search

eclipse / microprofile-graphql

microprofile-graphql
Apache License 2.0
100 stars 40 forks source link

Bump com.graphql-java:graphql-java from 20.4 to 21.0 #532

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps com.graphql-java:graphql-java from 20.4 to 21.0.

Release notes

Sourced from com.graphql-java:graphql-java's releases.

21.0

We are pleased to announce the release of graphql-java v21.0. This is a breaking change release.

Thanks to everyone in the community who contributed to the release, whether that was code, helping to report issues, or participating in discussions.

And Happy 8th Birthday to graphql-java, who celebrated their birthday last week!

Breaking Changes

Upgraded to Java 11

graphql-java now requires Java 11 as a minimum version. See the blog announcing the change.

For those who need time to upgrade to Java 11, keep in mind we will support graphql-java 20.x (with Java 8) for a short period as per our release policy.

If you are wondering why we are not on a later version, graphql-java has always been conservative on its base JVM version to allow the widest possible set of consumers.

Reverted stricter scalar parseValue coercion, added monitoring and interceptor callback

v20.0 introduced a stricter set of scalar parseValue coercions - for example previously an Integer would accept a string if it parsed into a number but that was removed and a more strict system was put in place.

While technically more correct, and consistent with the graphql-js reference implementation, in practice this proved problematic for some consumers. So this more stricter parseValue coercion was reverted in v20.3.

We would like to re-introduce this more strict scalar parseValue conversion in the future and to that end we have introduced a graphql.execution.values.InputInterceptor callback that allows you to observe what values you are receiving and potentially do special tweaking of those values.

A graphql.execution.values.legacycoercing.LegacyCoercingInputInterceptor implementation will convert old less strict values into then more strict values for example.

If you had problems with scalar values we urge you to use the new InputInterceptor to learn what less strict values are coming into your systems and fix them up. That way, when a future version re-introduces the more strict (and more correct) coercion then you will be prepared.

Static recordLike() methods no longer supported

In v20, the PropertyDataFetcher would read property values from recordLike() methods on objects even if they were static methods. This caused problems for some users and after considering how to fix it and talking to some our major consumers like the Spring team, we decided to remove this behavior. On balance we think this will lead to a better outcome over the long term.

This is a breaking change for those who might have relied on a static recordLike() method being called for a property.

Removal of old deprecated methods and classes

The following PRs removed old deprecated methods and class. The changes are breaking ones but these have been deprecated for a long time.

Other small breaking changes

A very minor breaking change is that graphql.execution.ExecutionStrategy had a protected method protected Iterable<Object> toIterable(Object result) which really is a utility method and not designed for overriding. graphql.util.FpKit#toIterable is the preferred replacement.

What's new in v21

ExecutableNormalisedXXX is now public API

... (truncated)

Commits
  • c1395c8 Merge pull request #3251 from graphql-java/static_property_like_methods_shoul...
  • 51206b0 Merge pull request #3261 from graphql-java/factory_for_query_directives
  • 09e63ae Merge pull request #3262 from graphql-java/3255-instrumentResult-is-called
  • 52f1d0f #3255 fixes when instrumentExecutionResult on AbortExecutionException
  • f264712 Merge pull request #3260 from graphql-java/dependabot/gradle/org.codehaus.gro...
  • ca75339 Bump org.codehaus.groovy:groovy from 3.0.17 to 3.0.18
  • 5adf273 Merge pull request #3259 from graphql-java/dependabot/gradle/org.codehaus.gro...
  • 692a2ec Merge pull request #3258 from graphql-java/dependabot/gradle/com.google.guava...
  • 42d0985 Adding builder for QueryDirectives
  • a1158c6 Bump org.codehaus.groovy:groovy-json from 3.0.17 to 3.0.18
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.