Bump graphiql from 1.4.2 to 1.4.7 in /lib/wp-graphql-1.6.7/src/Admin/GraphiQL/app

[dependabot[bot]]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps graphiql from 1.4.2 to 1.4.7.

Release notes

Sourced from graphiql's releases.

graphiql@1.4.7

Patch Changes

• 130ddad6 Thanks @​acao! - CRITICAL SECURITY PATCH for the GraphiQL introspection schema template injection attack

graphiql@1.4.6

Patch Changes

• d3a88283 #1934 Thanks @​tonyfromundefined! - add react 17, 18 in peerDependencies

• afaa36c1 #1883 Thanks @​Sweetabix1! - Updating font colors for line numbers, comments & brackets from #999 to #666 for accessibility purposes. #666 passes AA accessibility standards for small text, with a contrast ratio of over 5:1.

• 75dbb0b1 #1777 Thanks @​dwwoelfel! - adopt block string parsing for variables in language parser

• Updated dependencies [0e2c1a02, 75dbb0b1]:

  • graphql-language-service@3.1.6
  • codemirror-graphql@1.0.3

graphiql@1.4.5

Patch Changes

• 86795d5f Thanks @​acao! - Remove bad type definition from subscriptions-transport-ws #1992 closes #1989

• Updated dependencies [86795d5f]:

  • @​graphiql/toolkit@​0.3.2

graphiql@1.4.4

Patch Changes

• 62e786b5 #1990 Thanks @​acao! - Remove type definition from subscriptions-transport-ws

• Updated dependencies [62e786b5]:

  • @​graphiql/toolkit@​0.3.1

graphiql@1.4.3

Patch Changes

• 6a459f4c #1968 Thanks @​acao! - Remove optionalDependencies entirely, remove subscriptions-transport-ws which introduces vulnerabilities, upgrade @n1ru4l/push-pull-async-iterable-iterator to 3.0.0, upgrade graphql-ws several minor versions - the graphql-ws@5.x upgrade will come in a later minor release.

• eb2d91fa #1914 Thanks @​harshithpabbati! - fix: history can now be saved even when query history panel is not opened feat: create a new maxHistoryLength prop to allow more than 20 queries in history panel

• 04fad79c #1889 Thanks @​henryqdineen! - feat: export ToolbarSelectOption and ToolbarMenuItem

• cd685435 #1923 Thanks @​cgarnier! - Fix result window theme

... (truncated)

Commits

• 8680b75 Version Packages (#2003)
• 130ddad changeset
• cb237ee Merge pull request from GHSA-x4r7-m2q9-69c8
• 672aadf Version Packages (#1994)
• 2661fb6 remove rfc changeset
• 0e2c1a0 fix: monaco-graphql worker issue, es module config should use esNext (#1...
• afaa36c fix: updating #999 font colors to #666 (#1883)
• 0240c57 chore: introduce more active maintainers (#1957)
• 1aa10a6 Add 7th meeting notes :) (#1978)
• b853227 ignore linting working-group directory (#1996)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Automattic/vip-decoupled-bundle/network/alerts).

[dependabot[bot]]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.