Skip to content

build(deps): bump graphql from 2.4.15 to 2.5.6 #803

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

build(deps): bump graphql from 2.4.15 to 2.5.6 #803

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 5, 2025

Bumps graphql from 2.4.15 to 2.5.6.

Changelog

Sourced from graphql's changelog.

2.5.6

New features

  • Execution: Add Query#run_partials for running sub-trees of valid queries #5183

2.5.5

Bug fixes

  • Visibility: fix when ::Rails doesn't have .env #5339
  • Compatibility: restore default (legacy) behavior when no setting is configured #5343
  • ActiveSupport::Notifications: fix fiber resume without previous event #5335
  • Simplify non-null input object argument handling #5333
  • Fix compatibility with ruby-head #5342

2.5.4

Bug fixes

  • ActiveRecordSource: Support composite primary keys #5330
  • ActiveRecordAssociationSource: Support has_many associations #5331
  • Remove broken Context#path method (use #current_path instead) #5332

2.5.3

Deprecations

  • Validation: two non-spec behaviors are deprecated:
    • When a query includes two scalar fields of different types which may occur in the same place in the response, the query was previously allowed. The spec says it should be rejected. This version emits a warning in this case. See Schema.allow_legacy_invalid_return_type_conflicts for migration support. #4351
    • When a query selects a field which returns a Union, but doesn't make any subselections on the Union, the spec says the query should be rejected as invalid but previous GraphQL-Ruby allowed it. It now emits a warning. See Schema.allow_legacy_invalid_empty_selections_on_union for migration support #5322
  • Complexity: several bugs about merging complexity cost across branches of a query have been fixed but require opting in. They may produce higher complexity scores. See Schema.complexity_cost_calculation_mode for migration support. #4843

New features

  • AlwaysVisible: improve speed (using Schema::Visibility) #5326
  • Return more descriptive errors when non-nullable list elements are null #5301
  • Visibility: improve performance on large schemas #5325

2.5.2

New features

  • Resolver: accept deprecation_reason #5320

Bug fixes

  • Visibility: hide argument types whose uses are all hidden (to match Warden) #5291
  • InputObject: fix validation for nested input object with prepare: method configs #5321

... (truncated)

Commits
  • aa6ac37 2.5.6
  • a65fe3c Merge pull request #5183 from rmosolgo/partial-execution
  • e456268 Move Async up to Ruby 3.2+ because it doesn't support 3.1 anymore
  • e222f81 Add tests for lazy starting object and current_path usage
  • ba7b2c4 Try to fix website on pushing tags
  • 46c77ab Add request. in headers example, fixes #5344
  • c238842 Use a full path in Partial responses, handle runtime errors in scalars
  • 08ffdaf enterprise-1.5.7
  • 23fdcd8 Make list items run as items, make scalars return scalars directly
  • 73e62d9 Resolve lazy resolved type if necessary
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump graphql from 2.4.15 to 2.5.6
fe637b1 
Bumps [graphql](https://github.com/rmosolgo/graphql-ruby) from 2.4.15 to 2.5.6.
- [Release notes](https://github.com/rmosolgo/graphql-ruby/releases)
- [Changelog](https://github.com/rmosolgo/graphql-ruby/blob/master/CHANGELOG.md)
- [Commits](rmosolgo/graphql-ruby@v2.4.15...v2.5.6)

---
updated-dependencies:
- dependency-name: graphql
  dependency-version: 2.5.6
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels May 5, 2025
@dependabot dependabot bot mentioned this pull request May 5, 2025
Closed
github-actions[bot]
github-actions bot approved these changes May 5, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github May 5, 2025

Sorry, only users with push access can use that command.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github May 15, 2025

Superseded by #816.

@dependabot dependabot bot closed this May 15, 2025
@dependabot dependabot bot deleted the dependabot/bundler/graphql-2.5.6 branch May 15, 2025 22:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants