Update module github.com/vektah/gqlparser/v2 to v2.5.14 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/vektah/gqlparser/v2	v2.2.0 -> v2.5.14

GitHub Vulnerability Alerts

CVE-2023-49559

An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function.

---

Release Notes

vektah/gqlparser (github.com/vektah/gqlparser/v2)

v2.5.14

Compare Source

What's Changed

• Add ParseQueryWithLimit by @​StevenACoffman in #​304

Full Changelog: vektah/gqlparser@v2.5.13...v2.5.14

v2.5.13

Compare Source

What's Changed

• Bump the actions-deps group in /validator/imported with 6 updates by @​dependabot in #​298
• Bump prettier from 3.2.5 to 3.3.0 in /validator/imported in the actions-deps group by @​dependabot in #​299
• Bump the actions-deps group in /validator/imported with 7 updates by @​dependabot in #​301
• Bump braces from 3.0.2 to 3.0.3 in /validator/imported by @​dependabot in #​302
• Token limit fix CVE-2023-49559 by @​uvzz in #​291

New Contributors

• @​uvzz made their first contribution in #​291

Full Changelog: vektah/gqlparser@v2.5.12...v2.5.13

v2.5.12

Compare Source

What's Changed

• Disallow empty parens (#​292). by @​yuchenshi in #​293
• WithBuiltin FormatterOption added by @​atzedus in #​294
• Redo github actions by @​StevenACoffman in #​295
• Bump github.com/stretchr/testify from 1.4.0 to 1.9.0 in the actions-deps group by @​dependabot in #​296
• Bump the actions-deps group in /validator/imported with 8 updates by @​dependabot in #​297

New Contributors

• @​yuchenshi made their first contribution in #​293

Full Changelog: vektah/gqlparser@v2.5.11...v2.5.12

v2.5.11

Compare Source

What's Changed

• Bump get-func-name from 2.0.0 to 2.0.2 in /validator/imported by @​dependabot in #​284
• Bump @​babel/traverse from 7.22.6 to 7.23.2 in /validator/imported by @​dependabot in #​285
• Fix description formatting (possible " character) by @​blmhemu in #​289
• gqlerror: implement List.Unwrap by @​emersion in #​290

New Contributors

• @​blmhemu made their first contribution in #​289
• @​emersion made their first contribution in #​290

Full Changelog: vektah/gqlparser@v2.5.10...v2.5.11

v2.5.10

Compare Source

What's Changed

• fix for #​281 by @​Metamogul in #​282
• Format the error file from #​282 by @​StevenACoffman in #​283

New Contributors

• @​Metamogul made their first contribution in #​282

Full Changelog: vektah/gqlparser@v2.5.9...v2.5.10

v2.5.9

Compare Source

What's Changed

• Convenience to avoid wrapping nil by @​StevenACoffman in #​274
• Add WrapIfUnwrapped and other Lint fixes by @​StevenACoffman in #​275
• More lint by @​StevenACoffman in #​276
• More minor tweaks by @​StevenACoffman in #​277
• Make all fields of *gqlerror.Error public by @​fredzqm in #​273
• Revert Path string change by @​StevenACoffman in #​278
• Adjust lexer to return gqlerror where it does not break tests by @​StevenACoffman in #​279

Full Changelog: vektah/gqlparser@v2.5.8...v2.5.9

v2.5.8

Compare Source

What's Changed

• Put comments behind an option in formatter by @​benjaminjkraft in #​271

Full Changelog: vektah/gqlparser@v2.5.7...v2.5.8

v2.5.7

Compare Source

What's Changed

• [Snyk] Security upgrade @​babel/preset-env from 7.16.11 to 7.22.6 by @​lwc in #​267
• Bump semver from 5.7.1 to 5.7.2 in /validator/imported by @​dependabot in #​268
• Allow ommitting Directive arguments that are non-null if they have defaults by @​StevenACoffman in #​270

Full Changelog: vektah/gqlparser@v2.5.6...v2.5.7

v2.5.6

Compare Source

What's Changed

• feat: support end of definition comment and end of file comment by @​Warashi in #​264
• feat(formatter): preserve spaces at the head of comments by @​Warashi in #​265

Full Changelog: vektah/gqlparser@v2.5.5...v2.5.6

v2.5.5

Compare Source

What's Changed

• feat: format with comments by @​Warashi in #​263

Full Changelog: vektah/gqlparser@v2.5.4...v2.5.5

v2.5.4

Compare Source

What's Changed

• feat(lexer): comment token support by @​Warashi in #​261

New Contributors

• @​Warashi made their first contribution in #​261

Full Changelog: vektah/gqlparser@v2.5.3...v2.5.4

v2.5.3

Compare Source

What's Changed

• Update modules by @​StevenACoffman in #​259

Full Changelog: vektah/gqlparser@v2.5.2...v2.5.3

v2.5.2

Compare Source

What's Changed

• Add github actions to lint by @​StevenACoffman in #​241
• GH Actions CI Additions + Linter fixups by @​philipaconrad in #​242
• Prefer to wrap third party errors by @​StevenACoffman in #​243
• Remove a duplicate line in lexer_test.yml by @​ryicoh in #​244
• Point to the right GraphQL spec by @​Khyme in #​250
• Bump json5 from 2.2.0 to 2.2.3 in /validator/imported by @​dependabot in #​251
• support @​defer directive by @​fiatjaf in #​255
• Don't drop repeatable keyword when formatting directive by @​tadeokondrak in #​256
• Validate directive arguments during schema parsing by @​fredzqm in #​258
• Validate enum values directive are legit by @​fredzqm in #​257

New Contributors

• @​ryicoh made their first contribution in #​244
• @​Khyme made their first contribution in #​250
• @​fiatjaf made their first contribution in #​255
• @​tadeokondrak made their first contribution in #​256
• @​fredzqm made their first contribution in #​258

Full Changelog: vektah/gqlparser@v2.5.1...v2.5.2

v2.5.1

Compare Source

What's Changed

• Fixes #​231: Parsing a field type with a bang should not increase the … by @​Aven30 in #​236

Full Changelog: vektah/gqlparser@v2.5.0...v2.5.1

v2.5.0

Compare Source

What's Changed

• fix : returning error instead of *gqlError.Error by @​schafle in #​234

New Contributors

• @​schafle made their first contribution in #​234

Full Changelog: vektah/gqlparser@v2.4.8...v2.5.0

v2.4.8

Compare Source

What's Changed

• Add UnmarshalJSON implementations. by @​philipaconrad in #​232

New Contributors

• @​philipaconrad made their first contribution in #​232

Full Changelog: vektah/gqlparser@v2.4.7...v2.4.8

v2.4.7

Compare Source

What's Changed

• Fix #​229 by @​Aven30 in #​230

New Contributors

• @​Aven30 made their first contribution in #​230

Full Changelog: vektah/gqlparser@v2.4.6...v2.4.7

v2.4.6

Compare Source

What's Changed

• Check for non-enum values on validation by @​ameyarao98 in #​227
• Replace deprecated ioutil pkg with os & io by @​abhinavnair in #​228

New Contributors

• @​ameyarao98 made their first contribution in #​227
• @​abhinavnair made their first contribution in #​228

Full Changelog: vektah/gqlparser@v2.4.5...v2.4.6

v2.4.5

Compare Source

What's Changed

• Allow doubly-defined builtin directives by @​benjaminjkraft in #​226
• Validate that the operation's root type is valid by @​benjaminjkraft in #​225

New Contributors

• @​benjaminjkraft made their first contribution in #​226

Full Changelog: vektah/gqlparser@v2.4.4...v2.4.5

v2.4.4

Compare Source

What's Changed

• Report error about null value for any type that cannot be null, not for only built-in by @​atzedus in #​222

New Contributors

• @​atzedus made their first contribution in #​222

Full Changelog: vektah/gqlparser@v2.4.3...v2.4.4

v2.4.3

Compare Source

What's Changed

• formatter: skip printing insignificant commas in arguments definitions by @​a8m in #​220

New Contributors

• @​a8m made their first contribution in #​220

Full Changelog: vektah/gqlparser@v2.4.2...v2.4.3

v2.4.2

Compare Source

What's Changed

• Report definition name in validateDefinition errors by @​sonatard in #​206
• Fix type documentation by @​obukhov in #​207
• formatter: support setting space indent by @​giautm in #​208
• fix: only write newline in the description if needs by @​giautm in #​209
• Bump minimist from 1.2.5 to 1.2.6 in /validator/imported by @​dependabot in #​210
• formatter fix: include argument directives by @​jpleasu in #​213
• Embed prelude by @​AndrewWPhillips in #​214
• feat: added AddTypes helper to ast.Schema by @​giautm in #​215
• fix bug and delete String of Int and Float by @​pjmd89 in #​205
• fix issue #​160: validateVarType parsing numbers by @​StevenACoffman in #​216

New Contributors

• @​sonatard made their first contribution in #​206
• @​obukhov made their first contribution in #​207
• @​giautm made their first contribution in #​208
• @​jpleasu made their first contribution in #​213
• @​AndrewWPhillips made their first contribution in #​214
• @​pjmd89 made their first contribution in #​205

Full Changelog: vektah/gqlparser@v2.4.1...v2.4.2

v2.4.1

Compare Source

What's Changed

• fixed issue for 99designs/gqlgen#2028 by @​Code-Hex in #​201
• added validateTypeImplementsAncestors to validate implemented types by @​Code-Hex in #​202

Full Changelog: vektah/gqlparser@v2.4.0...v2.4.1

v2.4.0

Compare Source

What's Changed

• Support intermediate interfaces by @​wilhelmeek in #​169
• fixed prelude.graphql to be correct in the latest spec by @​Code-Hex in #​182
• supported schema description for introspection by @​Code-Hex in #​183
• update Node.js harness by @​vektah @​Code-Hex @​StevenACoffman in #​181
• updated prelude.graphql for the beta spec by @​Code-Hex in #​200
• Bump gopkg.in/yaml.v2 from 2.2.4 to 2.2.8 by @​dependabot in #​199

New Contributors

• @​dependabot made their first contribution in #​199

Full Changelog: vektah/gqlparser@v2.3.1...v2.4.0

v2.3.1

Compare Source

What's Changed

• Revert "Add @​specifiedBy directive declaration" by @​StevenACoffman in #​176

Full Changelog: vektah/gqlparser@v2.3.0...v2.3.1

v2.3.0

Compare Source

What's Changed

• make reproducable importer by @​vvakame in #​112
• Update prelude to match graphql_spec for @​deprecated directive by @​danielnovograd in #​155
• Stop validator mutating the provided *Schema by @​xzyfer in #​158
• docs: Fix a few typos in the README by @​enisdenjo in #​174
• feat: do not mark __typename field as unknown in the schema validation by @​damianopetrungaro in #​172
• Fix: argument comparison between two sets of args by @​jufemaiz in #​170
• Add @​specifiedBy directive declaration by @​wilhelmeek in #​168
• Fix for update by reference of default variable values by @​aurelijusbanelis in #​161
• Add release script by @​StevenACoffman in #​175

New Contributors

• @​danielnovograd made their first contribution in #​155
• @​xzyfer made their first contribution in #​158
• @​enisdenjo made their first contribution in #​174
• @​damianopetrungaro made their first contribution in #​172
• @​jufemaiz made their first contribution in #​170
• @​wilhelmeek made their first contribution in #​168
• @​aurelijusbanelis made their first contribution in #​161
• @​StevenACoffman made their first contribution in #​175

Full Changelog: vektah/gqlparser@v2.2.0...v2.3.0

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: gql-test/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 1 additional dependency was updated

Details:

Package	Change
github.com/stretchr/testify	v1.7.0 -> v1.9.0

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.