releases.shpreview

Apollo GraphQL/Apollo Federation

Apollo Federation

$npx -y @buildinternet/releases show apollo-federation

Sun

Mon

Tue

Wed

Thu

Fri

Sat

AprMayJunJulAugSepOctNovDecJanFebMarApr

Less

More

Releases48Avg15/moVersions@apollo/gateway@2.13.0-preview.2 → @apollo/subgraph@2.13.3

Nov 13, 2025

Patch Changes

Allow interface object fields to specify access control (#3340)

Update composition logic to allow specifying access control directives (@authenticated, @requiresScopes and @policy) on @interfaceObject fields. While we disallow access control on interface types and fields, we decided to support it on @interfaceObject as it is a useful pattern to define a single resolver (that may need access controls) for common interface fields. Alternative would require our users to explicitly define resolvers for all implementations which defeats the purpose of @interfaceObject.

This PR refactors in how we propagate access control by providing additional merge sources when merging directives on interfaces, interface fields and object fields.

Patch Changes

Updated dependencies [0d8fca1c8cc375bb8486f11f339984b69267417d]:
- @apollo/federation-internals@2.9.5

Patch Changes

Fixed access control verification of transitive requirements (through @requires and/or @fromContext) to ensure it works with chains of transitive dependencies. (#3340)
Allow interface object fields to specify access control (#3340)

Update composition logic to allow specifying access control directives (@authenticated, @requiresScopes and @policy) on @interfaceObject fields. While we disallow access control on interface types and fields, we decided to support it on @interfaceObject as it is a useful pattern to define a single resolver (that may need access controls) for common interface fields. Alternative would require our users to explicitly define resolvers for all implementations which defeats the purpose of @interfaceObject.

This PR refactors in how we propagate access control by providing additional merge sources when merging directives on interfaces, interface fields and object fields.
Updated dependencies [0d8fca1c8cc375bb8486f11f339984b69267417d]:
- @apollo/federation-internals@2.9.5
- @apollo/query-graphs@2.9.5

Patch Changes

Updated dependencies [0d8fca1c8cc375bb8486f11f339984b69267417d]:
- @apollo/federation-internals@2.9.5
- @apollo/query-graphs@2.9.5

Nov 12, 2025

Patch Changes

Updated dependencies [3e2d1fd315db54a089fedf131cfaa27792bdd049]:
- @apollo/federation-internals@2.11.5-preview.1

Patch Changes

Fixed demand control validations to unwrap non-nullable composite types and fields when performing validations. (#3336)

Patch Changes

Updated dependencies [3e2d1fd315db54a089fedf131cfaa27792bdd049]:
- @apollo/federation-internals@2.11.5-preview.1
- @apollo/composition@2.11.5-preview.1
- @apollo/query-planner@2.11.5-preview.1

Patch Changes

Updated dependencies [3e2d1fd315db54a089fedf131cfaa27792bdd049]:
- @apollo/federation-internals@2.11.5-preview.1
- @apollo/query-graphs@2.11.5-preview.1

Patch Changes

Updated dependencies [3e2d1fd315db54a089fedf131cfaa27792bdd049]:
- @apollo/federation-internals@2.11.5-preview.1
- @apollo/query-graphs@2.11.5-preview.1

Patch Changes

Updated dependencies [3e2d1fd315db54a089fedf131cfaa27792bdd049]:
- @apollo/federation-internals@2.11.5-preview.1

Nov 10, 2025

Patch Changes

Fixed access control verification of transitive requirements (through @requires and/or @fromContext) to ensure it works with chains of transitive dependencies. (#3333)
Allow interface object fields to specify access control (#3333)

Update composition logic to allow specifying access control directives (@authenticated, @requiresScopes and @policy) on @interfaceObject fields. While we disallow access control on interface types and fields, we decided to support it on @interfaceObject as it is a useful pattern to define a single resolver (that may need access controls) for common interface fields. Alternative would require our users to explicitly define resolvers for all implementations which defeats the purpose of @interfaceObject.

This PR refactors in how we propagate access control by providing additional merge sources when merging directives on interfaces, interface fields and object fields.
Updated dependencies [e1c58611c3c996b4fff98a54e49f00549ff2115d]:
- @apollo/federation-internals@2.11.5-preview.0
- @apollo/query-graphs@2.11.5-preview.0

Patch Changes

Updated dependencies [e1c58611c3c996b4fff98a54e49f00549ff2115d]:
- @apollo/federation-internals@2.11.5-preview.0
- @apollo/query-graphs@2.11.5-preview.0

Patch Changes

Updated dependencies [e1c58611c3c996b4fff98a54e49f00549ff2115d]:
- @apollo/federation-internals@2.11.5-preview.0

Patch Changes

Updated dependencies [e1c58611c3c996b4fff98a54e49f00549ff2115d]:
- @apollo/federation-internals@2.11.5-preview.0

Patch Changes

Updated dependencies [5ee4d966487e714ae6bc6445bf53d75ccbbaf6ae, e1c58611c3c996b4fff98a54e49f00549ff2115d]:
- @apollo/composition@2.11.5-preview.0
- @apollo/federation-internals@2.11.5-preview.0
- @apollo/query-planner@2.11.5-preview.0

Patch Changes

Allow interface object fields to specify access control (#3333)

Update composition logic to allow specifying access control directives (@authenticated, @requiresScopes and @policy) on @interfaceObject fields. While we disallow access control on interface types and fields, we decided to support it on @interfaceObject as it is a useful pattern to define a single resolver (that may need access controls) for common interface fields. Alternative would require our users to explicitly define resolvers for all implementations which defeats the purpose of @interfaceObject.

This PR refactors in how we propagate access control by providing additional merge sources when merging directives on interfaces, interface fields and object fields.

Nov 4, 2025

Patch Changes

Updated dependencies [22686d640b1e48f6a9aa07e538464db95b536792, 22686d640b1e48f6a9aa07e538464db95b536792, 22686d640b1e48f6a9aa07e538464db95b536792, 22686d640b1e48f6a9aa07e538464db95b536792]:
- @apollo/federation-internals@2.9.4

Patch Changes

Updated dependencies [2b88aec38d5bacb6ec815d885fdac47ef415124a, 18a9cfaf533602bb37fdf22962539ce0eae948c8, 9c0aaa0874c98ae8ce0cc38cad7f6f25d2c29635, f94e7b35c43ed64c67ff25c7aeb86ec0dd73370a]:
- @apollo/federation-internals@2.10.3

Patch Changes

Updated dependencies [d221ac04c3ee00a3c7a671d9d56e2cfa36943b49, 7730c03e128be6754b9e40c086d5cb5c4685ac66, 4bda3a498eba36e187dfd9ae673eca12d3f3502c, 6adbf7e86927de969aedab665b6a3a8dbf3a6095, 2a20dc38dfc40e0b618d5cc826f18a19ddb91aff]:
- @apollo/federation-internals@2.11.4

Minor Changes

Federation 2.12 and Connect 0.3 (#3276)

Patch Changes

When a GraphQLScalarType resolver is provided to buildSubgraphSchema(), omitted configuration options in the GraphQLScalarType no longer cause the corresponding properties in the GraphQL document/AST to be cleared. To explicitly clear these properties, use null for the configuration option instead. (#3287)
Updated dependencies [3e2b0a8569a9fe46726182887ed0b4bfc0b52468, bb4614d338ae03bac51a5fc2439590f172c4e54d, 99f2da21de88f9ad9a32ee7ed64b2d4a92887b40, 468f27842608f4e390cfc88bc7e6b4b0945f95ff, 3fd5157b309f1d3439b2d87c67b0601fb246d04c, b734ea04d118db09cf6077fdd968c8f04a96327a, 4bda3a498eba36e187dfd9ae673eca12d3f3502c, e7e67579908d5cd2fa6fe558228dffe4808cd98d, faea2d1174d80593264f2227cfde9a2ba1a59b96, 97b9d2edfcfeed99124f9e115f992cbef3804682, f6af504f1ba8283fd00af0d6e3c9c1a665d62736, a595235d3cf8f67611efd8395332b64d067b5f1f]:
- @apollo/federation-internals@2.12.0

Previous 3 4 5Next

Latest

@apollo/subgraph@2.13.3

Source

@apollographql/federation

Changelog

Tracking Since

Nov 4, 2025

Last fetched Apr 19, 2026

.json·.md·.atom