December 2022 Summaries
6 posts from Hasura
Filter
Month:
Year:
Post Summaries
Back to Blog
In December 2022, Hasura introduced the GraphQL Data Connector for Snowflake, enabling teams to build GraphQL and REST APIs on their Snowflake data within minutes. A product deep dive webinar is scheduled for January 11. Other updates include Elastic Connection Pooling on Hasura Cloud, Alloy DB integration, and Database Connection Latency Checks for Hasura Cloud. Upcoming events include a Tokyo Hasura User Group meetup on January 19 and a Hasura Community Call on January 26. New blog posts cover topics such as GraphQL actions using Netlify functions, Next.js 13 nested layouts, and instant GraphQL APIs for Snowflake Cloud Data Platform. The Hasura Discord community has also released new tooling features.
Dec 21, 2022
975 words in the original blog post.
On November 21st, Hasura discovered a critical security vulnerability in its GraphQL Engine "Update Many" API, affecting versions 2.10.0 to 2.15. The issue was identified by Morten Hillbom and Issaaf Kattan from Nhost's customer company Celsia.io. A Missing Authorization vulnerability allowed users to expand update capabilities on row level authorization for Postgres datastores. Hasura has released patches for all impacted versions, removed vulnerable versions from docker hub, and is taking steps to improve its security processes and communication channels.
Dec 07, 2022
836 words in the original blog post.
In this blog post, the author explains how to build a digital twin of a toy car using an Android phone, MQTT broker, and Hasura GraphQL engine. A digital twin is a virtual representation of a real-world physical system or product that serves as its digital counterpart for practical purposes such as system simulation, integration, testing, monitoring, and maintenance. The author outlines the steps to create a digital twin, including setting up the toy car with sensors, streaming sensor data to an MQTT broker, receiving data from the MQTT broker and sending it as a GraphQL mutation to Hasura GraphQL engine, consuming live data on a ReactJS application with Hasura GraphQL subscriptions, and rendering real-time gyroscope sensor data as a 3D car model using ThreeJS. The author also discusses various use cases for digital twins, such as connected cars, remote monitoring, and remote debugging.
Dec 06, 2022
1,235 words in the original blog post.
Hasura has introduced a beta release of its GraphQL Data Connector for Snowflake, a cloud data platform. This new integration allows users to instantly create a unified GraphQL API that runs read-only queries across all their Snowflake data. The connector is available for Hasura Enterprise Edition (EE) and all Hasura Cloud customers during the beta period. Once it moves to General Availability (GA), it will only be available in the Hasura Enterprise plans.
Dec 06, 2022
1,756 words in the original blog post.
In 2022, Hasura's Pull Requests (PR) remained open on average for seven days. This slow PR review process was problematic as it delayed the Software Development Life Cycle and required continuous back-and-forth between authors and reviewers. To address this issue, a dedicated internal Working Group was formed to investigate the human aspects of the problem. The group identified several root causes such as missing or insufficiently detailed PR descriptions, large PRs, lack of ownership, notifications going unnoticed, and timezone overlaps. They also suggested best practices for each issue, including writing detailed PR descriptions, creating reasonably-sized PRs, assigning specific people to review a PR, and enabling GitHub real-time alerts. The Working Group will continue monitoring the progress and adoption of these best practices over the next few months.
Dec 05, 2022
2,114 words in the original blog post.
This article discusses the basics of Postgres Row-level Security (RLS) and how Hasura handles permission rules. RLS allows developers to control access to rows in a database table based on rules evaluated during query execution. To enable RLS, use the ALTER TABLE ... ENABLE ROW LEVEL SECURITY command. Policies are created using USING or WITH CHECK expressions, which return boolean values representing if permission is granted. Hasura's authorization system (AuthZ) provides a more efficient solution for handling permissions across multiple data sources and supports role-based access control rules for every field in the GraphQL schema.
Dec 02, 2022
826 words in the original blog post.