Update dependency graphql to v16.8.1 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
graphql	16.7.1 -> 16.8.1

GitHub Vulnerability Alerts

CVE-2023-26144

Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance.

Note: It was not proven that this vulnerability can crash the process.

---

Release Notes

graphql/graphql-js (graphql)

v16.8.1

Compare Source

v16.8.1 (2023-09-19)

Bug Fix 🐞

• #​3967 OverlappingFieldsCanBeMergedRule: Fix performance degradation (@​AaronMoat)

Committers: 1

• Aaron Moat(@​AaronMoat)

v16.8.0

Compare Source

v16.8.0 (2023-08-14)

New Feature 🚀

• #​3950 Support fourfold nested lists (@​gschulze)

Committers: 1

• Gunnar Schulze(@​gschulze)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

🤖 Bot Message 🤖

Checks Status:

• Vercel Klimt
• Vercel Attico del Lino
• Rebase