chore(deps): update apollo graphql packages

[renovate[bot]]

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@apollo/gateway (source)	2.10.1 -> 2.12.2
@apollo/server (source)	5.0.0 -> 5.2.0
@apollo/subgraph (source)	2.2.3 -> 2.12.2
@apollo/subgraph (source)	2.11.2 -> 2.12.2

---

Release Notes

apollographql/federation (@​apollo/gateway)

v2.12.2

Compare Source

Patch Changes

• Updated dependencies [238d9d71e831e4f3e8d8e334ad6952cc19c073b1]:
  • @​apollo/federation-internals@​2.12.2
  • @​apollo/composition@​2.12.2
  • @​apollo/query-planner@​2.12.2

v2.12.1

Compare Source

Patch Changes

• Updated dependencies [b19431e4a92206703e29aba859a5fc7574b9ef8b, 09e596e6a0c753071ca822e84f525d73ada395cf, ac1ed2946c48e0fef4b413b192d8c5fbdb2370ae]:
  • @​apollo/composition@​2.12.1
  • @​apollo/federation-internals@​2.12.1
  • @​apollo/query-planner@​2.12.1

v2.12.0

Compare Source

Minor Changes

• Federation 2.12 and Connect 0.3 (#​3276)

Patch Changes

• Updated dependencies [3e2b0a8569a9fe46726182887ed0b4bfc0b52468, bb4614d338ae03bac51a5fc2439590f172c4e54d, 99f2da21de88f9ad9a32ee7ed64b2d4a92887b40, 468f27842608f4e390cfc88bc7e6b4b0945f95ff, 3fd5157b309f1d3439b2d87c67b0601fb246d04c, b734ea04d118db09cf6077fdd968c8f04a96327a, 4bda3a498eba36e187dfd9ae673eca12d3f3502c, e7e67579908d5cd2fa6fe558228dffe4808cd98d, f3ab499eaf62b1a1c0f08b838d2cbde5accb303a, faea2d1174d80593264f2227cfde9a2ba1a59b96, 0dbc7cc72ffacf324231e9ccb2de4189f6bf3289, 97b9d2edfcfeed99124f9e115f992cbef3804682, f6af504f1ba8283fd00af0d6e3c9c1a665d62736, bc07e979b9fd24c9b94740b170f11023fe99ba1e, a595235d3cf8f67611efd8395332b64d067b5f1f, 9cbdcb53f859c877a476e2725faa4cb205506f57]:
  • @​apollo/query-planner@​2.12.0
  • @​apollo/composition@​2.12.0
  • @​apollo/federation-internals@​2.12.0

v2.11.5

Compare Source

Patch Changes

• Updated dependencies [5ee4d966487e714ae6bc6445bf53d75ccbbaf6ae, e1c58611c3c996b4fff98a54e49f00549ff2115d, 3e2d1fd315db54a089fedf131cfaa27792bdd049]:
  • @​apollo/composition@​2.11.5
  • @​apollo/federation-internals@​2.11.5
  • @​apollo/query-planner@​2.11.5

v2.11.4

Compare Source

Patch Changes

• Updated dependencies [d221ac04c3ee00a3c7a671d9d56e2cfa36943b49, 7730c03e128be6754b9e40c086d5cb5c4685ac66, 4bda3a498eba36e187dfd9ae673eca12d3f3502c, f3ab499eaf62b1a1c0f08b838d2cbde5accb303a, 6adbf7e86927de969aedab665b6a3a8dbf3a6095, 2a20dc38dfc40e0b618d5cc826f18a19ddb91aff]:
  • @​apollo/composition@​2.11.4
  • @​apollo/federation-internals@​2.11.4
  • @​apollo/query-planner@​2.11.4

v2.11.3

Compare Source

Patch Changes

• Updated dependencies [4faa114215200daf7ad7518be8e50071fcde783c, 8c7a2cd655ad3060e9f5c3b106cfbdb59251701c]:
  • @​apollo/query-planner@​2.11.3
  • @​apollo/federation-internals@​2.11.3
  • @​apollo/composition@​2.11.3

v2.11.2

Compare Source

Patch Changes

• Updated dependencies [28c08bef6e691aefc6ed07c0e7057f9cd803b317, 28c08bef6e691aefc6ed07c0e7057f9cd803b317]:
  • @​apollo/federation-internals@​2.11.2
  • @​apollo/composition@​2.11.2
  • @​apollo/query-planner@​2.11.2

v2.11.1

Compare Source

Patch Changes

• Updated dependencies [7799ad1717becf15fb0e82f89619f2ec8a24b4d4, b26794c5724ef23d1f0fd45a40aee3d301557489, 51bed5be49d8e87adae59f568315c9e3488a91e0]:
  • @​apollo/federation-internals@​2.11.1
  • @​apollo/composition@​2.11.1
  • @​apollo/query-planner@​2.11.1

v2.11.0

Compare Source

Minor Changes

• Adds connect spec v0.2, available for use with Apollo Router 2.3.0 or greater. (#​3262)

Patch Changes

• Corrects a set of denial-of-service (DOS) vulnerabilities that made it possible for an attacker to render gateway inoperable with certain simple query patterns due to uncontrolled resource consumption. All prior-released versions and configurations are vulnerable. (#​3238)

  See the associated GitHub Advisories GHSA-q2f9-x4p4-7xmh and GHSA-p2q6-pwh5-m6jr for more information.

• Updated dependencies [1462c91879d41884c0a7e60551d8dd0d67c832d3, 9614b26e5a17cbf1f6aaf08f6fcb1c95eb12592d, 9614b26e5a17cbf1f6aaf08f6fcb1c95eb12592d]:

  • @​apollo/query-planner@​2.11.0
  • @​apollo/federation-internals@​2.11.0
  • @​apollo/composition@​2.11.0

v2.10.4

Compare Source

Patch Changes

• Updated dependencies [8377f039b4c888ecdda2a2b0b0ca181a343cb81a, 20c75d1d60a48fc289d88c8d29652f1afc7553e4]:
  • @​apollo/composition@​2.10.4
  • @​apollo/federation-internals@​2.10.4
  • @​apollo/query-planner@​2.10.4

v2.10.3

Compare Source

Patch Changes

• Updated dependencies [2b88aec38d5bacb6ec815d885fdac47ef415124a, 18a9cfaf533602bb37fdf22962539ce0eae948c8, 9c0aaa0874c98ae8ce0cc38cad7f6f25d2c29635, f94e7b35c43ed64c67ff25c7aeb86ec0dd73370a]:
  • @​apollo/composition@​2.10.3
  • @​apollo/federation-internals@​2.10.3
  • @​apollo/query-planner@​2.10.3

v2.10.2

Compare Source

Patch Changes

• Updated dependencies [0e457586002f5fd06eacfd00954ef1e285fd52d6]:
  • @​apollo/composition@​2.10.2
  • @​apollo/federation-internals@​2.10.2
  • @​apollo/query-planner@​2.10.2

apollographql/apollo-server (@​apollo/server)

v5.2.0

Compare Source

Minor Changes

• #​8161 51acbeb Thanks @​jerelmiller! - Fix an issue where some bundlers would fail to build because of the dynamic import for the optional peer dependency on @yaacovcr/transform introduced in @apollo/server 5.1.0. To provide support for the legacy incremental format, you must now provide the legacyExperimentalExecuteIncrementally option to the ApolloServer constructor.

  import { legacyExecuteIncrementally } from '@​yaacovcr/transform';
  
  const server = new ApolloServer({
    // ...
    legacyExperimentalExecuteIncrementally: legacyExecuteIncrementally,
  });
  

  If the legacyExperimentalExecuteIncrementally option is not provided and the client sends an Accept header with a value of multipart/mixed; deferSpec=20220824, an error is returned by the server.

v5.1.0

Compare Source

Minor Changes

• #​8148 80a1a1a Thanks @​jerelmiller! - Apollo Server now supports the incremental delivery protocol (@defer and @stream) that ships with [email protected]. To use the current protocol, clients must send the Accept header with a value of multipart/mixed; incrementalSpec=v0.2.

  Upgrading to 5.1 will depend on what version of graphql you have installed and whether you already support the incremental delivery protocol.

apollographql/federation (@​apollo/subgraph)

v2.12.2

Compare Source

Patch Changes

• Updated dependencies [238d9d71e831e4f3e8d8e334ad6952cc19c073b1]:
  • @​apollo/federation-internals@​2.12.2

v2.12.1

Compare Source

Patch Changes

• Updated dependencies [09e596e6a0c753071ca822e84f525d73ada395cf, ac1ed2946c48e0fef4b413b192d8c5fbdb2370ae]:
  • @​apollo/federation-internals@​2.12.1

v2.12.0

Compare Source

Minor Changes

• Federation 2.12 and Connect 0.3 (#​3276)

Patch Changes

• When a GraphQLScalarType resolver is provided to buildSubgraphSchema(), omitted configuration options in the GraphQLScalarType no longer cause the corresponding properties in the GraphQL document/AST to be cleared. To explicitly clear these properties, use null for the configuration option instead. (#​3287)

• Updated dependencies [3e2b0a8569a9fe46726182887ed0b4bfc0b52468, bb4614d338ae03bac51a5fc2439590f172c4e54d, 99f2da21de88f9ad9a32ee7ed64b2d4a92887b40, 468f27842608f4e390cfc88bc7e6b4b0945f95ff, 3fd5157b309f1d3439b2d87c67b0601fb246d04c, b734ea04d118db09cf6077fdd968c8f04a96327a, 4bda3a498eba36e187dfd9ae673eca12d3f3502c, e7e67579908d5cd2fa6fe558228dffe4808cd98d, faea2d1174d80593264f2227cfde9a2ba1a59b96, 97b9d2edfcfeed99124f9e115f992cbef3804682, f6af504f1ba8283fd00af0d6e3c9c1a665d62736, a595235d3cf8f67611efd8395332b64d067b5f1f]:

  • @​apollo/federation-internals@​2.12.0

v2.11.5

Compare Source

Patch Changes

• Updated dependencies [e1c58611c3c996b4fff98a54e49f00549ff2115d, 3e2d1fd315db54a089fedf131cfaa27792bdd049]:
  • @​apollo/federation-internals@​2.11.5

v2.11.4

Compare Source

Patch Changes

• Updated dependencies [d221ac04c3ee00a3c7a671d9d56e2cfa36943b49, 7730c03e128be6754b9e40c086d5cb5c4685ac66, 4bda3a498eba36e187dfd9ae673eca12d3f3502c, 6adbf7e86927de969aedab665b6a3a8dbf3a6095, 2a20dc38dfc40e0b618d5cc826f18a19ddb91aff]:
  • @​apollo/federation-internals@​2.11.4

v2.11.3

Compare Source

Patch Changes

• When a GraphQLScalarType resolver is provided to buildSubgraphSchema(), omitted configuration options in the GraphQLScalarType no longer cause the corresponding properties in the GraphQL document/AST to be cleared. To explicitly clear these properties, use null for the configuration option instead. (#​3285) (#​3285)

• Updated dependencies [8c7a2cd655ad3060e9f5c3b106cfbdb59251701c]:

  • @​apollo/federation-internals@​2.11.3

v2.11.2

Compare Source

Patch Changes

• Revert change to @​composeDirective definition to specify nullable argument value. (#​3283)

  We cannot fix the definition as that would break customers using older versions of subgraph-js. Our validations are already verifying that the values are specified.

• Updated dependencies [28c08bef6e691aefc6ed07c0e7057f9cd803b317]:

  • @​apollo/federation-internals@​2.11.2

v2.11.1

Compare Source

Patch Changes

• Updated dependencies [7799ad1717becf15fb0e82f89619f2ec8a24b4d4, b26794c5724ef23d1f0fd45a40aee3d301557489]:
  • @​apollo/federation-internals@​2.11.1

v2.11.0

Compare Source

Minor Changes

• Adds connect spec v0.2, available for use with Apollo Router 2.3.0 or greater. (#​3262)

Patch Changes

• Updated dependencies [1462c91879d41884c0a7e60551d8dd0d67c832d3, 9614b26e5a17cbf1f6aaf08f6fcb1c95eb12592d]:
  • @​apollo/federation-internals@​2.11.0

v2.10.4

Compare Source

Patch Changes

• Updated dependencies [20c75d1d60a48fc289d88c8d29652f1afc7553e4]:
  • @​apollo/federation-internals@​2.10.4

v2.10.3

Compare Source

Patch Changes

• Updated dependencies [2b88aec38d5bacb6ec815d885fdac47ef415124a, 18a9cfaf533602bb37fdf22962539ce0eae948c8, 9c0aaa0874c98ae8ce0cc38cad7f6f25d2c29635, f94e7b35c43ed64c67ff25c7aeb86ec0dd73370a]:
  • @​apollo/federation-internals@​2.10.3

v2.10.2

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.10.2

v2.10.1

Compare Source

Patch Changes

• Updated dependencies [97d81b79c3da10175bdf92c2209039efe352de79]:
  • @​apollo/federation-internals@​2.10.1

v2.10.0

Compare Source

Patch Changes

• When resolving references, skip type resolution if the reference resolves to null. (#​3215)

• Updated dependencies [8927e315ab0e865ef3ff12320f265ee95588b899, 8927e315ab0e865ef3ff12320f265ee95588b899]:

  • @​apollo/federation-internals@​2.10.0

v2.9.5

Compare Source

Patch Changes

• Updated dependencies [0d8fca1c8cc375bb8486f11f339984b69267417d]:
  • @​apollo/federation-internals@​2.9.5

v2.9.4

Compare Source

Patch Changes

• Updated dependencies [22686d640b1e48f6a9aa07e538464db95b536792, 22686d640b1e48f6a9aa07e538464db95b536792, 22686d640b1e48f6a9aa07e538464db95b536792, 22686d640b1e48f6a9aa07e538464db95b536792]:
  • @​apollo/federation-internals@​2.9.4

v2.9.3

Compare Source

Patch Changes

• Updated dependencies [cc4573471696ef78d04fa00c4cf8e5c50314ba9f, 062572b3253e8640b60a0bf58b83945094b76b6f, df5eb3cb0e2b4802fcd425ab9c23714de2707db3, 1c99cb0dcc6c639ac351210932623ab0bd6907e4]:
  • @​apollo/federation-internals@​2.9.3

v2.9.2

Compare Source

Patch Changes

• Updated dependencies [2192f355f50db33fe0807d16153f357696b9f190, 5ac01b534318105e904c1e6598070f753add3bb1]:
  • @​apollo/federation-internals@​2.9.2

v2.9.1

Compare Source

Patch Changes

• Updated dependencies [b8e4ab5352a4dfd262af49493fdd42e86e5e3d99, e6c05b6c96023aa3dec79889431f8217fcb3806d]:
  • @​apollo/federation-internals@​2.9.1

v2.9.0

Compare Source

Patch Changes

• Updated dependencies [02c2a34a62c3717a4885449172e404f19ebf66c9, 0ccfd937d4b4a576f890665ceebbd7986fac5d0c, e0a5075c0d12a0e2f7ef303b246e3216a139d3e0]:
  • @​apollo/federation-internals@​2.9.0

v2.8.5

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.8.5

v2.8.4

Compare Source

Patch Changes

• Add descriptions for federation directives (#​3095)

• Updated dependencies [5f4bb160d024678d6facd471c43c8ec61c86e701, 672aca7cbeb0a6a38586357a4e154f2dd91caa0c]:

  • @​apollo/federation-internals@​2.8.4

v2.8.3

Compare Source

Patch Changes

• Updated dependencies [50d648ccffb05591878de75dc5522914ed48698f, f753d55e9a49d11389ee4f8d7976533447e95ede, 3af790517d662f3bec9064c0bf243014c579e9cd]:
  • @​apollo/federation-internals@​2.8.3

v2.8.2

Compare Source

Patch Changes

• Updated dependencies [b2e5ab66f84688ec304cfcf2c6f749c86aded549]:
  • @​apollo/federation-internals@​2.8.2

v2.8.1

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.8.1

v2.8.0

Compare Source

Patch Changes

• Various set context bugfixes (#​3017)

• Updated dependencies [c4744da360235d8bb8270ea048f0e0fa5d03be1e, 8a936d741a0c05835ff2533714cf330d18209179]:

  • @​apollo/federation-internals@​2.8.0

v2.7.8

Compare Source

Patch Changes

• Triggering a clean 2.7.8 release now that harmonizer build has been fixed. (#​3010)

• Updated dependencies [2ad72802044310a528e8944f4538efe519424504]:

  • @​apollo/federation-internals@​2.7.8

v2.7.7

Compare Source

Patch Changes

• No logical changes since 2.7.5 or 2.7.6, but we fixed a bug in the release process, so we need to publish a new patch version (2.7.7). (#​2999)

• Updated dependencies [bee0b0828b4fb6a1d3172ac330560e2ab6c046bb]:

  • @​apollo/federation-internals@​2.7.7

v2.7.6

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.7.6

v2.7.5

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.7.5

v2.7.4

Compare Source

Patch Changes

• Updated dependencies [d80b7f0ca1456567a0866a32d2b2abf940598f77]:
  • @​apollo/federation-internals@​2.7.4

v2.7.3

Compare Source

Patch Changes

• Updated dependencies [ec04c50b4fb832bfd281ecf9c0c2dd7656431b96, a494631918156f0431ceace74281c076cf1d5d51]:
  • @​apollo/federation-internals@​2.7.3

v2.7.2

Compare Source

Patch Changes

• Updated dependencies [33b937b18d3c7ca6af14b904696b536399e597d1, 09cd3e55e810ee513127b7440f5b11af7540c9b0, d7189a86c27891af408d3d0184db6133d3342967]:
  • @​apollo/federation-internals@​2.7.2

v2.7.1

Compare Source

Patch Changes

• Updated dependencies [493f5acd16ad92adf99c963659cd40dc5eac1219]:
  • @​apollo/federation-internals@​2.7.1

v2.7.0

Compare Source

Minor Changes

• Implement progressive @override functionality (#​2911)

  The progressive @override feature brings a new argument to the @override directive: label: String. When a label is added to an @override application, the override becomes conditional, depending on parameters provided to the query planner (a set of which labels should be overridden). Note that this feature will be supported in router for enterprise users only.

  Out-of-the-box, the router will support a percentage-based use case for progressive @override. For example:

  type Query {
    hello: String @​override(from: "original", label: "percent(5)")
  }
  

  The above example will override the root hello field from the "original" subgraph 5% of the time.

  More complex use cases will be supported by the router via the use of coprocessors/rhai to resolve arbitrary labels to true/false values (i.e. via a feature flag service).

Patch Changes

• Updated dependencies [6ae42942b13dccd246ccc994faa2cb36cd62cb3c, 66833fb8d04c9376f6ed476fed6b1ca237f477b7, 931f87c6766c7439936df706727cbdc0cd6bcfd8]:
  • @​apollo/federation-internals@​2.7.0

v2.6.3

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.6.3

v2.6.2

Compare Source

Patch Changes

• Updated dependencies [7b5b836d15247c997712a47847f603aa5887312e, 74ca7dd617927a20d79b824851f7651ef3c40a4e]:
  • @​apollo/federation-internals@​2.6.2

v2.6.1

Compare Source

Patch Changes

• Updated dependencies [0d5ab01a]:
  • @​apollo/federation-internals@​2.6.1

v2.6.0

Compare Source

Patch Changes

• Updated dependencies [b18841be, e325b499]:
  • @​apollo/federation-internals@​2.6.0

v2.5.7

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.5.7

v2.5.6

Compare Source

Patch Changes

• Updated dependencies [c719214a]:
  • @​apollo/federation-internals@​2.5.6

v2.5.5

Compare Source

Patch Changes

• Fix specific case for requesting __typename on interface entity type (#​2775)

  In certain cases, when resolving a __typename on an interface entity (due to it actual being requested in the operation), that fetch group could previously be trimmed / treated as useless. At a glance, it appears to be a redundant step, i.e.:

  { ... on Product { __typename id }} => { ... on Product { __typename} }
  

  It's actually necessary to preserve this in the case that we're coming from an interface object to an (entity) interface so that we can resolve the concrete __typename correctly.

• Updated dependencies []:

  • @​apollo/federation-internals@​2.5.5

v2.5.4

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.5.4

v2.5.3

Compare Source

Patch Changes

• Updated dependencies [4b9a512b, c6e0e76d, 1add932c]:
  • @​apollo/federation-internals@​2.5.3

v2.5.2

Compare Source

Patch Changes

• Updated dependencies [35179f08]:
  • @​apollo/federation-internals@​2.5.2

v2.5.1

Compare Source

Patch Changes

• Updated dependencies [b9052fdd]:
  • @​apollo/federation-internals@​2.5.1

v2.5.0

Compare Source

Minor Changes

• Introduce the new @authenticated directive for composition (#​2644)

  Note that this directive will only be fully supported by the Apollo Router as a GraphOS Enterprise feature at runtime. Also note that composition of valid @authenticated directive applications will succeed, but the resulting supergraph will not be executable by the Gateway or an Apollo Router which doesn't have the GraphOS Enterprise entitlement.

  Users may now compose @authenticated applications from their subgraphs into a supergraph. This addition will support a future version of Apollo Router that enables authenticated access to specific types and fields via directive applications.

  The directive is defined as follows:

  directive @​authenticated on FIELD_DEFINITION | OBJECT | INTERFACE | SCALAR | ENUM
  

  In order to compose your @authenticated usages, you must update your subgraph's federation spec version to v2.5 and add the @authenticated import to your existing imports like so:

  @​link(url: "https://specs.apollo.dev/federation/v2.5", import: [..., "@​authenticated"])
  

Patch Changes

• Updated dependencies [fe1e3d7b, 6b18af50, 9396c0d6, 2b5796a9, 4f3c3b9e]:
  • @​apollo/federation-internals@​2.5.0

v2.4.13

Compare Source

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.4.13

v2.4.12

Compare Source

Patch Changes

• Updated dependencies [693c2433]:
  • @​apollo/federation-internals@​2.4.12

[v2.4.11](https://redirect.github.com/apollographql/federation/releases/tag/%40ap

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[kamilmysliwiec]

https://github.com/apollographql/federation/issues/2375

[erikwrede]

@kamilmysliwiec this PR is not a full depdendency upgrade as it still uses the old deprecated & replaced apollo-link-ws lib and deprecated test classes. Please reconsider using my PR (https://github.com/nestjs/graphql/pull/2916) or merging it into this instead. I made sure to include the new libraries recommended by apollo.

[MrChrisRodriguez]

@kamilmysliwiec is there anything anyone can do to help get this across the finish line?

[sutt0n]

@kamilmysliwiec https://github.com/apollographql/federation/issues/2375#issuecomment-1423115401

It seems there can be some kind of workaround here... Although, I would suspect this may introduce a breaking change to this repo. 🤔