Upcoming Release Changes

[theguild-bot]

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@graphql-hive/[email protected]

Minor Changes

• #7462
  60133a4
  Thanks @adambenhassen! - Add Layer 2 (L2) cache support for
  persisted documents.

  This feature adds a second layer of caching between the in-memory cache (L1) and the CDN for
  persisted documents. This is particularly useful for:

  • Serverless environments: Where in-memory cache is lost between invocations
  • Multi-instance deployments: To share cached documents across server instances
  • Reducing CDN calls: By caching documents in Redis or similar external caches

  The lookup flow is: L1 (memory) -> L2 (Redis/external) -> CDN

  Example with GraphQL Yoga:

  import { createYoga } from 'graphql-yoga'
  import { createClient } from 'redis'
  import { useHive } from '@graphql-hive/yoga'
  
  const redis = createClient({ url: 'redis://localhost:6379' })
  await redis.connect()
  
  const yoga = createYoga({
    plugins: [
      useHive({
        experimental__persistedDocuments: {
          cdn: {
            endpoint: 'https://cdn.graphql-hive.com/artifacts/v1/<target_id>',
            accessToken: '<cdn_access_token>'
          },
          layer2Cache: {
            cache: {
              get: key => redis.get(`hive:pd:${key}`),
              set: (key, value, opts) =>
                redis.set(`hive:pd:${key}`, value, opts?.ttl ? { EX: opts.ttl } : {})
            },
            ttlSeconds: 3600, // 1 hour for found documents
            notFoundTtlSeconds: 60 // 1 minute for not-found (negative caching)
          }
        }
      })
    ]
  })

  Features:

  • Configurable TTL for found documents (ttlSeconds)
  • Configurable TTL for negative caching (notFoundTtlSeconds)
  • Graceful fallback to CDN if L2 cache fails
  • Support for waitUntil in serverless environments
  • Apollo Server integration auto-uses context cache if available

Patch Changes

• Updated dependencies
  [60133a4]:
  • @graphql-hive/[email protected]

@graphql-hive/[email protected]

Minor Changes

• #7462
  60133a4
  Thanks @adambenhassen! - Add Layer 2 (L2) cache support for
  persisted documents.

  This feature adds a second layer of caching between the in-memory cache (L1) and the CDN for
  persisted documents. This is particularly useful for:

  • Serverless environments: Where in-memory cache is lost between invocations
  • Multi-instance deployments: To share cached documents across server instances
  • Reducing CDN calls: By caching documents in Redis or similar external caches

  The lookup flow is: L1 (memory) -> L2 (Redis/external) -> CDN

  Example with GraphQL Yoga:

  import { createYoga } from 'graphql-yoga'
  import { createClient } from 'redis'
  import { useHive } from '@graphql-hive/yoga'
  
  const redis = createClient({ url: 'redis://localhost:6379' })
  await redis.connect()
  
  const yoga = createYoga({
    plugins: [
      useHive({
        experimental__persistedDocuments: {
          cdn: {
            endpoint: 'https://cdn.graphql-hive.com/artifacts/v1/<target_id>',
            accessToken: '<cdn_access_token>'
          },
          layer2Cache: {
            cache: {
              get: key => redis.get(`hive:pd:${key}`),
              set: (key, value, opts) =>
                redis.set(`hive:pd:${key}`, value, opts?.ttl ? { EX: opts.ttl } : {})
            },
            ttlSeconds: 3600, // 1 hour for found documents
            notFoundTtlSeconds: 60 // 1 minute for not-found (negative caching)
          }
        }
      })
    ]
  })

  Features:

  • Configurable TTL for found documents (ttlSeconds)
  • Configurable TTL for negative caching (notFoundTtlSeconds)
  • Graceful fallback to CDN if L2 cache fails
  • Support for waitUntil in serverless environments
  • Apollo Server integration auto-uses context cache if available

@graphql-hive/[email protected]

Minor Changes

• #7462
  60133a4
  Thanks @adambenhassen! - Add Layer 2 (L2) cache support for
  persisted documents.

  This feature adds a second layer of caching between the in-memory cache (L1) and the CDN for
  persisted documents. This is particularly useful for:

  • Serverless environments: Where in-memory cache is lost between invocations
  • Multi-instance deployments: To share cached documents across server instances
  • Reducing CDN calls: By caching documents in Redis or similar external caches

  The lookup flow is: L1 (memory) -> L2 (Redis/external) -> CDN

  Example with GraphQL Yoga:

  import { createYoga } from 'graphql-yoga'
  import { createClient } from 'redis'
  import { useHive } from '@graphql-hive/yoga'
  
  const redis = createClient({ url: 'redis://localhost:6379' })
  await redis.connect()
  
  const yoga = createYoga({
    plugins: [
      useHive({
        experimental__persistedDocuments: {
          cdn: {
            endpoint: 'https://cdn.graphql-hive.com/artifacts/v1/<target_id>',
            accessToken: '<cdn_access_token>'
          },
          layer2Cache: {
            cache: {
              get: key => redis.get(`hive:pd:${key}`),
              set: (key, value, opts) =>
                redis.set(`hive:pd:${key}`, value, opts?.ttl ? { EX: opts.ttl } : {})
            },
            ttlSeconds: 3600, // 1 hour for found documents
            notFoundTtlSeconds: 60 // 1 minute for not-found (negative caching)
          }
        }
      })
    ]
  })

  Features:

  • Configurable TTL for found documents (ttlSeconds)
  • Configurable TTL for negative caching (notFoundTtlSeconds)
  • Graceful fallback to CDN if L2 cache fails
  • Support for waitUntil in serverless environments
  • Apollo Server integration auto-uses context cache if available

Patch Changes

• Updated dependencies
  [60133a4]:
  • @graphql-hive/[email protected]

@graphql-hive/[email protected]

Patch Changes

• Updated dependencies
  [60133a4]:
  • @graphql-hive/[email protected]

@graphql-hive/[email protected]

Patch Changes

• Updated dependencies
  [60133a4]:
  • @graphql-hive/[email protected]

[email protected]

Major Changes

• #7379
  b134461
  Thanks @ardatan! - - Multiple endpoints support for HiveRegistry
  and PersistedOperationsPlugin

  Breaking Changes:

  • Now there is no endpoint field in the configuration, it has been replaced with endpoints,
    which is an array of strings. You are not affected if you use environment variables to set the
    endpoint.

  HiveRegistry::new(
      Some(
          HiveRegistryConfig {
  -            endpoint: String::from("CDN_ENDPOINT"),
  +            endpoints: vec![String::from("CDN_ENDPOINT1"), String::from("CDN_ENDPOINT2")],
      )
  )

Patch Changes

• #7479
  382b481
  Thanks @ardatan! - Update dependencies

• Updated dependencies
  [b134461,
  b134461]:

  • hive-console-sdk-rs@0.3.0

hive-console-sdk-rs@0.3.0

Minor Changes

• #7379
  b134461
  Thanks @ardatan! - Breaking Changes to avoid future breaking
  changes;

  Switch to Builder
  pattern for SupergraphFetcher, PersistedDocumentsManager and UsageAgent structs.

  No more try_new or try_new_async or try_new_sync functions, instead use
  SupergraphFetcherBuilder, PersistedDocumentsManagerBuilder and UsageAgentBuilder structs to
  create instances.

  Benefits;

  • No need to provide all parameters at once when creating an instance even for default values.

  Example;

  // Before
  let fetcher = SupergraphFetcher::try_new_async(
          "SOME_ENDPOINT", // endpoint
           "SOME_KEY",
          "MyUserAgent/1.0".to_string(),
          Duration::from_secs(5), // connect_timeout
          Duration::from_secs(10), // request_timeout
          false, // accept_invalid_certs
          3, // retry_count
      )?;
  
  // After
  // No need to provide all parameters at once, can use default values
  let fetcher = SupergraphFetcherBuilder::new()
      .endpoint("SOME_ENDPOINT".to_string())
      .key("SOME_KEY".to_string())
      .build_async()?;

  • Easier to add new configuration options in the future without breaking existing code.

  Example;

  let fetcher = SupergraphFetcher::try_new_async(
          "SOME_ENDPOINT", // endpoint
           "SOME_KEY",
          "MyUserAgent/1.0".to_string(),
          Duration::from_secs(5), // connect_timeout
          Duration::from_secs(10), // request_timeout
          false, // accept_invalid_certs
          3, // retry_count
          circuit_breaker_config, // Breaking Change -> new parameter added
      )?;
  
  let fetcher = SupergraphFetcherBuilder::new()
      .endpoint("SOME_ENDPOINT".to_string())
      .key("SOME_KEY".to_string())
      .build_async()?; // No breaking change, circuit_breaker_config can be added later if needed

Patch Changes

• #7379
  b134461
  Thanks @ardatan! - Circuit Breaker Implementation and Multiple
  Endpoints Support

  Implementation of Circuit Breakers in Hive Console Rust SDK, you can learn more
  here

  Breaking Changes:

  Now endpoint configuration accepts multiple endpoints as an array for SupergraphFetcherBuilder
  and PersistedDocumentsManager.

  SupergraphFetcherBuilder::default()
  -    .endpoint(endpoint)
  +    .add_endpoint(endpoint1)
  +    .add_endpoint(endpoint2)

  This change requires updating the configuration structure to accommodate multiple endpoints.

[email protected]

Patch Changes

• #7477
  b90f215
  Thanks @n1ru4l! - Show correct error message for insufficient GitHub
  App installation permissions when attempting to create a check run as part of a schema check.

• #7459
  0ce9c82
  Thanks @jdolle! - Set usageEstimation year validation range at
  runtime to avoid issues during the new year. This fixes an issue where the organization settings
  usage data was not loading for January until the service was deployed again.

• #7451
  bd4e36d
  Thanks @jdolle! - Show diff on proposals editor

[gemini-code-assist]

Summary of Changes

Hello @theguild-bot, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request prepares for an upcoming release, primarily introducing a significant new feature: Layer 2 (L2) caching for persisted GraphQL documents across @graphql-hive/apollo, @graphql-hive/core, and @graphql-hive/yoga packages. This enhancement aims to optimize document retrieval in various deployment scenarios by adding an external caching layer. Minor version bumps are applied to these packages, while @graphql-hive/cli and @graphql-hive/envelop receive patch updates due to updated dependencies on @graphql-hive/core.

Highlights

• Layer 2 (L2) Cache for Persisted Documents: Introduces a second layer of caching (L2) for persisted GraphQL documents, sitting between the in-memory cache (L1) and the CDN. This enhancement significantly benefits serverless and multi-instance environments by improving cache hit rates and reducing CDN calls. It offers configurable TTLs for both found and not-found documents, graceful fallback mechanisms, waitUntil support for serverless, and integrates with Apollo Server's context cache.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

🚀 Snapshot Release (rc)

The latest changes of this PR are available as rc on npm (based on the declared changesets):

Package	Version	Info
@graphql-hive/apollo	0.47.0-rc-20260112093439-e0b5a3870804334bfe64b42ef72219e4b632cbc4	npm ↗︎ unpkg ↗︎
@graphql-hive/cli	0.57.1-rc-20260112093439-e0b5a3870804334bfe64b42ef72219e4b632cbc4	npm ↗︎ unpkg ↗︎
@graphql-hive/core	0.20.0-rc-20260112093439-e0b5a3870804334bfe64b42ef72219e4b632cbc4	npm ↗︎ unpkg ↗︎
@graphql-hive/envelop	0.40.2-rc-20260112093439-e0b5a3870804334bfe64b42ef72219e4b632cbc4	npm ↗︎ unpkg ↗︎
@graphql-hive/yoga	0.47.0-rc-20260112093439-e0b5a3870804334bfe64b42ef72219e4b632cbc4	npm ↗︎ unpkg ↗︎
hive	8.14.1-rc-20260112093439-e0b5a3870804334bfe64b42ef72219e4b632cbc4	npm ↗︎ unpkg ↗︎
hive-apollo-router-plugin	3.0.0-rc-20260112093439-e0b5a3870804334bfe64b42ef72219e4b632cbc4	npm ↗︎ unpkg ↗︎
hive-console-sdk-rs	0.3.0-rc-20260112093439-e0b5a3870804334bfe64b42ef72219e4b632cbc4	npm ↗︎ unpkg ↗︎

[github-actions]

📚 Storybook Deployment

The latest changes are available as preview in: https://pr-7470.hive-storybook.pages.dev

[gemini-code-assist]

Code Review

This pull request, generated by the Changesets release action, updates package versions and changelogs for an upcoming release. The main feature being released is Layer 2 (L2) cache support for persisted documents. A security audit identified a high-severity Path Traversal vulnerability in the new persisted documents implementation, allowing an attacker to read arbitrary files on the CDN server by crafting a malicious documentId. A remediation has been suggested to properly sanitize the documentId. Additionally, the review highlighted a misleading code example in the @graphql-hive/apollo changelog, for which a more relevant example for Apollo Server users has been provided.

[gemini-code-assist]

The example provided is for GraphQL Yoga, but this is the changelog for @graphql-hive/apollo. This can be confusing for users. It would be more helpful to provide an example that is specific to Apollo Server, especially since one of the features is "Apollo Server integration auto-uses context cache if available".

  **Example with Apollo Server:**

  ```typescript
  import { ApolloServer } from '@apollo/server';
  import { startStandaloneServer } from '@apollo/server/standalone';
  import { createClient } from 'redis';
  import { RedisCache } from '@apollo/server-redis-cache';
  import { useHive } from '@graphql-hive/apollo';

  // Some type definitions
  const typeDefs = `#graphql
    type Query {
      hello: String
    }
  `;

  // Some resolvers
  const resolvers = {
    Query: {
      hello: () => 'world',
    },
  };

  const redis = createClient({ url: 'redis://localhost:6379' });
  await redis.connect();

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    cache: new RedisCache({
      client: redis,
    }),
    plugins: [
      useHive({
        experimental__persistedDocuments: {
          cdn: {
            endpoint: 'https://cdn.graphql-hive.com/artifacts/v1/<target_id>',
            accessToken: '<cdn_access_token>'
          },
          // L2 cache is automatically picked up from Apollo Server's context cache.
          // You can still configure TTLs if needed.
          layer2Cache: {
            ttlSeconds: 3600, // 1 hour for found documents
            notFoundTtlSeconds: 60 // 1 minute for not-found (negative caching)
          }
        }
      })
    ]
  });

  const { url } = await startStandaloneServer(server);
  console.log(`🚀 Server ready at ${url}`);

[github-actions]

💻 Website Preview

The latest changes are available as preview in: https://pr-7470.hive-landing-page.pages.dev

[github-actions]

🐋 This PR was built and pushed to the following Docker images:

Targets: build

Platforms: linux/amd64

Image Tag: e0b5a3870804334bfe64b42ef72219e4b632cbc4

[github-actions]

🐋 This PR was built and pushed to the following Docker images:

Targets: apollo-router-hive-build

Platforms: linux/amd64

Image Tag: b0d3035e823559714289d3c04810a6520ce2f243