java-packages/graphql-java
SHA256
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
graphql-java/graphql-java.changes
Fridrich Strba 697d912475 Accepting request 1159820 from home:urbic:branches:Java:packages 
- Update to v21.4
  * This is a special release to help control introspection
    queries. This release adds a default check for introspection
    queries, to check that they are sensible. This feature is a
    backport of #3526 and #3527. This release also adds an optional
    maximum result nodes limit, which is a backport of #3525.
  * What's Changed
    + 21.x Backport PR 3526 and PR 3527 by @dondonz in #3529
    + 21.x backport 3525 max result nodes by @dondonz in #3528
- Modify patch:
  * java8.patch
    + add some new occurrences

OBS-URL: https://build.opensuse.org/request/show/1159820
OBS-URL: https://build.opensuse.org/package/show/Java:packages/graphql-java?expand=0&rev=8
2024-03-21 08:39:20 +00:00

384 lines
18 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Wed Mar 20 11:41:11 UTC 2024 - Anton Shvetz <shvetz.anton@gmail.com>
- Update to v21.4
* This is a special release to help control introspection
queries. This release adds a default check for introspection
queries, to check that they are sensible. This feature is a
backport of #3526 and #3527. This release also adds an optional
maximum result nodes limit, which is a backport of #3525.
* What's Changed
+ 21.x Backport PR 3526 and PR 3527 by @dondonz in #3529
+ 21.x backport 3525 max result nodes by @dondonz in #3528
- Modify patch:
* java8.patch
+ add some new occurrences
-------------------------------------------------------------------
Wed Feb 21 10:44:23 UTC 2024 - Gus Kenion <gus.kenion@suse.com>
- Use %patch -P N instead of deprecated %patchN.
-------------------------------------------------------------------
Sat Oct 28 23:32:31 UTC 2023 - Anton Shvetz <shvetz.anton@gmail.com>
- Update to v21.3
* A small bugfix release on top of 21.2, which includes correct
unwrapping of non-null input types for @oneOf.
* What's Changed
@OneOf handles non-null inputs by @felipe-gdr in #3353
- Update to v21.2
* This is a release with new features and bugfixes. There are no
breaking changes.
* What's Changed
+ Add max depth option to ExecutableNormalizedOperationFactory
by @gnawf in #3268
+ Handle repeated query directives by @gnawf in #3270
+ Update readme by @dondonz in #3273
+ Wrap NumberFormatException by @arthurscchan in #3282
+ Bump org.openjdk.jmh:jmh-core from 1.36 to 1.37 by
@dependabot in #3289
+ Bump com.google.guava:guava from 32.1.1-jre to 32.1.2-jre by
@dependabot in #3284
+ Bump org.openjdk.jmh:jmh-generator-annprocess from 1.36 to
1.37 by @dependabot in #3290
+ deprecated default value method produces bad results by
@bbakerman in #3286
+ write query directives from ENF to AST by @russellyou in
#3295
+ Add SchemaPrinter AST comments support by @vadimofd in #3287
+ Bug 3276 - default values not being used correctly during
validation by @bbakerman in #3278
+ Experimental - oneOf directive support by @bbakerman in #3275
+ add directiveName as property to
AppliedDirectiveLocationDetail by @faizan-siddiqui in #3297
+ Schema Printer - add deprecation reason printing and fix
missing deprecated directive on argument by @vadimofd in
#3298
+ Added support for async create state in instrumentmentations
by @bbakerman in #3302
+ The last Java unit test by @bbakerman in #3305
+ Permit parent restricted nodes to map to isolated nodes by
@gnawf in #3304
+ Bump org.codehaus.groovy:groovy from 3.0.18 to 3.0.19 by
@dependabot in #3307
+ Use the non deprecated method in InstrumentationExamples.java
by @appreciated in #3265
+ Update security policy by @dondonz in #3316
+ guava version fix for master by @bbakerman in #3321
+ Bump actions/checkout from 3 to 4 by @dependabot in #3325
+ ES errors test to lock in current behavior by @bbakerman in
#3327
+ Fix OSGi bundle manifest by @geichelberger in #3313
+ Allow schema diff to use SDL document to enforce directives
by @ndejaco2 in #3344
+ The ability to get the source location of a schema element by
@bbakerman in #3340
+ Bump com.fasterxml.jackson.core:jackson-databind from 2.15.2
to 2.15.3 by @dependabot in #3350
+ Build cache fixes by @Duhemm in #3335
+ Issue 3332 - overlapping aliases should be prevented by
@bbakerman in #3334
+ #3267 clear directives schema usage bug fix by @bbakerman in
#3272
+ removed synchronised from code base as much as possible for
VT by @bbakerman in #3317
+ Update DataLoader to 3.2.1 by @dondonz in #3351
- Modify patch:
* java8.patch
+ supplemented
-------------------------------------------------------------------
Tue Sep 12 02:29:05 UTC 2023 - Anton Shvetz <shvetz.anton@gmail.com>
- Update to v21.1
* This is a bugfix release, which includes two recent default
value fixes.
* What's Changed
+ 21.x Cherry pick pull request #3286 by @dondonz in #3315
+ 21.x cherry pick of #3278 default value bugfix by @dondonz in
#3314
+ guava version fix for 21.x by @bbakerman in #3322
- Reproducible builds: use SOURCE_DATE_EPOCH for timestamp
-------------------------------------------------------------------
Fri Sep 1 12:20:23 UTC 2023 - Fridrich Strba <fstrba@suse.com>
- Added patch:
* java8.patch
+ keep Java 8 compatibility and build with -release 8
-------------------------------------------------------------------
Fri Jul 14 13:48:23 UTC 2023 - Anton Shvetz <shvetz.anton@gmail.com>
- Update to v21.0
* Breaking Changes
+ Upgraded to Java 11. graphql-java now requires Java 11 as a
minimum version. See the blog announcing the change. For
those who need time to upgrade to Java 11, keep in mind we
will support graphql-java 20.x (with Java 8) for a short
period as per our release policy. If you are wondering why we
are not on a later version, graphql-java has always been
conservative on its base JVM version to allow the widest
possible set of consumers.
+ Reverted stricter scalar parseValue coercion, added
monitoring and interceptor callback. v20.0 introduced a
stricter set of scalar parseValue coercions - for example
previously an Integer would accept a string if it parsed into
a number but that was removed and a more strict system was
put in place. While technically more correct, and consistent
with the graphql-js reference implementation, in practice
this proved problematic for some consumers. So this more
stricter parseValue coercion was reverted in v20.3. We would
like to re-introduce this more strict scalar parseValue
conversion in the future and to that end we have introduced a
graphql.execution.values.InputInterceptor callback that
allows you to observe what values you are receiving and
potentially do special tweaking of those values. A
graphql.execution.values.legacycoercing.LegacyCoercingInputInterceptor
implementation will convert old less strict values into then
more strict values for example. If you had problems with
scalar values we urge you to use the new InputInterceptor to
learn what less strict values are coming into your systems
and fix them up. That way, when a future version
re-introduces the more strict (and more correct) coercion
then you will be prepared.
+ Static recordLike() methods no longer supported. In v20, the
PropertyDataFetcher would read property values from
recordLike() methods on objects even if they were static
methods. This caused problems for some users and after
considering how to fix it and talking to some our major
consumers like the Spring team, we decided to remove this
behavior. On balance we think this will lead to a better
outcome over the long term. This is a breaking change for
those who might have relied on a static recordLike() method
being called for a property.
* Removal of old deprecated methods and classes
+ The following PRs removed old deprecated methods and class.
The changes are breaking ones but these have been deprecated
for a long time.
~ #3232
~ #3231
+ Other small breaking changes. A very minor breaking change is
that graphql.execution.ExecutionStrategy had a protected
method protected Iterable<Object> toIterable(Object result)
which really is a utility method and not designed for
overriding. graphql.util.FpKit#toIterable is the preferred
replacement.
* What's new in v21
+ ExecutableNormalisedXXX is now public API. The
graphql.normalized.ExecutableNormalizedOperation and
graphql.normalized.ExecutableNormalizedField code is now
public API. This API allows you to represent what MAY be
executed given a schema and a valid GraphQL query. This code
is not intended for general consumption but perhaps you are
writing a framework based on graphql-java and need to have a
powerful representation of what would be executed, then these
classes are for you. This allows you to write specialized
code (such as a new execution engine or perhaps a federated
GraphQL engine like say Nadel) based on these tree like
representations of a normalized and executable query.
+ Building extensions in data fetchers. There is a new
graphql.extensions.ExtensionsBuilder that allows data fetcher
callbacks to add extension values into the final result.
Since extensions are a map and there could be merge conflicts
on values, a graphql.extensions.ExtensionsMerger interface is
provided to handle these conflicts and a default
graphql.extensions.DefaultExtensionsMerger is provided. This
is available via the graphql.GraphQLContext and is put in
there by default so data fetchers can rely on it being
present. At the end of the request the ExtensionsBuilder is
called to build out a final map of extensions which is placed
in the graphql.ExecutionResult.
+ A smarter schema visitor API. A new
graphql.schema.visitor.GraphQLSchemaVisitor has been created
that is more domain specific around visiting GraphQL schemas.
The old graphql.schema.GraphQLTypeVisitor worked however it
is very generic in nature and is not domain specific to
schemas. The new API improves how you can visit schemas and
the callbacks have better schema domain information provided
on them. Also the
graphql.schema.visitor.GraphQLSchemaVisitorEnvironment is
better than older alternative with clearer return methods
like changeNode() or deleteNode() and so on for controlling
how the visitor works. This is an adaptor to
GraphQLTypeVisitor and hence can be used by the existing
graphql.schema.SchemaTraverser and
graphql.schema.SchemaTransformer classes (which expect a
GraphQLTypeVisitor) via a small call to
graphql.schema.visitor.GraphQLSchemaVisitor#toTypeVisitor.
+ Performance improvements. As always, we have tried to include
some performance improvements in the release. One area of
note is avoiding unnecessary CompletableFuture allocations
when they are not needed.
+ Other things. The QueryComplexity calculator has been broken
out into its own class and can be used outside the original
graphql.analysis.MaxQueryComplexityInstrumentation context.
The graphql.execution.DataFetcherResult#map method was added
to allow better functional mapping of results.
* All Changes
+ Correct diff when argument is "moved" and the type is changed
by @gnawf in #3156
+ Check for default value changes by @gnawf in #3157
+ Bump com.google.guava:guava from 31.0.1-jre to 31.1-jre by
@dependabot in #3134
+ Bump biz.aQute.bnd.builder from 6.3.1 to 6.4.0 by @dependabot
in #3135
+ Better javadoc on how code is found during SchemaGeneration
by @bbakerman in #3162
+ Fix edge case with bad argument renamed by @gnawf in #3164
+ Bump actions/setup-java from 1 to 3 by @dependabot in #3124
+ Upgrade to Java 11 (round 2) by @dondonz in #3165
+ Bump com.github.javafaker:javafaker from 0.13 to 1.0.2 by
@dependabot in #3167
+ cleanup schema diffing code, add comments by @andimarek in
#3170
+ upgrade to gradle 8.0.2 by @andimarek in #3171
+ Bump io.github.gradle-nexus.publish-plugin from 1.1.0 to
1.3.0 by @dependabot in #3137
+ Bump com.github.johnrengelman.shadow from 7.1.2 to 8.1.1 by
@dependabot in #3152
+ Bump org.testng:testng from 6.1.1 to 7.7.1 by @dependabot in
#3127
+ Remove long deprecated method by @dondonz in #3092
+ Bump org.awaitility:awaitility-groovy from 3.1.6 to 4.2.0 by
@dependabot in #3166
+ Bump org.openjdk.jmh:jmh-core from 1.35 to 1.36 by
@dependabot in #3178
+ Bump com.fasterxml.jackson.core:jackson-databind from 2.13.1
to 2.14.2 by @dependabot in #3179
+ Bump com.google.code.gson:gson from 2.8.9 to 2.10.1 by
@dependabot in #3177
+ Fix description changes causing renames by @gnawf in #3182
+ Bump org.openjdk.jmh:jmh-generator-annprocess from 1.35 to
1.36 by @dependabot in #3176
+ The ability to get query directives in ENF land by @bbakerman
in #3048
+ Allow DataFetcherResult to set extension values during
execution by @bbakerman in #3123
+ Bump org.eclipse.jetty:jetty-server from 9.4.26.v20200117 to
11.0.14 by @dependabot in #3180
+ Revert stricter scalar parseValue coercion by @dondonz in
#3186
+ Bump org.eclipse.jetty:jetty-server from 11.0.14 to 11.0.15
by @dependabot in #3189
+ Bump me.champeau.jmh from 0.7.0 to 0.7.1 by @dependabot in
#3190
+ improve schema diffing performance by @andimarek in #3172
+ Schema diff optimizing by @andimarek in https://git...
- Update to v20.4
* This is a special release with only one commit: updating the
version of Guava to 32.0.0 to address CVE-2023-2976.
graphql-java shades in selected classes of Guava. Although this
library does not use any of the code described in the CVE, we
received reports in #3239 that the Guava POM inside the jar was
incorrectly triggering security scanners. We'd prefer to keep
those security scanners happy and upgrade the Guava version.
* What's Changed
+ Update Guava version for v20 by @dondonz in #3245
- Update to v20.3
* This is a special release with only one commit: reverting
stricter parseValue scalar coercion. It is a backport of #3186
We received feedback that the stricter coercion was difficult
without a migration pathway. The next release will include an
input interceptor to enable monitoring and/or custom
modification of inputs.
* What's Changed
+ Add backport of scalar coercion reversion PR #3186 by
@dondonz in #3230
-------------------------------------------------------------------
Sun Apr 9 22:17:48 UTC 2023 - Anton Shvetz <shvetz.anton@gmail.com>
- Update to v20.2
* This is a security bugfix release containing #3148, which adds
a limit to the number of characters used in an operation. There
are no breaking changes in this release.
* What's Changed
+ Diffing fixes 2 by @gnawf in #3146
+ Fix argument added to new type by @gnawf in #3150
+ Show test failures in builds by @bbakerman in #3151
+ Fix applied argument deleted on field by @gnawf in #3154
+ Have a limit on how many characters are presented to the
Parser by @bbakerman in #3148
- Update to v20.1
* This is a feature and bugfix release. There are no breaking
changes in this release. This release continues to use Java 8.
This release includes a security fix #3112 which adds a limit
to the depth of grammar rules, to prevent stack overflow.
* Highlights
+ #3095 improves resiliency to class loader problems with
LambdaMetafactory.
+ #3049 adds an extensions builder and merger.
* Release policy
+ We have formalised our release schedule to give the community
a better idea of when to expect releases, what will be
contained within them, and when important fixes will be
backported. See the full details at
https://www.graphql-java.com/blog/release-policy
* What's Changed
+ docs: update badges for v20 release by @setchy in #3047
+ Update FieldValidationInstrumentation.java by @kfwerf in
#3066
+ Update vulnerability reporting instructions by @dondonz in
#3070
+ Fix extend schema directives ANTLR rule by @dondonz in #3071
+ Allow users to disable MultiSourceReader trackData through
ParserOptions by @AntaresS in #3062
+ Add missing getter and fix name consistency by @gnawf in
#3073
+ use toolchain to specify the java version by @andimarek in
#3075
+ Fix isNameChanged by @gnawf in #3076
+ Update instrumentation example in documentation by @dondonz
in #3078
+ Reuse ExecutionStrategyInstrumentationContext.NOOP in
DataLoaderDispatcherInstrumentation by @dfa1 in #3068
+ Add missing this keyword for readability by @cookieMr in
#3067
+ defaulting the deprecated methods in Coercing by @bbakerman
in #3063
+ Add missing detail by @gnawf in #3079
+ Updating the JavaDoc http links by @bbakerman in #3083
+ An Extensions Builder by @bbakerman in #3049
+ Use ImmutableList.builderWithExpectedSize in
ImmutableKit.mapAndDropNulls too by @dfa1 in #3081
+ Resolve TypeReferences in schema applied directives by
@kaqqao in #3054
+ Remove sun.misc.* from MANIFEST.MF by @dondonz in #3091
+ Replace javax nullable annotations with JetBrains equivalent
by @dondonz in #3093
+ Ensured that the MANIFEST.MF files is the first entry in the
JAR File by @schaefa in #3097
+ Fix type change and directive deletion problems in schema
diffing by @gnawf in #3102
+ Handle enum value rename by @gnawf in #3103
+ Bugfix: do not use default operation name types if not
included in schema definition block by @dondonz in #3088
+ Adding ExtensionsBuilder in the graphql context by default by
@bbakerman in #3085
+ Meta Lambda failures - make the code more resilient to class
loader challenges by @bbakerman in #3095
+ Gracefully returning null in cases of UnresolvedTypeException
by @ahmadizm in #3122
+ Add dependabot configuration by @yeikel in #3115
+ Bump org.jetbrains:annotations from 23.0.0 to 24.0.1 by
@dependabot in #3125
+ Remove unused dependencies by @dondonz in #3132
+ Bump actions/checkout from 1 to 3 by @dependabot in #3126
+ Bump google-github-actions/auth from 0.4.0 to 1.0.0 by
@dependabot in #3129
+ Bump org.codehaus.groovy:groovy from 3.0.9 to 3.0.16 by
@dependabot in #3131
+ Add manual stop on schema diffing algorithm by @gnawf in
#3119
+ Preventing stack overflow exceptions via limiting the depth
of the parser rules by @bbakerman in #3112
+ UniqueObjectFieldName validation rule (#1806) by @ashatch in
#3094
-------------------------------------------------------------------
Fri Jan 27 01:07:14 UTC 2023 - Anton Shvetz <shvetz.anton@gmail.com>
- Initial packaging with v20.0
Reference in New Issue View Git Blame Copy Permalink