Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update examples #655

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update examples #655

wants to merge 1 commit into from
+1,800 −1,720

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 25, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@apollo/gateway (source) 2.8.5 -> 2.9.3 age adoption passing confidence
@apollo/server (source) 4.10.4 -> 4.11.2 age adoption passing confidence
@graphql-tools/schema (source) 10.0.3 -> 10.0.9 age adoption passing confidence
@nestjs/apollo 12.1.0 -> 12.2.1 age adoption passing confidence
@nestjs/cli 10.3.2 -> 10.4.8 age adoption passing confidence
@nestjs/common (source) 10.3.8 -> 10.4.8 age adoption passing confidence
@nestjs/core (source) 10.3.8 -> 10.4.8 age adoption passing confidence
@nestjs/graphql 12.1.1 -> 12.2.1 age adoption passing confidence
@nestjs/platform-express (source) 10.3.8 -> 10.4.8 age adoption passing confidence
@nestjs/testing (source) 10.3.8 -> 10.4.8 age adoption passing confidence
@types/node (source) 20.12.12 -> 20.17.7 age adoption passing confidence
@typescript-eslint/eslint-plugin (source) 8.0.0 -> 8.15.0 age adoption passing confidence
@typescript-eslint/parser (source) 8.0.0 -> 8.15.0 age adoption passing confidence
eslint (source) 9.3.0 -> 9.15.0 age adoption passing confidence
express (source) 4.20.0 -> 4.21.1 age adoption passing confidence
graphql 16.8.1 -> 16.9.0 age adoption passing confidence
graphql-yoga (source) 5.3.1 -> 5.10.3 age adoption passing confidence
nodemon (source) 3.1.0 -> 3.1.7 age adoption passing confidence
prettier (source) 3.2.5 -> 3.3.3 age adoption passing confidence
typescript (source) 5.4.5 -> 5.7.2 age adoption passing confidence
yarn (source) 4.2.2 -> 4.5.2 age adoption passing confidence

Release Notes

apollographql/federation (@​apollo/gateway)

v2.9.3

Compare Source

Patch Changes

v2.9.2

Compare Source

Patch Changes

v2.9.1

Compare Source

Patch Changes

v2.9.0

Compare Source

Patch Changes
apollographql/apollo-server (@​apollo/server)

v4.11.2

Compare Source

(No change; there is a change to the @apollo/server-integration-testsuite used to test integrations, and the two packages always have matching versions.)

v4.11.1

Compare Source

Patch Changes

  • #​7952 bb81b2c Thanks @​glasser! - Upgrade dependencies so that automated scans don't detect a vulnerability.

    @apollo/server depends on express which depends on cookie. Versions of express older than v4.21.1 depend on a version of cookie vulnerable to CVE-2024-47764. Users of older express versions who call res.cookie() or res.clearCookie() may be vulnerable to this issue.

    However, Apollo Server does not call this function directly, and it does not expose any object to user code that allows TypeScript users to call this function without an unsafe cast.

    The only way that this direct dependency can cause a vulnerability for users of Apollo Server is if you call startStandaloneServer with a context function that calls Express-specific methods such as res.cookie() or res.clearCookies() on the response object, which is a violation of the TypeScript types provided by startStandaloneServer (which only promise that the response object is a core Node.js http.ServerResponse rather than the Express-specific subclass). So this vulnerability can only affect Apollo Server users who use unsafe JavaScript or unsafe as typecasts in TypeScript.

    However, this upgrade will at least prevent vulnerability scanners from alerting you to this dependency, and we encourage all Express users to upgrade their project's own express dependency to v4.21.1 or newer.

v4.11.0

Compare Source

Minor Changes

  • #​7916 4686454 Thanks @​andrewmcgivery! - Add hideSchemaDetailsFromClientErrors option to ApolloServer to allow hiding 'did you mean' suggestions from validation errors.

    Even with introspection disabled, it is possible to "fuzzy test" a graph manually or with automated tools to try to determine the shape of your schema. This is accomplished by taking advantage of the default behavior where a misspelt field in an operation
    will be met with a validation error that includes a helpful "did you mean" as part of the error text.

    For example, with this option set to true, an error would read Cannot query field "help" on type "Query". whereas with this option set to false it would read Cannot query field "help" on type "Query". Did you mean "hello"?.

    We recommend enabling this option in production to avoid leaking information about your schema to malicious actors.

    To enable, set this option to true in your ApolloServer options:

    const server = new ApolloServer({
  typeDefs,
  resolvers,
  hideSchemaDetailsFromClientErrors: true,
});

v4.10.5

Compare Source

Patch Changes
ardatan/graphql-tools (@​graphql-tools/schema)

v10.0.9

Compare Source

Patch Changes

v10.0.8

Compare Source

Patch Changes

v10.0.7

Compare Source

Patch Changes

v10.0.6

Compare Source

Patch Changes

v10.0.5

Compare Source

Patch Changes

v10.0.4

Compare Source

Patch Changes
nestjs/graphql (@​nestjs/apollo)

v12.2.1

Compare Source

12.2.1 (2024-10-23)

Bug fixes
  • graphql
Enhancements
Dependencies
Committers: 4

v12.2.0

Compare Source

v12.2.0 (2024-07-02)
Bug fixes
Enhancements
  • apollo, graphql
    • #​3222 feat(graphql): add support for option newline at the end of schema file (@​sabolch)
Docs
Dependencies
Committers: 6
nestjs/nest-cli (@​nestjs/cli)

v10.4.8

Compare Source

  • Merge pull request #​2792 from nestjs/fix/type-check-error-2791 (5be20eb)
  • Merge pull request #​2797 from nestjs/renovate/tsconfig-paths-webpack-plugin-4.x (6d77fd3)
  • Merge pull request #​2800 from caucik/webpack-fix-branch (9ec2d5e)
  • fix: webpack default config - IgnorePlugin (83c5cfc)
  • fix(deps): update dependency tsconfig-paths-webpack-plugin to v4.2.0 (ebdfb32)
  • chore(deps): update dependency @​swc/core to v1.9.2 (#​2794) (ed9d8b8)
  • fix: show type check warning only when builder is not swc #​2791 (2e23003)
  • fix(deps): update dependency glob to v10.4.5 (7aba481)

v10.4.7

Compare Source

  • Merge pull request #​2786 from nestjs/revert-2642-renovate/glob-11.x (0ff0a01)
  • Revert "fix(deps): update dependency glob to v11" (7af719e)

v10.4.6

Compare Source

  • build: allow js, clean artificats in ci (7bc0b3f)
  • chore(deps): update dependency ts-jest to v29.2.5 (41ce50b)
  • fix(deps): update dependency typescript to v5.6.3 (067a119)
  • Merge pull request #​2784 from nestjs/renovate/node-22.x (f3bd8b0)
  • Merge pull request #​2778 from nestjs/renovate/swc-monorepo (008ab68)
  • Merge pull request #​2780 from nestjs/renovate/webpack-5.x (d708ea9)
  • Merge pull request #​2764 from nestjs/renovate/angular-cli-monorepo (d8ae02b)
  • fix: add missing type argument (df91c49)
  • Merge branch 'addun-fix-issue-2653' (041a184)
  • chore: resolve conflicts (486ac60)
  • Merge pull request #​2415 from yigitkurtcu/feat/generate-options-base-url (537dfa7)
  • Merge pull request #​2716 from nestjs/renovate/angular-cli-monorepo (ef0ff51)
  • Merge pull request #​2642 from nestjs/renovate/glob-11.x (c7e2e01)
  • fix(deps): update angular-cli monorepo to v17.3.10 (960e65f)
  • Merge pull request #​2743 from nestjs/renovate/webpack-5.x (b750ead)
  • Merge pull request #​2754 from nestjs/renovate/nest-monorepo (603721e)
  • fix(deps): update dependency @​nestjs/schematics to v10.2.2 (f062e99)
  • fix: unification copy behavior between watched and not watched assets (3664ed0)
  • fix(deps): update dependency glob to v11 (fc6e7a1)
  • feat: basedir option added to configuration for generate command (877b6bd)

v10.4.5

Compare Source

v10.4.4

Compare Source

v10.4.3

Compare Source

v10.4.2

Compare Source

v10.4.1

Compare Source

v10.4.0

Compare Source

nestjs/nest (@​nestjs/common)

v10.4.8

Compare Source

v10.4.8 (2024-11-15)
Bug fixes
Enhancements
Committers: 3

v10.4.7

Compare Source

v10.4.6

Compare Source

v10.4.5

Compare Source

v10.4.5 (2024-10-16)
Dependencies

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented May 25, 2024
edited
Loading

⚠️ No Changeset found

Latest commit: 48787b9

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@codecov-commenter
Copy link

codecov-commenter commented May 25, 2024
edited
Loading

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.94%. Comparing base (9682f05) to head (9f28a16).

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #655   +/-   ##
=======================================
  Coverage   92.94%   92.94%           
=======================================
  Files          17       17           
  Lines         340      340           
  Branches       98       98           
=======================================
  Hits          316      316           
  Misses         24       24

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@renovate renovate bot changed the title chore(deps): update dependency nodemon to v3.1.1 fix(deps): update examples May 27, 2024
@renovate renovate bot force-pushed the renovate/examples branch 11 times, most recently from c519230 to 2768515 Compare June 4, 2024 19:16
@renovate renovate bot force-pushed the renovate/examples branch 6 times, most recently from 5781cf8 to c035d9b Compare June 11, 2024 20:52
@renovate renovate bot force-pushed the renovate/examples branch 8 times, most recently from 714e87b to 0bf53dd Compare June 19, 2024 09:04
@renovate renovate bot force-pushed the renovate/examples branch 11 times, most recently from 0a5b7b0 to e2bab34 Compare November 5, 2024 19:48
@renovate renovate bot force-pushed the renovate/examples branch 6 times, most recently from f9193bd to 4fafa49 Compare November 12, 2024 21:43
@renovate renovate bot force-pushed the renovate/examples branch 6 times, most recently from b79b932 to c1dd0e2 Compare November 19, 2024 17:48
@renovate renovate bot force-pushed the renovate/examples branch 5 times, most recently from 54e0eb4 to f1ce0a8 Compare November 23, 2024 18:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@codecov-commenter