Bumps @apollo/client from 3.3.6 to 3.10.7.

Release notes

Sourced from @apollo/client's releases.

v3.10.7

Patch Changes

#11901 10a8c0a Thanks @phryneas! - update canUseLayoutEffect check to also allow for layout effects in React Native

#11861 1aed0e8 Thanks @henryqdineen! - Defend against non-serializable params in invariantWrappers

#11905 29755da Thanks @phryneas! - Add .d.cts files for cjs bundles

#11906 d104759 Thanks @phryneas! - chore: update TypeScript to 5.5

v3.10.6

Patch Changes

#11900 f745558 Thanks @phryneas! - useMutation: use useIsomorphicLayoutEffect instead of useLayoutEffect

v3.10.5

Patch Changes

#11888 7fb7939 Thanks @phryneas! - switch useRenderGuard to an approach not accessing React's internals

#11511 6536369 Thanks @phryneas! - useLoadableQuery: ensure that loadQuery is updated if the ApolloClient instance changes

#11860 8740f19 Thanks @alessbell! - Fixes #11849 by reevaluating window.fetch each time BatchHttpLink uses it, if not configured via options.fetch. Takes the same approach as PR #8603 which fixed the same issue in HttpLink.

#11852 d502a69 Thanks @phryneas! - Fix a bug where calling the useMutation reset function would point the hook to an outdated client reference.

#11329 3d164ea Thanks @PaLy! - Fix graphQLErrors in Error Link if networkError.result is an empty string

#11852 d502a69 Thanks @phryneas! - Prevent writing to a ref in render in useMutation. As a result, you might encounter problems in the future if you call the mutation's execute function during render. Please note that this was never supported behavior, and we strongly recommend against it.

#11848 ad63924 Thanks @phryneas! - Ensure covariant behavior: MockedResponse<X,Y> should be assignable to MockedResponse

#11851 45c47be Thanks @phryneas! - Avoid usage of useRef in useInternalState to prevent ref access in render.

#11877 634d91a Thanks @phryneas! - Add missing name to tuple member (fix TS5084)

#11851 45c47be Thanks @phryneas! - Fix a bug where useLazyQuery would not pick up a client change.

v3.10.4

Patch Changes

#11838 8475346 Thanks @alex-kinokon! - Don’t prompt for DevTools installation for browser extension page

#11839 6481fe1 Thanks @jerelmiller! - Fix a regression in 3.9.5 where a merge function that returned an incomplete result would not allow the client to refetch in order to fulfill the query.

#11844 86984f2 Thanks @jerelmiller! - Honor the @nonreactive directive when using cache.watchFragment or the useFragment hook to avoid rerendering when using these directives.

#11824 47ad806 Thanks @phryneas! - Create branded QueryRef type without exposed properties.

... (truncated)

Changelog

Sourced from @apollo/client's changelog.

3.10.7

Patch Changes

#11901 10a8c0a Thanks @phryneas! - update canUseLayoutEffect check to also allow for layout effects in React Native

#11861 1aed0e8 Thanks @henryqdineen! - Defend against non-serializable params in invariantWrappers

#11905 29755da Thanks @phryneas! - Add .d.cts files for cjs bundles

#11906 d104759 Thanks @phryneas! - chore: update TypeScript to 5.5

3.10.6

Patch Changes

#11900 f745558 Thanks @phryneas! - useMutation: use useIsomorphicLayoutEffect instead of useLayoutEffect

3.10.5

Patch Changes

#11888 7fb7939 Thanks @phryneas! - switch useRenderGuard to an approach not accessing React's internals

#11511 6536369 Thanks @phryneas! - useLoadableQuery: ensure that loadQuery is updated if the ApolloClient instance changes

#11860 8740f19 Thanks @alessbell! - Fixes #11849 by reevaluating window.fetch each time BatchHttpLink uses it, if not configured via options.fetch. Takes the same approach as PR #8603 which fixed the same issue in HttpLink.

#11852 d502a69 Thanks @phryneas! - Fix a bug where calling the useMutation reset function would point the hook to an outdated client reference.

#11329 3d164ea Thanks @PaLy! - Fix graphQLErrors in Error Link if networkError.result is an empty string

#11852 d502a69 Thanks @phryneas! - Prevent writing to a ref in render in useMutation. As a result, you might encounter problems in the future if you call the mutation's execute function during render. Please note that this was never supported behavior, and we strongly recommend against it.

#11848 ad63924 Thanks @phryneas! - Ensure covariant behavior: MockedResponse<X,Y> should be assignable to MockedResponse

#11851 45c47be Thanks @phryneas! - Avoid usage of useRef in useInternalState to prevent ref access in render.

#11877 634d91a Thanks @phryneas! - Add missing name to tuple member (fix TS5084)

#11851 45c47be Thanks @phryneas! - Fix a bug where useLazyQuery would not pick up a client change.

3.10.4

Patch Changes

#11838 8475346 Thanks @alex-kinokon! - Don’t prompt for DevTools installation for browser extension page

#11839 6481fe1 Thanks @jerelmiller! - Fix a regression in 3.9.5 where a merge function that returned an incomplete result would not allow the client to refetch in order to fulfill the query.

... (truncated)

Commits

7111de2 Version Packages (#11907)
1aed0e8 Defend against non-serializable params in invariantWrappers (#11861)
29755da Add .d.cts files for cjs bundles (#11905)
a07c516 renovate: ignore eslint-plugin-react-compiler (#11908)
a043763 chore(deps): update cimg/node docker tag to v22.3.0 (#11904)
573fab4 chore(deps): bump ws from 6.2.2 to 6.2.3 in /integration-tests (#11898)
10a8c0a update canUseLayoutEffect check to also allow for layout effects in React N...
d104759 chore: update TypeScript to 5.5 (#11906)
d6da961 Version Packages (#11903)
f745558 useMutation: use useIsomorphicLayoutEffect instead of useLayoutEffect (...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

npm/@apollo/client

3.10.7

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 9	Found 20/21 approved changesets -- score normalized to 9
Maintained	:green_circle: 10	30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:green_circle: 8	branch protection is not maximal on development and all release branches
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:warning: 0	30 existing vulnerabilities detected

npm/@apollo/client

3.3.6

:green_circle: 5.7

Details

Check	Score	Reason
Code-Review	:green_circle: 9	Found 20/21 approved changesets -- score normalized to 9
Maintained	:green_circle: 10	30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Branch-Protection	:green_circle: 8	branch protection is not maximal on development and all release branches
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Packaging	:warning: -1	packaging workflow not detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Vulnerabilities	:warning: 0	30 existing vulnerabilities detected

Scanned Manifest Files

package.json

@apollo/client@3.10.7
@apollo/client@3.3.6

Automattic / vip-cli

build(deps): bump @apollo/client from 3.3.6 to 3.10.7 #1913

v3.10.7

Patch Changes

v3.10.6

Patch Changes

v3.10.5

Patch Changes

v3.10.4

Patch Changes

3.10.7

Patch Changes

3.10.6

Patch Changes

3.10.5

Patch Changes

3.10.4

Patch Changes

Dependency Review

OpenSSF Scorecard

Scanned Manifest Files

Quality Gate passed