1.0.141. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.141</h2> <ul> <li>Optimize string escaping during serialization (<a href="https://redirect.github.com/serde-rs/json/issues/1273">#1273</a>, thanks <a href="https://github.com/conradludgate"><code>@conradludgate</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/6843c3660ec3394b15da016902e001f8381dfe92"><code>6843c36</code></a> Release 1.0.141</li> <li><a href="https://github.com/serde-rs/json/commit/6e2c21063a477122dd5dd4a55a6d8494e6bc7921"><code>6e2c210</code></a> Touch up PR 1273</li> <li><a href="https://github.com/serde-rs/json/commit/623d9b47cfc1f3e1a596f31ef9e56c6aa249b1b6"><code>623d9b4</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1273">#1273</a> from conradludgate/optimise-string-escaping</li> <li><a href="https://github.com/serde-rs/json/commit/de70b7db1fe8783a6e18fe997470a550c376abb0"><code>de70b7d</code></a> use unreachable_unchecked for escape table. use a second match to roundtrip E...</li> <li><a href="https://github.com/serde-rs/json/commit/f2d940dd54d82235eb6f5b276f03eaeba058f06c"><code>f2d940d</code></a> replace start index with bytes slice reference</li> <li><a href="https://github.com/serde-rs/json/commit/cd55b5a0ff5f88f1aeb7a77c1befc9ddb3205201"><code>cd55b5a</code></a> Ignore mismatched_lifetime_syntaxes lint</li> <li><a href="https://github.com/serde-rs/json/commit/c1826ebcccb1a520389c6b78ad3da15db279220d"><code>c1826eb</code></a> Pin nightly toolchain used for miri job</li> <li><a href="https://github.com/serde-rs/json/commit/8a56cfa6d0a93c39ee4ef07d431de0748eed9028"><code>8a56cfa</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1248">#1248</a> from jimmycathy/master</li> <li><a href="https://github.com/serde-rs/json/commit/af3d80de56bc9bb06def76badbd0ef1abd43ca7c"><code>af3d80d</code></a> chore: fix typo</li> <li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.140...v1.0.141">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.140&new-version=1.0.141)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: ef4b65bad0d08a26cfe0517dc06c5231f88a4564

SQL layer doesn't check this is allowed before creating the OpenDD IR, so we need to add checking. Need to add a test for this before merging. V3_GIT_ORIGIN_REV_ID: 7d3c93659926e73634e3645e59a3706fa24b5ad4

### What There is a hierarchy of permissions access, that goes from `not allowed` -> `allowed` -> `denied`, with `denied` always taking precedence. This has been implemented using multiple booleans [here](https://github.com/hasura/v3-engine/pull/2009/files#diff-b7433068b76f48672c523459e4a168e89c12f69204e27cf1c666a47c031836c7R57) which is frankly a bit confusing, so instead we introduce a sturdier enum. V3_GIT_ORIGIN_REV_ID: d57ab4e1d0eb948e999d70193a2be44439a094fc

### What Depends on hasura/ndc-spec#235     ### How  V3_GIT_ORIGIN_REV_ID: 90a33c9ee067490870864a8d426efc0c6c483591

…ins spaces PR-URL: hasura/graphql-engine-mono#11298 GitOrigin-RevId: eecbbb45d9fd6d0e0278861a86dcaa814654469d

V3_GIT_ORIGIN_REV_ID: 27d62d7ca1834d65dc29ca7e18ce74bd3c0dd6e3

### What In hasura/v3-engine#1954 we started using `authorization_rules` internally for type output permissions. Here, we do the same for select permissions for models, using `authorization_rules` in `plan` to calculate: - can we select from this `Model`? - are there any filters we need to apply? - are we allowed to do subscriptions with it? - which argument presets do we need? - which relational mutations are we allowed (`update`, `delete`, `insert`)? ### Performance Benchmarks is measured against current `main`. `Total Execution Time` is a bit slower for simpler queries, but faster for more complex queries, particularly those using relationships. This tracks with the changes as: - we cache the results of evaluating `Conditions` to optimise for running `x-hasura-role == foo` checks over and over again, but we are still doing more work than a simple map lookup. - when collecting filters for `ModelPermissions`, we return `Vec<&ModelPredicate>` and pass that around, only cloning them when actually needed. This reduces a bunch of unnecessary cloning, particularly where relationships are concerned, as we'd check a user could access the model underneath a relationship but never use the filters for anything else. ``` simple_select/bench_execute/Total Execution time time: [648.73 µs 659.03 µs 669.90 µs] change: [+11.312% +14.294% +17.206%] (p = 0.00 < 0.05) Performance has regressed. select_many/bench_execute/Total Execution time time: [608.95 µs 619.06 µs 629.69 µs] change: [+8.5431% +10.842% +13.304%] (p = 0.00 < 0.05) Performance has regressed. select_many_where/bench_execute/Total Execution time time: [1.2079 ms 1.2287 ms 1.2506 ms] change: [+0.0203% +2.1676% +4.6082%] (p = 0.05 < 0.05) Change within noise threshold. object_relationship/bench_execute/Total Execution time time: [831.13 µs 843.36 µs 855.92 µs] change: [-0.4508% +1.6093% +3.5083%] (p = 0.12 > 0.05) No change in performance detected. array_relationship/bench_execute/Total Execution time time: [779.65 µs 792.49 µs 806.21 µs] change: [-17.943% -15.474% -12.910%] (p = 0.00 < 0.05) Performance has improved. relay_node_field/bench_execute/Total Execution time time: [605.03 µs 614.19 µs 623.73 µs] change: [-29.244% -26.453% -23.661%] (p = 0.00 < 0.05) Performance has improved. ``` --------- Co-authored-by: Brandon Simmons <brandon.m.simmons@gmail.com> V3_GIT_ORIGIN_REV_ID: 6d96e5ccbdd6c095112c58cda430ce30b01b3544

### What     Add sync mode pre-response plugin support that allows plugins to modify responses before they are sent to the client. An example plugin config is: ```yaml kind: LifecyclePluginHook version: v1 definition: pre: response name: test-1 url: value: http://localhost:5001/extensions/add_ai_summary config: request: session: {} rawRequest: query: {} variables: {} mode: type: synchronous onPluginFailure: continue # or this can be set to `fail` ``` This introduces synchronous pre-response plugins that can: - Intercept and modify GraphQL responses - Return custom responses or errors based on response content - Chain multiple plugins with response transformations - Support soft-fail behaviour for error handling Example of what we can do with sync mode pre-response plugins: <img width="3699" height="2153" alt="image" src="https://github.com/user-attachments/assets/2e0bf5db-22ba-4822-bb44-6b81376a8bbb" /> ### How  **Sync Mode Pre-Response Plugins:** - Added `ResolvedLifecyclePreResponseSyncPluginHook` with synchronous execution model - Implemented response chaining where each plugin can modify the response for the next plugin - Added support for different HTTP status codes: - `204 No Content`: Continue with original response - `200 OK`: Continue with modified response (JSON body) - `400 Bad Request`: Return user error - `500 Internal Server Error`: Return internal error - Introduced soft-fail configuration to allow plugins to fail gracefully without breaking the request - Plugins execute sequentially, allowing response transformations to build upon each other **Architecture Changes:** - Maintained both sync and async pre-response plugin support with unified configuration - Updated plugin configuration types to support mode selection (synchronous/asynchronous) - Enhanced error handling and tracing for both plugin types - Updated all test files and benchmarks to use the new plugin configuration structure V3_GIT_ORIGIN_REV_ID: dbee433e38346c44cc342edb1bb87345907d2bb0

### What Don't send the `from_type` value if it's not supported by the connector. V3_GIT_ORIGIN_REV_ID: 5714686f3aaec3d11e80d2ea87237911e28cd04b

PR-URL: hasura/graphql-engine-mono#11300 Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com> GitOrigin-RevId: 53b9ffd6717b7b99d6d3cbee0c9025778ad46346

PR-URL: hasura/graphql-engine-mono#11302 GitOrigin-RevId: b3334074c0e2b38cfbbbcf097162b5f079af7f43

PR-URL: hasura/graphql-engine-mono#11305 GitOrigin-RevId: e26fb0f7c8d3ab2194290d8a2d5f6e4572cf8362

### What We throw `DataFusionError` all over the place meaning we lose context and don't have much granularity over how we report on and treat errors. Let's make proper enums. This is an arbitrary cut to keep the PRs small. The only external change is removing some stuff like `error in data fusion: Error during planning: ` stuff from the start of error messages. V3_GIT_ORIGIN_REV_ID: 860261349e2c505eebd6e6424b91984d14197102

Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.46.1 to 1.47.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.47.0</h2> <h1>1.47.0 (July 25th, 2025)</h1> <p>This release adds <code>poll_proceed</code> and <code>cooperative</code> to the <code>coop</code> module for cooperative scheduling, adds <code>SetOnce</code> to the <code>sync</code> module which provides similar functionality to [<code>std::sync::OnceLock</code>], and adds a new method <code>sync::Notify::notified_owned()</code> which returns an <code>OwnedNotified</code> without a lifetime parameter.</p> <h2>Added</h2> <ul> <li>coop: add <code>cooperative</code> and <code>poll_proceed</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>)</li> <li>sync: add <code>SetOnce</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>)</li> <li>sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> </ul> <h2>Changed</h2> <ul> <li>deps: upgrade windows-sys 0.52 → 0.59 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7117">#7117</a>)</li> <li>deps: update to socket2 v0.6 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7443">#7443</a>)</li> <li>sync: improve <code>AtomicWaker::wake</code> performance (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>)</li> </ul> <h2>Documented</h2> <ul> <li>metrics: fix listed feature requirements for some metrics (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>)</li> <li>runtime: improve safety comments of <code>Readiness<'_></code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7405">tokio-rs/tokio#7405</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7415">tokio-rs/tokio#7415</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7418">tokio-rs/tokio#7418</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7449">tokio-rs/tokio#7449</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7450">tokio-rs/tokio#7450</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7465">tokio-rs/tokio#7465</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/3911cb8523f190142f61c64b66881c07c0d3e7be"><code>3911cb8</code></a> chore: prepare Tokio v1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7482">#7482</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d545aa2601e3008ce49c8c0191b0f172ce577452"><code>d545aa2</code></a> sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/911ab21d7012a50e53971ad1292a9f18de22d4c8"><code>911ab21</code></a> sync: add <code>SetOnce</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/9e94fa7e15cfe6ebbd06e9ebad4642896620d924"><code>9e94fa7</code></a> task: remove raw-entry feature from hashbrown dep (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7252">#7252</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/0d234c3cf9231288bd7ea3d8f2df65fa24b87a80"><code>0d234c3</code></a> ci: unfreeze wasm-unknown-unknown from rustc 1.81 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7471">#7471</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/3754e059b61553dd51064b433fb61465c4b93afe"><code>3754e05</code></a> ci: use ubuntu-24.04-arm instead of ubuntu-22.04-arm (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7470">#7470</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/6d868d96ce9df27c5ec1be3bba960ebe80ee4793"><code>6d868d9</code></a> sync: fix <code>CancellationToken</code> failing to cancel the ready futures (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7462">#7462</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/0a3fe460862720d005b8fa39cdde30575a063785"><code>0a3fe46</code></a> sync: remove duplicated code in <code>OnceCell</code> tests (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7458">#7458</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/154d7d5fe663302c96e25d2b6064813996264a91"><code>154d7d5</code></a> ci: cleanup legacy <code>R-loom-multi-thread-alt</code> label from the labeler (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7457">#7457</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/611b7933561670c8349ddd5c100fdc76c474e3db"><code>611b793</code></a> coop: add <code>cooperative</code> and <code>poll_proceed</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.46.1...tokio-1.47.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio&package-manager=cargo&previous-version=1.46.1&new-version=1.47.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: b7e0c353b618bfb12e73450126a0628339e06af6

Bumps [tower-http](https://github.com/tower-rs/tower-http) from 0.5.2 to 0.6.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tower-rs/tower-http/releases">tower-http's releases</a>.</em></p> <blockquote> <h2>tower-http-0.6.6</h2> <h2>Fixed</h2> <ul> <li>compression: fix panic when looking in vary header (<a href="https://redirect.github.com/tower-rs/tower-http/issues/578">#578</a>)</li> </ul> <p><a href="https://redirect.github.com/tower-rs/tower-http/issues/578">#578</a>: <a href="https://redirect.github.com/tower-rs/tower-http/pull/578">tower-rs/tower-http#578</a></p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/sulami"><code>@sulami</code></a> made their first contribution in <a href="https://redirect.github.com/tower-rs/tower-http/pull/578">tower-rs/tower-http#578</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tower-rs/tower-http/compare/tower-http-0.6.5...tower-http-0.6.6">https://github.com/tower-rs/tower-http/compare/tower-http-0.6.5...tower-http-0.6.6</a></p> <h2>tower-http-0.6.5</h2> <h2>Added</h2> <ul> <li>normalize_path: add <code>append_trailing_slash()</code> mode (<a href="https://redirect.github.com/tower-rs/tower-http/issues/547">#547</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>redirect: remove payload headers if redirect changes method to GET (<a href="https://redirect.github.com/tower-rs/tower-http/issues/575">#575</a>)</li> <li>compression: avoid setting <code>vary: accept-encoding</code> if already set (<a href="https://redirect.github.com/tower-rs/tower-http/issues/572">#572</a>)</li> </ul> <p><a href="https://redirect.github.com/tower-rs/tower-http/issues/547">#547</a>: <a href="https://redirect.github.com/tower-rs/tower-http/pull/547">tower-rs/tower-http#547</a> <a href="https://redirect.github.com/tower-rs/tower-http/issues/572">#572</a>: <a href="https://redirect.github.com/tower-rs/tower-http/pull/572">tower-rs/tower-http#572</a> <a href="https://redirect.github.com/tower-rs/tower-http/issues/575">#575</a>: <a href="https://redirect.github.com/tower-rs/tower-http/pull/575">tower-rs/tower-http#575</a></p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/daalfox"><code>@daalfox</code></a> made their first contribution in <a href="https://redirect.github.com/tower-rs/tower-http/pull/547">tower-rs/tower-http#547</a></li> <li><a href="https://github.com/mherrerarendon"><code>@mherrerarendon</code></a> made their first contribution in <a href="https://redirect.github.com/tower-rs/tower-http/pull/574">tower-rs/tower-http#574</a></li> <li><a href="https://github.com/linyihai"><code>@linyihai</code></a> made their first contribution in <a href="https://redirect.github.com/tower-rs/tower-http/pull/575">tower-rs/tower-http#575</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tower-rs/tower-http/compare/tower-http-0.6.4...tower-http-0.6.5">https://github.com/tower-rs/tower-http/compare/tower-http-0.6.4...tower-http-0.6.5</a></p> <h2>tower-http 0.6.4</h2> <h2>Added</h2> <ul> <li>decompression: Support HTTP responses containing multiple ZSTD frames (<a href="https://redirect.github.com/tower-rs/tower-http/issues/548">#548</a>)</li> <li>The <code>ServiceExt</code> trait for chaining layers onto an arbitrary http service just like <code>ServiceBuilderExt</code> allows for <code>ServiceBuilder</code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/563">#563</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>Remove unnecessary trait bounds on <code>S::Error</code> for <code>Service</code> impls of <code>RequestBodyTimeout<S></code> and <code>ResponseBodyTimeout<S></code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/533">#533</a>)</li> <li>compression: Respect <code>is_end_stream</code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/535">#535</a>)</li> <li>Fix a rare panic in <code>fs::ServeDir</code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/553">#553</a>)</li> <li>Fix invalid <code>content-lenght</code> of 1 in response to range requests to empty files (<a href="https://redirect.github.com/tower-rs/tower-http/issues/556">#556</a>)</li> <li>In <code>AsyncRequireAuthorization</code>, use the original inner service after it is</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tower-rs/tower-http/commit/635692d757f29dfa3041c02cd66c195be07bc8b3"><code>635692d</code></a> v0.6.6</li> <li><a href="https://github.com/tower-rs/tower-http/commit/359d997420ac06f08e780471edd3e94a8757940f"><code>359d997</code></a> Fix an indexing panic in compression (<a href="https://redirect.github.com/tower-rs/tower-http/issues/578">#578</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/24c0f0b4f92cfd05dbef689459f573845a295c16"><code>24c0f0b</code></a> refactor: slightly reduce use of <code>futures-util</code> (<a href="https://redirect.github.com/tower-rs/tower-http/issues/577">#577</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/51723d48476cd8bcfc718f299fb6a5c21c5dc03e"><code>51723d4</code></a> v0.6.5</li> <li><a href="https://github.com/tower-rs/tower-http/commit/0187232a11641536b45736513dd606590555186e"><code>0187232</code></a> feat(compression): avoid setting <code>Vary: Accept-Encoding</code> when already set (<a href="https://redirect.github.com/tower-rs/tower-http/issues/572">#572</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/f64fbe6bc077765e9263f0e372088d5f8c58e26b"><code>f64fbe6</code></a> fix(redirect): Removed <code>headers</code> after empty payload set. (<a href="https://redirect.github.com/tower-rs/tower-http/issues/575">#575</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/7388e7687c92c1439fccbe978c6e179a0034995c"><code>7388e76</code></a> docs: Clarify TimeoutBody is a timeout per frame, not total (<a href="https://redirect.github.com/tower-rs/tower-http/issues/574">#574</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/86615aabc803b36901711658f9517972bdcb648e"><code>86615aa</code></a> normalize_path: Add <code>Append</code> mode (<a href="https://redirect.github.com/tower-rs/tower-http/issues/547">#547</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/fa8848e9d128f6ec2d5571fdb8cd74575bf3c834"><code>fa8848e</code></a> Release v0.6.4 (<a href="https://redirect.github.com/tower-rs/tower-http/issues/568">#568</a>)</li> <li><a href="https://github.com/tower-rs/tower-http/commit/2608a513ddaf44e93936c35f07a120f77823d608"><code>2608a51</code></a> Make type inference work for ServiceExt (<a href="https://redirect.github.com/tower-rs/tower-http/issues/566">#566</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tower-rs/tower-http/compare/tower-http-0.5.2...tower-http-0.6.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tower-http&package-manager=cargo&previous-version=0.5.2&new-version=0.6.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 59c976cb6db421e732ca7d506e18d45eda0f50e1

V3_GIT_ORIGIN_REV_ID: 588a405aa0240d7ded6bfd02fc7165a2cee2a7f3

V3_GIT_ORIGIN_REV_ID: 27804ed1ef2a8fe477e5dece15bfa59b3705e7b1

### What     ### How  V3_GIT_ORIGIN_REV_ID: b207c27f7ca5b31165867311840a00fb538b40e5

…tes (#2342) ## Summary Replace `reqwest` HTTP types with WASM-compatible standalone alternatives in the `metadata-resolve` crate. ## Changes - Replace `reqwest::Url` with `url::Url` (the `url` crate was already a dependency) - Replace `reqwest::header::{HeaderMap, HeaderName, HeaderValue}` with `http::header` equivalents - Update `get_url()` return type from `&reqwest::Url` to `&url::Url` ## Motivation This removes the `reqwest` dependency from `metadata-resolve`, which is a prerequisite for compiling the crate to WASM. The `reqwest` crate has native platform dependencies that don't compile to WASM targets, while the `url` and `http` crates are pure Rust and compile cleanly to WASM. ## Testing - All 29 tests in `metadata-resolve` pass - `cargo check --all` passes (all dependent crates compile) --- Pull Request opened by [Augment Code](https://www.augmentcode.com/) with guidance from the PR author V3_GIT_ORIGIN_REV_ID: 17fb29a2627b81c11a2fb7fce085bc2a556517ff

Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.145 to 1.0.149. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.149</h2> <ul> <li>Align arbitrary_precision number strings with zmij's formatting (<a href="https://redirect.github.com/serde-rs/json/issues/1306">#1306</a>, thanks <a href="https://github.com/b41sh"><code>@b41sh</code></a>)</li> </ul> <h2>v1.0.148</h2> <ul> <li>Update <code>zmij</code> dependency to 1.0</li> </ul> <h2>v1.0.147</h2> <ul> <li>Switch float-to-string algorithm from Ryū to Żmij for better f32 and f64 serialization performance (<a href="https://redirect.github.com/serde-rs/json/issues/1304">#1304</a>)</li> </ul> <h2>v1.0.146</h2> <ul> <li>Set fast_arithmetic=64 for riscv64 (<a href="https://redirect.github.com/serde-rs/json/issues/1305">#1305</a>, thanks <a href="https://github.com/Xeonacid"><code>@Xeonacid</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/4f6dbfac79647d032b0997b5ab73022340c6dab7"><code>4f6dbfa</code></a> Release 1.0.149</li> <li><a href="https://github.com/serde-rs/json/commit/f3df680098007496f5580903890892d51116d129"><code>f3df680</code></a> Touch up PR 1306</li> <li><a href="https://github.com/serde-rs/json/commit/e16730ff445bc38c04537109d99e80c594f8150c"><code>e16730f</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1306">#1306</a> from b41sh/fix-float-number-display</li> <li><a href="https://github.com/serde-rs/json/commit/eeb2bcd3f2fd2300de21381e23b3cebd33bfca30"><code>eeb2bcd</code></a> Align <code>arbitrary_precision</code> number strings with zmij’s formatting</li> <li><a href="https://github.com/serde-rs/json/commit/8b291c4c5620476d6834c69fbfb24d13a24d4596"><code>8b291c4</code></a> Release 1.0.148</li> <li><a href="https://github.com/serde-rs/json/commit/1aefe152735f1b11ce7f641f8e86448d227163bf"><code>1aefe15</code></a> Update to zmij 1.0</li> <li><a href="https://github.com/serde-rs/json/commit/62d6e8d6158ccc1608fb57d9a8a73cc8d15f5b2a"><code>62d6e8d</code></a> Release 1.0.147</li> <li><a href="https://github.com/serde-rs/json/commit/fd829a65beb37d2db296f1a64c22c25ad508d6d8"><code>fd829a6</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1304">#1304</a> from dtolnay/zmij</li> <li><a href="https://github.com/serde-rs/json/commit/e757a3d8813bfacad8354ae3af89fa19a471da6b"><code>e757a3d</code></a> Switch from ryu -> zmij for float formatting</li> <li><a href="https://github.com/serde-rs/json/commit/75ad7e6b4eb8a26560300d2d7332d6dd8cd5b277"><code>75ad7e6</code></a> Release 1.0.146</li> <li>Additional commits viewable in <a href="https://github.com/serde-rs/json/compare/v1.0.145...v1.0.149">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.145&new-version=1.0.149)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 8cc1775f7550a706de67550c5ec8f1b944607ec0

Bumps [clap](https://github.com/clap-rs/clap) from 4.5.53 to 4.5.56. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.5.56</h2> <h2>[4.5.56] - 2026-01-29</h2> <h3>Fixes</h3> <ul> <li>On conflict error, don't show conflicting arguments in the usage</li> </ul> <h2>v4.5.55</h2> <h2>[4.5.55] - 2026-01-27</h2> <h3>Fixes</h3> <ul> <li>Fix inconsistency in precedence between positionals with a <code>value_terminator("--")</code> and escapes (<code>--</code>) where <code>./foo -- bar</code> means the first arg is empty, rather than escaping future args</li> </ul> <h2>v4.5.54</h2> <h2>[4.5.54] - 2026-01-02</h2> <h3>Fixes</h3> <ul> <li><em>(help)</em> Move <code>[default]</code> to its own paragraph when <code>PossibleValue::help</code> is present in <code>--help</code></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.5.56] - 2026-01-29</h2> <h3>Fixes</h3> <ul> <li>On conflict error, don't show conflicting arguments in the usage</li> </ul> <h2>[4.5.55] - 2026-01-27</h2> <h3>Fixes</h3> <ul> <li>Fix inconsistency in precedence between positionals with a <code>value_terminator("--")</code> and escapes (<code>--</code>) where <code>./foo -- bar</code> means the first arg is empty, rather than escaping future args</li> </ul> <h2>[4.5.54] - 2026-01-02</h2> <h3>Fixes</h3> <ul> <li><em>(help)</em> Move <code>[default]</code> to its own paragraph when <code>PossibleValue::help</code> is present in <code>--help</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/clap-rs/clap/commit/9cec1007acdc3cd990feded4322a4bccd2fd471c"><code>9cec100</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/00e72e06f46e2c21e5bb4dd82aa5fca02a9e5c16"><code>00e72e0</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/c7848ff6fc3f8e0f7b66eaee10d44b43eea54538"><code>c7848ff</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/6094">#6094</a> from epage/home</li> <li><a href="https://github.com/clap-rs/clap/commit/60184fb76a3d88277f89430402d01a121feb858c"><code>60184fb</code></a> feat(complete): Expand ~ in native completions</li> <li><a href="https://github.com/clap-rs/clap/commit/09969d3c1af9dd22fb944c09f8b1c27274cad824"><code>09969d3</code></a> chore(deps): Update Rust Stable to v1.89 (<a href="https://redirect.github.com/clap-rs/clap/issues/6093">#6093</a>)</li> <li><a href="https://github.com/clap-rs/clap/commit/520beb5ec2d2bb5dd11912d27127df4e97027965"><code>520beb5</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/2bd8ab3c009fc975db28209c3c3fb526364342ae"><code>2bd8ab3</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/220875b58511028ba9cd38f7195b8b3315b72d0d"><code>220875b</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/6091">#6091</a> from epage/possible</li> <li><a href="https://github.com/clap-rs/clap/commit/e5eb6c9d84efac5d660322e92dbbc0158266602d"><code>e5eb6c9</code></a> fix(help): Integrate 'Possible Values:' into 'Arg::help'</li> <li><a href="https://github.com/clap-rs/clap/commit/594a771030e43df8c806ea1a029862339739a0f3"><code>594a771</code></a> refactor(help): Make empty tracking more consistent</li> <li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.53...clap_complete-v4.5.56">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.5.53&new-version=4.5.56)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 0f3e0f32e0890ca5bc84b82cf6a146d1e16fb402

PR-URL: hasura/graphql-engine-mono#11424 GitOrigin-RevId: da4db5fe4c1827f573e2233cf4e5b37abb153923

PR-URL: hasura/graphql-engine-mono#11427 GitOrigin-RevId: e309c02c241669dc9d8b4044cf75d95213b99f1f

### What     ### How  V3_GIT_ORIGIN_REV_ID: 9bbd9d16cf80d1142cb1d4f60193cb84af9c7fcc

V3_GIT_ORIGIN_REV_ID: 27a6354aa54918b75a6ce55da892f252861dd1b8

PR-URL: hasura/graphql-engine-mono#11430 GitOrigin-RevId: 1d517baf693ef0e61adb997e237c5d4e1c06c8fa

PR-URL: hasura/graphql-engine-mono#11429 GitOrigin-RevId: 7e3bf9688aee6936c11fe89d6cc1bc940a4a0a79

These settings can interact weirdly with Envoy, so let's allow customers to tweak them. --------- Co-authored-by: Brandon Martin <brandon@codedmart.com> V3_GIT_ORIGIN_REV_ID: aca18e2af6c4000f8ff5d95260c3d5bf172084a9

Bumps [goldenfile](https://github.com/calder/rust-goldenfile) from 1.9.1 to 1.10.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/calder/rust-goldenfile/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=goldenfile&package-manager=cargo&previous-version=1.9.1&new-version=1.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: c97463036e890a45d1f2f55de2a9793b7a19389a

Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.103 to 1.0.106. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/proc-macro2/releases">proc-macro2's releases</a>.</em></p> <blockquote> <h2>1.0.106</h2> <ul> <li>Optimize <code>Span::byte_range</code> (<a href="https://redirect.github.com/dtolnay/proc-macro2/issues/530">#530</a>)</li> </ul> <h2>1.0.105</h2> <ul> <li>Make std dependencies more easily discoverable in source code (<a href="https://redirect.github.com/dtolnay/proc-macro2/issues/528">#528</a>)</li> </ul> <h2>1.0.104</h2> <ul> <li>Add Rust 1.92.0's TokenStream Extend impls (<a href="https://redirect.github.com/dtolnay/proc-macro2/issues/527">#527</a>, <a href="https://redirect.github.com/rust-lang/rust/pull/145722">rust-lang/rust#145722</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/proc-macro2/commit/58ab776b95a4c2865554badbb6629c50971a9118"><code>58ab776</code></a> Release 1.0.106</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/1e18a0bb10f41371b39ede0c22e717d020b8a1e7"><code>1e18a0b</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/proc-macro2/issues/530">#530</a> from dtolnay/byterange</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/7f5973b73a68687868845b7ff08d8eae1d22c0ce"><code>7f5973b</code></a> Make char count bidirectional</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/08d1dd0bc3683aff781155809111045f9058ba73"><code>08d1dd0</code></a> Cache span end positions</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/8c4135f768d35f141326d7d9b2ebbcc892eddafe"><code>8c4135f</code></a> Release 1.0.105</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/2825fb1b74175cf7fe0c2a2980c8aa0a374921eb"><code>2825fb1</code></a> Make same crates available during probe as in crate root</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/cc5819cc4dbea4eb226bb1510e9152d26c8be24f"><code>cc5819c</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/proc-macro2/issues/528">#528</a> from dtolnay/nostd</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/e78151ecc1efea6b37540ec698ee00a491f4354c"><code>e78151e</code></a> Disable std prelude</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/2fbddd452b035f5ca280445e110e49054ac328d4"><code>2fbddd4</code></a> Delete html_root_url comment</li> <li><a href="https://github.com/dtolnay/proc-macro2/commit/aa54fc31874fe852ea740380d02648c99d64ffe8"><code>aa54fc3</code></a> Patch rustc-literal-escaper std dependencies</li> <li>Additional commits viewable in <a href="https://github.com/dtolnay/proc-macro2/compare/1.0.103...1.0.106">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=proc-macro2&package-manager=cargo&previous-version=1.0.103&new-version=1.0.106)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: aa26864a402a770c839487f559a04e05872d28d9

Bumps [mockito](https://github.com/lipanski/mockito) from 1.7.1 to 1.7.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lipanski/mockito/releases">mockito's releases</a>.</em></p> <blockquote> <h2>1.7.2</h2> <ul> <li>Update to reqwest 0.13 by <a href="https://github.com/tottoto"><code>@tottoto</code></a> in <a href="https://redirect.github.com/lipanski/mockito/pull/223">lipanski/mockito#223</a></li> <li>Allow returning a different status code based on a request by <a href="https://github.com/songokas"><code>@songokas</code></a> in <a href="https://redirect.github.com/lipanski/mockito/pull/224">lipanski/mockito#224</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lipanski/mockito/commit/2e16acfebeb623f3ff91bffa4574be1c04caee0b"><code>2e16acf</code></a> Bump to 1.7.2</li> <li><a href="https://github.com/lipanski/mockito/commit/e404bdf4e18cdf411f035ab31302211727d76ba0"><code>e404bdf</code></a> Update docs</li> <li><a href="https://github.com/lipanski/mockito/commit/e2c1692186e313bf592189d34a9fd99e03e9b0d0"><code>e2c1692</code></a> Merge pull request <a href="https://redirect.github.com/lipanski/mockito/issues/224">#224</a> from songokas/status-code-from-request</li> <li><a href="https://github.com/lipanski/mockito/commit/86596b774d1858a5b817774cd9b80b1b59bc8b4b"><code>86596b7</code></a> Allow returning a different status code based on a request</li> <li><a href="https://github.com/lipanski/mockito/commit/4a70878a4dfc06be403e6d978353e86c96dabfcd"><code>4a70878</code></a> Merge pull request <a href="https://redirect.github.com/lipanski/mockito/issues/223">#223</a> from tottoto/update-to-reqwest-0.13</li> <li><a href="https://github.com/lipanski/mockito/commit/35fccfb88357e1e62e0f62c5b1897ff035721def"><code>35fccfb</code></a> Update to reqwest 0.13</li> <li>See full diff in <a href="https://github.com/lipanski/mockito/compare/1.7.1...1.7.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mockito&package-manager=cargo&previous-version=1.7.1&new-version=1.7.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: b81d677f3b6a714451efd15f2a5abb43c129a0c8

As a treat. V3_GIT_ORIGIN_REV_ID: bc9b719f0c262a2180ae02d3570fbf6bc7517ccb

V3_GIT_ORIGIN_REV_ID: 47807000deed23bf9bba3911b78ace2c4086fdfb

)  ### What     ### How  V3_GIT_ORIGIN_REV_ID: 34369d44a6c317e0fd5856f8c32bcef7ebf55bb2

…ables PR-URL: hasura/graphql-engine-mono#11431 GitOrigin-RevId: 90005d85c79a05ef1fba39aadfee1349a419342f

Bumps [criterion](https://github.com/criterion-rs/criterion.rs) from 0.8.1 to 0.8.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/criterion-rs/criterion.rs/releases">criterion's releases</a>.</em></p> <blockquote> <h2>criterion-plot-v0.8.2</h2> <h3>Other</h3> <ul> <li>Update Readme</li> </ul> <h2>criterion-v0.8.2</h2> <h3>Fixed</h3> <ul> <li>don't build alloca on unsupported targets</li> </ul> <h3>Other</h3> <ul> <li><em>(deps)</em> bump crate-ci/typos from 1.40.0 to 1.43.0</li> <li>Fix panic with uniform iteration durations in benchmarks</li> <li>Update Readme</li> <li>Exclude development scripts from published package</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/criterion-rs/criterion.rs/blob/master/CHANGELOG.md">criterion's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/criterion-rs/criterion.rs/compare/criterion-v0.8.1...criterion-v0.8.2">0.8.2</a> - 2026-02-04</h2> <h3>Fixed</h3> <ul> <li>don't build alloca on unsupported targets</li> </ul> <h3>Other</h3> <ul> <li><em>(deps)</em> bump crate-ci/typos from 1.40.0 to 1.43.0</li> <li>Fix panic with uniform iteration durations in benchmarks</li> <li>Update Readme</li> <li>Exclude development scripts from published package</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/7f0d745532e3c7b2e11bbf9de9b911f91790d3b1"><code>7f0d745</code></a> chore: release v0.8.2</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/4a467ce964052ae9bd9266c0706b470b817613e0"><code>4a467ce</code></a> chore(deps): bump crate-ci/typos from 1.40.0 to 1.43.0</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/b277a751453cf9ce0595e41bddf819210a6d6e47"><code>b277a75</code></a> Fix panic with uniform iteration durations in benchmarks</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/828af1450d648c599a92a077b75e292747761d99"><code>828af14</code></a> fix: don't build alloca on unsupported targets</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/b01316b76e42028f3b1cf3731f643bea7f354f39"><code>b01316b</code></a> Update Readme</li> <li><a href="https://github.com/criterion-rs/criterion.rs/commit/4c02a3b4e560fe1f296c0ed1e9b53e3154a3cac6"><code>4c02a3b</code></a> Exclude development scripts from published package</li> <li>See full diff in <a href="https://github.com/criterion-rs/criterion.rs/compare/criterion-v0.8.1...criterion-v0.8.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=criterion&package-manager=cargo&previous-version=0.8.1&new-version=0.8.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: d59b1db472a69f6205ee2e970b0a1ebbdfb8e98d

Bumps [derive_more](https://github.com/JelteF/derive_more) from 2.1.0 to 2.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/JelteF/derive_more/releases">derive_more's releases</a>.</em></p> <blockquote> <h2>2.1.1</h2> <p><a href="https://docs.rs/derive_more/2.1.1">API docs</a> <a href="https://github.com/JelteF/derive_more/blob/v2.1.1/CHANGELOG.md#211---2025-12-22">Changelog</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/JelteF/derive_more/blob/master/CHANGELOG.md">derive_more's changelog</a>.</em></p> <blockquote> <h2>2.1.1 - 2025-12-22</h2> <h3>Fixed</h3> <ul> <li><code>.as_dyn_error()</code> method hygiene inside <code>Error</code> derive expansion. (<a href="https://redirect.github.com/JelteF/derive_more/pull/527">#527</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/JelteF/derive_more/commit/f7bb41ac054c060caaf5ff3212e74e42794cb4b4"><code>f7bb41a</code></a> Correct release date</li> <li><a href="https://github.com/JelteF/derive_more/commit/289988ab6791cf447ca208bdc467fc6b75b77ed6"><code>289988a</code></a> Prepare 2.1.1 release (<a href="https://redirect.github.com/JelteF/derive_more/issues/529">#529</a>)</li> <li><a href="https://github.com/JelteF/derive_more/commit/d820ec6e3a827132c7d273f823653f99c9123bb8"><code>d820ec6</code></a> Fix <code>derive(Error)</code> expansion hygiene (<a href="https://redirect.github.com/JelteF/derive_more/issues/527">#527</a>, <a href="https://redirect.github.com/JelteF/derive_more/issues/526">#526</a>)</li> <li><a href="https://github.com/JelteF/derive_more/commit/562728278427745ced3e22715b70abdc0dfbac07"><code>5627282</code></a> Remove glob imports in <code>derive(From)</code> tests to mend 1.94 nightly Rust regress...</li> <li>See full diff in <a href="https://github.com/JelteF/derive_more/compare/v2.1.0...v2.1.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=derive_more&package-manager=cargo&previous-version=2.1.0&new-version=2.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 2cac8ddc3193f49badba87838f342fefa4dcaedb

Bumps [env_logger](https://github.com/rust-cli/env_logger) from 0.11.8 to 0.11.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-cli/env_logger/releases">env_logger's releases</a>.</em></p> <blockquote> <h2>v0.11.9</h2> <h2>[0.11.9] - 2026-02-11</h2> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md">env_logger's changelog</a>.</em></p> <blockquote> <h2>[0.11.9] - 2026-02-11</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-cli/env_logger/commit/2f06b4c7cf359b348cf92f95f83176897cedc838"><code>2f06b4c</code></a> chore: Release</li> <li><a href="https://github.com/rust-cli/env_logger/commit/57e13acb42cac437ace7d3b9819f46de1d5f5d5a"><code>57e13ac</code></a> chore: Release</li> <li><a href="https://github.com/rust-cli/env_logger/commit/4f9066d8af43095cf95bb9ddae046095af117dd6"><code>4f9066d</code></a> Merge pull request <a href="https://redirect.github.com/rust-cli/env_logger/issues/393">#393</a> from rust-cli/renovate/crate-ci-typos-1.x</li> <li><a href="https://github.com/rust-cli/env_logger/commit/3e4709a2665c93f39c0cf63b84ceaea8da42864e"><code>3e4709a</code></a> chore(deps): Update Rust crate snapbox to v0.6.24 (<a href="https://redirect.github.com/rust-cli/env_logger/issues/394">#394</a>)</li> <li><a href="https://github.com/rust-cli/env_logger/commit/80ff83adba5f55a293a484e684cd10b88c6739de"><code>80ff83a</code></a> chore(deps): Update pre-commit hook crate-ci/typos to v1.42.3</li> <li><a href="https://github.com/rust-cli/env_logger/commit/76891b9e32d7e0c2a43a6f843a20caaf5adb0782"><code>76891b9</code></a> Merge pull request <a href="https://redirect.github.com/rust-cli/env_logger/issues/392">#392</a> from epage/template</li> <li><a href="https://github.com/rust-cli/env_logger/commit/14cda4a666db7f262fbc87f752ee2bc4d977100f"><code>14cda4a</code></a> chore: Update from _rust template</li> <li><a href="https://github.com/rust-cli/env_logger/commit/e4f2b351a3d5290a8f26db395bf736e0f80a5856"><code>e4f2b35</code></a> chore(ci): Update action</li> <li><a href="https://github.com/rust-cli/env_logger/commit/6d0d36b0723b29856d380eb89b3c571a9f9c570f"><code>6d0d36b</code></a> chore(ci): Clean up previous branch in case it was leaked</li> <li><a href="https://github.com/rust-cli/env_logger/commit/30b3b14bd665d443f45123729dc69d1f085575f9"><code>30b3b14</code></a> chore(ci): Fix how rustfmt jobs run</li> <li>Additional commits viewable in <a href="https://github.com/rust-cli/env_logger/compare/v0.11.8...v0.11.9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=env_logger&package-manager=cargo&previous-version=0.11.8&new-version=0.11.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> V3_GIT_ORIGIN_REV_ID: 9c2bcd30b4037372a7ff877765a063b3a8e1e57c

Following hasura/ddn-cloud#2027 this is no longer necessary. V3_GIT_ORIGIN_REV_ID: 37d122c1034696883ab096db6933e107d32c5926

Asked `auggie` to improve performance and I think it did, let's push the unchanged benchmarks first before the changes. V3_GIT_ORIGIN_REV_ID: 67b47f3769adda0839e136f1b7135d2463dbba70

PR-URL: hasura/graphql-engine-mono#11432 GitOrigin-RevId: 7967adbc07c6d32d5adbad83b7797a206a5a006f

…2367) Add ICEBERG_AUTH_MODE CLI arg / env var (none|s3|gcs) to both local-dev and multitenant engines. For S3, uses the AWS SDK default credential chain (supports EKS Pod Identity, IRSA, env vars, IMDS) via a custom AwsCredentialLoad implementation injected into iceberg's FileIO. For GCS, relies on opendal's built-in credential discovery (GCE metadata server for GKE Workload Identity). New iceberg-setup crate provides IcebergAuthMode enum and AWS credential loader, following the pattern from promptql-cloud but without REST catalog dependency.  ### What     ### How  --------- Co-authored-by: Phil Freeman <phil@hasura.io> V3_GIT_ORIGIN_REV_ID: f7708a292a169dc765231ea0fde9b231ab34c023

### What     ### How  V3_GIT_ORIGIN_REV_ID: ed3ed38d9a300e99b54353cd82345f4aa3bdf277

This reverts commit 37d122c1034696883ab096db6933e107d32c5926. V3_GIT_ORIGIN_REV_ID: 6291bc37872d246223ebac6f4e5ee20850935eca

PR-URL: hasura/graphql-engine-mono#11433 GitOrigin-RevId: 586bf4d9d18bd21236dd057b027ef0809a01b1ea

## Summary - Set `SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt` in the Docker image config for `engine`, `ddn-engine-local-dev`, and `multitenant-engine` - Fixes HTTPS requests (e.g., to auth webhooks) failing with `"unable to get local issuer certificate"` inside Nix-built containers ## Root Cause The `Cargo.lock` update bumped `native-tls` from 0.2.14 → 0.2.16, which pulled in `openssl-probe` 0.2.1 (was 0.1.6). This crate is responsible for locating CA certificates so that `native-tls`/OpenSSL can verify TLS connections. **`openssl-probe` 0.1.6** searched by combining a list of candidate directories with candidate filenames: ``` directories: /etc/ssl, /usr/lib/ssl, /etc/pki/tls, ... filenames: certs/ca-bundle.crt, certs/ca-certificates.crt, cert.pem, ... ``` This found Nix's cert at `/etc/ssl` + `certs/ca-bundle.crt` = `/etc/ssl/certs/ca-bundle.crt` ✅ **`openssl-probe` 0.2.1** switched to hardcoded platform-specific absolute paths on Linux: ``` /etc/ssl/certs/ca-certificates.crt ← Debian/Ubuntu /etc/pki/tls/certs/ca-bundle.crt ← RHEL/Fedora /etc/ssl/ca-bundle.pem /etc/ssl/cert.pem ... ``` `/etc/ssl/certs/ca-bundle.crt` (the Nix convention) is **not** in this list ❌ Without finding the cert file, `openssl-probe` doesn't set `SSL_CERT_FILE`, and OpenSSL falls back to its compiled-in default (`/usr/lib/ssl/certs`), which doesn't exist in the minimal Nix image → **certificate verify failed**. ## Investigation | Test environment | Result | |---|---| | Host machine (has system CA certs) | ✅ PASS | | Container **without** `ca-certificates` package | ❌ FAIL — same error | | Container with certs at `/etc/ssl/certs/ca-bundle.crt` only | ❌ FAIL — `openssl-probe` 0.2.1 doesn't find it | | Same container + `SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt` | ✅ PASS | This is arguably a bug in `openssl-probe` 0.2.1 (dropping a previously-supported cert path). A bug report will be filed upstream. ## Test plan - [ ] Verify the Nix Docker images build successfully - [ ] Verify `SSL_CERT_FILE` is set in the container: `docker run --rm --entrypoint "" <image> env | grep SSL` - [ ] Verify HTTPS requests to external endpoints work from inside the container 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> V3_GIT_ORIGIN_REV_ID: 6834ef242638d3df0341b596a90a1e297698865d

### What     ### How  V3_GIT_ORIGIN_REV_ID: 317bc43619b0534c8db848183b1549f2a36f0ff2

pull bot added the ⤵️ pull label Jun 4, 2024

pull bot force-pushed the master branch from efcc882 to a793fd4 Compare June 4, 2024 15:21

paf31 and others added 28 commits July 15, 2025 16:14

ENG-1822: filter empty subscription result rows in database query, fo…

16909a2

PR-URL: hasura/graphql-engine-mono#11295 GitOrigin-RevId: eff8ccd5df91906423f4c3253e7b1ba527828b39

Changelog for v2025.07.21 release (#2063)

ec30560

Update changelog V3_GIT_ORIGIN_REV_ID: afe96935234e96d33cd06f9f16a97688a3611811

Check capabilities for nested scalar comparison (#2057)

4159260

SQL layer doesn't check this is allowed before creating the OpenDD IR, so we need to add checking. Need to add a test for this before merging. V3_GIT_ORIGIN_REV_ID: 7d3c93659926e73634e3645e59a3706fa24b5ad4

fix(console): Remote schema modification fails when schema name conta…

deebe74

…ins spaces PR-URL: hasura/graphql-engine-mono#11298 GitOrigin-RevId: eecbbb45d9fd6d0e0278861a86dcaa814654469d

v2025.07.22 changelog (#2069)

382ad5c

V3_GIT_ORIGIN_REV_ID: 27d62d7ca1834d65dc29ca7e18ce74bd3c0dd6e3

Don't send from_type if it's not supported by connector (#2073)

a0d902a

 ### What Don't send the `from_type` value if it's not supported by the connector. V3_GIT_ORIGIN_REV_ID: 5714686f3aaec3d11e80d2ea87237911e28cd04b

ENG-1800: preserve remote schema descriptions in unified graphql schema

8e1ac89

PR-URL: hasura/graphql-engine-mono#11300 Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com> GitOrigin-RevId: 53b9ffd6717b7b99d6d3cbee0c9025778ad46346

ci: tag release v2.48.2

da09d67

PR-URL: hasura/graphql-engine-mono#11302 GitOrigin-RevId: b3334074c0e2b38cfbbbcf097162b5f079af7f43

ci: tag release v2.48.3

6f130d5

PR-URL: hasura/graphql-engine-mono#11305 GitOrigin-RevId: e26fb0f7c8d3ab2194290d8a2d5f6e4572cf8362

Granular error types in SQL frontend (#2081)

34fb12f

V3_GIT_ORIGIN_REV_ID: 588a405aa0240d7ded6bfd02fc7165a2cee2a7f3

v2025.07.28 changelog (#2085)

1580112

V3_GIT_ORIGIN_REV_ID: 27804ed1ef2a8fe477e5dece15bfa59b3705e7b1

danieljharvey and others added 30 commits January 30, 2026 17:23

ci: fix ubi arm build

90dff78

PR-URL: hasura/graphql-engine-mono#11424 GitOrigin-RevId: da4db5fe4c1827f573e2233cf4e5b37abb153923

ci: tag release v2.48.11

278778c

PR-URL: hasura/graphql-engine-mono#11427 GitOrigin-RevId: e309c02c241669dc9d8b4044cf75d95213b99f1f

Changelog for v2026.02.05 (#2351)

0c78cd3

V3_GIT_ORIGIN_REV_ID: 27a6354aa54918b75a6ce55da892f252861dd1b8

fix pytests

328b10b

PR-URL: hasura/graphql-engine-mono#11430 GitOrigin-RevId: 1d517baf693ef0e61adb997e237c5d4e1c06c8fa

ci: update latest stable release as v2.48.11

8d63a1f

PR-URL: hasura/graphql-engine-mono#11429 GitOrigin-RevId: 7e3bf9688aee6936c11fe89d6cc1bc940a4a0a79

Allow reqwest pool settings to be configured with env vars (#2354)

6b19b8b

These settings can interact weirdly with Envoy, so let's allow customers to tweak them. --------- Co-authored-by: Brandon Martin <brandon@codedmart.com> V3_GIT_ORIGIN_REV_ID: aca18e2af6c4000f8ff5d95260c3d5bf172084a9

Upgrade to rust 1.93.0 (#2361)

1bd1e00

As a treat. V3_GIT_ORIGIN_REV_ID: bc9b719f0c262a2180ae02d3570fbf6bc7517ccb

Changelog for v2026.02.11 (#2364)

3a1bc81

V3_GIT_ORIGIN_REV_ID: 47807000deed23bf9bba3911b78ace2c4086fdfb

Fix duplicate event triggers resulting from moving triggers between t…

ee471ef

…ables PR-URL: hasura/graphql-engine-mono#11431 GitOrigin-RevId: 90005d85c79a05ef1fba39aadfee1349a419342f

Remove bash from multitenant image (#2235)

ece6cb6

Following hasura/ddn-cloud#2027 this is no longer necessary. V3_GIT_ORIGIN_REV_ID: 37d122c1034696883ab096db6933e107d32c5926

Add some metadata-resolve benchmarks (#2290)

9ab2922

Asked `auggie` to improve performance and I think it did, let's push the unchanged benchmarks first before the changes. V3_GIT_ORIGIN_REV_ID: 67b47f3769adda0839e136f1b7135d2463dbba70

Use 'safe' foreign imports in compression for performance

ee3477a

PR-URL: hasura/graphql-engine-mono#11432 GitOrigin-RevId: 7967adbc07c6d32d5adbad83b7797a206a5a006f

Revert "Remove bash from multitenant image (#2235)"

6d9ede7

This reverts commit 37d122c1034696883ab096db6933e107d32c5926. V3_GIT_ORIGIN_REV_ID: 6291bc37872d246223ebac6f4e5ee20850935eca

Fix nullable row update value

7a3a5b6

PR-URL: hasura/graphql-engine-mono#11433 GitOrigin-RevId: 586bf4d9d18bd21236dd057b027ef0809a01b1ea

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pull] master from hasura:master#7

[pull] master from hasura:master#7
pull[bot] wants to merge 1543 commits into13banda:masterfrom
hasura:master

pull bot commented Jun 4, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

20 participants

Conversation

pull bot commented Jun 4, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

20 participants

pull bot commented Jun 4, 2024 •

edited

Loading