merge main into next (switch CI to use GH actions)#3389
merge main into next (switch CI to use GH actions)#3389dariuszkuc wants to merge 11 commits intonextfrom
Conversation
✅ Docs preview has no changesThe preview was not built because there were no changes. Build ID: 23c1cdf3a1e0141d2b773166
|
|
No new directives added / changed so it's a barebones changelog. Router 2.11 released a few hours ago.
Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. --------- Co-authored-by: Sachin D. Shinde <sachin@apollographql.com>
This PR reverts the GH action migration, as `main` tests don't pass and we need to release. We can reapply the migrations later (and also determine what's making `main` tests fail).
|
This pull request is automatically built and testable in CodeSandbox. To see build info of the built libraries, click here or the icon next to each commit SHA. |
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @apollo/composition@2.13.2 ### Patch Changes - Updated dependencies \[[`84e9226b606b176ede097410f5ba35ba03d140ed`](84e9226)]: - @apollo/federation-internals@2.13.2 - @apollo/query-graphs@2.13.2 ## @apollo/gateway@2.13.2 ### Patch Changes - Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. ([#3396](#3396)) See the associated GitHub Advisories [GHSA-pfjj-6f4p-rvmh](GHSA-pfjj-6f4p-rvmh) for more information. - Updated dependencies \[[`84e9226b606b176ede097410f5ba35ba03d140ed`](84e9226)]: - @apollo/query-planner@2.13.2 - @apollo/federation-internals@2.13.2 - @apollo/composition@2.13.2 ## @apollo/federation-internals@2.13.2 ### Patch Changes - Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. ([#3396](#3396)) See the associated GitHub Advisories [GHSA-pfjj-6f4p-rvmh](GHSA-pfjj-6f4p-rvmh) for more information. ## @apollo/query-graphs@2.13.2 ### Patch Changes - Updated dependencies \[[`84e9226b606b176ede097410f5ba35ba03d140ed`](84e9226)]: - @apollo/federation-internals@2.13.2 ## @apollo/query-planner@2.13.2 ### Patch Changes - Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. ([#3396](#3396)) See the associated GitHub Advisories [GHSA-pfjj-6f4p-rvmh](GHSA-pfjj-6f4p-rvmh) for more information. - Updated dependencies \[[`84e9226b606b176ede097410f5ba35ba03d140ed`](84e9226)]: - @apollo/federation-internals@2.13.2 - @apollo/query-graphs@2.13.2 ## @apollo/subgraph@2.13.2 ### Patch Changes - Updated dependencies \[[`84e9226b606b176ede097410f5ba35ba03d140ed`](84e9226)]: - @apollo/federation-internals@2.13.2 ## apollo-federation-integration-testsuite@2.13.2 Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Removed NPM_TOKEN from the release workflow environment variables.
This PR removes our codesandbox config, as we shouldn't be using the artifacts it generates anymore.
4 participants
No description provided.