[Snyk] Security upgrade apollo-datasource-rest from 0.6.11 to 3.7.0

[Skitionek]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	Yes	Proof of Concept
	539/1000 Why? Has a fix available, CVSS 6.5	Information Exposure SNYK-JS-NODEFETCH-2342118	Yes	No Known Exploit
	520/1000 Why? Has a fix available, CVSS 5.9	Denial of Service SNYK-JS-NODEFETCH-674311	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: apollo-datasource-rest

The new version differs by 250 commits.

• c8ebdc7 Release
• ade3a0f Update CHANGELOG before publish
• 8838d4a chore(deps): update dependency @ types/async-retry to v1.4.5 (#6833)
• 8cc8437 Rename property for RESTDataSource (#6834)
• 3b017c6 [apollo-datasource-rest] Add option to disable GET cache (#6650)
• 1bd0d0b chore(deps): update all non-major dependencies (#6832)
• 9389da7 chore(deps): update dependency @ types/lodash to v4.14.183 (#6821)
• efeb74b chore(deps): update all non-major dependencies (#6811)
• f678cc3 renovate.json5: fix spell check
• 7983343 renovate: add comments
• 96b917b renovate: pin gateway versions
• bf2346e chore(deps): update dependency rollup to v2.77.3 (#6796)
• fd07f45 chore(deps): update all non-major dependencies (#6793)
• e6097d6 Release
• 68a439b Merge pull request from GHSA-2fvv-qxrq-7jq6
• 27ded2a chore(deps): update dependency @ types/aws-lambda to v8.10.102 (#6790)
• d171c05 renovate: pin @ graphql-tools/schema to v8 for AS3
• 8353514 chore(deps): update all non-major dependencies to v8.7.2 (#6782)
• 3f218e7 chore(deps): update dependency @ graphql-codegen/typescript-operations to v2.5.3 (#6773)
• 1058a13 chore(deps): update dependency @ rollup/plugin-commonjs to v22.0.2 (#6769)
• 6140880 Usage reporting: fix TS declaration of fieldLevelInstrumentation (#6763)
• bd49975 Update error message when graph ref and variant are specified (#6709)
• 10bc167 chore(deps): update all non-major dependencies (#6743)
• 3bfe4e5 chore(deps): update dependency rollup to v2.77.2 (#6739)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)