fix(deps): update apollo graphql packages

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@apollo/gateway	2.4.0 -> 2.4.7
@apollo/server	4.5.0 -> 4.7.3
@apollo/server	4.7.1 -> 4.7.3
@apollo/subgraph	2.4.0 -> 2.4.7

---

Release Notes

apollographql/federation (@​apollo/gateway)

v2.4.7

Compare Source

Patch Changes

• Re-work the code use to try to reuse query named fragments to improve performance (thus sometimes improving query (#​2604)
  planning performance), to fix a possibly raised assertion error (with a message of form like Cannot add selection of field X to selection set of parent type Y), and to fix a rare issue where an interface or union field was not being
  queried for all the types it should be.
• Updated dependencies [2d44f346]:
  • @​apollo/query-planner@​2.4.7
  • @​apollo/composition@​2.4.7
  • @​apollo/federation-internals@​2.4.7

v2.4.6

Compare Source

Patch Changes

• Updated dependencies [5cd17e69, 8ca107ac, e136ad87]:
  • @​apollo/query-planner@​2.4.6
  • @​apollo/federation-internals@​2.4.6
  • @​apollo/composition@​2.4.6

v2.4.5

Compare Source

Patch Changes

• Supersedes v2.4.4 due to a publishing error with no dist/ folder (#​2583)

• Updated dependencies [c96e24c4]:

  • @​apollo/composition@​2.4.5
  • @​apollo/federation-internals@​2.4.5
  • @​apollo/query-planner@​2.4.5

v2.4.4

Compare Source

Patch Changes

• Fix incorrect import the assert function in the DataRewrite.ts. The incorrect method was imported (due to a bad (#​2581)
  import auto-completion) and went unnoticed, leading to potential build issue.
• Updated dependencies [cb7f414d]:
  • @​apollo/query-planner@​2.4.4
  • @​apollo/composition@​2.4.4
  • @​apollo/federation-internals@​2.4.4

v2.4.3

Compare Source

Patch Changes

• Updated dependencies [f6a8c1ce]:
  • @​apollo/query-planner@​2.4.3
  • @​apollo/federation-internals@​2.4.3
  • @​apollo/composition@​2.4.3

v2.4.2

Compare Source

Patch Changes

• Fix potential bug when an @interfaceObject type has a @requires. When an @interfaceObject type has a field with a (#​2524)
  @requires and the query requests that field only for some specific implementations of the corresponding interface,
  then the generated query plan was sometimes invalid and could result in an invalid query to a subgraph (against a
  subgraph that rely on @apollo/subgraph, this lead the subgraph to produce an error message looking like "The _entities resolver tried to load an entity for type X, but no object or interface type of that name was found in the schema").
• Updated dependencies [2c370508, 179b4602]:
  • @​apollo/composition@​2.4.2
  • @​apollo/federation-internals@​2.4.2
  • @​apollo/query-planner@​2.4.2

v2.4.1

Compare Source

Patch Changes

• Fix issues (incorrectly rejected composition and/or subgraph errors) with @interfaceObject. Those issues may occur (#​2494)
  either due to some use of @requires in an @interfaceObject type, or when some subgraph S defines a type that is an
  implementation of an interface I in the supergraph, and there is an @interfaceObject for I in another subgraph,
  but S does not itself defines I.

• Fix handling of aliases and variables in introspection queries. (#​2506)

• Start building packages with TS 5.x, which should have no effect on consumers (#​2480)

• Improves reuse of named fragments in subgraph fetches. When a question has named fragments, the code tries to reuse (#​2497)
  those fragment in subgraph fetches is those can apply (so when the fragment is fully queried in a single subgraph fetch).
  However, the existing was only able to reuse those fragment in a small subset of cases. This change makes it much more
  likely that if a fragment can be reused, it will be.

• Updated dependencies [450b9578, afde3158, eafebc3c, 01fe3f83]:

  • @​apollo/query-planner@​2.4.1
  • @​apollo/federation-internals@​2.4.1
  • @​apollo/composition@​2.4.1

apollographql/apollo-server

v4.7.3

Compare Source

Patch Changes

• #​7601 75b668d9e Thanks @​trevor-scheer! - Provide a new configuration option for landing page plugins precomputedNonce which allows users to provide a nonce and avoid calling into uuid functions on startup. This is useful for Cloudflare Workers where random number generation is not available on startup (only during requests). Unless you are using Cloudflare Workers, you can ignore this change.

  The example below assumes you've provided a PRECOMPUTED_NONCE variable in your wrangler.toml file.

  Example usage:

  const server = new ApolloServer({
    // ...
    plugins: [
      ApolloServerPluginLandingPageLocalDefault({
        precomputedNonce: PRECOMPUTED_NONCE,
      }),
    ],
  });

v4.7.2

Compare Source

Patch Changes

• #​7599 c3f04d050 Thanks @​trevor-scheer! - Update @apollo/utils.usagereporting dependency. Previously, installing @apollo/gateway and @apollo/server could result in duplicate / differently versioned installs of @apollo/usage-reporting-protobuf. This is because the @apollo/server-gateway-interface package was updated to use the latest protobuf, but the @apollo/utils.usagereporting package was not. After this change, users should always end up with a single install of the protobuf package when installing both @apollo/server and @apollo/gateway latest versions.

v4.7.1

Compare Source

Patch Changes

• #​7539 5d3c45be9 Thanks @​mayakoneval! - 🐛 Bug Fix for Apollo Server Landing Pages on Safari. A Content Security Policy was added to our landing page html so that Safari can run the inline scripts we use to call the Embedded Sandbox & Explorer.

v4.7.0

Compare Source

Minor Changes

• #​7504 22a5be934 Thanks @​mayakoneval! - In the Apollo Server Landing Page Local config, you can now opt out of the telemetry that Apollo Studio runs in the
  embedded Sandbox & Explorer landing pages. This telemetry includes Google Analytics for event tracking and
  Sentry for error tracking.

  Example of the new config option:

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    plugins: [
      process.env.NODE_ENV === 'production'
        ? ApolloServerPluginLandingPageProductionDefault({
            graphRef: 'my-graph-id@my-graph-variant',
            embed: {
              runTelemetry: false
            },
          })
        : ApolloServerPluginLandingPageLocalDefault({
            embed: {
              runTelemetry: false
            },
          }),
    ],
  });
  

v4.6.0

Compare Source

Minor Changes

• #​7465 1e808146a Thanks @​trevor-scheer! - Introduce new opt-in configuration option to mitigate v4 status code regression

  Apollo Server v4 accidentally started responding to requests with an invalid variables object with a 200 status code, where v3 previously responded with a 400. In order to not break current behavior (potentially breaking users who have creatively worked around this issue) and offer a mitigation, we've added the following configuration option which we recommend for all users.

  new ApolloServer({
    // ...
    status400ForVariableCoercionErrors: true,
  });

  Specifically, this regression affects cases where input variable coercion fails. Variables of an incorrect type (i.e. String instead of Int) or unexpectedly null are examples that fail variable coercion. Additionally, missing or incorrect fields on input objects as well as custom scalars that throw during validation will also fail variable coercion. For more specifics on variable coercion, see the "Input Coercion" sections in the GraphQL spec.

  This will become the default behavior in Apollo Server v5 and the configuration option will be ignored / no longer needed.

Patch Changes

• #​7454 f6e3ae021 Thanks @​trevor-scheer! - Start building packages with TS 5.x, which should have no effect for users

• #​7433 e0db95b96 Thanks @​KGAdamCook! - Previously, when users provided their own documentStore, Apollo Server used a random prefix per schema in order to guarantee there was no shared state from one schema to the next. Now Apollo Server uses a hash of the schema, which enables the provided document store to be shared if you choose to do so.

apollographql/federation (@​apollo/subgraph)

v2.4.7

Compare Source

Patch Changes

• Updated dependencies [2d44f346]:
  • @​apollo/federation-internals@​2.4.7

v2.4.6

Compare Source

Patch Changes

• Updated dependencies [5cd17e69, e136ad87]:
  • @​apollo/federation-internals@​2.4.6

v2.4.5

Compare Source

Patch Changes

• Supersedes v2.4.4 due to a publishing error with no dist/ folder (#​2583)

• Updated dependencies [c96e24c4]:

  • @​apollo/federation-internals@​2.4.5

v2.4.4

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.4.4

v2.4.3

Compare Source

Patch Changes

• Resolve Promise references before calling __resolveType on interface (#​2556)

  Since the introduction of entity interfaces, users could not return
  a Promise from __resolveReference while implementing a synchronous,
  custom __resolveType function. This change fixes/permits this use case.

  Additional background / implementation details:

  Returning a Promise from __resolveReference has historically never
  been an issue. However, with the introduction of entity interfaces, the
  calling of an interface's __resolveType function became a new concern.

  __resolveType functions expect a reference (and shouldn't be concerned
  with whether those references are wrapped in a Promise). In order to
  address this, we can await the reference before calling the
  __resolveType (this handles both the non-Promise and Promise case).

• Updated dependencies [f6a8c1ce]:

  • @​apollo/federation-internals@​2.4.3

v2.4.2

Compare Source

Patch Changes

• Updated dependencies [2c370508, 179b4602]:
  • @​apollo/federation-internals@​2.4.2

v2.4.1

Compare Source

Patch Changes

• Start building packages with TS 5.x, which should have no effect on consumers (#​2480)

• Updated dependencies [450b9578, afde3158, eafebc3c, 01fe3f83]:

  • @​apollo/federation-internals@​2.4.1

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[coveralls]

Pull Request Test Coverage Report for Build 27b7f87b-a9b5-4928-ad30-a3de98f802aa

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 92.777%

---

Totals
Change from base Build c008d2de-da2a-41d3-9a8a-8a7190daf380:	0.0%
Covered Lines:	6307
Relevant Lines:	6798

---

💛 - Coveralls

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: sample/32-graphql-federation-schema-first/users-application/package-lock.json

ERR! lerna Invalid command!
ERR! lerna Pass --help to see all available commands and options.
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: apollo-link@1.2.14
npm WARN Found: graphql@16.6.0
npm WARN node_modules/graphql
npm WARN   dev graphql@"16.6.0" from the root project
npm WARN   27 more (@apollo/cache-control-types, @apollo/client, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer graphql@"^0.11.3 || ^0.12.3 || ^0.13.0 || ^14.0.0 || ^15.0.0" from apollo-link@1.2.14
npm WARN node_modules/apollo-link
npm WARN   apollo-link@"^1.2.14" from apollo-link-http-common@0.2.16
npm WARN   node_modules/apollo-link-http-common
npm WARN   2 more (apollo-upload-client, graphql-tools)
npm WARN 
npm WARN Conflicting peer dependency: graphql@15.8.0
npm WARN node_modules/graphql
npm WARN   peer graphql@"^0.11.3 || ^0.12.3 || ^0.13.0 || ^14.0.0 || ^15.0.0" from apollo-link@1.2.14
npm WARN   node_modules/apollo-link
npm WARN     apollo-link@"^1.2.14" from apollo-link-http-common@0.2.16
npm WARN     node_modules/apollo-link-http-common
npm WARN     2 more (apollo-upload-client, graphql-tools)
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: apollo-link-http-common@0.2.16
npm WARN Found: graphql@16.6.0
npm WARN node_modules/graphql
npm WARN   dev graphql@"16.6.0" from the root project
npm WARN   27 more (@apollo/cache-control-types, @apollo/client, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer graphql@"^0.11.0 || ^0.12.0 || ^0.13.0 || ^14.0.0 || ^15.0.0" from apollo-link-http-common@0.2.16
npm WARN node_modules/apollo-link-http-common
npm WARN   apollo-link-http-common@"^0.2.14" from apollo-upload-client@13.0.0
npm WARN   node_modules/apollo-upload-client
npm WARN 
npm WARN Conflicting peer dependency: graphql@15.8.0
npm WARN node_modules/graphql
npm WARN   peer graphql@"^0.11.0 || ^0.12.0 || ^0.13.0 || ^14.0.0 || ^15.0.0" from apollo-link-http-common@0.2.16
npm WARN   node_modules/apollo-link-http-common
npm WARN     apollo-link-http-common@"^0.2.14" from apollo-upload-client@13.0.0
npm WARN     node_modules/apollo-upload-client
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: apollo-utilities@1.3.2
npm WARN Found: graphql@16.6.0
npm WARN node_modules/graphql
npm WARN   dev graphql@"16.6.0" from the root project
npm WARN   27 more (@apollo/cache-control-types, @apollo/client, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer graphql@"^0.11.0 || ^0.12.0 || ^0.13.0 || ^14.0.0" from apollo-utilities@1.3.2
npm WARN node_modules/apollo-utilities
npm WARN   apollo-utilities@"^1.3.0" from apollo-link@1.2.14
npm WARN   node_modules/apollo-link
npm WARN 
npm WARN Conflicting peer dependency: graphql@14.7.0
npm WARN node_modules/graphql
npm WARN   peer graphql@"^0.11.0 || ^0.12.0 || ^0.13.0 || ^14.0.0" from apollo-utilities@1.3.2
npm WARN   node_modules/apollo-utilities
npm WARN     apollo-utilities@"^1.3.0" from apollo-link@1.2.14
npm WARN     node_modules/apollo-link
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR! 
npm ERR! While resolving: commitlint-circle@1.0.0
npm ERR! Found: @commitlint/cli@17.6.5
npm ERR! node_modules/@commitlint/cli
npm ERR!   dev @commitlint/cli@"17.6.5" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer @commitlint/cli@"^7.0.0" from commitlint-circle@1.0.0
npm ERR! node_modules/commitlint-circle
npm ERR!   dev commitlint-circle@"1.0.0" from the root project
npm ERR! 
npm ERR! Conflicting peer dependency: @commitlint/cli@7.6.1
npm ERR! node_modules/@commitlint/cli
npm ERR!   peer @commitlint/cli@"^7.0.0" from commitlint-circle@1.0.0
npm ERR!   node_modules/commitlint-circle
npm ERR!     dev commitlint-circle@"1.0.0" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR! 
npm ERR! See /tmp/worker/3ffcb8/a6f6ae/cache/others/npm/eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     /tmp/worker/3ffcb8/a6f6ae/cache/others/npm/_logs/2023-06-12T12_07_09_997Z-debug-0.log