Skip to content

fix(deps): update apollo graphql packages to v2 (major) #446

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update apollo graphql packages to v2 (major) #446

wants to merge 1 commit into from
+6 −6

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Apr 12, 2022
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
@apollo/subgraph (source) 0.6.1 -> 2.12.0 age adoption passing confidence dependencies major
ghcr.io/apollographql/router v1.59.2 -> v2.8.1 age adoption passing confidence major

Release Notes

apollographql/federation (@​apollo/subgraph)

v2.12.0

Compare Source

Minor Changes
  • Federation 2.12 and Connect 0.3 (#​3276)
Patch Changes

v2.11.4

Compare Source

Patch Changes

v2.11.3

Compare Source

Patch Changes

v2.11.2

Compare Source

Patch Changes

v2.11.1

Compare Source

Patch Changes

v2.11.0

Compare Source

Minor Changes
  • Adds connect spec v0.2, available for use with Apollo Router 2.3.0 or greater. (#​3262)
Patch Changes

v2.10.3

Compare Source

Patch Changes

v2.10.2

Compare Source

Patch Changes

v2.10.1

Compare Source

Patch Changes

v2.10.0

Compare Source

Patch Changes

v2.9.4

Compare Source

Patch Changes

v2.9.3

Compare Source

Patch Changes

v2.9.2

Compare Source

Patch Changes

v2.9.1

Compare Source

Patch Changes

v2.9.0

Compare Source

Patch Changes

v2.8.5

Compare Source

Patch Changes

v2.8.4

Compare Source

Patch Changes

v2.8.3

Compare Source

Patch Changes

v2.8.2

Compare Source

Patch Changes

v2.8.1

Compare Source

Patch Changes

v2.8.0

Compare Source

Patch Changes

v2.7.8

Compare Source

Patch Changes

v2.7.7

Compare Source

Patch Changes

v2.7.6

Compare Source

Patch Changes

v2.7.5

Compare Source

Patch Changes

v2.7.4

Compare Source

Patch Changes

v2.7.3

Compare Source

Patch Changes

v2.7.2

Compare Source

Patch Changes

v2.7.1

Compare Source

Patch Changes

v2.7.0

Compare Source

Minor Changes

  • Implement progressive @override functionality (#​2911)

    The progressive @override feature brings a new argument to the @override directive: label: String. When a label is added to an @override application, the override becomes conditional, depending on parameters provided to the query planner (a set of which labels should be overridden). Note that this feature will be supported in router for enterprise users only.

    Out-of-the-box, the router will support a percentage-based use case for progressive @override. For example:

    type Query {
  hello: String @​override(from: "original", label: "percent(5)")
}

    The above example will override the root hello field from the "original" subgraph 5% of the time.

    More complex use cases will be supported by the router via the use of coprocessors/rhai to resolve arbitrary labels to true/false values (i.e. via a feature flag service).

Patch Changes

v2.6.3

Compare Source

Patch Changes

v2.6.2

Compare Source

Patch Changes

v2.6.1

Compare Source

Patch Changes

v2.6.0

Compare Source

Patch Changes

v2.5.7

Compare Source

Patch Changes

v2.5.6

Compare Source

Patch Changes

v2.5.5

Compare Source

Patch Changes

  • Fix specific case for requesting __typename on interface entity type (#​2775)

    In certain cases, when resolving a __typename on an interface entity (due to it actual being requested in the operation), that fetch group could previously be trimmed / treated as useless. At a glance, it appears to be a redundant step, i.e.:

    { ... on Product { __typename id }} => { ... on Product { __typename} }

    It's actually necessary to preserve this in the case that we're coming from an interface object to an (entity) interface so that we can resolve the concrete __typename correctly.

  • Updated dependencies []:

v2.5.4

Compare Source

Patch Changes

v2.5.3

Compare Source

Patch Changes

v2.5.2

Compare Source

Patch Changes

v2.5.1

Compare Source

Patch Changes

v2.5.0

Compare Source

Minor Changes

  • Introduce the new @authenticated directive for composition (#​2644)

    Note that this directive will only be fully supported by the Apollo Router as a GraphOS Enterprise feature at runtime. Also note that composition of valid @authenticated directive applications will succeed, but the resulting supergraph will not be executable by the Gateway or an Apollo Router which doesn't have the GraphOS Enterprise entitlement.

    Users may now compose @authenticated applications from their subgraphs into a supergraph. This addition will support a future version of Apollo Router that enables authenticated access to specific types and fields via directive applications.

    The directive is defined as follows:

    directive @​authenticated on FIELD_DEFINITION | OBJECT | INTERFACE | SCALAR | ENUM

    In order to compose your @authenticated usages, you must update your subgraph's federation spec version to v2.5 and add the @authenticated import to your existing imports like so:

    @​link(url: "https://specs.apollo.dev/federation/v2.5", import: [..., "@​authenticated"])
Patch Changes

v2.4.13

Compare Source

Patch Changes

v2.4.12

Compare Source

Patch Changes

v2.4.11

Compare Source

Patch Changes

v2.4.10

Compare Source

Patch Changes

v2.4.9

Compare Source

Patch Changes

v2.4.8

Compare Source

Patch Changes

v2.4.7

Compare Source

Patch Changes

v2.4.6

Compare Source

Patch Changes

v2.4.5

Compare Source

Patch Changes

v2.4.4

Compare Source

Patch Changes

v2.4.3

Compare Source

Patch Changes

  • Resolve Promise references before calling __resolveType on interface (#​2556)

    Since the introduction of entity interfaces, users could not return
    a Promise from __resolveReference while implementing a synchronous,
    custom __resolveType function. This change fixes/permits this use case.

    Additional background / implementation details:

    Returning a Promise from __resolveReference has historically never
    been an issue. However, with the introduction of entity interfaces, the
    calling of an interface's __resolveType function became a new concern.

    __resolveType functions expect a reference (and shouldn't be concerned
    with whether those references are wrapped in a Promise). In order to
    address this, we can await the reference before calling the
    __resolveType (this handles both the non-Promise and Promise case).

  • Updated dependencies [f6a8c1ce]:

v2.4.2

Compare Source

Patch Changes

v2.4.1

Compare Source

Patch Changes

v2.4.0

Compare Source

Patch Changes

v2.3.6

Compare Source

Patch Changes

v2.3.5

Compare Source

Patch Changes

v2.3.4

Compare Source

Patch Changes

v2.3.3

Compare Source

Patch Changes

v2.3.2

Compare Source

Patch Changes

v2.3.1

Compare Source

Patch Changes

This CHANGELOG pertains only to Apollo Federation packages in the 2.x range. The Federation v0.x equivalent for this package can be found here on the version-0.x branch of this repo.

v2.3.0

Compare Source

  • @tag directive support for the SCHEMA location. This has been added to the 2.3 version of the federation spec, so to access this functionality you must bump your federation spec version to 2.3 by using @link(url: "https://specs.apollo.dev/federation/v2.3", ...) on your schema element. PR #​2314.

v2.2.3

Compare Source

v2.2.2

Compare Source

v2.2.1

Compare Source

v2.2.0

Compare Source

  • Adds support for the 2.2 version of the federation spec (that is, @link(url: "https://specs.apollo.dev/federation/v2.2")), which:
  • allows @shareable to be repeatable so it can be allowed on both a type definition and its extensions PR #​2175.
  • Drop support for node12 PR #​2202

v2.1.4

Compare Source

v2.1.3

Compare Source

v2.1.2

Compare Source

v2.1.1

Compare Source

v2.1.0

Compare Source

  • Update peer dependency graphql to ^16.5.0 to use GraphQLErrorOptions PR #​2060
  • Remove dependency on apollo-server-types PR #​2037
  • Expand support for Node.js v18 PR #​1884

v2.0.5

Compare Source

v2.0.4

Compare Source

v2.0.3

Compare Source

  • Fix output of printSubgraphSchema method, ensuring it can be read back by composition and buildSubgraphSchema PR #​1831.
  • Fix definition of @key to be repeatable PR #​1826.

v2.0.2

Compare Source

v2.0.1

Compare Source

  • Released in sync with other federation packages but no changes to this package.

v2.0.0

Compare Source

  • Previous preview release promoted to general availability! Please see previous changelog entries for full info.
apollographql/router (ghcr.io/apollographql/router)

v2.8.1

Compare Source

🔒 Security

[!NOTE]
For more information on the impact of the fixes in this release and how your deployment might be affected or remediated, see the corresponding GitHub Security Advisory (GHSA) linked on the entries below. In both listed cases, updating to a patched Router version will resolve any vulnerabilities.

Fix authorization plugin handling of polymorphic types

Updates the auth plugin to correctly handle access control requirements when processing polymorphic types.

When querying interface types/fields, the auth plugin was verifying only whether all implementations shared the same access control requirements. In cases where interface types/fields did not specify the same access control requirements as the implementations, this could result in unauthorized access to protected data.

The auth plugin was updated to correctly verify that all polymorphic access control requirements are satisfied by the current context.

See GHSA-x33c-7c2v-mrj9 for additional details and the associated CVE number.

By @​dariuszkuc

Fixed authorization plugin handling of directive renames

The router auth plugin did not properly handle access control requirements when subgraphs renamed their access control directives through imports. When such renames occurred, the plugin’s @link-processing code ignored the imported directives entirely, causing access control constraints defined by the renamed directives to be ignored.

The plugin code was updated to call the appropriate functionality in the apollo-federation crate, which correctly handles both because spec and imports directive renames.

See GHSA-g8jh-vg5j-4h3f for additional details and the associated CVE number.

By @​sachindshinde

v2.8.0

Compare Source

🚀 Features
Response caching

Available on all GraphOS plans including Free, Developer, Standard and Enterprise.

Response caching enables the router to cache GraphQL subgraph origin responses using Redis, delivering performance improvements by reducing subgraph load and query latency. Unlike traditional HTTP caching or client-side caching, response caching works at the GraphQL entity level—caching reusable portions of query responses that can be sha

Configuration

📅 Schedule: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch 11 times, most recently from b2da5c3 to 1007fd7 Compare April 16, 2022 02:25
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch 9 times, most recently from cdd71ef to cd7cb8b Compare April 26, 2022 03:31
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch 7 times, most recently from dc298f7 to c3dacb4 Compare May 6, 2022 23:39
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch 3 times, most recently from 790d25e to d4d30cc Compare May 11, 2022 02:38
@renovate renovate bot changed the title fix(deps): update dependency @apollo/subgraph to v2 fix(deps): update apollo graphql packages to v2 (major) Oct 7, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch 2 times, most recently from 22f4063 to b1893e9 Compare October 10, 2025 16:45
@renovate renovate bot changed the title fix(deps): update apollo graphql packages to v2 (major) fix(deps): update dependency @apollo/subgraph to v2 Oct 10, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from b1893e9 to 1512e71 Compare October 10, 2025 21:52
@renovate renovate bot changed the title fix(deps): update dependency @apollo/subgraph to v2 fix(deps): update apollo graphql packages to v2 (major) Oct 10, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 1512e71 to 110d87f Compare October 11, 2025 10:04
@renovate renovate bot changed the title fix(deps): update apollo graphql packages to v2 (major) fix(deps): update dependency @apollo/subgraph to v2 Oct 11, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 110d87f to 73e2a8f Compare October 11, 2025 17:37
@renovate renovate bot changed the title fix(deps): update dependency @apollo/subgraph to v2 fix(deps): update apollo graphql packages to v2 (major) Oct 11, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 73e2a8f to 617e719 Compare October 15, 2025 05:30
@renovate renovate bot changed the title fix(deps): update apollo graphql packages to v2 (major) fix(deps): update dependency @apollo/subgraph to v2 Oct 15, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 617e719 to cc136c1 Compare October 15, 2025 13:41
@renovate renovate bot changed the title fix(deps): update dependency @apollo/subgraph to v2 fix(deps): update apollo graphql packages to v2 (major) Oct 15, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from cc136c1 to b83793e Compare October 19, 2025 09:12
@renovate renovate bot changed the title fix(deps): update apollo graphql packages to v2 (major) fix(deps): update dependency @apollo/subgraph to v2 Oct 19, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from b83793e to b1705d8 Compare October 19, 2025 12:46
@renovate renovate bot changed the title fix(deps): update dependency @apollo/subgraph to v2 fix(deps): update apollo graphql packages to v2 (major) Oct 19, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch 2 times, most recently from 37f029c to 6002fb7 Compare October 29, 2025 03:05
@renovate renovate bot changed the title fix(deps): update apollo graphql packages to v2 (major) fix(deps): update dependency @apollo/subgraph to v2 Oct 29, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 6002fb7 to 89263dc Compare October 29, 2025 06:03
@renovate renovate bot changed the title fix(deps): update dependency @apollo/subgraph to v2 fix(deps): update apollo graphql packages to v2 (major) Oct 29, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 89263dc to 3686236 Compare November 1, 2025 21:37
@renovate renovate bot changed the title fix(deps): update apollo graphql packages to v2 (major) fix(deps): update dependency @apollo/subgraph to v2 Nov 1, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 3686236 to 603dcdc Compare November 2, 2025 00:40
@renovate renovate bot changed the title fix(deps): update dependency @apollo/subgraph to v2 fix(deps): update apollo graphql packages to v2 (major) Nov 2, 2025
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 603dcdc to 0bf3144 Compare November 4, 2025 18:01
@renovate renovate bot force-pushed the renovate/major-apollo-graphql-packages branch from 0bf3144 to 7e10235 Compare November 4, 2025 23:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prasek prasek Awaiting requested review from prasek

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant