Skip to content

chore(deps): bump graphql from 2.4.15 to 2.5.3 #1884

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 18, 2025
Merged

chore(deps): bump graphql from 2.4.15 to 2.5.3 #1884

merged 1 commit into from
Apr 18, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 14, 2025

Bumps graphql from 2.4.15 to 2.5.3.

Changelog

Sourced from graphql's changelog.

2.5.3

Deprecations

  • Validation: two non-spec behaviors are deprecated:
    • When a query includes two scalar fields of different types which may occur in the same place in the response, the query was previously allowed. The spec says it should be rejected. This version emits a warning in this case. See Schema.allow_legacy_invalid_return_type_conflicts for migration support. #4351
    • When a query selects a field which returns a Union, but doesn't make any subselections on the Union, the spec says the query should be rejected as invalid but previous GraphQL-Ruby allowed it. It now emits a warning. See Schema.allow_legacy_invalid_empty_selections_on_union for migration support #5322
  • Complexity: several bugs about merging complexity cost across branches of a query have been fixed but require opting in. They may produce higher complexity scores. See Schema.complexity_cost_calculation_mode for migration support. #4843

New features

  • AlwaysVisible: improve speed (using Schema::Visibility) #5326
  • Return more descriptive errors when non-nullable list elements are null #5301
  • Visibility: improve performance on large schemas #5325

2.5.2

New features

  • Resolver: accept deprecation_reason #5320

Bug fixes

  • Visibility: hide argument types whose uses are all hidden (to match Warden) #5291
  • InputObject: fix validation for nested input object with prepare: method configs #5321

2.5.1

Bug fixes

  • Datadog trace: fix Dataloader source tracing method #5318
  • Sentry trace: handle nil current span #5313

2.5.0

Breaking changes

  • Subscriptions: GraphQL-Ruby now implements the spec's requirement that a subscription has only one root selection #5250
  • Datadog trace: the custom prepare_span hook now receives an execution-related object instead of a hash of keywords. #5298

New features

  • Tracers: APM tracers have been updated to reflect Dataloader's fiber stops and starts #5296 #5298

2.4.16 (1 Apr 2025)

New features

  • Move some more modules into GraphQL::Dashboard #5308 #5310

... (truncated)

Commits
  • 548be80 2.5.3, merge website and apidocs actions
  • f8ed6d1 Merge pull request #5301 from fisxoj/mn-nullable-array-element-type-errors
  • 6f8a205 Update some docs
  • 324d821 Merge pull request #4843 from gmac/gmac/v3_complexity_update
  • 99d1d7c Add tests for compat
  • 8ffe6a1 Start sketching out a compatibility system
  • 58c2b9d Merge branch 'master' into gmac/v3_complexity_update
  • 94cf6c4 Move file to new location
  • b8e2bff Merge pull request #4347 from rmosolgo/fields-will-merge-response-type-check
  • 75c164c Add compatibility layer
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump graphql from 2.4.15 to 2.5.3
99ef096 
Bumps [graphql](https://github.com/rmosolgo/graphql-ruby) from 2.4.15 to 2.5.3.
- [Release notes](https://github.com/rmosolgo/graphql-ruby/releases)
- [Changelog](https://github.com/rmosolgo/graphql-ruby/blob/master/CHANGELOG.md)
- [Commits](rmosolgo/graphql-ruby@v2.4.15...v2.5.3)

---
updated-dependencies:
- dependency-name: graphql
  dependency-version: 2.5.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Apr 14, 2025
@dependabot dependabot bot mentioned this pull request Apr 14, 2025
Closed
@icyleaf icyleaf merged commit 146f9b8 into develop Apr 18, 2025
2 checks passed
@dependabot dependabot bot deleted the dependabot/bundler/graphql-2.5.3 branch April 18, 2025 04:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@icyleaf