Skip to main content

Dear developer community,

The Cognite product team building the GraphQL API for our Data Modelling API is planning to upgrade third party libraries used in the implementation of the service. This is part of our normal product lifecyle and maintenance, and would not normally be something we make a dedicated announcement of. The upgrade brings improved validation, performance, and other fixes.

However we have seen that this upgrade is liable to cause issues for some clients that make GraphQL requests that are not compliant with the GraphQL specification. Specifically, primitive types in field values will no longer be coerced into the correct type by the GraphQL server. So, for example, a client sending the string ”true” where the boolean value true would be correct will, after the upgrade, receive an error rather than the server quietly accepting and converting the value.

This behavior change should not be an issue for anyone using one of the compliant third party GraphQL client libraries out there. However, “hand-written” GraphQL requests and GraphQL requests composed without validation may be prone to failure.

We aim to roll out this new library version some time this week, pending final testing and review.

Thanks, and best regards,

Anders Daljord Morken

@AndersM thank you for the official heads up. We will communicate to our partners and internal teams today. 

Can you provide a more precise roll out time?

This will help our teams - including support to get ready for the change and breaks.


@AndersM  It is too short a notice if it ends up breaking things for consumers. I think a breaking change (irrespective of the implementation at consumer side) demands a bigger change window.


Do we have any options to see if the requests we are doing are "non-validated graphql” ones?


Dear developer community,

We are proceeding with a library upgrade but due to concerns over possible client dependence on the value coercion behavior we have added a compatibility layer to maintain the current implicit value coercion behavior - this means that the library upgrade should not be a breaking change even to non-compliant clients. We are also collecting statistics in the compatibility layer to determine the impact of removing it.

The upgrade will not be completely without client visible changes - it will fix some issues that have caused the GraphQL endpoint to return non-compliant output in very specific cases (such as some incorrectly escaped strings). We do not anticipate that this will be a problem for clients that accept compliant output.

Based on the data collected by the compatibility layer we will make a determination about leaving the value coercion in place until the Q4 release or removing it earlier to avoid ossifying any new dependencies on this.

Thanks,

-AndersM


Reply