fix(deps): update dependency com.graphql-java:graphql-java to v22 #391
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
added
the
type: dependencies
|
superseded by #395 |
dariuszkuc
deleted the
renovate/major-graphql-java-(ignoring-snapshot-builds)
branch
Renovate Ignore NotificationBecause you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
21.3->22.0Release Notes
graphql-java/graphql-java (com.graphql-java:graphql-java)
v22.0: 22.0We are pleased to announce the release of graphql-java v22.0.
Thanks to everyone in the community who contributed to the release, whether that was code, helping to report issues, or participating in discussions.
This is a breaking change release.
The graphql-java team takes breaking changes very seriously but in the name of performance we have made some significant breaking changes in this release.
Major Performance Changes
Past releases have been very much performance focused and this one is no different. However, this release is aiming to reduce memory pressure more than reduce pure CPU usage. When the graphql-java engine is running, if it produces less objects it will ultimately run faster because of reduced memory pressure and less garbage to collect.
The engine has been changed in two major ways that reduce memory pressure.
ExecutionResult wrapping
The first was that all values that come back got wrapped internally into a
ExecutionResultobject where thedataattribute was the value. This was a carry over from some very early GraphQL code but was unnecessary and hence has been removed. The follow on effect of this is that somegraphql.execution.ExecutionStrategyprotected methods andgraphql.execution.instrumentation.Instrumentationmethods used to receive and returnExecutionResultvalues and no longer do, which is an API breaking change. We have made this breaking changes in the name of memory pressure performance.CompletableFuture wrapping
The second major change is that the engine no longer exclusively uses
java.util.concurrent.CompletableFutures when composing together results. Let us explain the past code first so we can discuss the new code.CompletableFutureis a fantastic construct because it represents a promise to a value and it can also hold an exceptional state inside itself. Async programming withCompletableFutureis viral. If stage 1 of some compute process returns aCompletableFuturethen stage 2 and 3 and 4 are likely to as well to ensure everything is asynchronous.We use to take values that were not asynchronous (such as DataFetcher that returned a simple in memory object) and wrap them in a
CompletableFutureso that all of the other code composed together usingCompletableFuturemethods like.thenApply()and.thenComposeand so on. The code is cleaner if you use allCompletableFuturecode patterns.However many objects in a GraphQL request are not asynchronous but rather materialised objects in memory. Scalars, enums and list are often just values immediately available to be used and allocating a
CompletableFuturemakes the code easier to write but it has a memory pressure cost.So we have sacrificed cleaner code for more memory performant code.
graphql-java engine
graphql.execution.ExecutionStrategymethods now just returnObjectwhere that object might be either aCompletableFutureor a materialised value.Notice we have lost type safety here. In the past this would have only been
CompletableFuture<FetchedValue>and hence been both type safe and async composable.Now the caller of that method has to handle the async case where it might be a
CompletableFuture<FetchedValue>AND the materialised value case where it might be aFetchedValuebut as most simple fields in GraphQL are in fact materialised values, this is worth the less clean code.DataFetcherscan of course continue to returnCompletableFuturevalues and they will be handled in a polymorphic manner.The upshot of all this work is that the graphql-java engine allocated way less
CompletableFuturevalues and hence reduces the amount of memory used.Instrumentation Changes
The above changes now mean means that before
graphql.execution.instrumentation.InstrumentationContextused to be given aCompletableFuturebut now no longer doesis now
if you previously used the
CompletableFutureto know when something was completed, wellInstrumentationContexthas the same semantics because it's completed method is similar in that it presents a value or an exceptiongraphql.execution.instrumentation.Instrumentationalso had a lot of deprecated methods in place and these have been removed since the more performant shape of passing ingraphql.execution.instrumentation.InstrumentationStatehas been in place for quite a few releases.Some of the methods that received
ExecutionResultwrapped values have also changed as mentioned above.Instrumentationis probably the area that needs the most attention in terms of breaking changes. If you have not moved off the deprecated methods, your customInstrumentations will no longer compile or run.Interning key strings
Our friends at Netflix provided a PR that interns certain key strings like "field names" so that we create less String instances when processing field names in queries that we know must be previously interned in the schema.
https://github.com/graphql-java/graphql-java/pull/3504
The full list of performance related changes
https://github.com/graphql-java/graphql-java/pulls?q=is%3Apr+milestone%3A%2222.0%22+label%3Aperformance
Major Changes
@defer Experimental Support
Support for the
@deferdirective has been added in an experimental fashion. While@deferis still not in the released GraphQL specification, we have judged it mature enough to support at this stage and thegraphql-jsreference implementation has support for it.https://github.com/graphql/graphql-wg/blob/main/rfcs/DeferStream.md
At this stage we have not yet supported
@streambut this is likely to be included in a future release.Breaking Changes
There are quite a few API breaking changes in this release. In fact there are 22 PRs containing breaking API changes.
Stricter parseValue coercion: Aligning with JS reference implementation
We have made changes to String, Boolean, Float, and Int
parseValuecoercion, to be consistent with the reference JS implementation. The key change isparseValueis now stricter on accepted inputs.parseValuenow requires input of typeString. For example, aNumberinput123or aBooleaninputtruewill no longer be accepted.parseValuenow requires input of typeBoolean. For example, aStringinput"true"will no longer be accepted.parseValuenow requires input of typeNumber. For example, aStringinput"3.14"will no longer be accepted.parseValuenow requires input of typeNumber. For example, aStringinput"42"will no longer be accepted.This is a breaking change. To help you migrate, in version 21.0, we introduced the InputInterceptor https://github.com/graphql-java/graphql-java/pull/3188 (and an implementation LegacyCoercingInputInterceptor https://github.com/graphql-java/graphql-java/pull/3218) to provide a migration pathway. You can use this interceptor to monitor and modify values.
For more, see https://github.com/graphql-java/graphql-java/pull/3553
JS reference implementation: https://github.com/graphql/graphql-js/blob/main/src/type/scalars.ts
Removing deprecated methods
Many methods that have been deprecated for a long time, sometimes even up to 6 years, have finally been removed.
The
CompletableFutureunwrapping work mentioned above changed many methods in thegraphql.execution.ExecutionStrategyclasses but we don't expect this affect many people since very few people write their own engines.That
CompletableFutureunwrapping work also had knock on effects as mentioned above ongraphql.execution.instrumentation.Instrumentationand hence this is the most likely place for there to be compatibility challenges in existing code.DataLoaderDispatcherInstrumentation has been removed and is now built into the engine
The code to dispatch
org.dataloader.DataLoaders used to be an instrumentation calledDataLoadersDataLoaderDispatcherInstrumentationand it was automatically added at runtime. This approach has been removed.The equivalent code is now built into the graphql-java engine itself.
DataLoaders can now always be used without any special setup. This also allows the code to be more performant in howDataLoaders are dispatched.SL4J logging has been removed
Previously, the graphql-java engine would log at DEBUG level certain errors or when fields get fetched. This has not proven used for from a support point to the graphql-java team and also has a compliance cost in that user generated content (UGC) and personally identifying information (PII) could end up being logged, which may not be allowed under regimes like European General Data Protection Regulation (GDPR).
If you want to log now we suggest you invest in a
Instrumentationthat logs key events and you can there for log what you want and in a compliant manner of your choosing.https://github.com/graphql-java/graphql-java/pull/3403
The full list of API breaking changes
https://github.com/graphql-java/graphql-java/pulls?q=is%3Apr+milestone%3A%2222.0%22+label%3A%22breaking+change%22
Other changes
What's Changed
New Contributors
Full Changelog: graphql-java/graphql-java@v21.5...v22.0
v21.5: 21.5This is a special release to add further limits to introspection queries.
This release contains a backport of PR #3539.
What's Changed
Full Changelog: graphql-java/graphql-java@v21.4...v21.5
v21.4: 21.4This is a special release to help control introspection queries.
This release adds a default check for introspection queries, to check that they are sensible. This feature is a backport of https://github.com/graphql-java/graphql-java/pull/3526 and https://github.com/graphql-java/graphql-java/pull/3527.
This release also adds an optional maximum result nodes limit, which is a backport of https://github.com/graphql-java/graphql-java/pull/3525.
What's Changed
Full Changelog: graphql-java/graphql-java@v21.3...v21.4
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.