graphql-java/graphql-java
### [`v20.4`](https://togithub.com/graphql-java/graphql-java/releases/tag/v20.4): 20.4
This is a special release with only one commit: updating the version of Guava to 32.0.0 to address CVE-2023-2976.
graphql-java shades in selected classes of Guava. Although this library does not use any of the code described in the CVE, we received reports in [#3239](https://togithub.com/graphql-java/graphql-java/issues/3239) that the Guava POM inside the jar was incorrectly triggering security scanners. We'd prefer to keep those security scanners happy and upgrade the Guava version.
#### What's Changed
- Update Guava version for v20 by [@dondonz](https://togithub.com/dondonz) in [https://github.com/graphql-java/graphql-java/pull/3245](https://togithub.com/graphql-java/graphql-java/pull/3245)
**Full Changelog**: https://github.com/graphql-java/graphql-java/compare/v20.3...v20.4
### [`v20.3`](https://togithub.com/graphql-java/graphql-java/releases/tag/v20.3): 20.3
This is a special release with only one commit: reverting stricter `parseValue` scalar coercion. It is a backport of [https://github.com/graphql-java/graphql-java/pull/3186](https://togithub.com/graphql-java/graphql-java/pull/3186)
We received feedback that the stricter coercion was difficult without a migration pathway. The next release will include an input interceptor to enable monitoring and/or custom modification of inputs.
#### What's Changed
- Add backport of scalar coercion reversion PR [#3186](https://togithub.com/graphql-java/graphql-java/issues/3186) by [@dondonz](https://togithub.com/dondonz) in [https://github.com/graphql-java/graphql-java/pull/3230](https://togithub.com/graphql-java/graphql-java/pull/3230)
**Full Changelog**: https://github.com/graphql-java/graphql-java/compare/v20.2...v20.3
Configuration
š Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
4.0.0.2929
->4.2.1.3168
2.15.1
->2.15.2
2.15.1
->2.15.2
2.15.1
->2.15.2
2.15.1
->2.15.2
20.2
->20.4
Release Notes
graphql-java/graphql-java
### [`v20.4`](https://togithub.com/graphql-java/graphql-java/releases/tag/v20.4): 20.4 This is a special release with only one commit: updating the version of Guava to 32.0.0 to address CVE-2023-2976. graphql-java shades in selected classes of Guava. Although this library does not use any of the code described in the CVE, we received reports in [#3239](https://togithub.com/graphql-java/graphql-java/issues/3239) that the Guava POM inside the jar was incorrectly triggering security scanners. We'd prefer to keep those security scanners happy and upgrade the Guava version. #### What's Changed - Update Guava version for v20 by [@dondonz](https://togithub.com/dondonz) in [https://github.com/graphql-java/graphql-java/pull/3245](https://togithub.com/graphql-java/graphql-java/pull/3245) **Full Changelog**: https://github.com/graphql-java/graphql-java/compare/v20.3...v20.4 ### [`v20.3`](https://togithub.com/graphql-java/graphql-java/releases/tag/v20.3): 20.3 This is a special release with only one commit: reverting stricter `parseValue` scalar coercion. It is a backport of [https://github.com/graphql-java/graphql-java/pull/3186](https://togithub.com/graphql-java/graphql-java/pull/3186) We received feedback that the stricter coercion was difficult without a migration pathway. The next release will include an input interceptor to enable monitoring and/or custom modification of inputs. #### What's Changed - Add backport of scalar coercion reversion PR [#3186](https://togithub.com/graphql-java/graphql-java/issues/3186) by [@dondonz](https://togithub.com/dondonz) in [https://github.com/graphql-java/graphql-java/pull/3230](https://togithub.com/graphql-java/graphql-java/pull/3230) **Full Changelog**: https://github.com/graphql-java/graphql-java/compare/v20.2...v20.3Configuration
š Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.