build(deps): bump graphql-java from 20.2 to 21.0 #1152

dependabot · 2023-07-11T22:35:22Z

Bumps graphql-java from 20.2 to 21.0.

Release notes

21.0

We are pleased to announce the release of graphql-java v21.0. This is a breaking change release.

Thanks to everyone in the community who contributed to the release, whether that was code, helping to report issues, or participating in discussions.

And Happy 8th Birthday to graphql-java, who celebrated their birthday last week!

Breaking Changes

Upgraded to Java 11

graphql-java now requires Java 11 as a minimum version. See the blog announcing the change.

For those who need time to upgrade to Java 11, keep in mind we will support graphql-java 20.x (with Java 8) for a short period as per our release policy.

If you are wondering why we are not on a later version, graphql-java has always been conservative on its base JVM version to allow the widest possible set of consumers.

Reverted stricter scalar parseValue coercion, added monitoring and interceptor callback

v20.0 introduced a stricter set of scalar parseValue coercions - for example previously an Integer would accept a string if it parsed into a number but that was removed and a more strict system was put in place.

While technically more correct, and consistent with the graphql-js reference implementation, in practice this proved problematic for some consumers. So this more stricter parseValue coercion was reverted in v20.3.

We would like to re-introduce this more strict scalar parseValue conversion in the future and to that end we have introduced a graphql.execution.values.InputInterceptor callback that allows you to observe what values you are receiving and potentially do special tweaking of those values.

A graphql.execution.values.legacycoercing.LegacyCoercingInputInterceptor implementation will convert old less strict values into then more strict values for example.

If you had problems with scalar values we urge you to use the new InputInterceptor to learn what less strict values are coming into your systems and fix them up. That way, when a future version re-introduces the more strict (and more correct) coercion then you will be prepared.

Static recordLike() methods no longer supported

In v20, the PropertyDataFetcher would read property values from recordLike() methods on objects even if they were static methods. This caused problems for some users and after considering how to fix it and talking to some our major consumers like the Spring team, we decided to remove this behavior. On balance we think this will lead to a better outcome over the long term.

This is a breaking change for those who might have relied on a static recordLike() method being called for a property.

Removal of old deprecated methods and classes

The following PRs removed old deprecated methods and class. The changes are breaking ones but these have been deprecated for a long time.

graphql-java/graphql-java#3232

graphql-java/graphql-java#3231

Other small breaking changes

A very minor breaking change is that graphql.execution.ExecutionStrategy had a protected method protected Iterable<Object> toIterable(Object result) which really is a utility method and not designed for overriding. graphql.util.FpKit#toIterable is the preferred replacement.

What's new in v21

ExecutableNormalisedXXX is now public API

... (truncated)

Commits

c1395c8 Merge pull request #3251 from graphql-java/static_property_like_methods_shoul...
51206b0 Merge pull request #3261 from graphql-java/factory_for_query_directives
09e63ae Merge pull request #3262 from graphql-java/3255-instrumentResult-is-called
52f1d0f #3255 fixes when instrumentExecutionResult on AbortExecutionException
f264712 Merge pull request #3260 from graphql-java/dependabot/gradle/org.codehaus.gro...
ca75339 Bump org.codehaus.groovy:groovy from 3.0.17 to 3.0.18
5adf273 Merge pull request #3259 from graphql-java/dependabot/gradle/org.codehaus.gro...
692a2ec Merge pull request #3258 from graphql-java/dependabot/gradle/com.google.guava...
42d0985 Adding builder for QueryDirectives
a1158c6 Bump org.codehaus.groovy:groovy-json from 3.0.17 to 3.0.18
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [graphql-java](https://github.com/graphql-java/graphql-java) from 20.2 to 21.0. - [Release notes](https://github.com/graphql-java/graphql-java/releases) - [Commits](graphql-java/graphql-java@v20.2...v21.0) --- updated-dependencies: - dependency-name: com.graphql-java:graphql-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>