github-actions[bot]
commented
1 year ago Apollo Federation Subgraph Compatibility Results
| Federation 1 Support | Federation 2 Support | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
Learn more:
Closed renovate[bot] closed 1 year ago
github-actions[bot]
commented
1 year ago | Federation 1 Support | Federation 2 Support | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
Learn more:
This PR contains the following updates:
20.2->20.4Release Notes
graphql-java/graphql-java (com.graphql-java:graphql-java)
### [`v20.4`](https://togithub.com/graphql-java/graphql-java/releases/tag/v20.4): 20.4 [Compare Source](https://togithub.com/graphql-java/graphql-java/compare/v20.3...v20.4) This is a special release with only one commit: updating the version of Guava to 32.0.0 to address CVE-2023-2976. graphql-java shades in selected classes of Guava. Although this library does not use any of the code described in the CVE, we received reports in [#3239](https://togithub.com/graphql-java/graphql-java/issues/3239) that the Guava POM inside the jar was incorrectly triggering security scanners. We'd prefer to keep those security scanners happy and upgrade the Guava version. #### What's Changed - Update Guava version for v20 by [@dondonz](https://togithub.com/dondonz) in [https://github.com/graphql-java/graphql-java/pull/3245](https://togithub.com/graphql-java/graphql-java/pull/3245) **Full Changelog**: https://github.com/graphql-java/graphql-java/compare/v20.3...v20.4 ### [`v20.3`](https://togithub.com/graphql-java/graphql-java/releases/tag/v20.3): 20.3 [Compare Source](https://togithub.com/graphql-java/graphql-java/compare/v20.2...v20.3) This is a special release with only one commit: reverting stricter `parseValue` scalar coercion. It is a backport of [https://github.com/graphql-java/graphql-java/pull/3186](https://togithub.com/graphql-java/graphql-java/pull/3186) We received feedback that the stricter coercion was difficult without a migration pathway. The next release will include an input interceptor to enable monitoring and/or custom modification of inputs. #### What's Changed - Add backport of scalar coercion reversion PR [#3186](https://togithub.com/graphql-java/graphql-java/issues/3186) by [@dondonz](https://togithub.com/dondonz) in [https://github.com/graphql-java/graphql-java/pull/3230](https://togithub.com/graphql-java/graphql-java/pull/3230) **Full Changelog**: https://github.com/graphql-java/graphql-java/compare/v20.2...v20.3Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.