dependabot[bot] commented 2 weeks ago

Bumps @apollo/client from 3.3.6 to 3.11.6.

Release notes

Sourced from @apollo/client's releases.

v3.11.6

Patch Changes

#12049 9c26892 Thanks @phryneas and @maciesielka! - Fix a bug where useFragment did not re-render as expected

#12044 04462a2 Thanks @DoctorJohn! - Cache the useSubscription hook's restart function definition between re-renders.

v3.11.5

Patch Changes

#12027 eb3e21b Thanks @JavaScriptBach! - Type MutationResult.reset as an arrow function

#12020 82d8cb4 Thanks @jerelmiller! - Better conform to Rules of React by avoiding write of ref in render for useFragment.

v3.11.4

Patch Changes

#11994 41b17e5 Thanks @jerelmiller! - Update the Modifier function type to allow cache.modify to return deeply partial data.

#11989 e609156 Thanks @phryneas! - Fix a potential crash when calling clearStore while a query was running.

Previously, calling client.clearStore() while a query was running had one of these results:

useQuery would stay in a loading: true state.

useLazyQuery would stay in a loading: true state, but also crash with a "Cannot read property 'data' of undefined" error.

Now, in both cases, the hook will enter an error state with a networkError, and the promise returned by the useLazyQuery execute function will return a result in an error state.

#11994 41b17e5 Thanks @jerelmiller! - Prevent accidental distribution on cache.modify field modifiers when a field is a union type array.

v3.11.3

Patch Changes

#11984 5db1659 Thanks @jerelmiller! - Fix an issue where multiple fetches with results that returned errors would sometimes set the data property with an errorPolicy of none.

#11974 c95848e Thanks @jerelmiller! - Fix an issue where fetchMore would write its result data to the cache when using it with a no-cache fetch policy.

#11974 c95848e Thanks @jerelmiller! - Fix an issue where executing fetchMore with a no-cache fetch policy could sometimes result in multiple network requests.

#11974 c95848e Thanks @jerelmiller! -

Potentially disruptive change

When calling fetchMore with a query that has a no-cache fetch policy, fetchMore will now throw if an updateQuery function is not provided. This provides a mechanism to merge the results from the fetchMore call with the query's previous result.

v3.11.2

Patch Changes

#11980 38c0a2c Thanks @jerelmiller! - Fix missing getServerSnapshot error when using useSubscription on the server.

... (truncated)

Changelog

Sourced from @apollo/client's changelog.

3.11.6

Patch Changes

#12049 9c26892 Thanks @phryneas and @maciesielka! - Fix a bug where useFragment did not re-render as expected

#12044 04462a2 Thanks @DoctorJohn! - Cache the useSubscription hook's restart function definition between re-renders.

3.11.5

Patch Changes

#12027 eb3e21b Thanks @JavaScriptBach! - Type MutationResult.reset as an arrow function

#12020 82d8cb4 Thanks @jerelmiller! - Better conform to Rules of React by avoiding write of ref in render for useFragment.

3.11.4

Patch Changes

#11994 41b17e5 Thanks @jerelmiller! - Update the Modifier function type to allow cache.modify to return deeply partial data.

#11989 e609156 Thanks @phryneas! - Fix a potential crash when calling clearStore while a query was running.

Previously, calling client.clearStore() while a query was running had one of these results:

useQuery would stay in a loading: true state.

useLazyQuery would stay in a loading: true state, but also crash with a "Cannot read property 'data' of undefined" error.

Now, in both cases, the hook will enter an error state with a networkError, and the promise returned by the useLazyQuery execute function will return a result in an error state.

#11994 41b17e5 Thanks @jerelmiller! - Prevent accidental distribution on cache.modify field modifiers when a field is a union type array.

3.11.3

Patch Changes

#11984 5db1659 Thanks @jerelmiller! - Fix an issue where multiple fetches with results that returned errors would sometimes set the data property with an errorPolicy of none.

#11974 c95848e Thanks @jerelmiller! - Fix an issue where fetchMore would write its result data to the cache when using it with a no-cache fetch policy.

#11974 c95848e Thanks @jerelmiller! - Fix an issue where executing fetchMore with a no-cache fetch policy could sometimes result in multiple network requests.

#11974 c95848e Thanks @jerelmiller! -

Potentially disruptive change

When calling fetchMore with a query that has a no-cache fetch policy, fetchMore will now throw if an updateQuery function is not provided. This provides a mechanism to merge the results from the fetchMore call with the query's previous result.

3.11.2

... (truncated)

Commits

40d21f1 Version Packages (#12050)
04462a2 Fix useSubscription restart was not cached (#12044)
a67727e Merge pull request #12049 from apollographql/pr/fix-12048
9c26892 useFragment: keep current result on a memoized mutable object
3fdc381 Write failing test
36d2cae Version Packages (#12036)
82d8cb4 Remove double initialization and unneeded useLazyRef from useFragment to avoi...
eb3e21b Type MutationResult.reset as an arrow function (#12027)
4210ab1 Update ROADMAP.md
a3c26e3 Add some tests for watchFragment for nested fragments and the fragment regi...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

github-actions[bot] commented 2 weeks ago

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

npm/@apollo/client

3.11.6

:green_circle: 5.6

Details

Check	Score	Reason
Code-Review	:green_circle: 8	Found 14/17 approved changesets -- score normalized to 8
Maintained	:green_circle: 10	30 commit(s) and 27 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Signed-Releases	:warning: -1	no releases found
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Branch-Protection	:green_circle: 8	branch protection is not maximal on development and all release branches
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Packaging	:warning: -1	packaging workflow not detected
Token-Permissions	:warning: 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Security-Policy	:green_circle: 10	security policy file detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	:warning: 0	34 existing vulnerabilities detected