Skip to content

Release v1.2.1

Choose a tag to compare

View all tags
@github-actions github-actions released this 13 Jun 04:34
· 94 commits to main since this release
v1.2.1
79cc1ec
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • fix(directives): add width ceiling to @center to prevent memory DoS (HIGH-2) (e658607)
  • fix(cache): include GET query params in fetch_cache_key hash (HIGH-1) (0d36950)
  • docs(subscriptions): correct broadcast scheduling description (R3) (0cd9941)
  • fix(subscriptions): log fire-and-forget group_send failures via done-callback (R2) (5ee380d)
  • fix(directives): bound digit-string length before int() in _extract_width_precision (R1) (06043f7)
  • style+ci: apply ruff formatting and fix tox cov-fail-under override (7beffe1)
  • fix(polish): apply LOW audit findings L1/L2/L3 (fe93c5d)
  • fix(subscriptions): remove blocking executor from _safe_group_send ASGI path (H3) (9050198)
  • fix(directives): close @Number DoS bypass for digit-fill+align specs (H2) (8826360)
  • fix(cache): heal string-token poison in _bump_cache_version (H1) (80be83d)
  • test: skip SafeGroupSendTest on channels-free base-install (11befcd)
  • test: make CheckConstraint kwarg compatible across Django 4.2–6.0 (df6721e)
  • style: apply ruff formatting to test_optimizer_perf.py (0984154)
  • ci: drop duplicate release notes and freeze uv sync (0607280)
  • docs: consolidate perform_mutate, fix imports and cross-links (72b1dc2)
  • chore: regenerate uv.lock for v1.2.1 (d3d65fa)
  • docs(changelog): fix settings namespace and @Date argument name (fafe8d1)
  • style: ruff-format and ruff-check fixes in new test files (06a6217)
  • test(coverage): close patch-diff gap to 100% — pragma guards + targeted tests (d41ad8b)
  • fix(subscriptions): replace per-call ThreadPoolExecutor with module-level singleton (83f13f7)
  • fix(directives): @Number blames value vs spec correctly in separate try blocks (9e38e98)
  • fix(views): correct double-encoded batch error, incr-based cache versioning, assert→HttpError, batch+cache bypass (5309de8)
  • fix(ci): annotate intentional except-pass blocks for bandit; pin bandit (6502e53)
  • fix(subscriptions): accept the document kwarg in execute_graphql_request override (354994b)
  • docs(types): fix residual Meta.fields → only_fields in DjangoInputObjectType examples (f436afb)
  • fix(optimizer): honor @skip/@include in _walk_filtered_prefetches (6f869df)
  • style(playground): apply ruff format to blog schema (e625308)
  • docs(changelog): add 1.2.1 release notes (43954de)
  • docs(playground): fix MAX_QUERY_DEPTH description, URL references, pyproject comment; link from main README and quickstart (e7360fa)
  • fix(playground): add permission imports, public field path, IntegrityError handling, URL trailing-slashes (e88e806)
  • docs(security): fix broken anchor http--view-hardening -> http-view-hardening in security.md (44939d8)
  • docs(nav,optimizer,changelog): B22 remove api/utils.md + nav entry, B15 custom resolver example, Part C depth-on-mutations note, 1.0.0 Django range clarification (5bfd2b9)
  • docs(directives,subscriptions,examples,readme): B16 middleware required note, B18 demultiplexer note, B19 split mutation tab groups, B21 date response tab, A5 CACHE_ACTIVE default note (9dcd185)
  • docs(pagination,migration,backends): B9 page_size_query_param semantics, B10 cursor single-field note, B11 related settings box, B1 migration steps bullets, B5 backend limits expansion (5d191fa)
  • docs(fields,mutations): B2 WHY notes, B7 client tab, B14 DjangoNestedListObjectField, B20 nested UPDATE examples, B4+B8 Pydantic consolidation, Part C mutation depth/optimizer (f0acd55)
  • docs(types): fix A1 only_fields/exclude_fields drift, A2 ListField warning, A4 union/interface API ref, B3 stream sub note, B4 remove Pydantic section (8b6bb4d)
  • test: remove guardian ghost backend, Faker factory, fix hardcoded assertions (473ec34)
  • test(tox): remove duplicate --cov flags from tox [testenv] command (3768d6c)
  • ci: SHA-pin all GitHub Actions in cicd.yaml and docs.yml (e6028b8)
  • fix(packaging): sdist allowlist, py.typed, importlib version, dep caps, metadata (305e729)
  • test(packaging): add failing tests for version importlib source, version 1.2.1, py.typed (3639add)
  • docs(optimizer): note selection-aware mutation re-read optimization (v1.2.1) (0b95f08)
  • perf(optimizer): request-scoped field-map memoization and optimized mutation re-read (e04141a)
  • test(optimizer): add failing tests for #20 — field-map memoization and mutation re-read N+1 (340e81f)
  • style(tests): ruff format test_issue_19_core_consistency (a59f63d)
  • fix(exports): add Registry and DjangoNestedListObjectField to public init (7f0a3c5)
  • fix(converter): make field ordering unconditional — remove DEBUG gate (26ff7fd)
  • test(core): add failing tests for #19 — unconditional ordering, public exports, MultiSelectField, ArrayField (245123f)
  • docs(mutations): document M2M add-vs-set divergence, explicit-null limitation, perform_mutate behavior (3b17093)
  • fix(mutations): custom-pk delete attname, isinstance enum unwrap (0f25f5c)
  • test(mutations): add failing tests for #18 — custom-pk delete, enum isinstance, perform_mutate pin (e50e907)
  • fix(pagination): explicit page validation, safe cursor decoding, conditional count (b6830c7)
  • test(pagination): add failing tests for #17 — page=0, tampered cursor, conditional COUNT (c3c5527)
  • fix(directives): cap @Number format spec, real ISO 8601 dates, DST-aware time-ago, UTF-8 base64 (d617bf7)
  • test(directives): add failing tests for #16@Number DoS, ISO date, DST time-ago, UTF-8 base64 (395f8e9)
  • fix(views): batch limit, GraphiQL SRI, AST introspection detection, single-parse cost (e82470b)
  • test(views): add failing tests for batch limit, GraphiQL SRI, AST introspection, single-parse cost (170e2c3)
  • fix(subscriptions): back the channel registry with the Django cache (46d37ee)
  • fix(tests): remove spurious asyncio mark from sync tests in test_security (6dc460c)
  • fix(subscriptions): extract session_key from context for HTTP view; normalize None/empty ownership (850856e)
  • fix(subscriptions): channel ownership guard, filter validation and delivery hardening (e0d8b67)
  • test(subscriptions): add failing security tests for channel ownership, filter validation and hardening (c25b6be)
  • style(tests): ruff format test_unique_constraint_validation (bc116f0)
  • docs(native): document UniqueConstraint validation and conditional-constraint limits (d1ba0e6)
  • fix(native): validate UniqueConstraint and exclude MTI parent links (16284e9)
  • test(native): add failing tests for UniqueConstraint validation and MTI parent_link exclusion (bfe3b83)
  • style(tests): remove unused imports from test_skip_include_directives (e8816c5)
  • docs(directives): document @skip/@include behavior in cost/depth and optimizer (fee3911)
  • fix(validation): honor @skip/@include in cost, depth, and optimizer walks (5111261)
  • test(directives): add failing tests for @skip/@include in cost, depth, optimizer (43c41da)
  • ci: run the test pipeline for release tracker branches (dd62b60)
  • docs(nav): register the caching guide in the site nav (10d6e20)
  • docs(cache): document identity-keying, version-counter invalidation, parse guard (581fe05)
  • fix(cache): identity-salted key, namespace invalidation, parse guard, sentinel, prefix typo (e8c8dff)
  • test(cache): add failing tests for cross-user leak, parse guard, sentinel (4759e92)

Installation

pip install django-graphex==1.2.1

Full Changelog: v1.2.0...v1.2.1

Contributors

include, Date, and 2 other contributors
Assets 2
Loading