[Snyk] Upgrade @apollo/client from 3.1.1 to 3.8.4 #1675
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade @apollo/client from 3.1.1 to 3.8.4.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-APOLLOCLIENT-1085706
Why? Has a fix available, CVSS 5.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: @apollo/client
Patch Changes
9e59b251d
Thanks @ phryneas! - Forinvariant.log
etc., error arguments are now serialized correctly in the link to the error page.Patch Changes
fd2a4cf0c
Thanks @ phryneas! - Call devtools registration after ApolloClient is fully set up.Patch Changes
#10072
51045c336
Thanks @ Huulivoide! - Fixes race conditions in useReactiveVar that may prevent updates to the reactive variable from propagating through the hook.#11162
d9685f53c
Thanks @ jerelmiller! - Ensures GraphQL errors returned in subscription payloads adhere to theerrorPolicy
set inclient.subscribe(...)
calls.#11134
96492e142
Thanks @ alessbell! - Use separate type imports in useSuspenseQuery and useBackgroundQuery to workaround SWC compiler issue.#11117
6b8198109
Thanks @ phryneas! - Adds a new devtools registration mechanism and tweaks the mechanism behind the"devtools not found" mechanic.
#11186
f1d429f32
Thanks @ jerelmiller! - Fix an issue where race conditions when rapidly switching between variables would sometimes result in the wrongdata
returned from the query. Specifically this occurs when a query is triggered with an initial set of variables (VariablesA
), then triggers the same query with another set of variables (VariablesB
) but switches back to theVariablesA
before the response forVariablesB
is returned. Previously this would result in the data forVariablesB
to be displayed whileVariablesA
was active. The data is forVariablesA
is now properly returned.#11163
a8a9e11e9
Thanks @ bignimbus! - Fix typo in error message: "occured" -> "occurred"#11180
7d9c481e5
Thanks @ jerelmiller! - Fixes an issue where refetching fromuseBackgroundQuery
viarefetch
with an error after an error was already fetched would get stuck in a loading state.Patch Changes
#11141
c469b1616
Thanks @ jerelmiller! - Remove newly exported response iterator helpers that caused problems on some installs where@ types/node
was not available.IMPORTANT
The following exports were added in version 3.8.0 that are removed with this patch.
isAsyncIterableIterator
isBlob
isNodeReadableStream
isNodeResponse
isReadableStream
isStreamableBlob
Read more
3.8.0-rc.2
Minor Changes
#11112
b4aefcfe9
Thanks @ jerelmiller! - Adds support for askipToken
sentinel that can be used asoptions
inuseSuspenseQuery
anduseBackgroundQuery
to skip execution of a query. This works identically to theskip
option but is more type-safe and as such, becomes the recommended way to skip query execution. As such, theskip
option has been deprecated in favor ofskipToken
.We are considering the removal of the
skip
option fromuseSuspenseQuery
anduseBackgroundQuery
in the next major. We are releasing with it now to make migration fromuseQuery
easier and makeskipToken
more discoverable.const id: number | undefined;
const { data } = useSuspenseQuery(
query,
id ? { variables: { id } } : skipToken
);
Breaking change
Previously
useBackgroundQuery
would always return aqueryRef
whenever query execution was skipped. This behavior been updated to return aqueryRef
only when query execution is enabled. If initializing the hook with it skipped,queryRef
is now returned asundefined
.To migrate, conditionally render the component that accepts the
queryRef
as props.Before
const [queryRef] = useBackgroundQuery(query, skip ? skipToken : undefined);
// ^? QueryReference<TData | undefined>
return <Child queryRef={queryRef} />;
}
function Child({
queryRef,
}: {
queryRef: QueryReference<TData | undefined>;
}) {
const { data } = useReadQuery(queryRef);
}
After
const [queryRef] = useBackgroundQuery(query, skip ? skipToken : undefined);
// ^? QueryReference<TData> | undefined
return queryRef ? <Child queryRef={queryRef} /> : null;
}
function Child({ queryRef }: { queryRef: QueryReference<TData> }) {
const { data } = useReadQuery(queryRef);
}
Patch Changes
#11086
0264fee06
Thanks @ jerelmiller! - Fix an issue where a call torefetch
,fetchMore
, or changingskip
tofalse
that returned a result deeply equal to data in the cache would get stuck in a pending state and never resolve.#11115
78739e3ef
Thanks @ phryneas! - Enforceexport type
for all type-level exports.#11103
e3d611daf
Thanks @ caylahamann! - Fixes a bug inuseMutation
so thatonError
is called when an error is returned from the request witherrorPolicy
set to 'all' .#11083
f766e8305
Thanks @ phryneas! - Adjust the rerender timing ofuseQuery
to more closely align withuseFragment
. This means that cache updates delivered to both hooks should trigger renders at relatively the same time. Previously, theuseFragment
might rerender much faster leading to some confusion.#11082
0f1cde3a2
Thanks @ phryneas! - Restore Apollo Client 3.7getApolloContext
behaviour3.8.0-rc.1
Patch Changes
4473e925a
Thanks @ jerelmiller! - #10509 introduced some helpers for determining the type of operation for a GraphQL query. This imported theOperationTypeNode
from graphql-js which is not available in GraphQL 14. To maintain compatibility with graphql-js v14, this has been reverted to use plain strings.3.8.0-rc.0
Minor Changes
#11058
89bf33c42
Thanks @ phryneas! - (Batch)HttpLink: PropagateAbortError
s to the user when a user-providedsignal
is passed to the link. Previously, these links would swallow allAbortErrors
, potentially causing queries and mutations to never resolve. As a result of this change, users are now expected to handleAbortError
s when passing in a user-providedsignal
.#11040
125ef5b2a
Thanks @ phryneas! -HttpLink
/BatchHttpLink
: Abort theAbortController
signal more granularly.Before this change, when
HttpLink
/BatchHttpLink
created anAbortController
internally, the signal would always be
.abort
ed after the request was completed. This could cause issues with Sentry Session Replay and Next.js App Router Cache invalidations, which just replayed the fetch with the same options - including the cancelledAbortSignal
.With this change, the
AbortController
will only be.abort()
ed by outside events,not as a consequence of the request completing.
Patch Changes
#11053
c0ca70720
Thanks @ phryneas! - AddSuspenseCache
as a lazy hidden property on ApolloClient.This means that
SuspenseCache
is now an implementation details of Apollo Clientand you no longer need to manually instantiate it and no longer need to pass it
into
ApolloProvider
.Trying to instantiate a
SuspenseCache
instance in your code will now throw anerror.
Migration:
-const suspenseCache = new SuspenseCache();
-<ApolloProvider client={client} suspenseCache={suspenseCache} />;
+<ApolloProvider client={client} />;
Read more
3.8.0-beta.6
Patch Changes
#11027
e47cfd04e
Thanks @ phryneas! - Prevents the DevTool installation warning to be turned into a documentation link.#11013
5ed2cfdaf
Thanks @ alessbell! - Make private fieldsinFlightLinkObservables
andfetchCancelFns
protected in QueryManager in order to make types available in@ apollo/experimental-nextjs-app-support
package when extending theApolloClient
class.#11032
6a4da900a
Thanks @ jerelmiller! - Throw errors inuseSuspenseQuery
for errors returned in incremental chunks whenerrorPolicy
isnone
. This provides a more consistent behavior of theerrorPolicy
in the hook.Potentially breaking change
Previously, if you issued a query with
@ defer
and relied onerrorPolicy: 'none'
to set theerror
property returned fromuseSuspenseQuery
when the error was returned in an incremental chunk, this error is now thrown. Switch theerrorPolicy
toall
to avoid throwing the error and instead return it in theerror
property.#11025
6092b6edf
Thanks @ jerelmiller! -useSuspenseQuery
anduseBackgroundQuery
will now properly apply changes to its options between renders.Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs