Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade @apollo/client from 3.11.8 to 3.12.7 #215

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade @apollo/client from 3.11.8 to 3.12.7 #215

wants to merge 1 commit into from

Conversation

xorinzor
Copy link
Member

snyk-top-banner

Snyk has created this PR to upgrade @apollo/client from 3.11.8 to 3.12.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 17 versions ahead of your current version.

  • The recommended version was released 21 days ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 479 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JS-AXIOS-6671926		 479 No Known Exploit
Release notes
Package name: @apollo/client
  • 3.12.7 - 2025-01-22

    Patch Changes

    • #12281 d638ec3 Thanks @ jerelmiller! - Make fatal tranport-level errors from multipart subscriptions available to the error link with the protocolErrors property.

      const errorLink = onError(({ protocolErrors }) => {
  if (protocolErrors) {
    console.log(protocolErrors);
  }
});

    • #12281 d638ec3 Thanks @ jerelmiller! - Fix the array type for the errors field on the ApolloPayloadResult type. This type was always in the shape of the GraphQL error format, per the multipart subscriptions protocol and never a plain string or a JavaScript error object.

  • 3.12.6 - 2025-01-14

    Patch Changes

    • #12267 d57429d Thanks @ jerelmiller! - Maintain the TData type when used with Unmasked when TData is not a masked type generated from GraphQL Codegen.

    • #12270 3601246 Thanks @ jerelmiller! - Fix handling of tagged/branded primitive types when used as scalar values with Unmasked.

  • 3.12.5 - 2025-01-09

    Patch Changes

    • #12252 cb9cd4e Thanks @ jerelmiller! - Changes the default behavior of the MaybeMasked type to preserve types unless otherwise specified. This change makes it easier to upgrade from older versions of the client where types could have unexpectedly changed in the application due to the default of trying to unwrap types into unmasked types. This change also fixes the compilation performance regression experienced when simply upgrading the client since types are now preserved by default.

      A new mode option has now been introduced to allow for the old behavior. See the next section on migrating if you wish to maintain the old default behavior after upgrading to this version.

      Migrating from <= v3.12.4

      If you've adopted data masking and have opted in to using masked types by setting the enabled property to true, you can remove this configuration entirely:

      -declare module "@ apollo/client" {
-  interface DataMasking {
-    mode: "unmask"
-  }
-}

      If you prefer to specify the behavior explicitly, change the property from enabled: true, to mode: "preserveTypes":

      declare module "@ apollo/client" {
  interface DataMasking {
-    enabled: true
+    mode: "preserveTypes"
  }
}

      If you rely on the default behavior in 3.12.4 or below and would like to continue to use unmasked types by default, set the mode to unmask:

      declare module "@ apollo/client" {
  interface DataMasking {
    mode: "unmask";
  }
}
  • 3.12.4 - 2024-12-19

    Patch Changes

    • #12236 4334d30 Thanks @ charpeni! - Fix an issue with refetchQueries where comparing DocumentNodes internally by references could lead to an unknown query, even though the DocumentNode was indeed an active query—with a different reference.
  • 3.12.3 - 2024-12-12

    Patch Changes

  • 3.12.2 - 2024-12-05

    Patch Changes

  • 3.12.1 - 2024-12-05

    Patch Changes

  • 3.12.0 - 2024-12-04

    Minor Changes

    Data masking 🎭

    • #12042 1c0ecbf Thanks @ jerelmiller! - Introduces data masking in Apollo Client.

      Data masking enforces that only the fields requested by the query or fragment is available to that component. Data masking is best paired with colocated fragments.

      To enable data masking in Apollo Client, set the dataMasking option to true.

      new ApolloClient({
  dataMasking: true,
  // ... other options
});

      For detailed information on data masking, including how to incrementally adopt it in an existing applications, see the data masking documentation.

    • #12131 21c3f08 Thanks @ jerelmiller! - Allow null as a valid from value in useFragment.

    More Patch Changes

    • #12126 d10d702 Thanks @ jerelmiller! - Maintain the existing document if its unchanged by the codemod and move to more naive whitespace formatting

    • #12150 9ed1e1e Thanks @ jerelmiller! - Fix issue when using Unmasked with older versions of TypeScript when used with array fields.

    • #12116 8ae6e4e Thanks @ jerelmiller! - Prevent field accessor warnings when using @ unmask(mode: "migrate") on objects that are passed into cache.identify.

    • #12120 6a98e76 Thanks @ jerelmiller! - Provide a codemod that applies @ unmask to all named fragments for all operations and fragments.

      Learn how to use the codemod in the incremental adoption documentation.

    • #12134 cfaf4ef Thanks @ jerelmiller! - Fix issue where data went missing when an unmasked fragment in migrate mode selected fields that the parent did not.

    • #12154 d933def Thanks @ phryneas! - Data masking types: handle overlapping nested array types and fragments on interface types.

    • #12139 5a53e15 Thanks @ phryneas! - Fix issue where masked data would sometimes get returned when the field was part of a child fragment from a fragment unmasked by the parent query.

    • #12123 8422a30 Thanks @ jerelmiller! - Warn when using data masking with "no-cache" operations.

    • #12139 5a53e15 Thanks @ phryneas! - Fix issue where the warning emitted by @ unmask(mode: "migrate") would trigger unnecessarily when the fragment was used alongside a masked fragment inside an inline fragment.

    • #12114 1d4ce00 Thanks @ jerelmiller! - Fix error when combining @ unmask and @ defer directives on a fragment spread when data masking is enabled.

    • #12130 1e7d009 Thanks @ jerelmiller! - Fix error thrown when applying unmask migrate mode warnings on interface types with selection sets that contain inline fragment conditions.

    • #12152 78137ec Thanks @ phryneas! - Add a helper that will skip the TS unmasking alorithm when no fragments are present on type level

    • #12126 d10d702 Thanks @ jerelmiller! - Ensure documents unchanged by the codemod are left untouched.

    • #12133 a6ece37 Thanks @ jerelmiller! - Ensure null is retained in nullable types when unmasking a type with the Unmasked helper type.

    • #12139 5a53e15 Thanks @ phryneas! - Fix issue that threw errors when masking partial data with @ unmask(mode: "migrate").

  • 3.12.0-rc.4 - 2024-11-27

    Patch Changes

    • #12154 d933def Thanks @ phryneas! - Data masking types: handle overlapping nested array types and fragments on interface types.
  • 3.12.0-rc.3 - 2024-11-20

    Patch Changes

    • #12150 9ed1e1e Thanks @ jerelmiller! - Fix issue when using Unmasked with older versions of TypeScript when used with array fields.

    • #12152 78137ec Thanks @ phryneas! - Add a helper that will skip the TS unmasking alorithm when no fragments are present on type level

  • 3.12.0-rc.2 - 2024-11-19
  • 3.12.0-rc.1 - 2024-11-15
  • 3.12.0-rc.0 - 2024-11-13
  • 3.12.0-alpha.0 - 2024-10-01
  • 3.11.11-rc.0 - 2024-11-13
  • 3.11.10 - 2024-11-11
  • 3.11.9 - 2024-11-07
  • 3.11.8 - 2024-09-05
from @apollo/client GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade @apollo/client from 3.11.8 to 3.12.7
a7dee3e 
Snyk has created this PR to upgrade @apollo/client from 3.11.8 to 3.12.7.

See this package in npm:
@apollo/client

See this project in Snyk:
https://app.snyk.io/org/shoutz0r-shared/project/71a76727-a61b-4cc8-aecd-bfff7773f421?utm_source=github&utm_medium=referral&page=upgrade-pr
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@xorinzor @snyk-bot