Releases: strawberry-graphql/strawberry
🍓 0.258.0
Add the ability to override the "max results" a relay's connection can return on
a per-field basis.
The default value for this is defined in the schema's config, and set to 100
unless modified by the user. Now, that per-field value will take precedence over
it.
For example:
@strawerry.type
class Query:
# This will still use the default value in the schema's config
fruits: ListConnection[Fruit] = relay.connection()
# This will reduce the maximum number of results to 10
limited_fruits: ListConnection[Fruit] = relay.connection(max_results=10)
# This will increase the maximum number of results to 10
higher_limited_fruits: ListConnection[Fruit] = relay.connection(max_results=10_000)Note that this only affects ListConnection and subclasses. If you are
implementing your own connection resolver, there's an extra keyword named
max_results: int | None that will be passed to it.
Releases contributed by @bellini666 via #3746
Contributors
Assets 4
🍓 0.257.0
The common node: Node used to resolve relay nodes means we will be relying on
is_type_of to check if the returned object is in fact a subclass of the Node
interface.
However, integrations such as Django, SQLAlchemy and Pydantic will not return
the type itself, but instead an alike object that is later resolved to the
expected type.
In case there are more than one possible type defined for that model that is
being returned, the first one that replies True to is_type_of check would be
used in the resolution, meaning that when asking for "PublicUser:123",
strawberry could end up returning "User:123", which can lead to security
issues (such as data leakage).
In here we are introducing a new strawberry.cast, which will be used to mark
an object with the already known type by us, and when asking for is_type_of that
mark will be used to check instead, ensuring we will return the correct type.
That cast is already in place for the relay node resolution and pydantic.
Releases contributed by @bellini666 via #3749
Contributors
Assets 4
🍓 0.256.1
This release updates Strawberry internally to no longer pass keywords arguments
to pathlib.PurePath. Support for supplying keyword arguments to
pathlib.PurePath is deprecated and scheduled for removal in Python 3.14
Releases contributed by @DoctorJohn via #3738
Contributors
Assets 4
🍓 0.256.0
This release drops support for Python 3.8, which reached its end-of-life (EOL)
in October 2024. The minimum supported Python version is now 3.9.
We strongly recommend upgrading to Python 3.9 or a newer version, as older
versions are no longer maintained and may contain security vulnerabilities.
Releases contributed by @bellini666 via #3730
Contributors
Assets 4
🍓 0.255.0
This release adds support for making Relay connection optional, this is useful
when you want to add permission classes to the connection and not fail the whole
query if the user doesn't have permission to access the connection.
Example:
import strawberry
from strawberry import relay
from strawberry.permission import BasePermission
class IsAuthenticated(BasePermission):
message = "User is not authenticated"
# This method can also be async!
def has_permission(
self, source: typing.Any, info: strawberry.Info, **kwargs
) -> bool:
return False
@strawberry.type
class Fruit(relay.Node):
code: relay.NodeID[int]
name: str
weight: float
@classmethod
def resolve_nodes(
cls,
*,
info: strawberry.Info,
node_ids: Iterable[str],
):
return []
@strawberry.type
class Query:
node: relay.Node = relay.node()
@relay.connection(
relay.ListConnection[Fruit] | None, permission_classes=[IsAuthenticated()]
)
def fruits(self) -> Iterable[Fruit]:
# This can be a database query, a generator, an async generator, etc
return all_fruits.values()Releases contributed by @patrick91 via #3707
Contributors
Assets 4
🍓 0.254.1
This release updates the Context and RootValue vars to have
a default value of None, this makes it easier to use the views
without having to pass in a value for these vars.
Releases contributed by @patrick91 via #3732
Contributors
Assets 4
🍓 0.254.0
This release adds a new on_ws_connect method to all HTTP view integrations.
The method is called when a graphql-transport-ws or graphql-ws connection is
established and can be used to customize the connection acknowledgment behavior.
This is particularly useful for authentication, authorization, and sending a
custom acknowledgment payload to clients when a connection is accepted. For
example:
class MyGraphQLView(GraphQLView):
async def on_ws_connect(self, context: Dict[str, object]):
connection_params = context["connection_params"]
if not isinstance(connection_params, dict):
# Reject without a custom graphql-ws error payload
raise ConnectionRejectionError()
if connection_params.get("password") != "secret:
# Reject with a custom graphql-ws error payload
raise ConnectionRejectionError({"reason": "Invalid password"})
if username := connection_params.get("username"):
# Accept with a custom acknowledgement payload
return {"message": f"Hello, {username}!"}
# Accept without a acknowledgement payload
return await super().on_ws_connect(context)Take a look at our documentation to learn more.
Releases contributed by @DoctorJohn via #3720
Contributors
Assets 4
🍓 0.253.1
Contributors
Assets 4
🍓 0.253.0
In this release, the return types of the get_root_value and get_context
methods were updated to be consistent across all view integrations. Before this
release, the return types used by the ASGI and Django views were too generic.
Releases contributed by @DoctorJohn via #3712
Contributors
Assets 4
🍓 0.252.0
The view classes of all integrations now have a decode_json method that allows
you to customize the decoding of HTTP JSON requests.
This is useful if you want to use a different JSON decoder, for example, to
optimize performance.
Releases contributed by @DoctorJohn via #3709