[Snyk] Upgrade @apollo/client from 3.3.11 to 3.9.0

[NOUIY]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade @apollo/client from 3.3.11 to 3.9.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 226 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2024-01-30.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-APOLLOCLIENT-1085706	479/1000 Why? Has a fix available, CVSS 5.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @apollo/client

• 3.9.0 - 2024-01-30
  Read more
• 3.9.0-rc.1 - 2024-01-18
  

  Patch Changes

  • #11503 67f62e3 Thanks @ jerelmiller! - Release changes from v3.8.10
• 3.9.0-rc.0 - 2024-01-17
  

  Minor Changes

  • #11495 1190aa5 Thanks @ jerelmiller! - Increase the default memory limits for executeSelectionSet and executeSelectionSetArray.
• 3.9.0-beta.1 - 2023-12-21
  

  Minor Changes

  • #11424 62f3b6d Thanks @ phryneas! - Simplify RetryLink, fix potential memory leak

    Historically, RetryLink would keep a values array of all previous values,
    in case the operation would get an additional subscriber at a later point in time.
    In practice, this could lead to a memory leak (#11393) and did not serve any
    further purpose, as the resulting observable would only be subscribed to by
    Apollo Client itself, and only once - it would be wrapped in a Concast before
    being exposed to the user, and that Concast would handle subscribers on its
    own.

  • #11442 4b6f2bc Thanks @ jerelmiller! - Remove the need to call retain from useLoadableQuery since useReadQuery will now retain the query. This means that a queryRef that is not consumed by useReadQuery within the given autoDisposeTimeoutMs will now be auto diposed for you.

    Thanks to #11412, disposed query refs will be automatically resubscribed to the query when consumed by useReadQuery after it has been disposed.

  • #11438 6d46ab9 Thanks @ jerelmiller! - Remove the need to call retain from useBackgroundQuery since useReadQuery will now retain the query. This means that a queryRef that is not consumed by useReadQuery within the given autoDisposeTimeoutMs will now be auto diposed for you.

    Thanks to #11412, disposed query refs will be automatically resubscribed to the query when consumed by useReadQuery after it has been disposed.

  Patch Changes

  • #11443 ff5a332 Thanks @ phryneas! - Adds a deprecation warning to the HOC and render prop APIs.

    The HOC and render prop APIs have already been deprecated since 2020,
    but we previously didn't have a @ deprecated tag in the DocBlocks.

  • #11078 14edebe Thanks @ phryneas! - ObservableQuery: prevent reporting results of previous queries if the variables changed since

  • #11439 33454f0 Thanks @ jerelmiller! - Address bundling issue introduced in #11412 where the react/cache internals ended up duplicated in the bundle. This was due to the fact that we had a react/hooks entrypoint that imported these files along with the newly introduced createQueryPreloader function, which lived outside of the react/hooks folder.

• 3.9.0-beta.0 - 2023-12-18
  

  Minor Changes

  • #11412 58db5c3 Thanks @ jerelmiller! - Create a new useQueryRefHandlers hook that returns refetch and fetchMore functions for a given queryRef. This is useful to get access to handlers for a queryRef that was created by createQueryPreloader or when the handlers for a queryRef produced by a different component are inaccessible.

    const MyComponent({ queryRef }) {
    const { refetch, fetchMore } = useQueryRefHandlers(queryRef);

    // ...
}


  • #11410 07fcf6a Thanks @ sf-twingate! - Allow returning IGNORE sentinel object from optimisticResponse functions to bail-out from the optimistic update.

    Consider this example:

    const UPDATE_COMMENT = gqlmutation UpdateComment($commentId: ID!, $commentContent: String!) { updateComment(commentId: $commentId, content: $commentContent) { id __typename content } };

    function CommentPageWithData() {
const [mutate] = useMutation(UPDATE_COMMENT);
return (
<Comment
updateComment={({ commentId, commentContent }) =>
mutate({
variables: { commentId, commentContent },
optimisticResponse: (vars, { IGNORE }) => {
if (commentContent === "foo") {
// conditionally bail out of optimistic updates
return IGNORE;
}
return {
updateComment: {
id: commentId,
__typename: "Comment",
content: commentContent,
},
};
},
})
}
/>
);
}


    The IGNORE sentinel can be destructured from the second parameter in the callback function signature passed to optimisticResponse.

  • #11412 58db5c3 Thanks @ jerelmiller! - Add the ability to start preloading a query outside React to begin fetching as early as possible. Call createQueryPreloader to create a preloadQuery function which can be called to start fetching a query. This returns a queryRef which is passed to useReadQuery and suspended until the query is done fetching.

    const preloadQuery = createQueryPreloader(client);
    const queryRef = preloadQuery(QUERY, { variables, ...otherOptions });

    function App() {
    return {
    <Suspense fallback={<div>Loading</div>}>
    <MyQuery />
    </Suspense>
    }
    }

    function MyQuery() {
    const { data } = useReadQuery(queryRef);

    // do something with data
}


  • #11397 3f7eecb Thanks @ aditya-kumawat! - Adds a new skipPollAttempt callback function that's called whenever a refetch attempt occurs while polling. If the function returns true, the refetch is skipped and not reattempted until the next poll interval. This will solve the frequent use-case of disabling polling when the window is inactive.

    useQuery(QUERY, {
      pollInterval: 1000,
      skipPollAttempt: () => document.hidden, // or !document.hasFocus()
    });
    // or define it globally
    new ApolloClient({
      defaultOptions: {
        watchQuery: {
          skipPollAttempt: () => document.hidden, // or !document.hasFocus()
        },
      },
    });

  • #11435 5cce53e Thanks @ phryneas! - Deprecates canonizeResults.

    Using canonizeResults can result in memory leaks so we generally do not recommend using this option anymore.
    A future version of Apollo Client will contain a similar feature without the risk of memory leaks.

  Patch Changes

  • #11369 2a47164 Thanks @ phryneas! - Persisted Query Link: improve memory management

    • use LRU WeakCache instead of WeakMap to keep a limited number of hash results
    • hash cache is initiated lazily, only when needed
    • expose persistedLink.resetHashCache() method
    • reset hash cache if the upstream server reports it doesn't accept persisted queries

  • #10804 221dd99 Thanks @ phryneas! - use WeakMap in React Native with Hermes

  • #11409 2e7203b Thanks @ phryneas! - Adds an experimental ApolloClient.getMemoryInternals helper

• 3.9.0-alpha.5 - 2023-12-05
  

  Minor Changes

  • #11345 1759066a8 Thanks @ phryneas! - QueryManager.inFlightLinkObservables now uses a strong Trie as an internal data structure.

    Warning: requires @ apollo/experimental-nextjs-app-support update

    If you are using @ apollo/experimental-nextjs-app-support, you will need to update that to at least 0.5.2, as it accesses this internal data structure.

  • #11300 a8158733c Thanks @ jerelmiller! - Introduces a new useLoadableQuery hook. This hook works similarly to useBackgroundQuery in that it returns a queryRef that can be used to suspend a component via the useReadQuery hook. It provides a more ergonomic way to load the query during a user interaction (for example when wanting to preload some data) that would otherwise be clunky with useBackgroundQuery.

    function App() {
    const [loadQuery, queryRef, { refetch, fetchMore, reset }] =
    useLoadableQuery(query, options);

    return (
    <>
    <button onClick={() => loadQuery(variables)}>Load query</button>
    <Suspense fallback={<SuspenseFallback />}>
    {queryRef && <Child queryRef={queryRef} />}
    </Suspense>
    </>
    );
    }

    function Child({ queryRef }) {
    const { data } = useReadQuery(queryRef);

    // ...
}


  Patch Changes

  • #11356 cc4ac7e19 Thanks @ phryneas! - Fix a potential memory leak in FragmentRegistry.transform and FragmentRegistry.findFragmentSpreads that would hold on to passed-in DocumentNodes for too long.

  • #11370 25e2cb431 Thanks @ phryneas! - parse function: improve memory management

    • use LRU WeakCache instead of Map to keep a limited number of parsed results
    • cache is initiated lazily, only when needed
    • expose parse.resetCache() method

  • #11389 139acd115 Thanks @ phryneas! - documentTransform: use optimism and WeakCache instead of directly storing data on the Trie

  • #11358 7d939f80f Thanks @ phryneas! - Fixes a potential memory leak in Concast that might have been triggered when Concast was used outside of Apollo Client.

  • #11344 bd2667619 Thanks @ phryneas! - Add a resetCache method to DocumentTransform and hook InMemoryCache.addTypenameTransform up to InMemoryCache.gc

  • #11367 30d17bfeb Thanks @ phryneas! - print: use WeakCache instead of WeakMap

  • #11385 d9ca4f082 Thanks @ phryneas! - ensure defaultContext is also used for mutations and subscriptions

  • #11387 4dce8673b Thanks @ phryneas! - QueryManager.transformCache: use WeakCache instead of WeakMap

  • #11371 ebd8fe2c1 Thanks @ phryneas! - Clarify types of EntityStore.makeCacheKey.

  • #11355 7d8e18493 Thanks @ phryneas! - InMemoryCache.gc now also triggers FragmentRegistry.resetCaches (if there is a FragmentRegistry)

• 3.9.0-alpha.4 - 2023-11-08
  Read more
• 3.9.0-alpha.3 - 2023-11-02
• 3.9.0-alpha.2 - 2023-10-11
• 3.9.0-alpha.1 - 2023-09-21
• 3.9.0-alpha.0 - 2023-09-19
• 3.8.10 - 2024-01-18
  Read more
• 3.8.9 - 2024-01-09
  Read more
• 3.8.8 - 2023-11-29
  Read more
• 3.8.7 - 2023-11-02
• 3.8.6 - 2023-10-16
• 3.8.5 - 2023-10-05
• 3.8.4 - 2023-09-19
• 3.8.3 - 2023-09-05
• 3.8.2 - 2023-09-01
• 3.8.1 - 2023-08-10
• 3.8.0 - 2023-08-07
• 3.8.0-rc.2 - 2023-08-01
• 3.8.0-rc.1 - 2023-07-17
• 3.8.0-rc.0 - 2023-07-13
• 3.8.0-beta.7 - 2023-07-10
• 3.8.0-beta.6 - 2023-07-05
• 3.8.0-beta.5 - 2023-06-28
• 3.8.0-beta.4 - 2023-06-20
• 3.8.0-beta.3 - 2023-06-15
• 3.8.0-beta.2 - 2023-06-07
• 3.8.0-beta.1 - 2023-05-31
• 3.8.0-beta.0 - 2023-05-26
• 3.8.0-alpha.15 - 2023-05-17
• 3.8.0-alpha.14 - 2023-05-16
• 3.8.0-alpha.13 - 2023-05-03
• 3.8.0-alpha.12 - 2023-04-13
• 3.8.0-alpha.11 - 2023-03-28
• 3.8.0-alpha.10 - 2023-03-17
• 3.8.0-alpha.9 - 2023-03-15
• 3.8.0-alpha.8 - 2023-03-02
• 3.8.0-alpha.7 - 2023-02-15
• 3.8.0-alpha.6 - 2023-02-07
• 3.8.0-alpha.5 - 2023-01-19
• 3.8.0-alpha.4 - 2023-01-13
• 3.8.0-alpha.3 - 2023-01-03
• 3.8.0-alpha.2 - 2022-12-21
• 3.8.0-alpha.1 - 2022-12-21
• 3.8.0-alpha.0 - 2022-12-09
• 3.7.17 - 2023-07-05
• 3.7.16 - 2023-06-20
• 3.7.15 - 2023-05-26
• 3.7.14 - 2023-05-03
• 3.7.13 - 2023-04-27
• 3.7.12 - 2023-04-12
• 3.7.11 - 2023-03-31
• 3.7.10 - 2023-03-02
• 3.7.9 - 2023-02-17
• 3.7.8 - 2023-02-15
• 3.7.7 - 2023-02-03
• 3.7.6 - 2023-01-31
• 3.7.5 - 2023-01-24
• 3.7.4 - 2023-01-13
• 3.7.3 - 2022-12-15
• 3.7.2 - 2022-12-06
• 3.7.1 - 2022-10-20
• 3.7.0 - 2022-09-30
• 3.7.0-rc.0 - 2022-09-21
• 3.7.0-beta.8 - 2022-09-21
• 3.7.0-beta.7 - 2022-09-08
• 3.7.0-beta.6 - 2022-06-27
• 3.7.0-beta.5 - 2022-06-10
• 3.7.0-beta.4 - 2022-06-10
• 3.7.0-beta.3 - 2022-06-07
• 3.7.0-beta.2 - 2022-06-07
• 3.7.0-beta.1 - 2022-05-26
• 3.7.0-beta.0 - 2022-05-25
• 3.7.0-alpha.6 - 2022-05-19
• 3.7.0-alpha.5 - 2022-05-16
• 3.7.0-alpha.4 - 2022-05-13
• 3.7.0-alpha.3 - 2022-05-09
• 3.7.0-alpha.2 - 2022-05-03
• 3.7.0-alpha.1 - 2022-05-03
• 3.7.0-alpha.0 - 2022-04-27
• 3.6.10 - 2022-09-29
• 3.6.9 - 2022-06-21
• 3.6.8 - 2022-06-10
• 3.6.7 - 2022-06-10
• 3.6.6 - 2022-05-26
• 3.6.5 - 2022-05-23
• 3.6.4 - 2022-05-16
• 3.6.3 - 2022-05-05
• 3.6.2 - 2022-05-03
• 3.6.1 - 2022-04-28
• 3.6.0 - 2022-04-26
• 3.6.0-rc.1 - 2022-04-19
• 3.6.0-rc.0 - 2022-04-18
• 3.6.0-beta.13 - 2022-04-14
• 3.6.0-beta.12 - 2022-04-11
• 3.6.0-beta.11 - 2022-04-05
• 3.6.0-beta.10 - 2022-03-29
• 3.6.0-beta.9 - 2022-03-10
• 3.6.0-beta.8 - 2022-03-10
• 3.6.0-beta.7 - 2022-03-10
• 3.6.0-beta.6 - 2022-02-15
• 3.6.0-beta.5 - 2022-02-04
• 3.6.0-beta.4 - 2022-02-03
• 3.6.0-beta.3 - 2021-11-23
• 3.6.0-beta.2 - 2021-11-22
• 3.6.0-beta.1 - 2021-11-16
• 3.6.0-beta.0 - 2021-11-16
• 3.5.10 - 2022-02-24
• 3.5.9 - 2022-02-15
• 3.5.8 - 2022-01-24
• 3.5.7 - 2022-01-10
• 3.5.6 - 2021-12-07
• 3.5.5 - 2021-11-23
• 3.5.4 - 2021-11-19
• 3.5.3 - 2021-11-17
• 3.5.2 - 2021-11-10
• 3.5.1 - 2021-11-09
• 3.5.0 - 2021-11-08
• 3.5.0-rc.3 - 2021-11-03
• 3.5.0-rc.2 - 2021-10-22
• 3.5.0-rc.1 - 2021-10-04
• 3.5.0-rc.0 - 2021-10-04
• 3.5.0-beta.18 - 2021-10-01
• 3.5.0-beta.17 - 2021-09-27
• 3.5.0-beta.16 - 2021-09-20
• 3.5.0-beta.15 - 2021-09-17
• 3.5.0-beta.14 - 2021-09-17
• 3.5.0-beta.13 - 2021-09-13
• 3.5.0-beta.12 - 2021-09-10
• 3.5.0-beta.11 - 2021-08-30
• 3.5.0-beta.10 - 2021-08-30
• 3.5.0-beta.9 - 2021-08-26
• 3.5.0-beta.8 - 2021-08-24
• 3.5.0-beta.7 - 2021-08-23
• 3.5.0-beta.6 - 2021-08-18
• 3.5.0-beta.5 - 2021-08-09
• 3.5.0-beta.4 - 2021-08-04
• 3.5.0-beta.3 - 2021-08-03
• 3.5.0-beta.2 - 2021-08-02
• 3.5.0-beta.1 - 2021-07-29
• 3.5.0-beta.0 - 2021-07-28
• 3.4.17 - 2021-11-08
• 3.4.16 - 2021-10-04
• 3.4.15 - 2021-09-27
• 3.4.14 - 2021-09-27
• 3.4.13 - 2021-09-20
• 3.4.12 - 2021-09-17
• 3.4.11 - 2021-09-10
• 3.4.10 - 2021-08-27
• 3.4.9 - 2021-08-24
• 3.4.8 - 2021-08-16
• 3.4.7 - 2021-08-09
• 3.4.6 - 2021-08-09
• 3.4.5 - 2021-08-04
• 3.4.4 - 2021-08-03
• 3.4.3 - 2021-08-02
• 3.4.2 - 2021-08-02
• 3.4.1 - 2021-07-29
• 3.4.0 - 2021-07-28
• 3.4.0-rc.23 - 2021-07-23
• 3.4.0-rc.22 - 2021-07-22
• 3.4.0-rc.21 - 2021-07-19
• 3.4.0-rc.20 - 2021-07-15
• 3.4.0-rc.19 - 2021-07-12
• 3.4.0-rc.18 - 2021-07-09
• 3.4.0-rc.17 - 2021-07-06
• 3.4.0-rc.16 - 2021-07-06
• 3.4.0-rc.15 - 2021-06-28
• 3.4.0-rc.14 - 2021-06-24
• 3.4.0-rc.13 - 2021-06-23
• 3.4.0-rc.12 - 2021-06-22
• 3.4.0-rc.11 - 2021-06-17
• 3.4.0-rc.10 - 2021-06-16
• 3.4.0-rc.9 - 2021-06-16
• 3.4.0-rc.8 - 2021-06-16
• 3.4.0-rc.7 - 2021-06-15
• 3.4.0-rc.6 - 2021-06-08
• 3.4.0-rc.5 - 2021-06-07
• 3.4.0-rc.4 - 2021-06-04
• 3.4.0-rc.3 - 2021-06-02
• 3.4.0-rc.2 - 2021-05-26
• 3.4.0-rc.1 - 2021-05-25
• 3.4.0-rc.0 - 2021-05-19
• 3.4.0-beta.28 - 2021-05-19
• 3.4.0-beta.27 - 2021-05-18
• 3.4.0-beta.26 - 2021-05-12
• 3.4.0-beta.25 - 2021-05-11
• 3.4.0-beta.24 - 2021-05-05
• 3.4.0-beta.23 - 2021-04-13
• 3.4.0-beta.22 - 2021-04-10
• 3.4.0-beta.21 - 2021-04-07
• 3.4.0-beta.20 - 2021-04-05
• 3.4.0-beta.19 - 2021-03-26
• 3.4.0-beta.18 - 2021-03-26
• 3.4.0-beta.17 - 2021-03-25
• 3.4.0-beta.16 - 2021-03-24
• 3.4.0-beta.15 - 2021-03-17
• 3.4.0-beta.14 - 2021-03-15
• 3.4.0-beta.13 - 2021-03-11
• 3.4.0-beta.12 - 2021-03-03
• 3.4.0-beta.11 - 2021-02-14
• 3.4.0-beta.10 - 2021-02-09
• 3.4.0-beta.9 - 2021-02-09
• 3.4.0-beta.8 - 2021-02-05
• 3.4.0-beta.7 - 2021-02-04
• 3.4.0-beta.6 - 2021-01-29
• 3.4.0-beta.5 - 2021-01-29
• 3.4.0-beta.4 - 2020-12-16
• 3.4.0-beta.3 - 2020-12-12
• 3.4.0-beta.2 - 2020-12-04
• 3.4.0-beta.1 - 2020-12-03
• 3.4.0-beta.0 - 2020-12-01
• 3.3.21 - 2021-07-06
• 3.3.20 - 2021-06-08
• 3.3.19 - 2021-05-18
• 3.3.18 - 2021-05-13
• 3.3.17 - 2021-05-11
• 3.3.16 - 2021-04-30
• 3.3.15 - 2021-04-13
• 3.3.14 - 2021-04-05
• 3.3.13 - 2021-03-24
• 3.3.12 - 2021-03-15
• 3.3.11 - 2021-02-15

from @apollo/client GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs