Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pull 2.8.5 and 2.9.0 release updates into next #3133

Merged
merged 7 commits into from
Aug 30, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 0 additions & 6 deletions .changeset/cuddly-badgers-sit.md

This file was deleted.

7 changes: 0 additions & 7 deletions .changeset/fast-points-wonder.md

This file was deleted.

6 changes: 0 additions & 6 deletions .changeset/happy-bats-exist.md

This file was deleted.

6 changes: 0 additions & 6 deletions .changeset/poor-seahorses-whisper.md

This file was deleted.

1 change: 1 addition & 0 deletions .cspell/cspell-dict.txt
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,7 @@ follwoing
fooz
Fragmentization
fufilled
GHSA
Gmsuh
gqlgen
Graphi
Expand Down
22 changes: 22 additions & 0 deletions composition-js/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,27 @@
# CHANGELOG for `@apollo/composition`

## 2.9.0

### Minor Changes

- Implements two new directives for defining custom costs for demand control. The `@cost` directive allows setting a custom weight to a particular field in the graph, overriding the default cost calculation. The `@listSize` directive gives the cost calculator information about how to estimate the size of lists returned by subgraphs. This can either be a static size or a value derived from input arguments, such as paging parameters. ([#3074](https://github.com/apollographql/federation/pull/3074))

### Patch Changes

- Reduce memory overhead during satisfiability checking when there are many options. ([#3109](https://github.com/apollographql/federation/pull/3109))

- Updated dependencies [[`acfe3193429c7f99b4fc564b20828aaa8659a75c`](https://github.com/apollographql/federation/commit/acfe3193429c7f99b4fc564b20828aaa8659a75c), [`02c2a34a62c3717a4885449172e404f19ebf66c9`](https://github.com/apollographql/federation/commit/02c2a34a62c3717a4885449172e404f19ebf66c9), [`0ccfd937d4b4a576f890665ceebbd7986fac5d0c`](https://github.com/apollographql/federation/commit/0ccfd937d4b4a576f890665ceebbd7986fac5d0c), [`e0a5075c0d12a0e2f7ef303b246e3216a139d3e0`](https://github.com/apollographql/federation/commit/e0a5075c0d12a0e2f7ef303b246e3216a139d3e0)]:
- @apollo/[email protected]
- @apollo/[email protected]

## 2.8.5

### Patch Changes

- Updated dependencies []:
- @apollo/[email protected]
- @apollo/[email protected]

## 2.8.4

### Patch Changes
Expand Down
6 changes: 3 additions & 3 deletions composition-js/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@apollo/composition",
"version": "2.8.4",
"version": "2.9.0",
"description": "Apollo Federation composition utilities",
"main": "dist/index.js",
"types": "dist/index.d.ts",
Expand All @@ -27,8 +27,8 @@
"access": "public"
},
"dependencies": {
"@apollo/federation-internals": "2.8.4",
"@apollo/query-graphs": "2.8.4"
"@apollo/federation-internals": "2.9.0",
"@apollo/query-graphs": "2.9.0"
},
"peerDependencies": {
"graphql": "^16.5.0"
Expand Down
6 changes: 6 additions & 0 deletions docs/source/entities/index.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@ subtitle: Learn how to define federated types across multiple subgraphs
description: Learn to define and contribute to object types that resolve their fields across multiple services in a federated GraphQL architecture.
---

<SummitCallout
topic="entities"
workshopName="Federation from day 1: Thinking in entities"
URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712947980868001Lumq"
/>

_Entities_ are a fundamental building block of Apollo Federation.
In a supergraph, an entity is an object type that can resolve its fields across multiple subgraphs.
Each subgraph can contribute different fields to the entity and is responsible for resolving only the fields that it contributes.
Expand Down
2 changes: 1 addition & 1 deletion docs/source/federation-2/moving-to-federation-2.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@ Federation 2 provides powerful new features that require making some changes to
- Safely migrating fields from one subgraph to another with [`@override`](../federated-types/federated-directives#override)
- Hiding internal routing fields from graph consumers with [`@inaccessible`](../federated-types/federated-directives#inaccessible)

The schema changes you make are backward incompatible with Federation 1, which means you won't be able to use Federation 1 composition anymore unless you revert those changes.
The schema changes you make are not backward compatible with Federation 1, which means you won't be able to use Federation 1 composition anymore unless you revert those changes.

### Update your subgraph library

Expand Down
6 changes: 6 additions & 0 deletions docs/source/index.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@ subtitle: Learn how to combine your GraphQL APIs into a unified supergraph
description: Learn how Apollo Federation can help you declaratively combine your services into a unified, federated GraphQL API using a microservices architecture.
---

<SummitCallout
topic="federation"
workshopName="Federation from day 1: Thinking in entities"
URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712947980868001Lumq"
/>

## What is Apollo Federation?

Apollo Federation lets you declaratively combine multiple GraphQL APIs into a single, federated graph. This federated graph enables clients to interact with multiple APIs through a single request.
Expand Down
6 changes: 6 additions & 0 deletions docs/source/quickstart.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,12 @@ To learn more about Apollo Federation and the benefits of using it with GraphOS,
- [Introduction to Apollo Federation](./)
- [Introduction to GraphOS](/graphos)

<SummitCallout
topic="federation"
workshopName="Federation from day 1: Thinking in entities"
URL="https://reg.summit.graphql.com/flow/apollo/summit24/AttendeePortal/page/catalog/session/1712947980868001Lumq"
/>

## Prerequisites

To complete this quickstart, you must have the following:
Expand Down
4 changes: 4 additions & 0 deletions federation-integration-testsuite-js/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# CHANGELOG for `federation-integration-testsuite-js`

## 2.9.0

## 2.8.5

## 2.8.4

## 2.8.3
Expand Down
2 changes: 1 addition & 1 deletion federation-integration-testsuite-js/package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "apollo-federation-integration-testsuite",
"private": true,
"version": "2.8.4",
"version": "2.9.0",
"description": "Apollo Federation Integrations / Test Fixtures",
"main": "dist/index.js",
"types": "dist/index.d.ts",
Expand Down
30 changes: 30 additions & 0 deletions gateway-js/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,35 @@
# CHANGELOG for `@apollo/gateway`

## 2.9.0

### Patch Changes

- Avoid type explosion for inline fragments where the type condition is an interface that implements the parent type. ([#3122](https://github.com/apollographql/federation/pull/3122))

- Reduce memory overhead during satisfiability checking when there are many options. ([#3109](https://github.com/apollographql/federation/pull/3109))

- Updated dependencies [[`02c2a34a62c3717a4885449172e404f19ebf66c9`](https://github.com/apollographql/federation/commit/02c2a34a62c3717a4885449172e404f19ebf66c9), [`0ccfd937d4b4a576f890665ceebbd7986fac5d0c`](https://github.com/apollographql/federation/commit/0ccfd937d4b4a576f890665ceebbd7986fac5d0c), [`e0a5075c0d12a0e2f7ef303b246e3216a139d3e0`](https://github.com/apollographql/federation/commit/e0a5075c0d12a0e2f7ef303b246e3216a139d3e0)]:
- @apollo/[email protected]
- @apollo/[email protected]
- @apollo/[email protected]

## 2.8.5

## 🔒 Security

### CVE-2024-43414: Prevent uncontrolled recursion for complex queries

Correct a bug where complex queries can cause uncontrolled recursion due to failure to reduce the number of possible query plans (classified as [CWE-674](https://cwe.mitre.org/data/definitions/674.html)). ([#3128](https://github.com/apollographql/federation/pull/3128))

This weakness impacts all v2 versions of `@apollo/gateway` prior to this release. See the associated Github Advisory, [GHSA-fmj9-77q8-g6c4](https://github.com/apollographql/federation/security/advisories/GHSA-fmj9-77q8-g6c4), for more information.

##

- Updated dependencies [[`926cbb7949200e12b81100a07fa3438b5ae9efd0`](https://github.com/apollographql/federation/commit/926cbb7949200e12b81100a07fa3438b5ae9efd0)]:
- @apollo/[email protected]
- @apollo/[email protected]
- @apollo/[email protected]

## 2.8.4

### Patch Changes
Expand Down
8 changes: 4 additions & 4 deletions gateway-js/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@apollo/gateway",
"version": "2.8.4",
"version": "2.9.0",
"description": "Apollo Gateway",
"author": "Apollo <[email protected]>",
"main": "dist/index.js",
Expand All @@ -25,9 +25,9 @@
"access": "public"
},
"dependencies": {
"@apollo/composition": "2.8.4",
"@apollo/federation-internals": "2.8.4",
"@apollo/query-planner": "2.8.4",
"@apollo/composition": "2.9.0",
"@apollo/federation-internals": "2.9.0",
"@apollo/query-planner": "2.9.0",
"@apollo/server-gateway-interface": "^1.1.0",
"@apollo/usage-reporting-protobuf": "^4.1.0",
"@apollo/utils.createhash": "^2.0.0",
Expand Down
14 changes: 14 additions & 0 deletions internals-js/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,19 @@
# CHANGELOG for `@apollo/federation-internals`

## 2.9.0

### Minor Changes

- Implements two new directives for defining custom costs for demand control. The `@cost` directive allows setting a custom weight to a particular field in the graph, overriding the default cost calculation. The `@listSize` directive gives the cost calculator information about how to estimate the size of lists returned by subgraphs. This can either be a static size or a value derived from input arguments, such as paging parameters. ([#3074](https://github.com/apollographql/federation/pull/3074))

### Patch Changes

- Reduce memory overhead during satisfiability checking when there are many options. ([#3109](https://github.com/apollographql/federation/pull/3109))

- Fix issue where variable was not passed into subgraph when embedded in a fragment ([#3119](https://github.com/apollographql/federation/pull/3119))

## 2.8.5

## 2.8.4

### Patch Changes
Expand Down
2 changes: 1 addition & 1 deletion internals-js/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@apollo/federation-internals",
"version": "2.8.4",
"version": "2.9.0",
"description": "Apollo Federation internal utilities",
"main": "dist/index.js",
"types": "dist/index.d.ts",
Expand Down
32 changes: 16 additions & 16 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 16 additions & 0 deletions query-graphs-js/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,21 @@
# CHANGELOG for `@apollo/query-graphs`

## 2.9.0

### Patch Changes

- Avoid type explosion for inline fragments where the type condition is an interface that implements the parent type. ([#3122](https://github.com/apollographql/federation/pull/3122))

- Updated dependencies [[`02c2a34a62c3717a4885449172e404f19ebf66c9`](https://github.com/apollographql/federation/commit/02c2a34a62c3717a4885449172e404f19ebf66c9), [`0ccfd937d4b4a576f890665ceebbd7986fac5d0c`](https://github.com/apollographql/federation/commit/0ccfd937d4b4a576f890665ceebbd7986fac5d0c), [`e0a5075c0d12a0e2f7ef303b246e3216a139d3e0`](https://github.com/apollographql/federation/commit/e0a5075c0d12a0e2f7ef303b246e3216a139d3e0)]:
- @apollo/[email protected]

## 2.8.5

### Patch Changes

- Updated dependencies []:
- @apollo/[email protected]

## 2.8.4

### Patch Changes
Expand Down
4 changes: 2 additions & 2 deletions query-graphs-js/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@apollo/query-graphs",
"version": "2.8.4",
"version": "2.9.0",
"description": "Apollo Federation library to work with 'query graphs'",
"main": "dist/index.js",
"types": "dist/index.d.ts",
Expand All @@ -23,7 +23,7 @@
"node": ">=14.15.0"
},
"dependencies": {
"@apollo/federation-internals": "2.8.4",
"@apollo/federation-internals": "2.9.0",
"deep-equal": "^2.0.5",
"ts-graphviz": "^1.5.4",
"uuid": "^9.0.0"
Expand Down
26 changes: 26 additions & 0 deletions query-planner-js/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,31 @@
# CHANGELOG for `@apollo/query-planner`

## 2.9.0

### Patch Changes

- Fix issue where variable was not passed into subgraph when embedded in a fragment ([#3119](https://github.com/apollographql/federation/pull/3119))

- Updated dependencies [[`acfe3193429c7f99b4fc564b20828aaa8659a75c`](https://github.com/apollographql/federation/commit/acfe3193429c7f99b4fc564b20828aaa8659a75c), [`02c2a34a62c3717a4885449172e404f19ebf66c9`](https://github.com/apollographql/federation/commit/02c2a34a62c3717a4885449172e404f19ebf66c9), [`0ccfd937d4b4a576f890665ceebbd7986fac5d0c`](https://github.com/apollographql/federation/commit/0ccfd937d4b4a576f890665ceebbd7986fac5d0c), [`e0a5075c0d12a0e2f7ef303b246e3216a139d3e0`](https://github.com/apollographql/federation/commit/e0a5075c0d12a0e2f7ef303b246e3216a139d3e0)]:
- @apollo/[email protected]
- @apollo/[email protected]

## 2.8.5

## 🔒 Security

### CVE-2024-43414: Prevent uncontrolled recursion for complex queries

Correct a bug where complex queries can cause uncontrolled recursion due to failure to reduce the number of possible query plans (classified as [CWE-674](https://cwe.mitre.org/data/definitions/674.html)). ([#3128](https://github.com/apollographql/federation/pull/3128))

This weakness impacts all v2 versions of `@apollo/query-planner` prior to this release. See the associated Github Advisory, [GHSA-fmj9-77q8-g6c4](https://github.com/apollographql/federation/security/advisories/GHSA-fmj9-77q8-g6c4), for more information.

##

- Updated dependencies []:
- @apollo/[email protected]
- @apollo/[email protected]

## 2.8.4

### Patch Changes
Expand Down
Loading
Loading