Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade @apollo/client from 3.3.20 to 3.8.1 #439

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade @apollo/client from 3.3.20 to 3.8.1 #439

wants to merge 1 commit into from

Conversation

victorcmarinho
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @apollo/client from 3.3.20 to 3.8.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 197 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2023-08-10.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Information Exposure
SNYK-JS-APOLLOCLIENT-1085706		 479/1000
Why? Has a fix available, CVSS 5.3		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @apollo/client
  • 3.8.1 - 2023-08-10

    Patch Changes

    • #11141 c469b1616 Thanks @ jerelmiller! - Remove newly exported response iterator helpers that caused problems on some installs where @ types/node was not available.

      IMPORTANT

      The following exports were added in version 3.8.0 that are removed with this patch.

      • isAsyncIterableIterator
      • isBlob
      • isNodeReadableStream
      • isNodeResponse
      • isReadableStream
      • isStreamableBlob
  • 3.8.0 - 2023-08-07
    Read more
  • 3.8.0-rc.2 - 2023-08-01

    3.8.0-rc.2

    Minor Changes

    • #11112 b4aefcfe9 Thanks @ jerelmiller! - Adds support for a skipToken sentinel that can be used as options in useSuspenseQuery and useBackgroundQuery to skip execution of a query. This works identically to the skip option but is more type-safe and as such, becomes the recommended way to skip query execution. As such, the skip option has been deprecated in favor of skipToken.

      We are considering the removal of the skip option from useSuspenseQuery and useBackgroundQuery in the next major. We are releasing with it now to make migration from useQuery easier and make skipToken more discoverable.

      import { skipToken } from "@ apollo/client";

      const id: number | undefined;

      const { data } = useSuspenseQuery(
      query,
      id ? { variables: { id } } : skipToken
      );

      Breaking change

      Previously useBackgroundQuery would always return a queryRef whenever query execution was skipped. This behavior been updated to return a queryRef only when query execution is enabled. If initializing the hook with it skipped, queryRef is now returned as undefined.

      To migrate, conditionally render the component that accepts the queryRef as props.

      Before

      function Parent() {
      const [queryRef] = useBackgroundQuery(query, skip ? skipToken : undefined);
      // ^? QueryReference<TData | undefined>

      return <Child queryRef={queryRef} />;
      }

      function Child({
      queryRef,
      }: {
      queryRef: QueryReference<TData | undefined>;
      }) {
      const { data } = useReadQuery(queryRef);
      }

      After

      function Parent() {
      const [queryRef] = useBackgroundQuery(query, skip ? skipToken : undefined);
      // ^? QueryReference<TData> | undefined

      return queryRef ? <Child queryRef={queryRef} /> : null;
      }

      function Child({ queryRef }: { queryRef: QueryReference<TData> }) {
      const { data } = useReadQuery(queryRef);
      }

    Patch Changes

    • #11086 0264fee06 Thanks @ jerelmiller! - Fix an issue where a call to refetch, fetchMore, or changing skip to false that returned a result deeply equal to data in the cache would get stuck in a pending state and never resolve.

    • #11115 78739e3ef Thanks @ phryneas! - Enforce export type for all type-level exports.

    • #11103 e3d611daf Thanks @ caylahamann! - Fixes a bug in useMutation so that onError is called when an error is returned from the request with errorPolicy set to 'all' .

    • #11083 f766e8305 Thanks @ phryneas! - Adjust the rerender timing of useQuery to more closely align with useFragment. This means that cache updates delivered to both hooks should trigger renders at relatively the same time. Previously, the useFragment might rerender much faster leading to some confusion.

    • #11082 0f1cde3a2 Thanks @ phryneas! - Restore Apollo Client 3.7 getApolloContext behaviour

  • 3.8.0-rc.1 - 2023-07-17

    3.8.0-rc.1

    Patch Changes

    • #11071 4473e925a Thanks @ jerelmiller! - #10509 introduced some helpers for determining the type of operation for a GraphQL query. This imported the OperationTypeNode from graphql-js which is not available in GraphQL 14. To maintain compatibility with graphql-js v14, this has been reverted to use plain strings.
  • 3.8.0-rc.0 - 2023-07-13

    3.8.0-rc.0

    Minor Changes

    • #11058 89bf33c42 Thanks @ phryneas! - (Batch)HttpLink: Propagate AbortErrors to the user when a user-provided signal is passed to the link. Previously, these links would swallow all AbortErrors, potentially causing queries and mutations to never resolve. As a result of this change, users are now expected to handle AbortErrors when passing in a user-provided signal.

    • #11040 125ef5b2a Thanks @ phryneas! - HttpLink/BatchHttpLink: Abort the AbortController signal more granularly.
      Before this change, when HttpLink/BatchHttpLink created an AbortController
      internally, the signal would always be .aborted after the request was completed. This could cause issues with Sentry Session Replay and Next.js App Router Cache invalidations, which just replayed the fetch with the same options - including the cancelled AbortSignal.

      With this change, the AbortController will only be .abort()ed by outside events,
      not as a consequence of the request completing.

    Patch Changes

    • #11053 c0ca70720 Thanks @ phryneas! - Add SuspenseCache as a lazy hidden property on ApolloClient.
      This means that SuspenseCache is now an implementation details of Apollo Client
      and you no longer need to manually instantiate it and no longer need to pass it
      into ApolloProvider.
      Trying to instantiate a SuspenseCache instance in your code will now throw an
      error.

      Migration:

      -import { SuspenseCache } from '@ apollo/client';

      -const suspenseCache = new SuspenseCache();

      -<ApolloProvider client={client} suspenseCache={suspenseCache} />;
      +<ApolloProvider client={client} />;

  • 3.8.0-beta.7 - 2023-07-10

    3.8.0-beta.7

    Minor Changes

    • #10994 2ebbd3abb Thanks @ phryneas! - Add .js file extensions to imports in src and dist/*/.d.ts

    • #11045 9c1d4a104 Thanks @ jerelmiller! - When changing variables back to a previously used set of variables, do not automatically cache the result as part of the query reference. Instead, dispose of the query reference so that the InMemoryCache can determine the cached behavior. This means that fetch policies that would guarantee a network request are now honored when switching back to previously used variables.

    • #10915 3a62d8228 Thanks @ phryneas! - Changes how development-only code is bundled in the library to more reliably enable consuming bundlers to reduce production bundle sizes while keeping compatibility with non-node environments.

    Patch Changes

    • #11026 b8d405eee Thanks @ phryneas! - Store React.Context instance mapped by React.createContext instance, not React.version.
      Using React.version can cause problems with preact, as multiple versions of preact will all identify themselves as React 17.0.2.

    • #11000 1d43ab616 Thanks @ phryneas! - Use import * as React everywhere. This prevents an error when importing @ apollo/client in a React Server component. (see #10974)

    • #11035 a3ab7456d Thanks @ jerelmiller! - Incrementally re-render deferred queries after calling refetch or setting skip to false to match the behavior of the initial fetch. Previously, the hook would not re-render until the entire result had finished loading in these cases.

  • 3.8.0-beta.6 - 2023-07-05

    3.8.0-beta.6

    Patch Changes

    • #11027 e47cfd04e Thanks @ phryneas! - Prevents the DevTool installation warning to be turned into a documentation link.

    • #11013 5ed2cfdaf Thanks @ alessbell! - Make private fields inFlightLinkObservables and fetchCancelFns protected in QueryManager in order to make types available in @ apollo/experimental-nextjs-app-support package when extending the ApolloClient class.

    • #11032 6a4da900a Thanks @ jerelmiller! - Throw errors in useSuspenseQuery for errors returned in incremental chunks when errorPolicy is none. This provides a more consistent behavior of the errorPolicy in the hook.

      Potentially breaking change

      Previously, if you issued a query with @ defer and relied on errorPolicy: 'none' to set the error property returned from useSuspenseQuery when the error was returned in an incremental chunk, this error is now thrown. Switch the errorPolicy to all to avoid throwing the error and instead return it in the error property.

    • #11025 6092b6edf Thanks @ jerelmiller! - useSuspenseQuery and useBackgroundQuery will now properly apply changes to its options between renders.

  • 3.8.0-beta.5 - 2023-06-28
    Read more
  • 3.8.0-beta.4 - 2023-06-20

    3.8.0-beta.4

    Patch Changes

    • #10940 1d38f128f Thanks @ jerelmiller! - Add support for the skip option in useBackgroundQuery and useSuspenseQuery. Setting this option to true will avoid a network request.
  • 3.8.0-beta.3 - 2023-06-15
  • 3.8.0-beta.2 - 2023-06-07
  • 3.8.0-beta.1 - 2023-05-31
  • 3.8.0-beta.0 - 2023-05-26
  • 3.8.0-alpha.15 - 2023-05-17
  • 3.8.0-alpha.14 - 2023-05-16
  • 3.8.0-alpha.13 - 2023-05-03
  • 3.8.0-alpha.12 - 2023-04-13
  • 3.8.0-alpha.11 - 2023-03-28
  • 3.8.0-alpha.10 - 2023-03-17
  • 3.8.0-alpha.9 - 2023-03-15
  • 3.8.0-alpha.8 - 2023-03-02
  • 3.8.0-alpha.7 - 2023-02-15
  • 3.8.0-alpha.6 - 2023-02-07
  • 3.8.0-alpha.5 - 2023-01-19
  • 3.8.0-alpha.4 - 2023-01-13
  • 3.8.0-alpha.3 - 2023-01-03
  • 3.8.0-alpha.2 - 2022-12-21
  • 3.8.0-alpha.1 - 2022-12-21
  • 3.8.0-alpha.0 - 2022-12-09
  • 3.7.17 - 2023-07-05

    Patch Changes

    • #10631 b93388d75 Thanks @ phryneas! - ObservableQuery.getCurrentResult: skip the cache if the running query should not access the cache
  • 3.7.16 - 2023-06-20
  • 3.7.15 - 2023-05-26
  • 3.7.14 - 2023-05-03
  • 3.7.13 - 2023-04-27
  • 3.7.12 - 2023-04-12
  • 3.7.11 - 2023-03-31
  • 3.7.10 - 2023-03-02
  • 3.7.9 - 2023-02-17
  • 3.7.8 - 2023-02-15
  • 3.7.7 - 2023-02-03
  • 3.7.6 - 2023-01-31
  • 3.7.5 - 2023-01-24
  • 3.7.4 - 2023-01-13
  • 3.7.3 - 2022-12-15
  • 3.7.2 - 2022-12-06
  • 3.7.1 - 2022-10-20
  • 3.7.0 - 2022-09-30
  • 3.7.0-rc.0 - 2022-09-21
  • 3.7.0-beta.8 - 2022-09-21
  • 3.7.0-beta.7 - 2022-09-08
  • 3.7.0-beta.6 - 2022-06-27
  • 3.7.0-beta.5 - 2022-06-10
  • 3.7.0-beta.4 - 2022-06-10
  • 3.7.0-beta.3 - 2022-06-07
  • 3.7.0-beta.2 - 2022-06-07
  • 3.7.0-beta.1 - 2022-05-26
  • 3.7.0-beta.0 - 2022-05-25
  • 3.7.0-alpha.6 - 2022-05-19
  • 3.7.0-alpha.5 - 2022-05-16
  • 3.7.0-alpha.4 - 2022-05-13
  • 3.7.0-alpha.3 - 2022-05-09
  • 3.7.0-alpha.2 - 2022-05-03
  • 3.7.0-alpha.1 - 2022-05-03
  • 3.7.0-alpha.0 - 2022-04-27
  • 3.6.10 - 2022-09-29
  • 3.6.9 - 2022-06-21
  • 3.6.8 - 2022-06-10
  • 3.6.7 - 2022-06-10
  • 3.6.6 - 2022-05-26
  • 3.6.5 - 2022-05-23
  • 3.6.4 - 2022-05-16
  • 3.6.3 - 2022-05-05
  • 3.6.2 - 2022-05-03
  • 3.6.1 - 2022-04-28
  • 3.6.0 - 2022-04-26
  • 3.6.0-rc.1 - 2022-04-19
  • 3.6.0-rc.0 - 2022-04-18
  • 3.6.0-beta.13 - 2022-04-14
  • 3.6.0-beta.12 - 2022-04-11
  • 3.6.0-beta.11 - 2022-04-05
  • 3.6.0-beta.10 - 2022-03-29
  • 3.6.0-beta.9 - 2022-03-10
  • 3.6.0-beta.8 - 2022-03-10
  • 3.6.0-beta.7 - 2022-03-10
  • 3.6.0-beta.6 - 2022-02-15
  • 3.6.0-beta.5 - 2022-02-04
  • 3.6.0-beta.4 - 2022-02-03
  • 3.6.0-beta.3 - 2021-11-23
  • 3.6.0-beta.2 - 2021-11-22
  • 3.6.0-beta.1 - 2021-11-16
  • 3.6.0-beta.0 - 2021-11-16
  • 3.5.10 - 2022-02-24
  • 3.5.9 - 2022-02-15
  • 3.5.8 - 2022-01-24
  • 3.5.7 - 2022-01-10
  • 3.5.6 - 2021-12-07
  • 3.5.5 - 2021-11-23
  • 3.5.4 - 2021-11-19
  • 3.5.3 - 2021-11-17
  • 3.5.2 - 2021-11-10
  • 3.5.1 - 2021-11-09
  • 3.5.0 - 2021-11-08
  • 3.5.0-rc.3 - 2021-11-03
  • 3.5.0-rc.2 - 2021-10-22
  • 3.5.0-rc.1 - 2021-10-04
  • 3.5.0-rc.0 - 2021-10-04
  • 3.5.0-beta.18 - 2021-10-01
  • 3.5.0-beta.17 - 2021-09-27
  • 3.5.0-beta.16 - 2021-09-20
  • 3.5.0-beta.15 - 2021-09-17
  • 3.5.0-beta.14 - 2021-09-17
  • 3.5.0-beta.13 - 2021-09-13
  • 3.5.0-beta.12 - 2021-09-10
  • 3.5.0-beta.11 - 2021-08-30
  • 3.5.0-beta.10 - 2021-08-30
  • 3.5.0-beta.9 - 2021-08-26
  • 3.5.0-beta.8 - 2021-08-24
  • 3.5.0-beta.7 - 2021-08-23
  • 3.5.0-beta.6 - 2021-08-18
  • 3.5.0-beta.5 - 2021-08-09
  • 3.5.0-beta.4 - 2021-08-04
  • 3.5.0-beta.3 - 2021-08-03
  • 3.5.0-beta.2 - 2021-08-02
  • 3.5.0-beta.1 - 2021-07-29
  • 3.5.0-beta.0 - 2021-07-28
  • 3.4.17 - 2021-11-08
  • 3.4.16 - 2021-10-04
  • 3.4.15 - 2021-09-27
  • 3.4.14 - 2021-09-27
  • 3.4.13 - 2021-09-20
  • 3.4.12 - 2021-09-17
  • 3.4.11 - 2021-09-10
  • 3.4.10 - 2021-08-27
  • 3.4.9 - 2021-08-24
  • 3.4.8 - 2021-08-16
  • 3.4.7 - 2021-08-09
  • 3.4.6 - 2021-08-09
  • 3.4.5 - 2021-08-04
  • 3.4.4 - 2021-08-03
  • 3.4.3 - 2021-08-02
  • 3.4.2 - 2021-08-02
  • 3.4.1 - 2021-07-29
  • 3.4.0 - 2021-07-28
  • 3.4.0-rc.23 - 2021-07-23
  • 3.4.0-rc.22 - 2021-07-22
  • 3.4.0-rc.21 - 2021-07-19
  • 3.4.0-rc.20 - 2021-07-15
  • 3.4.0-rc.19 - 2021-07-12
  • 3.4.0-rc.18 - 2021-07-09
  • 3.4.0-rc.17 - 2021-07-06
  • 3.4.0-rc.16 - 2021-07-06
  • 3.4.0-rc.15 - 2021-06-28
  • 3.4.0-rc.14 - 2021-06-24
  • 3.4.0-rc.13 - 2021-06-23
  • 3.4.0-rc.12 - 2021-06-22
  • 3.4.0-rc.11 - 2021-06-17
  • 3.4.0-rc.10 - 2021-06-16
  • 3.4.0-rc.9 - 2021-06-16
  • 3.4.0-rc.8 - 2021-06-16
  • 3.4.0-rc.7 - 2021-06-15
  • 3.4.0-rc.6 - 2021-06-08
  • 3.4.0-rc.5 - 2021-06-07
  • 3.4.0-rc.4 - 2021-06-04
  • 3.4.0-rc.3 - 2021-06-02
  • 3.4.0-rc.2 - 2021-05-26
  • 3.4.0-rc.1 - 2021-05-25
  • 3.4.0-rc.0 - 2021-05-19
  • 3.4.0-beta.28 - 2021-05-19
  • 3.4.0-beta.27 - 2021-05-18
  • 3.4.0-beta.26 - 2021-05-12
  • 3.4.0-beta.25 - 2021-05-11
  • 3.4.0-beta.24 - 2021-05-05
  • 3.4.0-beta.23 - 2021-04-13
  • 3.4.0-beta.22 - 2021-04-10
  • 3.4.0-beta.21 - 2021-04-07
  • 3.4.0-beta.20 - 2021-04-05
  • 3.4.0-beta.19 - 2021-03-26
  • 3.4.0-beta.18 - 2021-03-26
  • 3.4.0-beta.17 - 2021-03-25
  • 3.4.0-beta.16 - 2021-03-24
  • 3.4.0-beta.15 - 2021-03-17
  • 3.4.0-beta.14 - 2021-03-15
  • 3.4.0-beta.13 - 2021-03-11
  • 3.4.0-beta.12 - 2021-03-03
  • 3.4.0-beta.11 - 2021-02-14
  • 3.4.0-beta.10 - 2021-02-09
  • 3.4.0-beta.9 - 2021-02-09
  • 3.4.0-beta.8 - 2021-02-05
  • 3.4.0-beta.7 - 2021-02-04
  • 3.4.0-beta.6 - 2021-01-29
  • 3.4.0-beta.5 - 2021-01-29
  • 3.4.0-beta.4 - 2020-12-16
  • 3.4.0-beta.3 - 2020-12-12
  • 3.4.0-beta.2 - 2020-12-04
  • 3.4.0-beta.1 - 2020-12-03
  • 3.4.0-beta.0 - 2020-12-01
  • 3.3.21 - 2021-07-06
  • 3.3.20 - 2021-06-08
from @apollo/client GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@victorcmarinho @snyk-bot