Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump @apollo/client from 3.3.6 to 3.12.0 #2140

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 5, 2024

Bumps @apollo/client from 3.3.6 to 3.12.0.

Release notes

Sourced from @​apollo/client's releases.

v3.12.0

Minor Changes

Data masking 🎭

  • #12042 1c0ecbf Thanks @​jerelmiller! - Introduces data masking in Apollo Client.

    Data masking enforces that only the fields requested by the query or fragment is available to that component. Data masking is best paired with colocated fragments.

    To enable data masking in Apollo Client, set the dataMasking option to true.

    new ApolloClient({
      dataMasking: true,
      // ... other options
    });

    For detailed information on data masking, including how to incrementally adopt it in an existing applications, see the data masking documentation.

  • #12131 21c3f08 Thanks @​jerelmiller! - Allow null as a valid from value in useFragment.

  • #12126 d10d702 Thanks @​jerelmiller! - Maintain the existing document if its unchanged by the codemod and move to more naive whitespace formatting

  • #12150 9ed1e1e Thanks @​jerelmiller! - Fix issue when using Unmasked with older versions of TypeScript when used with array fields.

  • #12116 8ae6e4e Thanks @​jerelmiller! - Prevent field accessor warnings when using @unmask(mode: "migrate") on objects that are passed into cache.identify.

  • #12120 6a98e76 Thanks @​jerelmiller! - Provide a codemod that applies @unmask to all named fragments for all operations and fragments.

    Learn how to use the codemod in the incremental adoption documentation.

  • #12134 cfaf4ef Thanks @​jerelmiller! - Fix issue where data went missing when an unmasked fragment in migrate mode selected fields that the parent did not.

  • #12154 d933def Thanks @​phryneas! - Data masking types: handle overlapping nested array types and fragments on interface types.

  • #12139 5a53e15 Thanks @​phryneas! - Fix issue where masked data would sometimes get returned when the field was part of a child fragment from a fragment unmasked by the parent query.

  • #12123 8422a30 Thanks @​jerelmiller! - Warn when using data masking with "no-cache" operations.

  • #12139 5a53e15 Thanks @​phryneas! - Fix issue where the warning emitted by @unmask(mode: "migrate") would trigger unnecessarily when the fragment was used alongside a masked fragment inside an inline fragment.

  • #12114 1d4ce00 Thanks @​jerelmiller! - Fix error when combining @unmask and @defer directives on a fragment spread when data masking is enabled.

  • #12130 1e7d009 Thanks @​jerelmiller! - Fix error thrown when applying unmask migrate mode warnings on interface types with selection sets that contain inline fragment conditions.

  • #12152 78137ec Thanks @​phryneas! - Add a helper that will skip the TS unmasking alorithm when no fragments are present on type level

... (truncated)

Changelog

Sourced from @​apollo/client's changelog.

3.12.0

Minor Changes

Data masking 🎭

  • #12042 1c0ecbf Thanks @​jerelmiller! - Introduces data masking in Apollo Client.

    Data masking enforces that only the fields requested by the query or fragment is available to that component. Data masking is best paired with colocated fragments.

    To enable data masking in Apollo Client, set the dataMasking option to true.

    new ApolloClient({
      dataMasking: true,
      // ... other options
    });

    For detailed information on data masking, including how to incrementally adopt it in an existing applications, see the data masking documentation.

  • #12131 21c3f08 Thanks @​jerelmiller! - Allow null as a valid from value in useFragment.

  • #12126 d10d702 Thanks @​jerelmiller! - Maintain the existing document if its unchanged by the codemod and move to more naive whitespace formatting

  • #12150 9ed1e1e Thanks @​jerelmiller! - Fix issue when using Unmasked with older versions of TypeScript when used with array fields.

  • #12116 8ae6e4e Thanks @​jerelmiller! - Prevent field accessor warnings when using @unmask(mode: "migrate") on objects that are passed into cache.identify.

  • #12120 6a98e76 Thanks @​jerelmiller! - Provide a codemod that applies @unmask to all named fragments for all operations and fragments.

    Learn how to use the codemod in the incremental adoption documentation.

  • #12134 cfaf4ef Thanks @​jerelmiller! - Fix issue where data went missing when an unmasked fragment in migrate mode selected fields that the parent did not.

  • #12154 d933def Thanks @​phryneas! - Data masking types: handle overlapping nested array types and fragments on interface types.

  • #12139 5a53e15 Thanks @​phryneas! - Fix issue where masked data would sometimes get returned when the field was part of a child fragment from a fragment unmasked by the parent query.

  • #12123 8422a30 Thanks @​jerelmiller! - Warn when using data masking with "no-cache" operations.

  • #12139 5a53e15 Thanks @​phryneas! - Fix issue where the warning emitted by @unmask(mode: "migrate") would trigger unnecessarily when the fragment was used alongside a masked fragment inside an inline fragment.

  • #12114 1d4ce00 Thanks @​jerelmiller! - Fix error when combining @unmask and @defer directives on a fragment spread when data masking is enabled.

  • #12130 1e7d009 Thanks @​jerelmiller! - Fix error thrown when applying unmask migrate mode warnings on interface types with selection sets that contain inline fragment conditions.

... (truncated)

Commits
  • 36b93b9 Version Packages (#12169)
  • ca53c19 Merge pull request #12072 from apollographql/release-3.12
  • 5e55953 Exit prerelease mode
  • 501ac32 Update size limits
  • 65e203a Update data masking tests in React hooks to account for changes in render str...
  • 7bcde69 Merge remote-tracking branch 'origin/main' into release-3.12
  • a8d208c Add documentation on using TypeScript with data masking (#12165)
  • a923b06 Run tests with React 19 RC.1 and adjust tests accordingly (#12140)
  • bc7ca1e chore: Update readme for GraphQL spec compability (#12156)
  • d42d9e0 Version Packages (rc) (#12159)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@apollo/client](https://github.com/apollographql/apollo-client) from 3.3.6 to 3.12.0.
- [Release notes](https://github.com/apollographql/apollo-client/releases)
- [Changelog](https://github.com/apollographql/apollo-client/blob/main/CHANGELOG.md)
- [Commits](apollographql/apollo-client@v3.3.6...v3.12.0)

---
updated-dependencies:
- dependency-name: "@apollo/client"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Copy link
Contributor

github-actions bot commented Dec 5, 2024

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@apollo/client 3.12.0 🟢 5.4
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6Found 10/16 approved changesets -- score normalized to 6
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 8branch protection is not maximal on development and all release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 049 existing vulnerabilities detected

Scanned Files

  • package.json

Copy link

sonarcloud bot commented Dec 5, 2024

Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 6, 2024

Superseded by #2142.

@dependabot dependabot bot closed this Dec 6, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/apollo/client-3.12.0 branch December 6, 2024 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants