Bump graphiql from 0.13.2 to 1.4.7 in /lib/wp-graphql-1.5.4/src/Admin/GraphiQL/app

dependabot[bot] commented 3 years ago

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps graphiql from 0.13.2 to 1.4.7.

Release notes

graphiql@1.4.7

Patch Changes

130ddad6 Thanks @acao! - CRITICAL SECURITY PATCH for the GraphiQL introspection schema template injection attack

graphiql@1.4.6

Patch Changes

d3a88283 #1934 Thanks @tonyfromundefined! - add react 17, 18 in peerDependencies

afaa36c1 #1883 Thanks @Sweetabix1! - Updating font colors for line numbers, comments & brackets from #999 to #666 for accessibility purposes. #666 passes AA accessibility standards for small text, with a contrast ratio of over 5:1.

75dbb0b1 #1777 Thanks @dwwoelfel! - adopt block string parsing for variables in language parser

Updated dependencies [0e2c1a02, 75dbb0b1]:

graphql-language-service@3.1.6

codemirror-graphql@1.0.3

graphiql@1.4.5

Patch Changes

86795d5f Thanks @acao! - Remove bad type definition from subscriptions-transport-ws #1992 closes #1989

Updated dependencies [86795d5f]:

@graphiql/toolkit@0.3.2

graphiql@1.4.4

Patch Changes

62e786b5 #1990 Thanks @acao! - Remove type definition from subscriptions-transport-ws

Updated dependencies [62e786b5]:

@graphiql/toolkit@0.3.1

graphiql@1.4.3

Patch Changes

6a459f4c #1968 Thanks @acao! - Remove optionalDependencies entirely, remove subscriptions-transport-ws which introduces vulnerabilities, upgrade @n1ru4l/push-pull-async-iterable-iterator to 3.0.0, upgrade graphql-ws several minor versions - the graphql-ws@5.x upgrade will come in a later minor release.

eb2d91fa #1914 Thanks @harshithpabbati! - fix: history can now be saved even when query history panel is not opened feat: create a new maxHistoryLength prop to allow more than 20 queries in history panel

04fad79c #1889 Thanks @henryqdineen! - feat: export ToolbarSelectOption and ToolbarMenuItem

cd685435 #1923 Thanks @cgarnier! - Fix result window theme

... (truncated)

Changelog

Sourced from graphiql's changelog.

Archived For up to date changelogs that are automatically generated by changesets, see CHANGELOG.md files in respective workspaces. For example, the graphiql changelog is located at packages/graphiql/CHANGELOG.md, and the language server changelog is located at packages/graphql-language-service-server/CHANGELOG.md

GraphiQL 0.14.2 - 11 Aug, 2019

Fixes

Fix SSR & use of window when introducing new extraKeys capability (#942)

GraphiQL 0.14.0 - 11 Aug, 2019

Features

Add defaultVariableEditorOpen prop (#744) - @acao

Fixes

Fix formatting of subscription errors - #636, #722 - @benjie

preserve ctrl-f key for macOS - #759 - @pd4d10

Fix earlier 'Mode graphql failed to advance stream' on Linux by eating an exotic whitespace character - #735 closed by #932 - @benjie

Fix: check this.editor exists before this.editor.off in QueryEditor

Codemirror GraphQL - 0.9 - 11 Aug, 2019

Chores

BREAKING: Update to gls-interface and gls-parser ^2.1

BREAKING: Deprecate support for GraphQL 0.11 and below

BREAKING: introduce MIT license

BREAKING: Support GraphQL 14

GraphQL Language Service Server 2.1.0 - 11 Aug, 2019

Features

Replace babylon with @babel/parser (#879) @ganemone

Add support for gql template tags (#883) @ganemone @Neitsch

Chores

BREAKING: remove incompatible dependencies on graphql 0.11 and below

BREAKING: add peer support for graphql 14.x

BREAKING: change copyright to MIT

update formatting for monorepo eslint/prettier rules

update readme, badges

GraphQL Language Service Parser 2.1.0 - 11 Aug, 2019

Fixes

... (truncated)

Commits

8680b75 Version Packages (#2003)
130ddad changeset
cb237ee Merge pull request from GHSA-x4r7-m2q9-69c8
672aadf Version Packages (#1994)
2661fb6 remove rfc changeset
0e2c1a0 fix: monaco-graphql worker issue, es module config should use esNext (#1...
afaa36c fix: updating #999 font colors to #666 (#1883)
0240c57 chore: introduce more active maintainers (#1957)
1aa10a6 Add 7th meeting notes :) (#1978)
b853227 ignore linting working-group directory (#1996)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Automattic/vip-decoupled-bundle/network/alerts).

dependabot[bot] commented 3 years ago

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.