Release 2.19.0 #4626
Merged
Release 2.19.0 #4626
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Josh should update this commit message to be accurate :)
…pii-in-invalid-graphql
This should improve support for GraphQL v15 features, thanks to the commit from the upstream `graphql-playground-react` repository being ported to our fork. Ref: apollographql/graphql-playground@33c4818
Relates to #4453. Co-authored-by: Jesse Rosenberger <git@jro.cc>
Co-authored-by: Jesse Rosenberger <git@jro.cc>
- apollo-server-azure-functions@2.19.0-alpha.0 - apollo-server-cloud-functions@2.19.0-alpha.0 - apollo-server-cloudflare@2.19.0-alpha.0 - apollo-server-core@2.19.0-alpha.0 - apollo-server-express@2.19.0-alpha.0 - apollo-server-fastify@2.19.0-alpha.0 - apollo-server-hapi@2.19.0-alpha.0 - apollo-server-integration-testsuite@2.19.0-alpha.0 - apollo-server-koa@2.19.0-alpha.0 - apollo-server-lambda@2.19.0-alpha.0 - apollo-server-micro@2.19.0-alpha.0 - apollo-server-testing@2.19.0-alpha.0 - apollo-server@2.19.0-alpha.0 - apollo-tracing@0.12.0-alpha.0
…ity-explosions-and-pii-in-invalid-graphql This PR changes the apollo usage reporting library to use static identifiers for operation documents that are not able to be executed. When users of this module receive many un-executable operation documents, such as a non parse-able operation documents, invalid operation documents, or invalid operation names, every operation document is sent to Apollo Studio. This results in a cardinality explosion within Graph Manager. After a few thousand of these invalid operation names / documents are reported, the UI for the customer is borderline unusable due to the cardinality explosion & schema validation reaches a capacity of operations as well. In general, we want to avoid storing & exposing personal information in Studio, and in current reporting agents, this is also problematic for operations that fail to execute. Because we currently report these operations with a signature matching the entire operation body, this is an easy trap for users to accidentally send user information through our system, when argument literals exist in the document. The static identifiers are: ## GraphQLParseFailure for documents that don't parse as valid graphql ## GraphQLValidationFailure for documents that aren't valid given the schema running on the server ## GraphQLUnknownOperationName for operation documents which don't have an operation name in the document Additionally, it allows users to optionally include the body of the operations that fail validation with sendUnexecutableOperationDocuments. This will send the operation body as part of the trace so they can be viewed alongside the trace.
- apollo-cache-control@0.11.4-alpha.0 - apollo-datasource-rest@0.9.5-alpha.0 - apollo-reporting-protobuf@0.6.1-alpha.0 - apollo-server-azure-functions@2.19.0-alpha.1 - apollo-server-cloud-functions@2.19.0-alpha.1 - apollo-server-cloudflare@2.19.0-alpha.1 - apollo-server-core@2.19.0-alpha.1 - apollo-server-express@2.19.0-alpha.1 - apollo-server-fastify@2.19.0-alpha.1 - apollo-server-hapi@2.19.0-alpha.1 - apollo-server-integration-testsuite@2.19.0-alpha.1 - apollo-server-koa@2.19.0-alpha.1 - apollo-server-lambda@2.19.0-alpha.1 - apollo-server-micro@2.19.0-alpha.1 - apollo-server-plugin-base@0.10.2-alpha.0 - apollo-server-plugin-operation-registry@0.7.2-alpha.0 - apollo-server-plugin-response-cache@0.5.6-alpha.0 - apollo-server-testing@2.19.0-alpha.1 - apollo-server-types@0.6.1-alpha.0 - apollo-server@2.19.0-alpha.1 - apollo-tracing@0.12.0-alpha.1 - graphql-extensions@0.12.6-alpha.0
Update graphqlHandler.ts to ignore base64 decoding for Multipart queries
- apollo-server-azure-functions@2.19.0 - apollo-server-cloud-functions@2.19.0 - apollo-server-cloudflare@2.19.0 - apollo-server-core@2.19.0 - apollo-server-express@2.19.0 - apollo-server-fastify@2.19.0 - apollo-server-hapi@2.19.0 - apollo-server-integration-testsuite@2.19.0 - apollo-server-koa@2.19.0 - apollo-server-lambda@2.19.0 - apollo-server-micro@2.19.0 - apollo-server-testing@2.19.0 - apollo-server@2.19.0
This reverts commit c7062dd. This release commit was never actually released yet. On inspection, there are some package.json files with the `-alpha` suffix that need to be reverted manually since there were no actual changes (therefore Lerna won't be doing any updating / moving that package out of an `alpha` state in which its currently stuck. cc @abernix
- apollo-cache-control@0.11.4 - apollo-datasource-rest@0.9.5 - apollo-reporting-protobuf@0.6.1 - apollo-server-azure-functions@2.19.0 - apollo-server-cloud-functions@2.19.0 - apollo-server-cloudflare@2.19.0 - apollo-server-core@2.19.0 - apollo-server-express@2.19.0 - apollo-server-fastify@2.19.0 - apollo-server-hapi@2.19.0 - apollo-server-integration-testsuite@2.19.0 - apollo-server-koa@2.19.0 - apollo-server-lambda@2.19.0 - apollo-server-micro@2.19.0 - apollo-server-plugin-base@0.10.2 - apollo-server-plugin-operation-registry@0.7.2 - apollo-server-plugin-response-cache@0.5.6 - apollo-server-testing@2.19.0 - apollo-server-types@0.6.1 - apollo-server@2.19.0 - apollo-tracing@0.12.0 - graphql-extensions@0.12.6
trevor-scheer
approved these changes
Oct 30, 2020
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As with release PRs in the past, this is a PR tracking a
release-x.y.zbranch for an upcoming release of Apollo Server. 🙌 The version in the title of this PR should correspond to the appropriate branch.Check the appropriate milestone (to the right) for more details on what we hope to get into this release!
The intention of these release branches is to gather changes which are intended to land in a specific version (again, indicated by the subject of this PR). Release branches allow additional clarity into what is being staged, provide a forum for comments from the community pertaining to the release's stability, and to facilitate the creation of pre-releases (e.g.
alpha,beta,rc) without affecting themainbranch.PRs for new features might be opened against or re-targeted to this branch by the project maintainers. The
mainbranch may be periodically merged into this branch up until the point in time that this branch is being prepared for release. Depending on the size of the release, this may be once it reaches RC (release candidate) stage with an-rc.xrelease suffix. Some less substantial releases may be short-lived and may never have pre-release versions.When this version is officially released onto the
latestnpm tag, this PR will be merged intomain.