From b22c6fc956829b462d68e395817f3883e7f277cc Mon Sep 17 00:00:00 2001 From: Simon Sapin Date: Fri, 19 May 2023 17:42:41 +0200 Subject: [PATCH 01/39] Add time + memory benchmark for large requests (#3105) Results on a laptop: ``` $ cargo bench --bench huge_requests Columns: * Size of a String variable in an otherwise small GraphQL request * End-to-end time * Peak RSS (including heaptrack overhead) of a fresh Router process 1K 2 ms 95.76M 10K 1 ms 95.28M 100K 2 ms 96.12M 1M 8 ms 100.45M 10M 76 ms 126.84M 100M 753 ms 371.13M 1G 8885 ms 3.16G ``` *Description here* Fixes #issue_number **Checklist** Complete the checklist (and note appropriate exceptions) before a final PR is raised. - [x] Changes are compatible[^1] - [x] Documentation[^2] completed - [ ] Performance impact assessed and acceptable - Tests added and passing[^3] - [ ] Unit Tests - [ ] Integration Tests - [x] Manual Tests **Exceptions** * No change to production code * Bench command takes no parameter, its output aims to document itself * CI checks that benchmark code compiles, but does not run it **Notes** [^1]. It may be appropriate to bring upcoming changes to the attention of other (impacted) groups. Please endeavour to do this before seeking PR approval. The mechanism for doing this will vary considerably, so use your judgement as to how and when to do this. [^2]. Configuration is an important part of many changes. Where applicable please try to document configuration examples. [^3]. Tick whichever testing boxes are applicable. If you are adding Manual Tests: - please document the manual testing (extensively) in the Exceptions. - please raise a separate issue to automate the test and label it (or ask for it to be labeled) as `manual test` --- apollo-router-benchmarks/Cargo.toml | 2 +- apollo-router/Cargo.toml | 3 + apollo-router/benches/huge_requests.rs | 182 ++++++++++++++++++ .../benches/huge_requests/router.yaml | 2 + .../benches/huge_requests/supergraph.graphql | 38 ++++ 5 files changed, 226 insertions(+), 1 deletion(-) create mode 100644 apollo-router/benches/huge_requests.rs create mode 100644 apollo-router/benches/huge_requests/router.yaml create mode 100644 apollo-router/benches/huge_requests/supergraph.graphql diff --git a/apollo-router-benchmarks/Cargo.toml b/apollo-router-benchmarks/Cargo.toml index adfbbe51473..91b596b3575 100644 --- a/apollo-router-benchmarks/Cargo.toml +++ b/apollo-router-benchmarks/Cargo.toml @@ -28,4 +28,4 @@ harness = false [[bench]] name = "memory_use" -harness = false +harness = false \ No newline at end of file diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml index 3a14d358d35..4ebb7343f32 100644 --- a/apollo-router/Cargo.toml +++ b/apollo-router/Cargo.toml @@ -265,3 +265,6 @@ tonic-build = "0.8.4" name = "integration_tests" path = "tests/integration_tests.rs" +[[bench]] +name = "huge_requests" +harness = false diff --git a/apollo-router/benches/huge_requests.rs b/apollo-router/benches/huge_requests.rs new file mode 100644 index 00000000000..3b0ca51d910 --- /dev/null +++ b/apollo-router/benches/huge_requests.rs @@ -0,0 +1,182 @@ +use std::time::Duration; + +use futures::stream::StreamExt; +use tokio::io::AsyncBufReadExt; +use tokio::process::Command; + +// chosen by fair dice roll. guaranteed to be random. https://xkcd.com/221/ +const SUBGRAPH_PORT: u16 = 10141; // hard-coded in huge_requests/supergraph.graphql + +const SUPERGRAPH_PORT: u16 = 10142; // hard-coded in huge_requests/router.yaml + +const VERBOSE: bool = false; + +#[tokio::main] +async fn main() { + println!("Columns:"); + println!("* Size of a String variable in an otherwise small GraphQL request"); + println!("* End-to-end time"); + println!("* Peak RSS (including heaptrack overhead) of a fresh Router process"); + println!(); + for (display, value) in [ + (" 1K", 1_000), + (" 10K", 10_000), + ("100K", 100_000), + (" 1M", 1_000_000), + (" 10M", 10_000_000), + ("100M", 100_000_000), + (" 1G", 1_000_000_000), + ] { + print!("{display} "); + one_request(value).await; + // Work around "error creating server listener: Address already in use (os error 98)" + tokio::time::sleep(std::time::Duration::from_millis(100)).await; + } +} + +async fn one_request(string_variable_bytes: usize) { + let _shutdown_on_drop = spawn_subgraph().await; + + let heaptrack_output = tempfile::NamedTempFile::new().unwrap(); + let heaptrack_output_path = heaptrack_output.path().as_os_str().to_str().unwrap(); + let router_exe = env!("CARGO_BIN_EXE_router"); + let mut child = Command::new("heaptrack") + .args([ + "-o", + heaptrack_output_path, + router_exe, + "-s", + "supergraph.graphql", + "-c", + "router.yaml", + ]) + .current_dir( + std::path::Path::new(env!("CARGO_MANIFEST_DIR")) + .join("benches") + .join("huge_requests"), + ) + .kill_on_drop(true) + .stdout(std::process::Stdio::piped()) + .stderr(std::process::Stdio::null()) + .spawn() + .unwrap(); + + let mut router_stdout = tokio::io::BufReader::new(child.stdout.take().unwrap()).lines(); + let (tx, rx) = tokio::sync::oneshot::channel::<()>(); + tokio::spawn(async move { + let mut tx = Some(tx); + while let Some(line) = router_stdout.next_line().await.unwrap() { + if line.contains("GraphQL endpoint exposed") { + if let Some(tx) = tx.take() { + let _ = tx.send(()); + // Don’t stop here, keep consuming output so the pipe doesn’t block on a full buffer + } + } + if VERBOSE { + println!("{}", line); + } + } + }); + rx.await.unwrap(); + + // Warm up Router caches + graphql_client(1).await; + + let latency = graphql_client(string_variable_bytes).await; + print!("{:>4} ms ", latency.as_millis()); + + // Trigger graceful shutdown by signaling the router process, + // which is a child of the heaptrack process. + assert!(Command::new("pkill") + .arg("-P") + .arg(child.id().unwrap().to_string()) + .arg("-f") + .arg(router_exe) + .status() + .await + .unwrap() + .success()); + assert!(child.wait().await.unwrap().success()); + + let output = Command::new("heaptrack_print") + // .arg(heaptrack_output_path) + .arg(format!("{heaptrack_output_path}.zst")) + .output() + .await + .unwrap(); + assert!(output.status.success()); + for line in String::from_utf8_lossy(&output.stdout).lines() { + if let Some(rss) = line.strip_prefix("peak RSS (including heaptrack overhead): ") { + println!("{rss:>7}") + } + } +} + +async fn graphql_client(string_variable_bytes: usize) -> Duration { + let graphql_request = serde_json::json!({ + "query": "mutation Mutation($data: String) { upload(data: $data) }", + "variables": {"data": "_".repeat(string_variable_bytes)} + }); + let request = hyper::Request::post(format!("http://127.0.0.1:{SUPERGRAPH_PORT}")) + .header("content-type", "application/json") + .body(serde_json::to_string(&graphql_request).unwrap().into()) + .unwrap(); + let client = hyper::Client::new(); + let start_time = std::time::Instant::now(); + let result = client.request(request).await; + let latency = start_time.elapsed(); + let mut response = result.unwrap(); + let body = hyper::body::to_bytes(response.body_mut()).await.unwrap(); + assert_eq!(&*body, br#"{"data":{"upload":true}}"#); + if VERBOSE { + println!("{}", String::from_utf8_lossy(&body)); + } + assert!(response.status().is_success()); + latency +} + +async fn spawn_subgraph() -> ShutdownOnDrop { + let (tx, rx) = tokio::sync::oneshot::channel::<()>(); + let shutdown_on_drop = ShutdownOnDrop(Some(tx)); + + let service = hyper::service::make_service_fn(|_| async { + Ok::<_, hyper::Error>(hyper::service::service_fn(subgraph)) + }); + let server = hyper::Server::bind(&([127, 0, 0, 1], SUBGRAPH_PORT).into()) + .serve(service) + .with_graceful_shutdown(async { + let _ = rx.await; + }); + tokio::spawn(async move { + if let Err(e) = server.await { + eprintln!("server error: {}", e); + } + }); + shutdown_on_drop +} + +async fn subgraph( + request: hyper::Request, +) -> Result, hyper::Error> { + // Read the request body and prompty ignore it + request + .into_body() + .for_each(|chunk| { + let _: &[u8] = &chunk.unwrap(); + async {} + }) + .await; + // Assume we got a GraphQL request with `mutation Mutation { upload($some_string) }` + let graphql_response = r#"{"data":{"upload":true}}"#; + Ok(hyper::Response::new(hyper::Body::from(graphql_response))) +} + +struct ShutdownOnDrop(Option>); + +impl Drop for ShutdownOnDrop { + fn drop(&mut self) { + if let Some(tx) = self.0.take() { + let _ = tx.send(()); + } + } +} diff --git a/apollo-router/benches/huge_requests/router.yaml b/apollo-router/benches/huge_requests/router.yaml new file mode 100644 index 00000000000..48f80679257 --- /dev/null +++ b/apollo-router/benches/huge_requests/router.yaml @@ -0,0 +1,2 @@ +supergraph: + listen: 127.0.0.1:10142 diff --git a/apollo-router/benches/huge_requests/supergraph.graphql b/apollo-router/benches/huge_requests/supergraph.graphql new file mode 100644 index 00000000000..d5f3f94dba6 --- /dev/null +++ b/apollo-router/benches/huge_requests/supergraph.graphql @@ -0,0 +1,38 @@ +schema + @core(feature: "https://specs.apollo.dev/core/v0.1") + @core(feature: "https://specs.apollo.dev/join/v0.1") +{ + query: Query + mutation: Mutation +} + +directive @core(feature: String!) repeatable on SCHEMA + +directive @join__field( + graph: join__Graph + requires: join__FieldSet + provides: join__FieldSet +) on FIELD_DEFINITION + +directive @join__type( + graph: join__Graph! + key: join__FieldSet +) repeatable on OBJECT | INTERFACE + +directive @join__owner(graph: join__Graph!) on OBJECT | INTERFACE + +directive @join__graph(name: String!, url: String!) on ENUM_VALUE + +scalar join__FieldSet + +enum join__Graph { + SUBGRAPH_1 @join__graph(name: "subgraph_1", url: "http://127.0.0.1:10141/") +} + +type Query { + unused: Int +} + +type Mutation { + upload(data: String): Boolean +} From 8deaec497e1579c02cf2140084aaa5a6d8445705 Mon Sep 17 00:00:00 2001 From: Geoffroy Couprie Date: Tue, 23 May 2023 09:51:58 +0200 Subject: [PATCH 02/39] test multiple keys matching a JWT criteria (#3031) Fix #3017 in some cases, multiple keys can match what a JWT asks (algorithm and optional kid). Previously, we scored each possible match and only took the one with the highest score. But even then, we can have multiple keys with the same score (example: colliding kid between multiple JWKS in tests). This changes the behaviour to: - return a list of matching key instead of the one with the highest score - try them one by one until the JWT is validated, or return an error - if some keys were found with the highest possible score (matching alg, kid is present and matching too), then we only test those ones Co-authored-by: Coenen Benjamin --- ...at_geal_jwt_test_multiple_matching_keys.md | 9 ++ .../src/plugins/authentication/mod.rs | 150 +++++++++++------- .../src/plugins/authentication/tests.rs | 28 ++-- 3 files changed, 119 insertions(+), 68 deletions(-) create mode 100644 .changesets/feat_geal_jwt_test_multiple_matching_keys.md diff --git a/.changesets/feat_geal_jwt_test_multiple_matching_keys.md b/.changesets/feat_geal_jwt_test_multiple_matching_keys.md new file mode 100644 index 00000000000..56d9ef14f8e --- /dev/null +++ b/.changesets/feat_geal_jwt_test_multiple_matching_keys.md @@ -0,0 +1,9 @@ +### Test multiple keys matching a JWT criteria ([Issue #3017](https://github.com/apollographql/router/issues/3017)) + +In some cases, multiple keys can match what a JWT asks (algorithm and optional kid). Previously, we scored each possible match and only took the one with the highest score. But even then, we can have multiple keys with the same score (example: colliding kid between multiple JWKS in tests). +This changes the behaviour to: +- return a list of matching key instead of the one with the highest score +- try them one by one until the JWT is validated, or return an error +- if some keys were found with the highest possible score (matching alg, kid is present and matching too), then we only test those ones + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3031 \ No newline at end of file diff --git a/apollo-router/src/plugins/authentication/mod.rs b/apollo-router/src/plugins/authentication/mod.rs index e155df3cb41..135c60795e3 100644 --- a/apollo-router/src/plugins/authentication/mod.rs +++ b/apollo-router/src/plugins/authentication/mod.rs @@ -17,6 +17,7 @@ use jsonwebtoken::jwk::KeyOperations; use jsonwebtoken::jwk::PublicKeyUse; use jsonwebtoken::Algorithm; use jsonwebtoken::DecodingKey; +use jsonwebtoken::TokenData; use jsonwebtoken::Validation; use once_cell::sync::Lazy; use reqwest::Client; @@ -61,9 +62,6 @@ enum AuthenticationError<'a> { /// '{0}' is not a valid JWT header: {1} InvalidHeader(&'a str, JWTError), - /// Cannot retrieve JWKS: {0} - CannotRetrieveJWKS(BoxError), - /// Cannot create decoding key: {0} CannotCreateDecodingKey(JWTError), @@ -168,9 +166,10 @@ struct JWTCriteria { fn search_jwks( jwks_manager: &JwksManager, criteria: &JWTCriteria, -) -> Result, Jwk)>, BoxError> { +) -> Option, Jwk)>> { const HIGHEST_SCORE: usize = 2; let mut candidates = vec![]; + let mut found_highest_score = false; for JwkSetInfo { jwks, issuer, @@ -270,9 +269,10 @@ fn search_jwks( // point for having an explicitly matching algorithm and 1 point for an explicitly // matching kid. We will sort our candidates and pick the key with the highest score. - // If we find a key with a HIGHEST_SCORE, let's stop looking. + // If we find a key with a HIGHEST_SCORE, we will filter the list to only keep those + // with that score if key_score == HIGHEST_SCORE { - return Ok(Some((issuer, key))); + found_highest_score = true; } candidates.push((key_score, (issuer.clone(), key))); @@ -292,13 +292,34 @@ fn search_jwks( ); if candidates.is_empty() { - Ok(None) + None } else { // Only sort if we need to if candidates.len() > 1 { candidates.sort_by(|a, b| a.0.cmp(&b.0)); } - Ok(Some(candidates.pop().expect("list isn't empty").1)) + + if found_highest_score { + Some( + candidates + .into_iter() + .filter_map(|(score, candidate)| { + if score == HIGHEST_SCORE { + Some(candidate) + } else { + None + } + }) + .collect(), + ) + } else { + Some( + candidates + .into_iter() + .map(|(_score, candidate)| candidate) + .collect(), + ) + } } } @@ -472,52 +493,11 @@ fn authenticate( // Search our list of JWKS to find the kid and process it // Note: This will search through JWKS in the order in which they are defined // in configuration. - - let jwk_opt = match search_jwks(jwks_manager, &criteria) { - Ok(j) => j, - Err(e) => { - return failure_message( - request.context, - AuthenticationError::CannotRetrieveJWKS(e), - StatusCode::INTERNAL_SERVER_ERROR, - ); - } - }; - - if let Some((issuer, jwk)) = jwk_opt { - let decoding_key = match DecodingKey::from_jwk(&jwk) { - Ok(k) => k, - Err(e) => { - return failure_message( - request.context, - AuthenticationError::CannotCreateDecodingKey(e), - StatusCode::INTERNAL_SERVER_ERROR, - ); - } - }; - - let algorithm = match jwk.common.algorithm { - Some(a) => a, - None => { - return failure_message( - request.context, - AuthenticationError::JWKHasNoAlgorithm, - StatusCode::INTERNAL_SERVER_ERROR, - ); - } - }; - - let mut validation = Validation::new(algorithm); - validation.validate_nbf = true; - - let token_data = match decode::(jwt, &decoding_key, &validation) { - Ok(v) => v, - Err(e) => { - return failure_message( - request.context, - AuthenticationError::CannotDecodeJWT(e), - StatusCode::UNAUTHORIZED, - ); + if let Some(keys) = search_jwks(jwks_manager, &criteria) { + let (issuer, token_data) = match decode_jwt(jwt, keys, criteria) { + Ok(data) => data, + Err((auth_error, status_code)) => { + return failure_message(request.context, auth_error, status_code); } }; @@ -575,6 +555,68 @@ fn authenticate( } } +fn decode_jwt( + jwt: &str, + keys: Vec<(Option, Jwk)>, + criteria: JWTCriteria, +) -> Result<(Option, TokenData), (AuthenticationError, StatusCode)> { + let mut error = None; + for (issuer, jwk) in keys.into_iter() { + let decoding_key = match DecodingKey::from_jwk(&jwk) { + Ok(k) => k, + Err(e) => { + error = Some(( + AuthenticationError::CannotCreateDecodingKey(e), + StatusCode::INTERNAL_SERVER_ERROR, + )); + continue; + } + }; + + let algorithm = match jwk.common.algorithm { + Some(a) => a, + None => { + error = Some(( + AuthenticationError::JWKHasNoAlgorithm, + StatusCode::INTERNAL_SERVER_ERROR, + )); + continue; + } + }; + + let mut validation = Validation::new(algorithm); + validation.validate_nbf = true; + + match decode::(jwt, &decoding_key, &validation) { + Ok(v) => return Ok((issuer, v)), + Err(e) => { + error = Some(( + AuthenticationError::CannotDecodeJWT(e), + StatusCode::UNAUTHORIZED, + )); + } + }; + } + + match error { + Some(e) => Err(e), + None => { + // We can't find a key to process this JWT. + if criteria.kid.is_some() { + Err(( + AuthenticationError::CannotFindKID(criteria.kid), + StatusCode::UNAUTHORIZED, + )) + } else { + Err(( + AuthenticationError::CannotFindSuitableKey(criteria.alg, criteria.kid), + StatusCode::UNAUTHORIZED, + )) + } + } + } +} + // This macro allows us to use it in our plugin registry! // register_plugin takes a group name, and a plugin name. // diff --git a/apollo-router/src/plugins/authentication/tests.rs b/apollo-router/src/plugins/authentication/tests.rs index d826db59590..c9200cb2a25 100644 --- a/apollo-router/src/plugins/authentication/tests.rs +++ b/apollo-router/src/plugins/authentication/tests.rs @@ -570,8 +570,9 @@ async fn it_finds_key_with_criteria_kid_and_algorithm() { }; let (_issuer, key) = search_jwks(&jwks_manager, &criteria) - .expect("search worked") - .expect("found a key"); + .expect("found a key") + .pop() + .expect("list isn't empty"); assert_eq!(Algorithm::HS256, key.common.algorithm.unwrap()); assert_eq!("key2", key.common.key_id.unwrap()); } @@ -586,8 +587,9 @@ async fn it_finds_best_matching_key_with_criteria_algorithm() { }; let (_issuer, key) = search_jwks(&jwks_manager, &criteria) - .expect("search worked") - .expect("found a key"); + .expect("found a key") + .pop() + .expect("list isn't empty"); assert_eq!(Algorithm::HS256, key.common.algorithm.unwrap()); assert_eq!("key1", key.common.key_id.unwrap()); } @@ -601,9 +603,7 @@ async fn it_fails_to_find_key_with_criteria_algorithm_not_in_set() { alg: Algorithm::RS512, }; - assert!(search_jwks(&jwks_manager, &criteria) - .expect("search worked") - .is_none()); + assert!(search_jwks(&jwks_manager, &criteria).is_none()); } #[tokio::test] @@ -616,8 +616,9 @@ async fn it_finds_key_with_criteria_algorithm_ec() { }; let (_issuer, key) = search_jwks(&jwks_manager, &criteria) - .expect("search worked") - .expect("found a key"); + .expect("found a key") + .pop() + .expect("list isn't empty"); assert_eq!(Algorithm::ES256, key.common.algorithm.unwrap()); assert_eq!( "afda85e09a320cf748177874592de64d", @@ -635,8 +636,9 @@ async fn it_finds_key_with_criteria_algorithm_rsa() { }; let (_issuer, key) = search_jwks(&jwks_manager, &criteria) - .expect("search worked") - .expect("found a key"); + .expect("found a key") + .pop() + .expect("list isn't empty"); assert_eq!(Algorithm::RS256, key.common.algorithm.unwrap()); assert_eq!( "022516583d56b68faf40260fda72978a", @@ -872,7 +874,5 @@ async fn it_rejects_key_with_restricted_algorithm() { alg: Algorithm::HS256, }; - assert!(search_jwks(&jwks_manager, &criteria) - .expect("search worked") - .is_none()); + assert!(search_jwks(&jwks_manager, &criteria).is_none()); } From 07c9bfc9f5d7b87e3e165690c40ce5f83e21324d Mon Sep 17 00:00:00 2001 From: Jeremy Lempereur Date: Tue, 23 May 2023 10:35:47 +0200 Subject: [PATCH 03/39] Provide a way to steer the router state machine during integration tests. (#3099) This changeset provides a new `TestRouterHttpServer` with a couple of interesting functions for us to write "semi" integrated tests. ## Why? This will allow us to make sure the router updates as expected if configuration, schema and entitlements change. ## Ok this sounds great but how do I... ### Create a TestRouterHttpServer? Add your test to `apollo-router/src/router.rs`: ```rust #[tokio::test(flavor = "multi_thread")] async fn basic_event_stream_test() { let mut router_handle = TestRouterHttpServer::new(); } ``` ### Get the router to start? It will need a valid configuration, a valid schema, and valid entitlements: ```rust let configuration = Configuration::from_str(include_str!("testdata/supergraph_config.router.yaml")) .unwrap(); let schema = include_str!("testdata/supergraph.graphql"); router_handle .send_event(UpdateConfiguration(configuration)) .await .unwrap(); router_handle .send_event(UpdateSchema(schema.to_string())) .await .unwrap(); router_handle .send_event(UpdateEntitlement(EntitlementState::Unentitled)) .await .unwrap(); ``` ### Send requests to the router? ```rust let request = Request::builder().query(r#"{ me { username } }"#).build(); let response = router_handle.request(request).await.unwrap(); assert_eq!( "@ada", response .data .unwrap() .get("me") .unwrap() .get("username") .unwrap() ); ``` ### Get the router to shut down once my tests have passed ? ```rust router_handle.shutdown().await.unwrap(); ``` You can now have fine grained control over the sequence of events that are processed by the router, and write the relevant regression tests. That's it! No more excuses! --------- Co-authored-by: Geoffroy Couprie --- .../maint_peer_caboose_prosecutor_puppy.md | 5 + apollo-router/src/router.rs | 248 ++++++++++++++++++ apollo-router/src/state_machine.rs | 120 ++++++--- apollo-router/src/testdata/supergraph.graphql | 8 +- .../testdata/supergraph_missing_name.graphql | 65 +++++ 5 files changed, 405 insertions(+), 41 deletions(-) create mode 100644 .changesets/maint_peer_caboose_prosecutor_puppy.md create mode 100644 apollo-router/src/testdata/supergraph_missing_name.graphql diff --git a/.changesets/maint_peer_caboose_prosecutor_puppy.md b/.changesets/maint_peer_caboose_prosecutor_puppy.md new file mode 100644 index 00000000000..c0ac81b6bd0 --- /dev/null +++ b/.changesets/maint_peer_caboose_prosecutor_puppy.md @@ -0,0 +1,5 @@ +### Improve the way we can test the state_machine in integration + +This changeset provides an internal TestRouterHttpServer for finer grained integration tests. + +By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3099 diff --git a/apollo-router/src/router.rs b/apollo-router/src/router.rs index e90ef6a34ac..b6b333a724d 100644 --- a/apollo-router/src/router.rs +++ b/apollo-router/src/router.rs @@ -19,12 +19,18 @@ use derivative::Derivative; use derive_more::Display; use derive_more::From; use displaydoc::Display as DisplayDoc; +#[cfg(test)] +use futures::channel::mpsc; +#[cfg(test)] +use futures::channel::mpsc::SendError; use futures::channel::oneshot; use futures::prelude::*; use futures::FutureExt; use http_body::Body as _; use hyper::Body; use thiserror::Error; +#[cfg(test)] +use tokio::sync::Notify; use tokio::sync::RwLock; use tokio::task::spawn; use tokio_util::time::DelayQueue; @@ -952,6 +958,86 @@ fn generate_event_stream( stream } +#[cfg(test)] +struct TestRouterHttpServer { + router_http_server: RouterHttpServer, + event_sender: mpsc::UnboundedSender, + state_machine_update_notifier: Arc, +} + +#[cfg(test)] +impl TestRouterHttpServer { + fn new() -> Self { + let (event_sender, event_receiver) = mpsc::unbounded(); + let state_machine_update_notifier = Arc::new(Notify::new()); + + let server_factory = AxumHttpServerFactory::new(); + let router_factory: OrbiterRouterSuperServiceFactory = + OrbiterRouterSuperServiceFactory::new(YamlRouterFactory::default()); + let state_machine = StateMachine::for_tests( + server_factory, + router_factory, + Arc::clone(&state_machine_update_notifier), + ); + + let listen_addresses = state_machine.listen_addresses.clone(); + let result = spawn( + async move { state_machine.process_events(event_receiver).await } + .with_current_subscriber(), + ) + .map(|r| match r { + Ok(Ok(ok)) => Ok(ok), + Ok(Err(err)) => Err(err), + Err(err) => { + tracing::error!("{}", err); + Err(ApolloRouterError::StartupError) + } + }) + .with_current_subscriber() + .boxed(); + + TestRouterHttpServer { + router_http_server: RouterHttpServer { + result, + shutdown_sender: None, + listen_addresses, + }, + event_sender, + state_machine_update_notifier, + } + } + + async fn request( + &self, + request: crate::graphql::Request, + ) -> Result { + Ok(reqwest::Client::new() + .post(format!("{}/", self.listen_address().await.unwrap())) + .json(&request) + .send() + .await + .expect("couldn't send request") + .json() + .await + .expect("couldn't deserialize into json")) + } + + async fn listen_address(&self) -> Option { + self.router_http_server.listen_address().await + } + + async fn send_event(&mut self, event: Event) -> Result<(), SendError> { + let result = self.event_sender.send(event).await; + self.state_machine_update_notifier.notified().await; + result + } + + async fn shutdown(mut self) -> Result<(), ApolloRouterError> { + self.send_event(Event::Shutdown).await.unwrap(); + self.router_http_server.shutdown().await + } +} + #[cfg(test)] mod tests { use std::env::temp_dir; @@ -1143,4 +1229,166 @@ mod tests { assert!(matches!(stream.next().await.unwrap(), UpdateSchema(_))); assert!(matches!(stream.next().await.unwrap(), NoMoreSchema)); } + + #[tokio::test(flavor = "multi_thread")] + async fn basic_event_stream_test() { + let mut router_handle = TestRouterHttpServer::new(); + + let configuration = + Configuration::from_str(include_str!("testdata/supergraph_config.router.yaml")) + .unwrap(); + let schema = include_str!("testdata/supergraph.graphql"); + + // let's push a valid configuration to the state machine, so it can start up + router_handle + .send_event(UpdateConfiguration(configuration)) + .await + .unwrap(); + router_handle + .send_event(UpdateSchema(schema.to_string())) + .await + .unwrap(); + router_handle + .send_event(UpdateEntitlement(EntitlementState::Unentitled)) + .await + .unwrap(); + + let request = Request::builder().query(r#"{ me { username } }"#).build(); + + let response = router_handle.request(request).await.unwrap(); + assert_eq!( + "@ada", + response + .data + .unwrap() + .get("me") + .unwrap() + .get("username") + .unwrap() + ); + + // shut the router down + router_handle + .send_event(Event::NoMoreConfiguration) + .await + .unwrap(); + router_handle.send_event(Event::NoMoreSchema).await.unwrap(); + router_handle.send_event(Event::Shutdown).await.unwrap(); + } + + #[tokio::test(flavor = "multi_thread")] + async fn schema_update_test() { + let mut router_handle = TestRouterHttpServer::new(); + // let's push a valid configuration to the state machine, so it can start up + router_handle + .send_event(UpdateConfiguration( + Configuration::from_str(include_str!("testdata/supergraph_config.router.yaml")) + .unwrap(), + )) + .await + .unwrap(); + router_handle + .send_event(UpdateSchema( + include_str!("testdata/supergraph_missing_name.graphql").to_string(), + )) + .await + .unwrap(); + router_handle + .send_event(UpdateEntitlement(EntitlementState::Unentitled)) + .await + .unwrap(); + + // let's send a valid query + let request = Request::builder().query(r#"{ me { username } }"#).build(); + let response = router_handle.request(request).await.unwrap(); + + assert_eq!( + "@ada", + response + .data + .unwrap() + .get("me") + .unwrap() + .get("username") + .unwrap() + ); + + // the name field is not present yet + let request = Request::builder() + .query(r#"{ me { username name } }"#) + .build(); + let response = router_handle.request(request).await.unwrap(); + + assert_eq!( + "cannot query field 'name' on type 'User'", + response.errors[0].message + ); + assert_eq!( + "INVALID_FIELD", + response.errors[0].extensions.get("code").unwrap() + ); + + // let's update the schema to add the field + router_handle + .send_event(UpdateSchema( + include_str!("testdata/supergraph.graphql").to_string(), + )) + .await + .unwrap(); + + // the request should now make it through + let request = Request::builder() + .query(r#"{ me { username name } }"#) + .build(); + + let response = router_handle.request(request).await.unwrap(); + + assert_eq!( + "Ada Lovelace", + response + .data + .unwrap() + .get("me") + .unwrap() + .get("name") + .unwrap() + ); + + // let's go back and remove the field + router_handle + .send_event(UpdateSchema( + include_str!("testdata/supergraph_missing_name.graphql").to_string(), + )) + .await + .unwrap(); + + let request = Request::builder().query(r#"{ me { username } }"#).build(); + let response = router_handle.request(request).await.unwrap(); + + assert_eq!( + "@ada", + response + .data + .unwrap() + .get("me") + .unwrap() + .get("username") + .unwrap() + ); + + let request = Request::builder() + .query(r#"{ me { username name } }"#) + .build(); + let response = router_handle.request(request).await.unwrap(); + + assert_eq!( + "cannot query field 'name' on type 'User'", + response.errors[0].message + ); + assert_eq!( + "INVALID_FIELD", + response.errors[0].extensions.get("code").unwrap() + ); + router_handle.shutdown().await.unwrap(); + } } diff --git a/apollo-router/src/state_machine.rs b/apollo-router/src/state_machine.rs index 3d836e66cee..a90ea770c58 100644 --- a/apollo-router/src/state_machine.rs +++ b/apollo-router/src/state_machine.rs @@ -6,6 +6,8 @@ use std::sync::Arc; use futures::prelude::*; use tokio::sync::mpsc; +#[cfg(test)] +use tokio::sync::Notify; use tokio::sync::OwnedRwLockWriteGuard; use tokio::sync::RwLock; use ApolloRouterError::ServiceCreationError; @@ -385,6 +387,8 @@ where router_configurator: FA, pub(crate) listen_addresses: Arc>, listen_addresses_guard: Option>, + #[cfg(test)] + notify_updated: Arc, } impl StateMachine @@ -407,6 +411,31 @@ where router_configurator: router_factory, listen_addresses, listen_addresses_guard, + #[cfg(test)] + notify_updated: Default::default(), + } + } + + #[cfg(test)] + pub(crate) fn for_tests( + http_server_factory: S, + router_factory: FA, + notify_updated: Arc, + ) -> Self { + // Listen address is created locked so that if a consumer tries to examine the listen address before the state machine has reached running state they are blocked. + let listen_addresses: Arc> = Default::default(); + let listen_addresses_guard = Some( + listen_addresses + .clone() + .try_write_owned() + .expect("lock just created, qed"), + ); + Self { + http_server_factory, + router_configurator: router_factory, + listen_addresses, + listen_addresses_guard, + notify_updated, } } @@ -452,12 +481,16 @@ where NoMoreEntitlement => state.no_more_entitlement().await, Shutdown => state.shutdown().await, }; + + #[cfg(test)] + self.notify_updated.notify_one(); + tracing::debug!( "state machine event: {event_name}, transitioned from: {last_state} to: {state:?}" ); // If we've errored then exit even if there are potentially more messages - if matches!(&state, Errored(_)) { + if matches!(&state, Stopped | Errored(_)) { break; } } @@ -522,7 +555,12 @@ mod tests { let router_factory = create_mock_router_configurator(0); let (server_factory, _) = create_mock_server_factory(0); assert_matches!( - execute(server_factory, router_factory, vec![NoMoreConfiguration],).await, + execute( + server_factory, + router_factory, + stream::iter(vec![NoMoreConfiguration]) + ) + .await, Err(NoConfiguration) ); } @@ -532,7 +570,12 @@ mod tests { let router_factory = create_mock_router_configurator(0); let (server_factory, _) = create_mock_server_factory(0); assert_matches!( - execute(server_factory, router_factory, vec![NoMoreSchema],).await, + execute( + server_factory, + router_factory, + stream::iter(vec![NoMoreSchema]) + ) + .await, Err(NoSchema) ); } @@ -542,7 +585,12 @@ mod tests { let router_factory = create_mock_router_configurator(0); let (server_factory, _) = create_mock_server_factory(0); assert_matches!( - execute(server_factory, router_factory, vec![NoMoreEntitlement],).await, + execute( + server_factory, + router_factory, + stream::iter(vec![NoMoreEntitlement]) + ) + .await, Err(NoEntitlement) ); } @@ -562,12 +610,12 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(test_config_restricted()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::Entitled), Shutdown - ], + ]) ) .await, Ok(()) @@ -584,12 +632,12 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(test_config_restricted()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::EntitledHalt), Shutdown - ], + ]) ) .await, Ok(()) @@ -606,12 +654,12 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(test_config_restricted()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::EntitledWarn), Shutdown - ], + ]) ) .await, Ok(()) @@ -629,14 +677,14 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(test_config_restricted()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::Entitled), UpdateEntitlement(EntitlementState::Unentitled), UpdateConfiguration(test_config_restricted()), Shutdown - ], + ]) ) .await, Ok(()) @@ -653,12 +701,12 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(test_config_restricted()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::Unentitled), Shutdown - ], + ]) ) .await, Err(ApolloRouterError::EntitlementViolation) @@ -675,14 +723,14 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::Unentitled), UpdateConfiguration(test_config_restricted()), UpdateEntitlement(EntitlementState::Entitled), Shutdown - ], + ]) ) .await, Ok(()) @@ -703,7 +751,7 @@ mod tests { let router_factory = create_mock_router_configurator(0); let (server_factory, _) = create_mock_server_factory(0); assert_matches!( - execute(server_factory, router_factory, vec![Shutdown],).await, + execute(server_factory, router_factory, stream::iter(vec![Shutdown])).await, Ok(()) ); } @@ -717,12 +765,12 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::default()), Shutdown - ], + ]) ) .await, Ok(()) @@ -739,13 +787,13 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(minimal_schema.to_owned()), UpdateEntitlement(EntitlementState::default()), UpdateSchema(example_schema()), Shutdown - ], + ]) ) .await, Ok(()) @@ -762,13 +810,13 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(minimal_schema.to_owned()), UpdateEntitlement(EntitlementState::default()), UpdateEntitlement(EntitlementState::default()), Shutdown - ], + ]) ) .await, Ok(()) @@ -785,7 +833,7 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::default()), @@ -800,7 +848,7 @@ mod tests { .unwrap() ), Shutdown - ], + ]) ) .await, Ok(()) @@ -817,12 +865,12 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::default()), Shutdown - ], + ]) ) .await, Ok(()) @@ -844,11 +892,11 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::default()), - ], + ]) ) .await, Err(ApolloRouterError::ServiceCreationError(_)) @@ -882,13 +930,13 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::default()), UpdateSchema(example_schema()), Shutdown - ], + ]) ) .await, Ok(()) @@ -933,7 +981,7 @@ mod tests { execute( server_factory, router_factory, - vec![ + stream::iter(vec![ UpdateConfiguration(Configuration::builder().build().unwrap()), UpdateSchema(example_schema()), UpdateEntitlement(EntitlementState::default()), @@ -945,7 +993,7 @@ mod tests { ), UpdateSchema(example_schema()), Shutdown - ], + ]), ) .await, Ok(()) @@ -1051,12 +1099,10 @@ mod tests { async fn execute( server_factory: MockMyHttpServerFactory, router_factory: MockMyRouterConfigurator, - events: Vec, + events: impl Stream + Unpin, ) -> Result<(), ApolloRouterError> { let state_machine = StateMachine::new(server_factory, router_factory); - state_machine - .process_events(stream::iter(events).boxed()) - .await + state_machine.process_events(events).await } fn create_mock_server_factory( diff --git a/apollo-router/src/testdata/supergraph.graphql b/apollo-router/src/testdata/supergraph.graphql index d9e761cd446..9a64dd4358f 100644 --- a/apollo-router/src/testdata/supergraph.graphql +++ b/apollo-router/src/testdata/supergraph.graphql @@ -18,10 +18,10 @@ directive @join__graph(name: String!, url: String!) on ENUM_VALUE scalar join__FieldSet enum join__Graph { - ACCOUNTS @join__graph(name: "accounts" url: "http://localhost:4001/graphql") - INVENTORY @join__graph(name: "inventory" url: "http://localhost:4004/graphql") - PRODUCTS @join__graph(name: "products" url: "http://localhost:4003/graphql") - REVIEWS @join__graph(name: "reviews" url: "http://localhost:4002/graphql") + ACCOUNTS @join__graph(name: "accounts" url: "https://accounts.demo.starstuff.dev/") + INVENTORY @join__graph(name: "inventory" url: "https://inventory.demo.starstuff.dev/") + PRODUCTS @join__graph(name: "products" url: "https://products.demo.starstuff.dev/") + REVIEWS @join__graph(name: "reviews" url: "https://reviews.demo.starstuff.dev/") } type Product diff --git a/apollo-router/src/testdata/supergraph_missing_name.graphql b/apollo-router/src/testdata/supergraph_missing_name.graphql new file mode 100644 index 00000000000..6b21b4f4e7d --- /dev/null +++ b/apollo-router/src/testdata/supergraph_missing_name.graphql @@ -0,0 +1,65 @@ +schema + @core(feature: "https://specs.apollo.dev/core/v0.1"), + @core(feature: "https://specs.apollo.dev/join/v0.1") +{ + query: Query +} + +directive @core(feature: String!) repeatable on SCHEMA + +directive @join__field(graph: join__Graph, requires: join__FieldSet, provides: join__FieldSet) on FIELD_DEFINITION + +directive @join__type(graph: join__Graph!, key: join__FieldSet) repeatable on OBJECT | INTERFACE + +directive @join__owner(graph: join__Graph!) on OBJECT | INTERFACE + +directive @join__graph(name: String!, url: String!) on ENUM_VALUE + +scalar join__FieldSet + +enum join__Graph { + ACCOUNTS @join__graph(name: "accounts" url: "https://accounts.demo.starstuff.dev/") + INVENTORY @join__graph(name: "inventory" url: "https://inventory.demo.starstuff.dev/") + PRODUCTS @join__graph(name: "products" url: "https://products.demo.starstuff.dev/") + REVIEWS @join__graph(name: "reviews" url: "https://reviews.demo.starstuff.dev/") +} + +type Product + @join__owner(graph: PRODUCTS) + @join__type(graph: PRODUCTS, key: "upc") + @join__type(graph: INVENTORY, key: "upc") + @join__type(graph: REVIEWS, key: "upc") +{ + upc: String! @join__field(graph: PRODUCTS) + name: String @join__field(graph: PRODUCTS) + price: Int @join__field(graph: PRODUCTS) + weight: Int @join__field(graph: PRODUCTS) + inStock: Boolean @join__field(graph: INVENTORY) + shippingEstimate: Int @join__field(graph: INVENTORY, requires: "price weight") + reviews: [Review] @join__field(graph: REVIEWS) +} + +type Query { + me: User @join__field(graph: ACCOUNTS) + topProducts(first: Int = 5): [Product] @join__field(graph: PRODUCTS) +} + +type Review + @join__owner(graph: REVIEWS) + @join__type(graph: REVIEWS, key: "id") +{ + id: ID! @join__field(graph: REVIEWS) + body: String @join__field(graph: REVIEWS) + author: User @join__field(graph: REVIEWS, provides: "username") + product: Product @join__field(graph: REVIEWS) +} + +type User + @join__owner(graph: ACCOUNTS) + @join__type(graph: ACCOUNTS, key: "id") + @join__type(graph: REVIEWS, key: "id") +{ + id: ID! @join__field(graph: ACCOUNTS) + username: String @join__field(graph: ACCOUNTS) + reviews: [Review] @join__field(graph: REVIEWS) +} From d504713c5b674abc72a2bdf49015fef9b6a7b6bc Mon Sep 17 00:00:00 2001 From: Geoffroy Couprie Date: Tue, 23 May 2023 13:15:29 +0200 Subject: [PATCH 04/39] hash the query and operation name in the query plan cache key (#3101) Fix #2998 The query and operation name can be too large to transmit as part of a Redis cache key. This will hash them before writing them in the key Co-authored-by: Jesse Rosenberger --- .changesets/fix_geal_query_plan_cache_key.md | 5 +++++ .../src/query_planner/caching_query_planner.rs | 16 +++++++++++++--- apollo-router/tests/redis_test.rs | 4 ++-- 3 files changed, 20 insertions(+), 5 deletions(-) create mode 100644 .changesets/fix_geal_query_plan_cache_key.md diff --git a/.changesets/fix_geal_query_plan_cache_key.md b/.changesets/fix_geal_query_plan_cache_key.md new file mode 100644 index 00000000000..2fd7f276870 --- /dev/null +++ b/.changesets/fix_geal_query_plan_cache_key.md @@ -0,0 +1,5 @@ +### hash the query and operation name in the query plan cache key ([Issue #2998](https://github.com/apollographql/router/issues/2998)) + +The query and operation name can be too large to transmit as part of a Redis cache key. They will now be hashed with SHA256 before writing them as part of the cache key. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3101 \ No newline at end of file diff --git a/apollo-router/src/query_planner/caching_query_planner.rs b/apollo-router/src/query_planner/caching_query_planner.rs index a1d6392021d..7b63c933c84 100644 --- a/apollo-router/src/query_planner/caching_query_planner.rs +++ b/apollo-router/src/query_planner/caching_query_planner.rs @@ -8,6 +8,8 @@ use std::task; use futures::future::BoxFuture; use router_bridge::planner::Planner; use router_bridge::planner::UsageReporting; +use sha2::Digest; +use sha2::Sha256; use tower::ServiceExt; use tracing::Instrument; @@ -251,12 +253,20 @@ pub(crate) struct CachingQueryKey { impl std::fmt::Display for CachingQueryKey { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + let mut hasher = Sha256::new(); + hasher.update(&self.query); + let query = hex::encode(hasher.finalize()); + + let mut hasher = Sha256::new(); + hasher.update(self.operation.as_deref().unwrap_or("-")); + let operation = hex::encode(hasher.finalize()); + write!( f, - "plan\0{}\0{}\0{}", + "plan.{}.{}.{}", self.schema_id.as_deref().unwrap_or("-"), - self.query, - self.operation.as_deref().unwrap_or("-") + query, + operation ) } } diff --git a/apollo-router/tests/redis_test.rs b/apollo-router/tests/redis_test.rs index dd361eb1cba..fccd0a93fe9 100644 --- a/apollo-router/tests/redis_test.rs +++ b/apollo-router/tests/redis_test.rs @@ -22,7 +22,7 @@ mod test { .expect("got redis connection"); connection - .del::<&'static str, ()>("plan\x005abb5fecf7df056396fb90fdf38d430b8c1fec55ec132fde878161608af18b76\x00{ topProducts { name name2:name } }\x00-").await.unwrap(); + .del::<&'static str, ()>("plan.5abb5fecf7df056396fb90fdf38d430b8c1fec55ec132fde878161608af18b76.4c45433039407593557f8a982dafd316a66ec03f0e1ed5fa1b7ef8060d76e8ec.3973e022e93220f9212c18d0d0c543ae7c309e46640da93a4a0314de999f5112").await.unwrap(); let supergraph = apollo_router::TestHarness::builder() .with_subgraph_network_requests() @@ -52,7 +52,7 @@ mod test { let _ = supergraph.oneshot(request).await?.next_response().await; let s:String = connection - .get("plan\x005abb5fecf7df056396fb90fdf38d430b8c1fec55ec132fde878161608af18b76\x00{ topProducts { name name2:name } }\x00-") + .get("plan.5abb5fecf7df056396fb90fdf38d430b8c1fec55ec132fde878161608af18b76.4c45433039407593557f8a982dafd316a66ec03f0e1ed5fa1b7ef8060d76e8ec.3973e022e93220f9212c18d0d0c543ae7c309e46640da93a4a0314de999f5112") .await .unwrap(); let query_plan_res: serde_json::Value = serde_json::from_str(&s).unwrap(); From 0a21c9bf90c6d9c6b4cb2fcf41ea8bf6e2398e6a Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Tue, 23 May 2023 17:18:48 +0300 Subject: [PATCH 05/39] chore: Refine release tooling to match `RELEASE_CHECKLIST.md` approach (#3116) This removes some automation which existed in the first iteration of the releasing xtask which depended on `octorust`. The steps in the updated `RELEASE_CHECKLIST.md` within https://github.com/apollographql/router/pull/3110 have a list of commands which leverage the `gh` CLI to do effecitely the same thing. The instructions I've used for the last many releases seem to have validated that approach and I suspect we will move in that direction. As an added benefit of depending on `gh`, `octorust` brought in a substantial amount of build-time to the `xtask` crate and a _lot_ of dependencies. (Concretely, I've been always having `--dry-run` and `--current-branch` on with the current instructions, so those options are no longer that useful there anyhow.) Relates to #170 Relates to https://github.com/apollographql/router/issues/2261 --- xtask/Cargo.lock | 709 +--------------------------- xtask/Cargo.toml | 2 - xtask/src/commands/changeset/mod.rs | 17 +- xtask/src/commands/release.rs | 130 +---- 4 files changed, 40 insertions(+), 818 deletions(-) diff --git a/xtask/Cargo.lock b/xtask/Cargo.lock index 07d60c7734b..4331e6443f5 100644 --- a/xtask/Cargo.lock +++ b/xtask/Cargo.lock @@ -78,40 +78,12 @@ version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "eab1c04a571841102f5345a8fc0f6bb3d31c315dec879b5c6e42e40ce7ffa34e" -[[package]] -name = "async-recursion" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e97ce7de6cf12de5d7226c73f5ba9811622f4db3a5b91b55c53e987e5f91cba" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.13", -] - -[[package]] -name = "async-trait" -version = "0.1.68" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9ccdd8f2a161be9bd5c023df56f1b2a0bd1d83872ae53b71a84a12c9bf6e842" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.13", -] - [[package]] name = "autocfg" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -[[package]] -name = "base64" -version = "0.13.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" - [[package]] name = "base64" version = "0.20.0" @@ -185,9 +157,6 @@ name = "cc" version = "1.0.79" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" -dependencies = [ - "jobserver", -] [[package]] name = "cfg-if" @@ -205,8 +174,7 @@ dependencies = [ "js-sys", "num-integer", "num-traits", - "serde", - "time 0.1.45", + "time", "wasm-bindgen", "winapi", ] @@ -329,16 +297,6 @@ dependencies = [ "cfg-if", ] -[[package]] -name = "crossbeam-channel" -version = "0.5.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf2b3e8478797446514c91ef04bafcb59faba183e621ad488df88983cc14128c" -dependencies = [ - "cfg-if", - "crossbeam-utils", -] - [[package]] name = "crossbeam-utils" version = "0.8.15" @@ -404,12 +362,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "dyn-clone" -version = "1.0.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "68b0cf012f1230e43cd00ebb729c6bb58707ecfa8ad08b52ef3a4ccd2697fc30" - [[package]] name = "either" version = "1.8.1" @@ -499,21 +451,6 @@ dependencies = [ "percent-encoding", ] -[[package]] -name = "futures" -version = "0.3.28" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23342abe12aba583913b2e62f22225ff9c950774065e4bfb61a19cd9770fec40" -dependencies = [ - "futures-channel", - "futures-core", - "futures-executor", - "futures-io", - "futures-sink", - "futures-task", - "futures-util", -] - [[package]] name = "futures-channel" version = "0.3.28" @@ -521,7 +458,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "955518d47e09b25bbebc7a18df10b81f0c766eaf4c4f1cccef2fca5f2a4fb5f2" dependencies = [ "futures-core", - "futures-sink", ] [[package]] @@ -530,34 +466,12 @@ version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4bca583b7e26f571124fe5b7561d49cb2868d79116cfa0eefce955557c6fee8c" -[[package]] -name = "futures-executor" -version = "0.3.28" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccecee823288125bd88b4d7f565c9e58e41858e47ab72e8ea2d64e93624386e0" -dependencies = [ - "futures-core", - "futures-task", - "futures-util", -] - [[package]] name = "futures-io" version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4fff74096e71ed47f8e023204cfd0aa1289cd54ae5430a9523be060cdb849964" -[[package]] -name = "futures-macro" -version = "0.3.28" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.13", -] - [[package]] name = "futures-sink" version = "0.3.28" @@ -576,11 +490,8 @@ version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "26b01e40b772d54cf6c6d721c1d1abd0647a0106a12ecaa1c186273392a69533" dependencies = [ - "futures-channel", "futures-core", "futures-io", - "futures-macro", - "futures-sink", "futures-task", "memchr", "pin-project-lite", @@ -599,32 +510,6 @@ dependencies = [ "wasi 0.9.0+wasi-snapshot-preview1", ] -[[package]] -name = "getrandom" -version = "0.2.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c05aeb6a22b8f62540c194aac980f2115af067bfe15a0734d7277a768d396b31" -dependencies = [ - "cfg-if", - "libc", - "wasi 0.11.0+wasi-snapshot-preview1", -] - -[[package]] -name = "git2" -version = "0.16.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccf7f68c2995f392c49fffb4f95ae2c873297830eb25c6bc4c114ce8f4562acc" -dependencies = [ - "bitflags", - "libc", - "libgit2-sys", - "log", - "openssl-probe", - "openssl-sys", - "url", -] - [[package]] name = "graphql-introspection-query" version = "0.2.0" @@ -801,22 +686,6 @@ dependencies = [ "tokio-rustls", ] -[[package]] -name = "hyperx" -version = "1.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5617e92fc2f2501c3e2bc6ce547cad841adba2bae5b921c7e52510beca6d084c" -dependencies = [ - "base64 0.13.1", - "bytes", - "http", - "httpdate", - "language-tags", - "mime", - "percent-encoding", - "unicase", -] - [[package]] name = "iana-time-zone" version = "0.1.56" @@ -915,15 +784,6 @@ version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6" -[[package]] -name = "jobserver" -version = "0.1.26" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "936cfd212a0155903bcbc060e316fb6cc7cbf2e1907329391ebadc1fe0ce77c2" -dependencies = [ - "libc", -] - [[package]] name = "js-sys" version = "0.3.61" @@ -933,26 +793,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "jsonwebtoken" -version = "8.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6971da4d9c3aa03c3d8f3ff0f4155b534aad021292003895a469716b2a230378" -dependencies = [ - "base64 0.21.0", - "pem", - "ring", - "serde", - "serde_json", - "simple_asn1", -] - -[[package]] -name = "language-tags" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4345964bb142484797b161f473a503a434de77149dd8c7427788c6e13379388" - [[package]] name = "lazy_static" version = "1.4.0" @@ -965,46 +805,6 @@ version = "0.2.141" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3304a64d199bb964be99741b7a14d26972741915b3649639149b2479bb46f4b5" -[[package]] -name = "libgit2-sys" -version = "0.14.2+1.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f3d95f6b51075fe9810a7ae22c7095f12b98005ab364d8544797a825ce946a4" -dependencies = [ - "cc", - "libc", - "libssh2-sys", - "libz-sys", - "openssl-sys", - "pkg-config", -] - -[[package]] -name = "libssh2-sys" -version = "0.2.23" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b094a36eb4b8b8c8a7b4b8ae43b2944502be3e59cd87687595cf6b0a71b3f4ca" -dependencies = [ - "cc", - "libc", - "libz-sys", - "openssl-sys", - "pkg-config", - "vcpkg", -] - -[[package]] -name = "libz-sys" -version = "1.1.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9702761c3935f8cc2f101793272e202c72b99da8f4224a19ddcf1279a6450bbf" -dependencies = [ - "cc", - "libc", - "pkg-config", - "vcpkg", -] - [[package]] name = "link-cplusplus" version = "1.0.8" @@ -1020,16 +820,6 @@ version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d59d8c75012853d2e872fb56bc8a2e53718e2cafe1a4c823143141c6d90c322f" -[[package]] -name = "lock_api" -version = "0.4.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" -dependencies = [ - "autocfg", - "scopeguard", -] - [[package]] name = "log" version = "0.4.17" @@ -1037,7 +827,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" dependencies = [ "cfg-if", - "serde", ] [[package]] @@ -1058,7 +847,7 @@ version = "0.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "673c6a442e72f0bca457afb369a8130596eeeb51c80a38b1dd39b6c490ed36c1" dependencies = [ - "rand 0.7.3", + "rand", ] [[package]] @@ -1067,16 +856,6 @@ version = "0.3.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" -[[package]] -name = "mime_guess" -version = "2.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4192263c238a5f0d0c6bfd21f336a313a4ce1c450542449ca191bb657b4642ef" -dependencies = [ - "mime", - "unicase", -] - [[package]] name = "miniz_oxide" version = "0.6.2" @@ -1107,17 +886,6 @@ dependencies = [ "windows-sys 0.45.0", ] -[[package]] -name = "num-bigint" -version = "0.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f93ab6289c7b344a8a9f60f88d80aa20032336fe78da341afc91c8a2341fc75f" -dependencies = [ - "autocfg", - "num-integer", - "num-traits", -] - [[package]] name = "num-integer" version = "0.1.45" @@ -1147,36 +915,6 @@ dependencies = [ "libc", ] -[[package]] -name = "octorust" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8026de41fd49716168781d4737b200d1e20aeda7ff96d5521ac0cafa4898defa" -dependencies = [ - "anyhow", - "async-recursion", - "chrono", - "http", - "hyperx", - "jsonwebtoken", - "log", - "mime", - "pem", - "percent-encoding", - "reqwest", - "reqwest-conditional-middleware", - "reqwest-middleware", - "reqwest-retry", - "reqwest-tracing", - "ring", - "schemars", - "serde", - "serde_json", - "serde_urlencoded", - "tokio", - "url", -] - [[package]] name = "once_cell" version = "1.17.1" @@ -1189,105 +927,12 @@ version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" -[[package]] -name = "openssl-src" -version = "111.25.2+1.1.1t" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "320708a054ad9b3bf314688b5db87cf4d6683d64cfc835e2337924ae62bf4431" -dependencies = [ - "cc", -] - -[[package]] -name = "openssl-sys" -version = "0.9.84" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a20eace9dc2d82904039cb76dcf50fb1a0bba071cfd1629720b5d6f1ddba0fa" -dependencies = [ - "cc", - "libc", - "openssl-src", - "pkg-config", - "vcpkg", -] - -[[package]] -name = "opentelemetry" -version = "0.17.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6105e89802af13fdf48c49d7646d3b533a70e536d818aae7e78ba0433d01acb8" -dependencies = [ - "async-trait", - "crossbeam-channel", - "futures-channel", - "futures-executor", - "futures-util", - "js-sys", - "lazy_static", - "percent-encoding", - "pin-project", - "rand 0.8.5", - "thiserror", -] - -[[package]] -name = "parking_lot" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" -dependencies = [ - "lock_api", - "parking_lot_core", -] - -[[package]] -name = "parking_lot_core" -version = "0.9.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9069cbb9f99e3a5083476ccb29ceb1de18b9118cafa53e90c9551235de2b9521" -dependencies = [ - "cfg-if", - "libc", - "redox_syscall 0.2.16", - "smallvec", - "windows-sys 0.45.0", -] - -[[package]] -name = "pem" -version = "1.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8835c273a76a90455d7344889b0964598e3316e2a79ede8e36f16bdcf2228b8" -dependencies = [ - "base64 0.13.1", -] - [[package]] name = "percent-encoding" version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" -[[package]] -name = "pin-project" -version = "1.0.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad29a609b6bcd67fee905812e544992d216af9d755757c05ed2d0e15a74c6ecc" -dependencies = [ - "pin-project-internal", -] - -[[package]] -name = "pin-project-internal" -version = "1.0.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "069bdb1e05adc7a8990dce9cc75370895fbe4e3d58b9b73bf1aee56359344a55" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - [[package]] name = "pin-project-lite" version = "0.2.9" @@ -1300,12 +945,6 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" -[[package]] -name = "pkg-config" -version = "0.3.26" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" - [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1336,24 +975,13 @@ version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" dependencies = [ - "getrandom 0.1.16", + "getrandom", "libc", - "rand_chacha 0.2.2", - "rand_core 0.5.1", + "rand_chacha", + "rand_core", "rand_hc", ] -[[package]] -name = "rand" -version = "0.8.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" -dependencies = [ - "libc", - "rand_chacha 0.3.1", - "rand_core 0.6.4", -] - [[package]] name = "rand_chacha" version = "0.2.2" @@ -1361,17 +989,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" dependencies = [ "ppv-lite86", - "rand_core 0.5.1", -] - -[[package]] -name = "rand_chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" -dependencies = [ - "ppv-lite86", - "rand_core 0.6.4", + "rand_core", ] [[package]] @@ -1380,16 +998,7 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" dependencies = [ - "getrandom 0.1.16", -] - -[[package]] -name = "rand_core" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" -dependencies = [ - "getrandom 0.2.8", + "getrandom", ] [[package]] @@ -1398,7 +1007,7 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" dependencies = [ - "rand_core 0.5.1", + "rand_core", ] [[package]] @@ -1456,7 +1065,6 @@ dependencies = [ "js-sys", "log", "mime", - "mime_guess", "once_cell", "percent-encoding", "pin-project-lite", @@ -1477,81 +1085,6 @@ dependencies = [ "winreg", ] -[[package]] -name = "reqwest-conditional-middleware" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bce134f515eb4c2748bbd928086e7b0aae0d1568daf6c63b51e829aa6f2cf464" -dependencies = [ - "async-trait", - "reqwest", - "reqwest-middleware", - "task-local-extensions", -] - -[[package]] -name = "reqwest-middleware" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69539cea4148dce683bec9dc95be3f0397a9bb2c248a49c8296a9d21659a8cdd" -dependencies = [ - "anyhow", - "async-trait", - "futures", - "http", - "reqwest", - "serde", - "task-local-extensions", - "thiserror", -] - -[[package]] -name = "reqwest-retry" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ce246a729eaa6aff5e215aee42845bf5fed9893cc6cd51aeeb712f34e04dd9f3" -dependencies = [ - "anyhow", - "async-trait", - "chrono", - "futures", - "http", - "hyper", - "reqwest", - "reqwest-middleware", - "retry-policies", - "task-local-extensions", - "tokio", - "tracing", -] - -[[package]] -name = "reqwest-tracing" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64977f9a47fa7768cc88751e29026e569730ac1667c2eaeaac04b32624849fbe" -dependencies = [ - "async-trait", - "opentelemetry", - "reqwest", - "reqwest-middleware", - "task-local-extensions", - "tokio", - "tracing", - "tracing-opentelemetry", -] - -[[package]] -name = "retry-policies" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e09bbcb5003282bcb688f0bae741b278e9c7e8f378f561522c9806c58e075d9b" -dependencies = [ - "anyhow", - "chrono", - "rand 0.8.5", -] - [[package]] name = "ring" version = "0.16.20" @@ -1638,40 +1171,6 @@ dependencies = [ "windows-sys 0.42.0", ] -[[package]] -name = "schemars" -version = "0.8.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02c613288622e5f0c3fdc5dbd4db1c5fbe752746b1d1a56a0630b78fd00de44f" -dependencies = [ - "bytes", - "chrono", - "dyn-clone", - "schemars_derive", - "serde", - "serde_json", - "url", - "uuid", -] - -[[package]] -name = "schemars_derive" -version = "0.8.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "109da1e6b197438deb6db99952990c7f959572794b80ff93707d55a232545e7c" -dependencies = [ - "proc-macro2", - "quote", - "serde_derive_internals", - "syn 1.0.109", -] - -[[package]] -name = "scopeguard" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" - [[package]] name = "scratch" version = "1.0.5" @@ -1740,17 +1239,6 @@ dependencies = [ "syn 2.0.13", ] -[[package]] -name = "serde_derive_internals" -version = "0.26.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85bf8229e7920a9f636479437026331ce11aa132b4dde37d121944a44d6e5f3c" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - [[package]] name = "serde_json" version = "1.0.95" @@ -1780,42 +1268,12 @@ dependencies = [ "serde", ] -[[package]] -name = "sharded-slab" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "900fba806f70c630b0a382d0d825e17a0f19fcd059a2ade1ff237bcddf446b31" -dependencies = [ - "lazy_static", -] - [[package]] name = "shell-words" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "24188a676b6ae68c3b2cb3a01be17fbf7240ce009799bb56d5b1409051e78fde" -[[package]] -name = "signal-hook-registry" -version = "1.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8229b473baa5980ac72ef434c4415e70c4b5e71b423043adb4ba059f89c99a1" -dependencies = [ - "libc", -] - -[[package]] -name = "simple_asn1" -version = "0.6.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adc4e5204eb1910f40f9cfa375f6f05b68c3abac4b6fd879c8ff5e7ae8a0a085" -dependencies = [ - "num-bigint", - "num-traits", - "thiserror", - "time 0.3.20", -] - [[package]] name = "slab" version = "0.4.8" @@ -1825,12 +1283,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "smallvec" -version = "1.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" - [[package]] name = "socket2" version = "0.4.9" @@ -1892,15 +1344,6 @@ dependencies = [ "xattr", ] -[[package]] -name = "task-local-extensions" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba323866e5d033818e3240feeb9f7db2c4296674e4d9e16b97b7bf8f490434e8" -dependencies = [ - "pin-utils", -] - [[package]] name = "tempfile" version = "3.5.0" @@ -1943,16 +1386,6 @@ dependencies = [ "syn 2.0.13", ] -[[package]] -name = "thread_local" -version = "1.1.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fdd6f064ccff2d6567adcb3873ca630700f00b5ad3f060c25b5dcfd9a4ce152" -dependencies = [ - "cfg-if", - "once_cell", -] - [[package]] name = "time" version = "0.1.45" @@ -1964,33 +1397,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "time" -version = "0.3.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd0cbfecb4d19b5ea75bb31ad904eb5b9fa13f21079c3b92017ebdf4999a5890" -dependencies = [ - "itoa", - "serde", - "time-core", - "time-macros", -] - -[[package]] -name = "time-core" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" - -[[package]] -name = "time-macros" -version = "0.2.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd80a657e71da814b8e5d60d3374fc6d35045062245d80224748ae522dd76f36" -dependencies = [ - "time-core", -] - [[package]] name = "tinytemplate" version = "1.2.1" @@ -2027,25 +1433,11 @@ dependencies = [ "libc", "mio", "num_cpus", - "parking_lot", "pin-project-lite", - "signal-hook-registry", "socket2", - "tokio-macros", "windows-sys 0.45.0", ] -[[package]] -name = "tokio-macros" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61a573bdc87985e9d6ddeed1b3d864e8a302c847e40d647746df2f1de209d1ce" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.13", -] - [[package]] name = "tokio-rustls" version = "0.23.4" @@ -2085,21 +1477,9 @@ checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" dependencies = [ "cfg-if", "pin-project-lite", - "tracing-attributes", "tracing-core", ] -[[package]] -name = "tracing-attributes" -version = "0.1.23" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4017f8f45139870ca7e672686113917c71c7a6e02d4924eda67186083c03081a" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - [[package]] name = "tracing-core" version = "0.1.30" @@ -2107,43 +1487,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a" dependencies = [ "once_cell", - "valuable", -] - -[[package]] -name = "tracing-log" -version = "0.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "78ddad33d2d10b1ed7eb9d1f518a5674713876e97e5bb9b7345a7984fbb4f922" -dependencies = [ - "lazy_static", - "log", - "tracing-core", -] - -[[package]] -name = "tracing-opentelemetry" -version = "0.17.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbbe89715c1dbbb790059e2565353978564924ee85017b5fff365c872ff6721f" -dependencies = [ - "once_cell", - "opentelemetry", - "tracing", - "tracing-core", - "tracing-log", - "tracing-subscriber", -] - -[[package]] -name = "tracing-subscriber" -version = "0.3.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a6176eae26dd70d0c919749377897b54a9276bd7061339665dd68777926b5a70" -dependencies = [ - "sharded-slab", - "thread_local", - "tracing-core", ] [[package]] @@ -2152,15 +1495,6 @@ version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed" -[[package]] -name = "unicase" -version = "2.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6" -dependencies = [ - "version_check", -] - [[package]] name = "unicode-bidi" version = "0.3.13" @@ -2212,7 +1546,6 @@ dependencies = [ "form_urlencoded", "idna", "percent-encoding", - "serde", ] [[package]] @@ -2221,30 +1554,6 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" -[[package]] -name = "uuid" -version = "1.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1674845326ee10d37ca60470760d4288a6f80f304007d92e5c53bab78c9cfd79" - -[[package]] -name = "valuable" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d" - -[[package]] -name = "vcpkg" -version = "0.2.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" - -[[package]] -name = "version_check" -version = "0.9.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" - [[package]] name = "void" version = "1.0.2" @@ -2613,13 +1922,11 @@ dependencies = [ "console", "dialoguer", "flate2", - "git2", "graphql_client", "itertools", "libc", "memorable-wordlist", "nu-ansi-term", - "octorust", "once_cell", "regex", "reqwest", diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml index 577d83744aa..675a2f6eaf4 100644 --- a/xtask/Cargo.toml +++ b/xtask/Cargo.toml @@ -19,12 +19,10 @@ console = "0.15.5" dialoguer = "0.10.3" flate2 = "1" graphql_client = { version = "0.12.0", features = ["reqwest-rustls"] } -git2 = { version = "0.16.1", features = ["vendored-openssl"] } itertools = "0.10.5" libc = "0.2" memorable-wordlist = "0.1.7" nu-ansi-term = "0.47" -octorust = "0.2.2" once_cell = "1" regex="1.7.1" reqwest = { version = "0.11", default-features = false, features = [ diff --git a/xtask/src/commands/changeset/mod.rs b/xtask/src/commands/changeset/mod.rs index 4872e04c7e1..4b4aa578481 100644 --- a/xtask/src/commands/changeset/mod.rs +++ b/xtask/src/commands/changeset/mod.rs @@ -39,7 +39,6 @@ use dialoguer::Confirm; use dialoguer::Editor; use dialoguer::Input; use dialoguer::Select; -use git2; use itertools::Itertools; use matching_pull_request::matching_pull_request::ResponseData; use matching_pull_request::matching_pull_request::Variables; @@ -284,12 +283,16 @@ impl Create { selection == 0 }; - let branch_name: Option = match git2::Repository::open_from_env() { - Ok(repo) => { - let refr = repo.head().unwrap(); - if refr.is_branch() { - Some(refr.shorthand() - .expect("no shorthand Git branch name available").to_string()) + // Get the branch name, optionally, using `git rev-parse --abbrev-ref HEAD`. + let branch_name: Option = match std::process::Command::new("git") + .arg("rev-parse") + .arg("--abbrev-ref") + .arg("HEAD") + .output() + { + Ok(output) => { + if output.status.success() { + Some(String::from_utf8(output.stdout).unwrap().trim().to_string()) } else { None } diff --git a/xtask/src/commands/release.rs b/xtask/src/commands/release.rs index 8fe33358ae2..497ce4f7360 100644 --- a/xtask/src/commands/release.rs +++ b/xtask/src/commands/release.rs @@ -5,10 +5,6 @@ use anyhow::Error; use anyhow::Result; use cargo_metadata::MetadataCommand; use chrono::prelude::Utc; -use git2::Repository; -use octorust::types::PullsCreateRequest; -use octorust::Client; -use tap::TapFallible; use walkdir::WalkDir; use xtask::*; @@ -56,32 +52,14 @@ impl FromStr for Version { #[derive(Debug, clap::Parser)] pub struct Prepare { - /// Release from the current branch rather than creating a new one. - #[clap(long)] - current_branch: bool, - /// Skip the license check #[clap(long)] skip_license_ckeck: bool, - /// Dry run, don't commit the changes and create the PR. - #[clap(long)] - dry_run: bool, - /// The new version that is being created OR to bump (major|minor|patch|current). version: Version, } -macro_rules! git { - ($( $i:expr ),*) => { - let git = which::which("git")?; - let result = std::process::Command::new(git).args([$( $i ),*]).status()?; - if !result.success() { - return Err(anyhow!("git {}", [$( $i ),*].join(","))); - } - }; -} - macro_rules! replace_in_file { ($path:expr, $regex:expr, $replacement:expr) => { let before = std::fs::read_to_string($path)?; @@ -104,33 +82,17 @@ impl Prepare { self.ensure_pristine_checkout()?; self.ensure_prereqs()?; let version = self.update_cargo_tomls(&self.version)?; - let github = octorust::Client::new( - "router-release".to_string(), - octorust::auth::Credentials::Token( - std::env::var("GITHUB_TOKEN").expect("GITHUB_TOKEN env variable must be set"), - ), - )?; self.update_lock()?; self.check_compliance()?; if let Version::Nightly = &self.version { - println!("Skipping various steps becasuse this is a nightly build."); + println!("Skipping various steps because this is a nightly build."); } else { self.update_install_script(&version)?; self.update_helm_charts(&version)?; self.update_docs(&version)?; self.docker_files(&version)?; self.finalize_changelog(&version)?; - - if !self.dry_run { - if !self.current_branch { - self.switch_to_release_branch(&version)?; - } - - // This also commits all changes to previously tracked files - // created by this script. - self.create_release_pr(&github, &version).await?; - } } Ok(()) @@ -176,25 +138,9 @@ impl Prepare { if which::which("cargo-deny").is_err() { return Err(anyhow!("the 'cargo-deny' executable could not be found in your PATH. Install it by running `cargo install --locked cargo-deny")); } - - if let Version::Nightly = &self.version { - println!("Skipping requirement that GITHUB_TOKEN is set in the environment because this is a nightly release which doesn't yet need it."); - } else if std::env::var("GITHUB_TOKEN").is_err() { - return Err(anyhow!("the GITHUB_TOKEN environment variable must be set to a valid personal access token prior to starting a release. Obtain a personal access token at https://github.com/settings/tokens which has the 'repo' scope.")); - } - Ok(()) - } - - /// Create a new branch "#.#.#" where "#.#.#" is this release's version - /// (release) or "#.#.#-rc.#" (release candidate) - fn switch_to_release_branch(&self, version: &str) -> Result<()> { - println!("creating release branch"); - git!("fetch", "origin", &format!("dev:{version}")); - git!("checkout", version); Ok(()) } - /// Update the `version` in `*/Cargo.toml` (do not forget the ones in scaffold templates). /// Update the `apollo-router` version in the `dependencies` sections of the `Cargo.toml` files in `apollo-router-scaffold/templates/**`. fn update_cargo_tomls(&self, version: &Version) -> Result { println!("updating Cargo.toml files"); @@ -222,19 +168,27 @@ impl Prepare { "apollo-router" ]), Version::Nightly => { - let head_commit: String = match Repository::open_from_env() { - Ok(repo) => { - let revspec = repo.revparse("HEAD")?; - if revspec.mode().contains(git2::RevparseMode::SINGLE) { - let mut full_hash = revspec.from().unwrap().id().to_string(); - full_hash.truncate(8); - full_hash - } else { - panic!("unexpected rev-parse HEAD"); - } - } - Err(e) => panic!("failed to open: {e}"), - }; + // Get the first 8 characters of the current commit hash by running + // the Command::new("git") command. Be sure to take the output and + // run that through String::from_utf8(output.stdout) to get exactly + // an 8 character string. + let head_commit = std::process::Command::new("git") + .args(["rev-parse", "HEAD"]) + .output() + .expect("failed to execute 'git rev-parse HEAD'") + .stdout; + + // If it's empty, then we're in a bad state. + if head_commit.is_empty() { + return Err(anyhow!("failed to get the current commit hash")); + } + + // Convert it using `String::from_utf8_lossy`, which will turn + // any funky characters into something really noticeable. + let head_commit = String::from_utf8_lossy(&head_commit); + + // Just get the first 8 characters, for brevity. + let head_commit = head_commit.chars().take(8).collect::(); replace_in_file!( "./apollo-router/Cargo.toml", @@ -434,44 +388,4 @@ impl Prepare { cargo!(["check"]); Ok(()) } - - /// Create the release PR - async fn create_release_pr(&self, github: &Client, version: &str) -> Result<()> { - let git = which::which("git")?; - let result = std::process::Command::new(git) - .args(["branch", "--show-current"]) - .output()?; - if !result.status.success() { - return Err(anyhow!("failed to get git current branch")); - } - let current_branch = String::from_utf8(result.stdout)?; - - println!("creating release PR"); - git!("add", "-u"); - git!("commit", "-m", &format!("release {version}")); - git!( - "push", - "--set-upstream", - "origin", - &format!("{}:{}", current_branch.trim(), version) - ); - github - .pulls() - .create( - "apollographql", - "router", - &PullsCreateRequest { - base: "main".to_string(), - body: format!("Release {version}"), - draft: None, - head: version.to_string(), - issue: 0, - maintainer_can_modify: None, - title: format!("Release {version}"), - }, - ) - .await - .tap_err(|_| eprintln!("failed to create release PR"))?; - Ok(()) - } } From 4f668a3988d527348122827be1ecad31d7be06e0 Mon Sep 17 00:00:00 2001 From: Coenen Benjamin Date: Wed, 24 May 2023 10:55:52 +0200 Subject: [PATCH 06/39] fix(telemetry): don't redact errors sent to Studio when it's set to false (#3137) Signed-off-by: Benjamin Coenen <5719034+bnjjj@users.noreply.github.com> --- .changesets/fix_bnjjj_fix_redact_error.md | 5 ++ .../telemetry/tracing/apollo_telemetry.rs | 54 +++++++++++++++++-- 2 files changed, 54 insertions(+), 5 deletions(-) create mode 100644 .changesets/fix_bnjjj_fix_redact_error.md diff --git a/.changesets/fix_bnjjj_fix_redact_error.md b/.changesets/fix_bnjjj_fix_redact_error.md new file mode 100644 index 00000000000..f4ee9cfdfdb --- /dev/null +++ b/.changesets/fix_bnjjj_fix_redact_error.md @@ -0,0 +1,5 @@ +### Fix the redact error feature for Studio + +If you were using `tracing.apollo.errors.subgraph.all.redact` and set it to `false` it was still readacting the error until this fix. + +By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3137 \ No newline at end of file diff --git a/apollo-router/src/plugins/telemetry/tracing/apollo_telemetry.rs b/apollo-router/src/plugins/telemetry/tracing/apollo_telemetry.rs index 8e233bfe73f..c0e913001c1 100644 --- a/apollo-router/src/plugins/telemetry/tracing/apollo_telemetry.rs +++ b/apollo-router/src/plugins/telemetry/tracing/apollo_telemetry.rs @@ -556,11 +556,13 @@ fn extract_ftv1_trace( fn preprocess_errors(t: &mut proto::reports::trace::Node, error_config: &ErrorConfiguration) { if error_config.send { - t.error.iter_mut().for_each(|err| { - err.message = String::from(""); - err.location = Vec::new(); - err.json = String::new(); - }); + if error_config.redact { + t.error.iter_mut().for_each(|err| { + err.message = String::from(""); + err.location = Vec::new(); + err.json = String::new(); + }); + } } else { t.error = Vec::new(); } @@ -984,6 +986,48 @@ mod test { assert!(node.child[0].error[0].location.is_empty()); assert_eq!(node.child[0].error[0].message.as_str(), ""); assert_eq!(node.child[0].error[0].time_ns, 5u64); + + let sub_node = Node { + error: vec![Error { + message: "this is my error".to_string(), + location: Vec::new(), + time_ns: 5, + json: String::from(r#"{"foo": "bar"}"#), + }], + ..Default::default() + }; + let mut node = Node { + error: vec![ + Error { + message: "this is my error".to_string(), + location: Vec::new(), + time_ns: 5, + json: String::from(r#"{"foo": "bar"}"#), + }, + Error { + message: "this is my other error".to_string(), + location: Vec::new(), + time_ns: 5, + json: String::from(r#"{"foo": "bar"}"#), + }, + ], + ..Default::default() + }; + node.child.push(sub_node); + let error_config = ErrorConfiguration { + send: true, + redact: false, + }; + preprocess_errors(&mut node, &error_config); + assert_eq!(node.error[0].message.as_str(), "this is my error"); + assert_eq!(node.error[0].time_ns, 5u64); + assert!(!node.error[1].json.is_empty()); + assert_eq!(node.error[1].message.as_str(), "this is my other error"); + assert_eq!(node.error[1].time_ns, 5u64); + + assert!(!node.child[0].error[0].json.is_empty()); + assert_eq!(node.child[0].error[0].message.as_str(), "this is my error"); + assert_eq!(node.child[0].error[0].time_ns, 5u64); } #[test] From ea496b1acce536e60b216549852d6f3f5dded83c Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Wed, 24 May 2023 12:57:42 +0300 Subject: [PATCH 07/39] Add a very expressive list of commands to `RELEASE_CHECKLIST.md` (#3110) Overall, this commit adds a very verbose list of individually automated steps which can be automated into approximateily 3 fully-automated chunks. For now, we're starting with testing the process with manual commands, and this outlines those commands. I've been using these for the release for a while and literally just copy and paste the commands about after the 4th step. (And stopping in the middle to fix the CHANGELOG.md and solicit PR approval from the team). Fixes https://github.com/apollographql/router/issues/170 --- RELEASE_CHECKLIST.md | 281 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 233 insertions(+), 48 deletions(-) diff --git a/RELEASE_CHECKLIST.md b/RELEASE_CHECKLIST.md index b5ee0d7669d..dfbd149ab82 100644 --- a/RELEASE_CHECKLIST.md +++ b/RELEASE_CHECKLIST.md @@ -42,56 +42,241 @@ This is a list of the things that need to happen during a release. Build a Release --------------- -### Prepare the Changelog (Full release only) - -If you are releasing a beta or a release candidate, no official changelog is -needed, but you're not off the hook! You'll need to write testing instructions -in lieu of an official changelog. - -1. Open the associated GitHub milestone for the release. All issues and PRs should be closed. If - they are not you should reassign all open issues and PRs to future - milestones. -2. Go through the commit history since the last release. Ensure that all PRs - that have landed are marked with the milestone. You can use this to - show all the PRs that are merged on or after YYYY-MM-DD: - `https://github.com/issues?utf8=%E2%9C%93&q=repo%3Aapollographql%2Frouter+merged%3A%3E%3DYYYY-MM-DD` -3. Go through the closed PRs in the milestone. Each should have a changelog - label indicating if the change is documentation, feature, fix, or - maintenance. If there is a missing label, please add one. If it is a - breaking change, also add a BREAKING label. -4. Set the release date in `NEXT_CHANGELOG.md`. Add this release to the - `CHANGELOG.md`. Use the structure of previous entries. - -### Start a release PR +Most of this will be executing some simple commands but here's a high level understanding and some terminology. There will be a total of 3 pull-requests involved: + +- **a Release PR**: this will merge **into `main`**. It will be a real merge commit and it **should NOT be squashed**. +- **a Release _Prep_ PR**: this will merge into the release PR _above_. It **SHOULD be squashed**. +- **Reconciliation PR**: a PR that merges `main` back into `dev`. It will be a real merge commit and it **should NOT be squashed**. + +The examples below will use [the GitHub CLI (`gh`)](https://cli.github.com/) to simplify the steps. We can automate it further in the future, but feels like the right level of abstraction right now. + +A release can be cut from any branch, but we assume you'll be doing it from `dev`. If you're just doing a release candidate, you can skip merging it back into `main`. 1. Make sure you have `cargo` installed on your machine and in your `PATH`. -2. Create a new branch "#.#.#" where "#.#.#" is this release's version - (release) or "#.#.#-rc.#" (release candidate) -3. Update the `version` in `*/Cargo.toml` (do not forget the ones in scaffold templates). -4. Update the `apollo-router` Git tags in the `dependencies` sections of the `Cargo.toml` files in `apollo-router-scaffold/templates/**`. -5. Update the `PACKAGE_VERSION` value in `scripts/install.sh` (it should be prefixed with `v`!) -6. Update `docker.mdx` and `kubernetes.mdx` with the release version. -7. Update `helm/chart/router/Chart.yaml` as follows: - - update the version and the appVersion to the release version. e.g.: `appVersion: "v0.9.0"` -8 Update `helm/chart/router/README.md` by running this from the repo root: `(cd helm/chart && helm-docs router)`. - (If not installed, you should [install `helm-docs`](https://github.com/norwoodj/helm-docs)) -9. Update the kubernetes section of the docs: - - go to the `helm/chart/router` folder - - run - ```helm template --set router.configuration.telemetry.metrics.prometheus.enabled=true --set managedFederation.apiKey="REDACTED" --set managedFederation.graphRef="REDACTED" --debug .``` - - Paste the output in the `Kubernetes Configuration` example of the `docs/source/containerization/kubernetes.mdx` file -9. Update `federation-version-support.mdx` with the latest version info. Use https://github.com/apollographql/version_matrix to generate the version matrix. -10. Update the `image` of the Docker image within `docker-compose*.yml` files inside the `dockerfiles` directory. -11. Update the license list with `cargo xtask licenses`. - (If not installed, you can install `cargo-about` by running `cargo install cargo-about`.) -12. Add a new section in `CHANGELOG.md` with the contents of `NEXT_CHANGELOG.md` -13. Put a Release date and the version number on the new `CHANGELOG.md` section -14. Update the version in `NEXT_CHANGELOG.md`. -15. Clear `NEXT_CHANGELOG.md` leaving only the template. -16. Run `cargo check` so the lock file gets updated. -17. Run `cargo xtask check-compliance`. -18. Push up a commit with all the changes. The commit message should be "release: v#.#.#" or "release: v#.#.#-rc.#" -19. Request review from the Router team. +2. Pick the version number you are going to release. This project uses [Semantic Versioning 2.0.0](https://semver.org/), so analyze the existing changes in the `.changesets/` directory to pick the right next version. (e.g., If there are `feat_` changes, it must be a minor version bump. If there are `breaking_` changes, it must be a _major_ version bump). **Do not release a major version without explicit agreement from core team members**. +3. Checkout the branch you want to cut from. Typically, this is `dev`, but you could do this from another branch as well. + + ``` + git checkout dev + ``` + +4. We'll set some environment variables for steps that follow this, to simplify copy and pasting. Be sure to customize these for your own conditions, and **set the version you picked in the above step** as `APOLLO_ROUTER_RELEASE_VERSION`: + + ``` + APOLLO_ROUTER_RELEASE_VERSION=#.#.# + APOLLO_ROUTER_RELEASE_GIT_ORIGIN=public + APOLLO_ROUTER_RELEASE_GITHUB_REPO=apollographql/router + ``` + +5. Make sure you have the latest from the remote before releasing, ensuring you're using the right remote! + + ``` + git pull "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" + ``` + +6. Create a new branch `#.#.#`. (The `#.#.#` values should be this release's version, and it is perfectly acceptable to use prerelease semantics, e.g., a branch named `1.5.3-rc.9`). To do this using the environment variable we just set, we'll just run the following from the same terminal: + + ``` + git checkout -b "${APOLLO_ROUTER_RELEASE_VERSION}" + ``` +7. Push this new branch to the appropriate remote. We will open a PR for it **later**, but this will be the **base** for the PR created in the next step). (And `--set-upstream` will of course track this locally. This is commonly abbreviated as `-u`.) + + ``` + git push --set-upstream "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" "${APOLLO_ROUTER_RELEASE_VERSION}" + ``` + +8. Create _another_ new branch called `prep-#.#.#` off of `#.#.#`. This branch will be used for bumping version numbers and getting review on the changelog. We'll do this using the same environment variable, so you can just run: + + ``` + git checkout -b "prep-${APOLLO_ROUTER_RELEASE_VERSION}" + ``` + +9. On this new `prep-#.#.#` branch, run the release automation script using this command to use the environment variable set previously: + + > **Note** + > For this command, `GITHUB_TOKEN` is **not used**, but it is still _required_ at the moment, so it's set here to `prep`. This is a bug in the releasing script that needs to be changed. + + ``` + cargo xtask release prepare $APOLLO_ROUTER_RELEASE_VERSION + ``` + + Running this command will: + + - Bump the necessary versions to the version specified, including those in the documentation. + - Migrate the current set of `/.changesets/*.md` files into `/CHANGELOG.md` using the version specified. + - Run our compliance checks and update the `licenses.html` file as appropriate. + - Ensure we're not using any incompatible licenses in the release. + +10. **MANUALLY CHECK AND UPDATE** the `federation-version-support.mdx` with the latest version info. Use https://github.com/apollographql/version_matrix to generate the version matrix. + +11. Now, review and stage he changes produced by the previous step. This is most safely done using the `--patch` (or `-p`) flag to `git add` (`-u` ignores untracked files). + + ``` + git add -up . + ``` + +12. Now commit those changes locally, using a brief message: + + ``` + git commit -m "prep release: v${APOLLO_ROUTER_RELEASE_VERSION}" + ``` + +13. (Optional) Make local edits to the newly rendered `CHANGELOG.md` entries to do some initial editoral. + + These things should typically be resolved earlier in the review process, but need to be double checked: + + - There are no breaking changes. + - Entries are in categories (e.g., Fixes vs Features) that make sense. + - Titles stand alone and work without their descriptions. + - You don't need to read the title for the description to make sense. + - Grammar is good. (Or great! But don't let perfect be the enemy of good.) + - Formatting looks nice when rendered as markdown and follows common convention. + +14. Now push the branch up to the correct remote: + + ``` + git push --set-upstream "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" "${APOLLO_ROUTER_RELEASE_VERSION}" + ``` + +15. Programatically create a small temporary file called `this_release.md` with the changelog details of _precisely this release_ from the `CHANGELOG.md`: + + > Note: This file could totally be created by the `xtask` if we merely decide convention for it and whether we want it checked in or not. It will be used again later in process and, in theory, by CI. Definitely not suggesting this should live on as regex. + + ``` + perl -0777 \ + -sne 'print "$1\n" if m{ + (?:\#\s # Look for H1 Markdown (line starting with "# ") + \[v?\Q$version\E\] # ...followed by [$version] (optionally with a "v") + # since some versions had that in the past. + \s.*?\n$) # ... then "space" until the end of the line. + \s* # Ignore PRE-entry-whitespace + (.*?) # Capture the ACTUAL body of the release. But do it + # in a non-greedy way, leading us to stop when we + # reach the next version boundary/heading. + \s* # Ignore POST-entry-whitespace + (?=^\#\s\[[^\]]+\]\s) # Once again, look for a version boundary. This is + # the same bit at the start, just on one line. + }msx' -- \ + -version="${APOLLO_ROUTER_RELEASE_VERSION}" \ + CHANGELOG.md > this_release.md + ``` + +16. Now, run this command to generate the header and the PR and keep them in an environment variable: + + ``` + apollo_prep_release_header="$( + cat < **Note** + > + > When approved, this PR will merge into **the \`${APOLLO_ROUTER_RELEASE_VERSION}\` branch** which will — upon being approved itself — merge into \`main\`. + > + > **Things to review in this PR**: + > - Changelog correctness (There is a preview below, but it is not necessarily the most up to date. See the _Files Changed_ for the true reality.) + > - Version bumps + > - That it targets the right release branch (\`${APOLLO_ROUTER_RELEASE_VERSION}\` in this case!). + > + --- + EOM + )" + apollo_prep_release_notes="$(cat ./this_release.md)" + ``` + +17. Use the `gh` CLI to create the PR, using the previously-set environment variables: + + ``` + echo "${apollo_prep_release_header}\n${apollo_prep_release_notes}" | gh --repo "${APOLLO_ROUTER_RELEASE_GITHUB_REPO}" pr create -B "${APOLLO_ROUTER_RELEASE_VERSION}" --title "prep release: v${APOLLO_ROUTER_RELEASE_VERSION}" --body-file - + ``` + +18. Use the `gh` CLI to enable **auto-squash** (**_NOT_** auto-**_merge_**) on the PR you just opened: + + ``` + gh --repo "${APOLLO_ROUTER_RELEASE_GITHUB_REPO}" pr merge --squash --body "" -t "prep release: v${APOLLO_ROUTER_RELEASE_VERSION}" --auto "prep-${APOLLO_ROUTER_RELEASE_VERSION}" + ``` + +19. 🗣️ **Solicit feedback from the Router team on the prep PR** + + Once approved, the PR will squash-merge itself into the next branch. + +20. After the PR has auto-merged, change your local branch back to the _non-_prep branch, pull any changes you (or others) may have added on GitHub : + + ``` + git checkout "${APOLLO_ROUTER_RELEASE_VERSION}" + git pull "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" + ``` + +20. Now, from your local final release branch, open the PR from the branch the prep PR already merged into: + + ``` + apollo_release_pr_header="$( + cat < **Note** + > **This particular PR should be true-merged to \`main\`.** + + This PR represents the merge to \`main\` of the v${APOLLO_ROUTER_RELEASE_VERSION} release. + + This PR is **primarily a merge commit**, so reviewing every individual commit shown below is **not necessary** since those have been reviewed in their own PR. + + **However!** Some things to review on this PR: + + - Does this PR target the right branch? (usually, \`main\`) + - Are the appropriate **version bumps** and **release note edits** in the end of the commit list (or within the last few commits). In other words, "Did the 'release prep' PR actually land on this branch?" + + If those things look good, this PR is good to merge. + EOM + )" + echo "${apollo_release_pr_header}" | gh --repo "${APOLLO_ROUTER_RELEASE_GITHUB_REPO}" pr create -B "main" --title "release: v${APOLLO_ROUTER_RELEASE_VERSION}" --body-file - + ``` + +21. Use the `gh` CLI to enable **auto-merge** (**_NOT_** auto-**_squash_**): + + ``` + gh --repo "${APOLLO_ROUTER_RELEASE_GITHUB_REPO}" pr merge --merge --body "" -t "release: v${APOLLO_ROUTER_RELEASE_VERSION}" --auto "${APOLLO_ROUTER_RELEASE_VERSION}" + ``` + +22. 🗣️ **Solicit approval from the Router team, wait for the PR to pass CI and auto-merge into `main`** + +23. After the PR has merged to `main`, pull `main` to your local terminal, and Git tag & push the release: + + This process will kick off the bulk of the release process on CircleCI, including building each architecture on its own infrastructure and notarizing the macOS binary. + + ``` + git checkout main + git pull "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" + git tag -a "v${APOLLO_ROUTER_RELEASE_VERSION}" -m "${APOLLO_ROUTER_RELEASE_VERSION}" && git push "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" "v${APOLLO_ROUTER_RELEASE_VERSION}" + ``` + +24. Open a PR that reconciles `dev`: + + ``` + gh --repo "${APOLLO_ROUTER_RELEASE_GITHUB_REPO}" pr create --title "Reconcile \`dev\` after merge to \`main\` for v${APOLLO_ROUTER_RELEASE_VERSION}" -B dev -H main --body "Follow-up to the v${APOLLO_ROUTER_RELEASE_VERSION} being officially released, bringing version bumps and changelog updates into the \`dev\` branch." + ``` + +25. 👀 Follow along with the process by [going to CircleCI for the repository](https://app.circleci.com/pipelines/github/apollographql/router) and clicking on `release` for the Git tag that appears at the top of the list. **Wait for `publish_github_release` to finish on this job before continuing.** + +26. After the CI job has finished for the tag, re-run the `perl` command from Step 15, which will regenerate the `this_release.md` with changes that happened in the release review. + +27. Change the links from `[@username](https://github.com/username)` to `@username` (TODO: Write more `perl` here. 😄) + + This ensures that contribution credit is clearly displayed using the user avatars on the GitHub Releases page when the notes are published in the next step. + +28. Update the release notes on the now-published [GitHub Releases](https://github.com/apollographql/router/releases) (this needs to be moved to CI, but requires `this_release.md` which we created earlier): + + ``` + gh release edit v"${APOLLO_ROUTER_RELEASE_VERSION}" -F ./this_release.md + ``` + +29. Publish the Crate from your local computer from the `main` branch (this also needs to be moved to CI, but requires changing the release containers to be Rust-enabled and to restore the caches): + + ``` + cargo publish -p apollo-router + ``` + +30. (Optional) To have a "social banner" for this release, run [this `htmlq` command](https://crates.io/crates/htmlq) (`cargo install htmlq`; its `jq` for HTML), open the link it produces, copy the image to your clipboard: + + ``` + curl -s "https://github.com/apollographql/router/releases/tag/v${APOLLO_ROUTER_RELEASE_VERSION}" | htmlq 'meta[property="og:image"]' --attribute content + ``` ### Review From 7ff296562075c1f223fe4ab1e4f3483a49c7ba11 Mon Sep 17 00:00:00 2001 From: Gary Pennington Date: Wed, 24 May 2023 11:59:13 +0100 Subject: [PATCH 08/39] coprocessor: add support for deferred responses and fix body data type (#3104) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Modifies the implementation to process deferred results gradually rather than blocking. Changes the coprocessor router body payload to be a String, rather than a JSON Value (Map, effectively) In retrospect, it was a mistake to have made the Router coprocessor body payload be a JSON Value. It should just be a String (Bytes). There are reasons for this: - Users want to interact with raw bytes at the Router level. - Defer responses are structured, but aren’t JSON values and are a stream. - Supergraph stage is where the body is guaranteed to be valid JSON. Since we should modify the payload of the router coprocessor calls to be bytes rather than JSON, we must do that as either: A coprocessor protocol revision A coprocessor protocol breaking change If we had chosen 1, then we would need to decide how to implement support in the router for multiple protocol versions (which doesn’t exist as yet). Probably the best solution is to provide a configuration option as part of coprocessor configuration and default to either the oldest or newest (to be argued about) version. This change, simply updates the implementation without revving the protocol. Users will need to modify their coprocessors after router version 1.x (when we release the fix). Fixes #3015 **Checklist** Complete the checklist (and note appropriate exceptions) before a final PR is raised. - [ ] Changes are compatible[^1] - [x] Documentation[^2] completed - [x] Performance impact assessed and acceptable - Tests added and passing[^3] - [x] Unit Tests - [x] Integration Tests - [x] Manual Tests **Exceptions** Changes are **not** compatible, but we have made the decision to fix this incompatibly now before the feature is widely used. I created a simple co-processor which I could use to validate that my changes were working as expected. **Notes** [^1]. It may be appropriate to bring upcoming changes to the attention of other (impacted) groups. Please endeavour to do this before seeking PR approval. The mechanism for doing this will vary considerably, so use your judgement as to how and when to do this. [^2]. Configuration is an important part of many changes. Where applicable please try to document configuration examples. [^3]. Tick whichever testing boxes are applicable. If you are adding Manual Tests: - please document the manual testing (extensively) in the Exceptions. - please raise a separate issue to automate the test and label it (or ask for it to be labeled) as `manual test` --------- Co-authored-by: Stephen Barlow Co-authored-by: Jesse Rosenberger --- .changesets/fix_garypen_3015_and_friends.md | 11 + apollo-router/src/plugins/coprocessor.rs | 278 +++++++---- apollo-router/src/plugins/coprocessor_test.rs | 453 +++++++++--------- apollo-router/src/services/external.rs | 123 ++++- docs/source/customizations/coprocessor.mdx | 223 ++++++--- 5 files changed, 710 insertions(+), 378 deletions(-) create mode 100644 .changesets/fix_garypen_3015_and_friends.md diff --git a/.changesets/fix_garypen_3015_and_friends.md b/.changesets/fix_garypen_3015_and_friends.md new file mode 100644 index 00000000000..5f66ac1a286 --- /dev/null +++ b/.changesets/fix_garypen_3015_and_friends.md @@ -0,0 +1,11 @@ +### Fix router coprocessor deferred response buffering and change JSON body type from Object to String ([Issue #3015](https://github.com/apollographql/router/issues/3015)) + +The current implementation of the `RouterResponse` processing for coprocessors forces buffering of response data before passing the data to a coprocessor. This is a bug, because deferred responses should be processed progressively with a stream of calls to the coprocessor as each chunk of data becomes available. + +Furthermore, the data type was assumed to be valid JSON for both `RouterRequest` and `RouterResponse` coprocessor processing. This is also a bug, because data at this stage of processing was never necessarily valid JSON. This is a particular issue when dealing with deferred (when using `@defer`) `RouterResponses`. + +This change fixes both of these bugs by modifying the router so that coprocessors are invoked with a `body` payload which is a JSON `String`, not a JSON `Object`. Furthermore, the router now processes each chunk of response data separately so that a coprocessor will receive multiple calls (once for each chunk) for a deferred response. + +For more details about how this works see the [coprocessor documentation](https://www.apollographql.com/docs/router/customizations/coprocessor/). + +By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3104 diff --git a/apollo-router/src/plugins/coprocessor.rs b/apollo-router/src/plugins/coprocessor.rs index 2227136584b..a2807807b4e 100644 --- a/apollo-router/src/plugins/coprocessor.rs +++ b/apollo-router/src/plugins/coprocessor.rs @@ -8,6 +8,10 @@ use std::sync::Arc; use std::time::Duration; use bytes::Bytes; +use futures::future::ready; +use futures::stream::once; +use futures::StreamExt; +use futures::TryStreamExt; use http::header::HeaderName; use http::HeaderMap; use http::HeaderValue; @@ -107,7 +111,7 @@ where + Send + Sync + 'static, - >>::Future: Send + Sync + 'static, + >>::Future: Send + Sync + 'static, { http_client: C, configuration: Conf, @@ -121,7 +125,7 @@ where + Send + Sync + 'static, - >>::Future: Send + Sync + 'static, + >>::Future: Send + Sync + 'static, { fn new(http_client: C, configuration: Conf, sdl: Arc) -> Result { Ok(Self { @@ -262,7 +266,7 @@ impl RouterStage { + Send + Sync + 'static, - >>::Future: Send + 'static, + >>::Future: Send + 'static, { let request_layer = (self.request != Default::default()).then_some({ let request_config = self.request.clone(); @@ -378,7 +382,7 @@ impl SubgraphStage { + Send + Sync + 'static, - >>::Future: Send + 'static, + >>::Future: Send + 'static, { let request_layer = (self.request != Default::default()).then_some({ let request_config = self.request.clone(); @@ -474,7 +478,7 @@ where + Send + Sync + 'static, - >>::Future: Send + 'static, + >>::Future: Send + 'static, { // Call into our out of process processor with a body of our body // First, extract the data we need from our request and prepare our @@ -490,30 +494,26 @@ where // HTTP GET requests don't have a body let body_to_send = request_config .body - .then(|| serde_json::from_slice::(&bytes)) + .then(|| String::from_utf8(bytes.to_vec())) .transpose() .unwrap_or_default(); let path_to_send = request_config.path.then(|| parts.uri.to_string()); let context_to_send = request_config.context.then(|| request.context.clone()); - let sdl = request_config.sdl.then(|| sdl.clone().to_string()); - - let payload = Externalizable { - version: EXTERNALIZABLE_VERSION, - stage: PipelineStep::RouterRequest.to_string(), - control: Some(Control::default()), - id: TraceId::maybe_new().map(|id| id.to_string()), - headers: headers_to_send, - body: body_to_send, - context: context_to_send, - sdl, - uri: None, - path: path_to_send, - method: Some(parts.method.to_string()), - service_name: None, - status_code: None, - }; + let sdl_to_send = request_config.sdl.then(|| sdl.clone().to_string()); + + let payload = Externalizable::router_builder() + .stage(PipelineStep::RouterRequest) + .control(Control::default()) + .and_id(TraceId::maybe_new().map(|id| id.to_string())) + .and_headers(headers_to_send) + .and_body(body_to_send) + .and_context(context_to_send) + .and_sdl(sdl_to_send) + .and_path(path_to_send) + .method(parts.method.to_string()) + .build(); tracing::debug!(?payload, "externalized output"); request.context.enter_active_request(); @@ -533,18 +533,24 @@ where // Ensure the code is a valid http status code let code = control.get_http_status()?; - let graphql_response: crate::graphql::Response = - serde_json::from_value(co_processor_output.body.unwrap_or(serde_json::Value::Null)) - .unwrap_or_else(|error| { - crate::graphql::Response::builder() - .errors(vec![Error::builder() - .message(format!( - "couldn't deserialize coprocessor output body: {error}" - )) - .extension_code("EXERNAL_DESERIALIZATION_ERROR") - .build()]) - .build() - }); + // At this point our body is a String. Try to get a valid JSON value from it + let body_as_value = co_processor_output + .body + .and_then(|b| serde_json::from_str(&b).ok()) + .unwrap_or(serde_json::Value::Null); + // Now we have some JSON, let's see if it's the right "shape" to create a graphql_response. + // If it isn't, we create a graphql error response + let graphql_response: crate::graphql::Response = serde_json::from_value(body_as_value) + .unwrap_or_else(|error| { + crate::graphql::Response::builder() + .errors(vec![Error::builder() + .message(format!( + "couldn't deserialize coprocessor output body: {error}" + )) + .extension_code("EXTERNAL_DESERIALIZATION_ERROR") + .build()]) + .build() + }); let res = router::Response::builder() .errors(graphql_response.errors) @@ -610,46 +616,57 @@ where + Send + Sync + 'static, - >>::Future: Send + 'static, + >>::Future: Send + 'static, { - // Call into our out of process processor with a body of our body - // First, extract the data we need from our response and prepare our - // external call. Use our configuration to figure out which data to send. + // split the response into parts + body let (parts, body) = response.response.into_parts(); - let bytes = hyper::body::to_bytes(body).await?; + // we split the body (which is a stream) into first response + rest of responses, + // for which we will implement mapping later + let (first, rest): (Option>, Body) = body.into_future().await; + + // If first is None, or contains an error we return an error + let opt_first: Option = first.and_then(|f| f.ok()); + let bytes = match opt_first { + Some(b) => b.to_vec(), + None => { + tracing::error!( + "Coprocessor cannot convert body into future due to problem with first part" + ); + return Err(BoxError::from( + "Coprocessor cannot convert body into future due to problem with first part", + )); + } + }; + + // Now we process our first chunk of response + // Encode headers, body, status, context, sdl to create a payload let headers_to_send = response_config .headers .then(|| externalize_header_map(&parts.headers)) .transpose()?; let body_to_send = response_config .body - .then(|| serde_json::from_slice::(&bytes)) + .then(|| String::from_utf8(bytes.clone())) .transpose()?; let status_to_send = response_config.status_code.then(|| parts.status.as_u16()); let context_to_send = response_config.context.then(|| response.context.clone()); - let sdl = response_config.sdl.then(|| sdl.clone().to_string()); - - let payload = Externalizable { - version: EXTERNALIZABLE_VERSION, - stage: PipelineStep::RouterResponse.to_string(), - control: None, - id: TraceId::maybe_new().map(|id| id.to_string()), - headers: headers_to_send, - body: body_to_send, - context: context_to_send, - status_code: status_to_send, - sdl, - uri: None, - path: None, - method: None, - service_name: None, - }; + let sdl_to_send = response_config.sdl.then(|| sdl.clone().to_string()); + + let payload = Externalizable::router_builder() + .stage(PipelineStep::RouterResponse) + .and_id(TraceId::maybe_new().map(|id| id.to_string())) + .and_headers(headers_to_send) + .and_body(body_to_send) + .and_context(context_to_send) + .and_status_code(status_to_send) + .and_sdl(sdl_to_send.clone()) + .build(); // Second, call our co-processor and get a reply. tracing::debug!(?payload, "externalized output"); response.context.enter_active_request(); - let co_processor_result = payload.call(http_client, &coprocessor_url).await; + let co_processor_result = payload.call(http_client.clone(), &coprocessor_url).await; response.context.leave_active_request(); tracing::debug!(?co_processor_result, "co-processor returned"); let co_processor_output = co_processor_result?; @@ -662,11 +679,12 @@ where // bits that we sent to the co_processor. let new_body = match co_processor_output.body { - Some(bytes) => Body::from(serde_json::to_vec(&bytes)?), + Some(bytes) => Body::from(bytes), None => Body::from(bytes), }; response.response = http::Response::from_parts(parts, new_body); + if let Some(control) = co_processor_output.control { *response.response.status_mut() = control.get_http_status()? } @@ -683,7 +701,85 @@ where *response.response.headers_mut() = internalize_header_map(headers)?; } - Ok(response) + // Now break our co-processor modified response back into parts + let (parts, body) = response.response.into_parts(); + + // Clone all the bits we need + let context = response.context.clone(); + let map_context = response.context.clone(); + + // Map the rest of our body to process subsequent chunks of response + let mapped_stream = rest + .map_err(BoxError::from) + .and_then(move |deferred_response| { + let generator_client = http_client.clone(); + let generator_coprocessor_url = coprocessor_url.clone(); + let generator_map_context = map_context.clone(); + let generator_sdl_to_send = sdl_to_send.clone(); + + async move { + let bytes = deferred_response.to_vec(); + let body_to_send = response_config + .body + .then(|| String::from_utf8(bytes.clone())) + .transpose()?; + let context_to_send = response_config + .context + .then(|| generator_map_context.clone()); + + // Note: We deliberately DO NOT send headers or status_code even if the user has + // requested them. That's because they are meaningless on a deferred response and + // providing them will be a source of confusion. + let payload = Externalizable::router_builder() + .stage(PipelineStep::RouterResponse) + .and_id(TraceId::maybe_new().map(|id| id.to_string())) + .and_body(body_to_send) + .and_context(context_to_send) + .and_sdl(generator_sdl_to_send) + .build(); + + // Second, call our co-processor and get a reply. + tracing::debug!(?payload, "externalized output"); + generator_map_context.enter_active_request(); + let co_processor_result = payload + .call(generator_client, &generator_coprocessor_url) + .await; + generator_map_context.leave_active_request(); + tracing::debug!(?co_processor_result, "co-processor returned"); + let co_processor_output = co_processor_result?; + + validate_coprocessor_output(&co_processor_output, PipelineStep::RouterResponse)?; + + // Third, process our reply and act on the contents. Our processing logic is + // that we replace "bits" of our incoming response with the updated bits if they + // are present in our co_processor_output. If they aren't present, just use the + // bits that we sent to the co_processor. + let final_bytes: Bytes = match co_processor_output.body { + Some(bytes) => bytes.into(), + None => bytes.into(), + }; + + if let Some(context) = co_processor_output.context { + for (key, value) in context.try_into_iter()? { + generator_map_context.upsert_json_value(key, move |_current| value); + } + } + + // We return the final_bytes into our stream of response chunks + Ok(final_bytes) + } + }); + + // Create our response stream which consists of the bytes from our first body chained with the + // rest of the responses in our mapped stream. + let bytes = hyper::body::to_bytes(body).await.map_err(BoxError::from); + let final_stream = once(ready(bytes)).chain(mapped_stream).boxed(); + + // Finally, return a response which has a Body that wraps our stream of response chunks. + Ok(router::Response { + context, + response: http::Response::from_parts(parts, Body::wrap_stream(final_stream)), + }) } // ----------------------------------------------------------------------------------------------------- @@ -700,7 +796,7 @@ where + Send + Sync + 'static, - >>::Future: Send + 'static, + >>::Future: Send + 'static, { // Call into our out of process processor with a body of our body // First, extract the data we need from our request and prepare our @@ -721,21 +817,17 @@ where let uri = request_config.uri.then(|| parts.uri.to_string()); let service_name = request_config.service_name.then_some(service_name); - let payload = Externalizable { - version: EXTERNALIZABLE_VERSION, - stage: PipelineStep::SubgraphRequest.to_string(), - control: Some(Control::default()), - id: TraceId::maybe_new().map(|id| id.to_string()), - headers: headers_to_send, - body: body_to_send, - context: context_to_send, - sdl: None, - service_name, - path: None, - uri, - method: Some(parts.method.to_string()), - status_code: None, - }; + let payload = Externalizable::subgraph_builder() + .stage(PipelineStep::SubgraphRequest) + .control(Control::default()) + .and_id(TraceId::maybe_new().map(|id| id.to_string())) + .and_headers(headers_to_send) + .and_body(body_to_send) + .and_context(context_to_send) + .method(parts.method.to_string()) + .and_service_name(service_name) + .and_uri(uri) + .build(); tracing::debug!(?payload, "externalized output"); request.context.enter_active_request(); @@ -763,7 +855,7 @@ where .message(format!( "couldn't deserialize coprocessor output body: {error}" )) - .extension_code("EXERNAL_DESERIALIZATION_ERROR") + .extension_code("EXTERNAL_DESERIALIZATION_ERROR") .build()]) .build() }); @@ -836,7 +928,7 @@ where + Send + Sync + 'static, - >>::Future: Send + 'static, + >>::Future: Send + 'static, { // Call into our out of process processor with a body of our body // First, extract the data we need from our response and prepare our @@ -859,21 +951,15 @@ where let context_to_send = response_config.context.then(|| response.context.clone()); let service_name = response_config.service_name.then_some(service_name); - let payload = Externalizable { - version: EXTERNALIZABLE_VERSION, - stage: PipelineStep::SubgraphResponse.to_string(), - control: None, - id: TraceId::maybe_new().map(|id| id.to_string()), - headers: headers_to_send, - body: body_to_send, - context: context_to_send, - status_code: status_to_send, - sdl: None, - uri: None, - path: None, - method: None, - service_name, - }; + let payload = Externalizable::subgraph_builder() + .stage(PipelineStep::SubgraphResponse) + .and_id(TraceId::maybe_new().map(|id| id.to_string())) + .and_headers(headers_to_send) + .and_body(body_to_send) + .and_context(context_to_send) + .and_status_code(status_to_send) + .and_service_name(service_name) + .build(); tracing::debug!(?payload, "externalized output"); response.context.enter_active_request(); @@ -917,8 +1003,8 @@ where // ----------------------------------------------------------------------------------------- -fn validate_coprocessor_output( - co_processor_output: &Externalizable, +fn validate_coprocessor_output( + co_processor_output: &Externalizable, expected_step: PipelineStep, ) -> Result<(), BoxError> { if co_processor_output.version != EXTERNALIZABLE_VERSION { diff --git a/apollo-router/src/plugins/coprocessor_test.rs b/apollo-router/src/plugins/coprocessor_test.rs index fb30b997ddb..297391af5ee 100644 --- a/apollo-router/src/plugins/coprocessor_test.rs +++ b/apollo-router/src/plugins/coprocessor_test.rs @@ -30,7 +30,7 @@ mod tests { #[tokio::test] async fn load_plugin() { - let config = serde_json::json!({ + let config = json!({ "coprocessor": { "url": "http://127.0.0.1:8081" } @@ -48,7 +48,7 @@ mod tests { #[tokio::test] async fn unknown_fields_are_denied() { - let config = serde_json::json!({ + let config = json!({ "coprocessor": { "url": "http://127.0.0.1:8081", "thisFieldDoesntExist": true @@ -67,7 +67,7 @@ mod tests { #[tokio::test] async fn external_plugin_with_stages_wont_load_without_graph_ref() { - let config = serde_json::json!({ + let config = json!({ "coprocessor": { "url": "http://127.0.0.1:8081", "stages": { @@ -110,22 +110,22 @@ mod tests { let mock_http_client = mock_with_callback(move |_: hyper::Request| { Box::pin(async { // Wrong version! + let input = json!( + { + "version": 2, + "stage": "RouterRequest", + "control": "continue", + "id": "1b19c05fdafc521016df33148ad63c1b", + "body": "{ + \"query\": \"query Long {\n me {\n name\n}\n}\" + }", + "context": { + "entries": {} + }, + "sdl": "the sdl shouldnt change" + }); Ok(hyper::Response::builder() - .body(Body::from( - r##"{ - "version": 2, - "stage": "RouterRequest", - "control": "continue", - "id": "1b19c05fdafc521016df33148ad63c1b", - "body": { - "query": "query Long {\n me {\n name\n}\n}" - }, - "context": { - "entries": {} - }, - "sdl": "the sdl shouldnt change" - }"##, - )) + .body(Body::from(serde_json::to_string(&input).unwrap())) .unwrap()) }) }); @@ -169,22 +169,22 @@ mod tests { let mock_http_client = mock_with_callback(move |_: hyper::Request| { Box::pin(async { // Wrong stage! + let input = json!( + { + "version": 1, + "stage": "RouterResponse", + "control": "continue", + "id": "1b19c05fdafc521016df33148ad63c1b", + "body": "{ + \"query\": \"query Long {\n me {\n name\n}\n}\" + }", + "context": { + "entries": {} + }, + "sdl": "the sdl shouldnt change" + }); Ok(hyper::Response::builder() - .body(Body::from( - r##"{ - "version": 1, - "stage": "RouterResponse", - "control": "continue", - "id": "1b19c05fdafc521016df33148ad63c1b", - "body": { - "query": "query Long {\n me {\n name\n}\n}" - }, - "context": { - "entries": {} - }, - "sdl": "the sdl shouldnt change" - }"##, - )) + .body(Body::from(serde_json::to_string(&input).unwrap())) .unwrap()) }) }); @@ -228,21 +228,21 @@ mod tests { let mock_http_client = mock_with_callback(move |_: hyper::Request| { Box::pin(async { // Wrong stage! + let input = json!( + { + "version": 1, + "stage": "RouterRequest", + "id": "1b19c05fdafc521016df33148ad63c1b", + "body": "{ + \"query\": \"query Long {\n me {\n name\n}\n}\" + }", + "context": { + "entries": {} + }, + "sdl": "the sdl shouldnt change" + }); Ok(hyper::Response::builder() - .body(Body::from( - r##"{ - "version": 1, - "stage": "RouterRequest", - "id": "1b19c05fdafc521016df33148ad63c1b", - "body": { - "query": "query Long {\n me {\n name\n}\n}" - }, - "context": { - "entries": {} - }, - "sdl": "the sdl shouldnt change" - }"##, - )) + .body(Body::from(serde_json::to_string(&input).unwrap())) .unwrap()) }) }); @@ -691,53 +691,53 @@ mod tests { deserialized_request.stage ); + let input = json!( + { + "version": 1, + "stage": "RouterRequest", + "control": "continue", + "id": "1b19c05fdafc521016df33148ad63c1b", + "headers": { + "cookie": [ + "tasty_cookie=strawberry" + ], + "content-type": [ + "application/json" + ], + "host": [ + "127.0.0.1:4000" + ], + "apollo-federation-include-trace": [ + "ftv1" + ], + "apollographql-client-name": [ + "manual" + ], + "accept": [ + "*/*" + ], + "user-agent": [ + "curl/7.79.1" + ], + "content-length": [ + "46" + ] + }, + "body": "{ + \"query\": \"query Long {\n me {\n name\n}\n}\" + }", + "context": { + "entries": { + "accepts-json": false, + "accepts-wildcard": true, + "accepts-multipart": false, + "this-is-a-test-context": 42 + } + }, + "sdl": "the sdl shouldnt change" + }); Ok(hyper::Response::builder() - .body(Body::from( - r##"{ - "version": 1, - "stage": "RouterRequest", - "control": "continue", - "id": "1b19c05fdafc521016df33148ad63c1b", - "headers": { - "cookie": [ - "tasty_cookie=strawberry" - ], - "content-type": [ - "application/json" - ], - "host": [ - "127.0.0.1:4000" - ], - "apollo-federation-include-trace": [ - "ftv1" - ], - "apollographql-client-name": [ - "manual" - ], - "accept": [ - "*/*" - ], - "user-agent": [ - "curl/7.79.1" - ], - "content-length": [ - "46" - ] - }, - "body": { - "query": "query Long {\n me {\n name\n}\n}" - }, - "context": { - "entries": { - "accepts-json": false, - "accepts-wildcard": true, - "accepts-multipart": false, - "this-is-a-test-context": 42 - } - }, - "sdl": "the sdl shouldnt change" - }"##, - )) + .body(Body::from(serde_json::to_string(&input).unwrap())) .unwrap()) }) }); @@ -814,55 +814,55 @@ mod tests { deserialized_request.stage ); + let input = json!( + { + "version": 1, + "stage": "RouterRequest", + "control": "continue", + "id": "1b19c05fdafc521016df33148ad63c1b", + "uri": "/this/is/a/new/uri", + "method": "POST", + "headers": { + "cookie": [ + "tasty_cookie=strawberry" + ], + "content-type": [ + "application/json" + ], + "host": [ + "127.0.0.1:4000" + ], + "apollo-federation-include-trace": [ + "ftv1" + ], + "apollographql-client-name": [ + "manual" + ], + "accept": [ + "*/*" + ], + "user-agent": [ + "curl/7.79.1" + ], + "content-length": [ + "46" + ] + }, + "body": "{ + \"query\": \"query Long {\n me {\n name\n}\n}\" + }", + "context": { + "entries": { + "accepts-json": false, + "accepts-wildcard": true, + "accepts-multipart": false, + "this-is-a-test-context": 42 + } + }, + "sdl": "the sdl shouldnt change" + }); Ok(hyper::Response::builder() - .body(Body::from( - r##"{ - "version": 1, - "stage": "RouterRequest", - "control": "continue", - "id": "1b19c05fdafc521016df33148ad63c1b", - "uri": "/this/is/a/new/uri", - "method": "POST", - "headers": { - "cookie": [ - "tasty_cookie=strawberry" - ], - "content-type": [ - "application/json" - ], - "host": [ - "127.0.0.1:4000" - ], - "apollo-federation-include-trace": [ - "ftv1" - ], - "apollographql-client-name": [ - "manual" - ], - "accept": [ - "*/*" - ], - "user-agent": [ - "curl/7.79.1" - ], - "content-length": [ - "46" - ] - }, - "body": { - "query": "query Long {\n me {\n name\n}\n}" - }, - "context": { - "entries": { - "accepts-json": false, - "accepts-wildcard": true, - "accepts-multipart": false, - "this-is-a-test-context": 42 - } - }, - "sdl": "the sdl shouldnt change" - }"##, - )) + .body(Body::from(serde_json::to_string(&input).unwrap())) .unwrap()) }) }); @@ -910,28 +910,29 @@ mod tests { deserialized_request.stage ); + let input = json!( + { + "version": 1, + "stage": "RouterRequest", + "control": { + "break": 200 + }, + "id": "1b19c05fdafc521016df33148ad63c1b", + "body": "{ + \"errors\": [{ \"message\": \"my error message\" }] + }", + "context": { + "entries": { + "testKey": true + } + }, + "headers": { + "aheader": ["a value"] + } + } + ); Ok(hyper::Response::builder() - .body(Body::from( - r##"{ - "version": 1, - "stage": "RouterRequest", - "control": { - "break": 200 - }, - "id": "1b19c05fdafc521016df33148ad63c1b", - "body": { - "errors": [{ "message": "my error message" }] - }, - "context": { - "entries": { - "testKey": true - } - }, - "headers": { - "aheader": ["a value"] - } - }"##, - )) + .body(Body::from(serde_json::to_string(&input).unwrap())) .unwrap()) }) }); @@ -960,7 +961,7 @@ mod tests { .unwrap(); assert_eq!( - serde_json::json!({ + json!({ "errors": [{ "message": "my error message" }] @@ -984,14 +985,14 @@ mod tests { let mock_router_service = router_service::from_supergraph_mock_callback(move |req| { Ok(supergraph::Response::builder() - .data(json!({ "test": 1234_u32 })) + .data(json!("{ \"test\": 1234_u32 }")) .context(req.context) .build() .unwrap()) }) .await; - let mock_http_client = mock_with_callback(move |res: hyper::Request| { + let mock_http_client = mock_with_deferred_callback(move |res: hyper::Request| { Box::pin(async { let deserialized_response: Externalizable = serde_json::from_slice(&hyper::body::to_bytes(res.into_body()).await.unwrap()) @@ -1004,59 +1005,59 @@ mod tests { ); assert_eq!( - json!({ "data": { "test": 1234_u32 } }), + json!("{\"data\":\"{ \\\"test\\\": 1234_u32 }\"}"), deserialized_response.body.unwrap() ); + let input = json!( + { + "version": 1, + "stage": "RouterResponse", + "control": { + "break": 400 + }, + "id": "1b19c05fdafc521016df33148ad63c1b", + "headers": { + "cookie": [ + "tasty_cookie=strawberry" + ], + "content-type": [ + "application/json" + ], + "host": [ + "127.0.0.1:4000" + ], + "apollo-federation-include-trace": [ + "ftv1" + ], + "apollographql-client-name": [ + "manual" + ], + "accept": [ + "*/*" + ], + "user-agent": [ + "curl/7.79.1" + ], + "content-length": [ + "46" + ] + }, + "body": "{ + \"data\": { \"test\": 42 } + }", + "context": { + "entries": { + "accepts-json": false, + "accepts-wildcard": true, + "accepts-multipart": false, + "this-is-a-test-context": 42 + } + }, + "sdl": "the sdl shouldnt change" + }); Ok(hyper::Response::builder() - .body(Body::from( - r##"{ - "version": 1, - "stage": "RouterResponse", - "control": { - "break": 400 - }, - "id": "1b19c05fdafc521016df33148ad63c1b", - "headers": { - "cookie": [ - "tasty_cookie=strawberry" - ], - "content-type": [ - "application/json" - ], - "host": [ - "127.0.0.1:4000" - ], - "apollo-federation-include-trace": [ - "ftv1" - ], - "apollographql-client-name": [ - "manual" - ], - "accept": [ - "*/*" - ], - "user-agent": [ - "curl/7.79.1" - ], - "content-length": [ - "46" - ] - }, - "body": { - "data": { "test": 42 } - }, - "context": { - "entries": { - "accepts-json": false, - "accepts-wildcard": true, - "accepts-multipart": false, - "this-is-a-test-context": 42 - } - }, - "sdl": "the sdl shouldnt change" - }"##, - )) + .body(Body::from(serde_json::to_string(&input).unwrap())) .unwrap()) }) }); @@ -1182,4 +1183,28 @@ mod tests { mock_http_client } + + #[allow(clippy::type_complexity)] + fn mock_with_deferred_callback( + callback: fn( + hyper::Request, + ) -> BoxFuture<'static, Result, BoxError>>, + ) -> MockHttpClientService { + let mut mock_http_client = MockHttpClientService::new(); + mock_http_client.expect_clone().returning(move || { + let mut mock_http_client = MockHttpClientService::new(); + mock_http_client.expect_clone().returning(move || { + let mut mock_http_client = MockHttpClientService::new(); + mock_http_client.expect_clone().returning(move || { + let mut mock_http_client = MockHttpClientService::new(); + mock_http_client.expect_call().returning(callback); + mock_http_client + }); + mock_http_client + }); + mock_http_client + }); + + mock_http_client + } } diff --git a/apollo-router/src/services/external.rs b/apollo-router/src/services/external.rs index d137fcd4a47..42b59d8bfbb 100644 --- a/apollo-router/src/services/external.rs +++ b/apollo-router/src/services/external.rs @@ -66,7 +66,6 @@ impl Control { } } -// TODO: Builder #[derive(Clone, Debug, Deserialize, Serialize)] #[serde(rename_all = "camelCase")] pub(crate) struct Externalizable { @@ -96,10 +95,85 @@ pub(crate) struct Externalizable { pub(crate) status_code: Option, } +#[buildstructor::buildstructor] impl Externalizable where T: Debug + DeserializeOwned + Serialize + Send + Sync, { + #[builder(visibility = "pub(crate)")] + /// This is the constructor (or builder) to use when constructing a Router + /// `Externalizable`. + /// + fn router_new( + stage: PipelineStep, + control: Option, + id: Option, + headers: Option>>, + body: Option, + context: Option, + status_code: Option, + method: Option, + path: Option, + sdl: Option, + ) -> Self { + assert!(matches!( + stage, + PipelineStep::RouterRequest | PipelineStep::RouterResponse + )); + Externalizable { + version: EXTERNALIZABLE_VERSION, + stage: stage.to_string(), + control, + id, + headers, + body, + context, + status_code, + sdl, + uri: None, + path, + method, + service_name: None, + } + } + + #[builder(visibility = "pub(crate)")] + /// This is the constructor (or builder) to use when constructing a Subgraph + /// `Externalizable`. + /// + fn subgraph_new( + stage: PipelineStep, + control: Option, + id: Option, + headers: Option>>, + body: Option, + context: Option, + status_code: Option, + method: Option, + service_name: Option, + uri: Option, + ) -> Self { + assert!(matches!( + stage, + PipelineStep::SubgraphRequest | PipelineStep::SubgraphResponse + )); + Externalizable { + version: EXTERNALIZABLE_VERSION, + stage: stage.to_string(), + control, + id, + headers, + body, + context, + status_code, + sdl: None, + uri, + path: None, + method, + service_name, + } + } + pub(crate) async fn call(self, mut client: C, uri: &str) -> Result where C: Service, Response = hyper::Response, Error = BoxError> @@ -131,3 +205,50 @@ where .and_then(|bytes| serde_json::from_slice(&bytes).map_err(BoxError::from)) } } + +#[cfg(test)] +mod test { + use super::*; + + #[test] + fn it_will_build_router_externalizable_correctly() { + Externalizable::::router_builder() + .stage(PipelineStep::RouterRequest) + .build(); + Externalizable::::router_builder() + .stage(PipelineStep::RouterResponse) + .build(); + } + + #[test] + #[should_panic] + fn it_will_not_build_router_externalizable_incorrectly() { + Externalizable::::router_builder() + .stage(PipelineStep::SubgraphRequest) + .build(); + Externalizable::::router_builder() + .stage(PipelineStep::SubgraphResponse) + .build(); + } + + #[test] + fn it_will_build_subgraph_externalizable_correctly() { + Externalizable::::subgraph_builder() + .stage(PipelineStep::SubgraphRequest) + .build(); + Externalizable::::subgraph_builder() + .stage(PipelineStep::SubgraphResponse) + .build(); + } + + #[test] + #[should_panic] + fn it_will_not_build_subgraph_externalizable_incorrectly() { + Externalizable::::subgraph_builder() + .stage(PipelineStep::RouterRequest) + .build(); + Externalizable::::subgraph_builder() + .stage(PipelineStep::RouterResponse) + .build(); + } +} diff --git a/docs/source/customizations/coprocessor.mdx b/docs/source/customizations/coprocessor.mdx index 836e608068d..e8626a36b3b 100644 --- a/docs/source/customizations/coprocessor.mdx +++ b/docs/source/customizations/coprocessor.mdx @@ -63,8 +63,6 @@ At _every_ stage, the router waits for your coprocessor's response before it con If your coprocessor hooks into your router's `SubgraphService`, the router sends a separate coprocessor request _for each subgraph request in its query plan._ In other words, if your router needs to query three separate subgraphs to fully resolve a client operation, it sends three separate coprocessor requests. Each coprocessor request includes the [name](#servicename) and [URL](#uri) of the subgraph being queried. -> This behavior differs from hooking into `RouterService`, which can trigger exactly one coprocessor request per stage. - ## Setup > **First, make sure your router is [connected to a GraphOS Enterprise organization](../enterprise-features/#enabling-enterprise-features).** @@ -87,7 +85,7 @@ coprocessor: sdl: false path: false method: false - response: # By including this key, the `RouterService` sends a coprocessor request whenever it's about to send a client response. + response: # By including this key, the `RouterService` sends a coprocessor request whenever it's about to send response data to a client (including incremental data via @defer). headers: true body: false context: false @@ -180,9 +178,9 @@ Properties of the JSON body are divided into two high-level categories: "46" ] }, - "body": { - "query": "query GetActiveUser {\n me {\n name\n}\n}" - }, + "body": "{ + \"query\": \"query GetActiveUser {\n me {\n name\n}\n}\" + }", "context": { "entries": { "accepts-json": false, @@ -219,13 +217,13 @@ Properties of the JSON body are divided into two high-level categories: "application/json" ] }, - "body": { - "data": { - "me": { - "name": "Ada Lovelace" + "body": "{ + \"data\": { + \"me\": { + \"name\": \"Ada Lovelace\" } } - }, + }", "context": { "entries": { "apollo_telemetry::subgraph_metrics_attributes": {}, @@ -492,7 +490,7 @@ Properties of the JSON body are divided into two high-level categories: ##### `control` -`string` | `object` +`string | object` @@ -515,56 +513,56 @@ For details, see [Terminating a client request](#terminating-a-client-request). -##### `stage` +##### `id` `string` -Indicates which stage of the router's [request-handling lifecycle](./rhai/#router-request-lifecycle) this coprocessor request corresponds to. - -This value is one of the following: - -- `RouterRequest`: The `RouterService` has just received a client request. -- `RouterResponse`: The `RouterService` is about to send a client response. -- `SubgraphRequest`: The `SubgraphService` is about to send a request to a subgraph. -- `SubgraphResponse`: The `SubgraphService` has just received a subgraph response. +A unique ID corresponding to the client request associated with this coprocessor request. **Do not return a _different_ value for this property.** If you do, the router treats the coprocessor request as if it failed. + -##### `version` +##### `stage` -`number` +`string` -Indicates which version of the coprocessor request protocol the router is using. +Indicates which stage of the router's [request-handling lifecycle](./rhai/#router-request-lifecycle) this coprocessor request corresponds to. -Currently, this value is always `1`. +This value is one of the following: -**Do not return a _different_ value for this property.** If you do, the router treats the coprocessor request as if it failed. +- `RouterRequest`: The `RouterService` has just received a client request. +- `RouterResponse`: The `RouterService` is about to send response data to a client. +- `SubgraphRequest`: The `SubgraphService` is about to send a request to a subgraph. +- `SubgraphResponse`: The `SubgraphService` has just received a subgraph response. +**Do not return a _different_ value for this property.** If you do, the router treats the coprocessor request as if it failed. -##### `id` +##### `version` -`string` +`number` -A unique ID corresponding to the client request associated with this coprocessor request. +Indicates which version of the coprocessor request protocol the router is using. + +Currently, this value is always `1`. **Do not return a _different_ value for this property.** If you do, the router treats the coprocessor request as if it failed. @@ -582,18 +580,31 @@ A unique ID corresponding to the client request associated with this coprocessor -##### `serviceName` +##### `body` -`string` +`string | object` -The name of the subgraph that this coprocessor request pertains to. +The body of the corresponding request or response. -This value is present only for coprocessor requests from the router's `SubgraphService`. +If your coprocessor [returns a _different_ value](#responding-to-coprocessor-requests) for `body`, the router replaces the existing body with that value. This is common when [terminating a client request](#terminating-a-client-request). -**Do not return a _different_ value for this property.** If you do, the router treats the coprocessor request as if it failed. +This field's type depends on the coprocessor request's [`stage`](#stage): + +- For `SubgraphService` stages, `body` is a JSON _object_. +- For `RouterService` stages, `body` is a JSON _string_. + - This is necessary to support handling [deferred queries](#handling-deferred-query-responses). + - If you modify `body` during the `RouterRequest` stage, the new value must be a valid string serialization of a JSON object. If it isn't, the router detects that the body is malformed and returns an error to the client. + +This field's structure depends on whether the coprocessor request corresponds to a request, a standard response, or a response "chunk" for a deferred query: + +- **If a request,** `body` usually contains a `query` property containing the GraphQL query string. +- **If a standard response,** `body` usually contains `data` and/or `errors` properties for the GraphQL operation result. +- **If a response "chunk",** `body` contains `data` for _some_ of the operation fields. + +> By default, the `RouterResponse` stage returns _redacted_ errors within the `errors` field. To process subgraph errors manually in your coprocessor, enable [subgraph error inclusion](../configuration/subgraph-error-inclusion). @@ -601,14 +612,16 @@ This value is present only for coprocessor requests from the router's `SubgraphS -##### `path` +##### `context` -`string` +`object` -The `RouterService` path that this coprocessor request pertains to. +An object representing the router's shared context for the corresponding client request. + +If your coprocessor [returns a _different_ value](#responding-to-coprocessor-requests) for `context`, the router replaces the existing context with that value. @@ -616,14 +629,16 @@ The `RouterService` path that this coprocessor request pertains to. -##### `uri` +##### `headers` -`string` +`object` -The full URI the subgraph request will be made to. +An object mapping of all HTTP header names and values for the corresponding request or response. + +If your coprocessor [returns a _different_ value](#responding-to-coprocessor-requests) for `headers`, the router replaces the existing headers with that value. @@ -646,14 +661,14 @@ The HTTP method that is used by the request. -##### `status_code` +##### `path` -`number` +`string` -The HTTP status code received by a response. +The `RouterService` path that this coprocessor request pertains to. @@ -661,21 +676,19 @@ The HTTP status code received by a response. -##### `body` +##### `sdl` -`object` +`string` -The JSON body of the corresponding request or response, depending on this coprocessor request's [`stage`](#stage). +A string representation of the router's current supergraph schema. -- If a request, this usually contains a `query` property containing the GraphQL query string. -- If a response, this usually contains `data` and/or `errors` properties for the GraphQL operation result. +This value can be very large, so you should avoid including it in coprocessor requests if possible. -> The `RouterResponse` stage will return _redacted_ errors within the `errors` by default. If you wish to process subgraph errors manually in your coprocessor you can enable [subgraph error inclusion](../configuration/subgraph-error-inclusion). +The router ignores modifications to this value. -If your coprocessor [returns a _different_ value](#responding-to-coprocessor-requests) for `body`, the router replaces the existing body with that value. This is common when [terminating a client request](#terminating-a-client-request). @@ -683,16 +696,18 @@ If your coprocessor [returns a _different_ value](#responding-to-coprocessor-req -##### `headers` +##### `serviceName` -`object` +`string` -An object mapping of all HTTP header names and values for the corresponding request or response. +The name of the subgraph that this coprocessor request pertains to. -If your coprocessor [returns a _different_ value](#responding-to-coprocessor-requests) for `headers`, the router replaces the existing headers with that value. +This value is present only for coprocessor requests from the router's `SubgraphService`. + +**Do not return a _different_ value for this property.** If you do, the router treats the coprocessor request as if it failed. @@ -700,16 +715,14 @@ If your coprocessor [returns a _different_ value](#responding-to-coprocessor-req -##### `context` +##### `status_code` -`object` +`number` -An object representing the router's shared context for the corresponding client request. - -If your coprocessor [returns a _different_ value](#responding-to-coprocessor-requests) for `context`, the router replaces the existing context with that value. +The HTTP status code returned with a response. @@ -717,19 +730,14 @@ If your coprocessor [returns a _different_ value](#responding-to-coprocessor-req -##### `sdl` +##### `uri` `string` -A string representation of the router's current supergraph schema. - -This value can be very large, so you should avoid including it in coprocessor requests if possible. - -The router ignores modifications to this value. - +When `stage` is `SubgraphRequest`, this is the full URI of the subgraph the router will query. @@ -737,7 +745,6 @@ The router ignores modifications to this value. - ## Responding to coprocessor requests The router expects your coprocessor to respond with a `200` status code and a JSON body that matches the structure of the [request body](#example-requests-by-stage). @@ -812,3 +819,85 @@ Your router considers all of the following scenarios to be a **failed response** - Your coprocessor responds with a non-`2xx` HTTP code. - Your coprocessor's response body doesn't match the JSON structure of the corresponding [request body](#example-requests-by-stage). - Your coprocessor's response body sets different values for [control properties](#property-reference) that must not change, such as `stage` and `version`. + + +## Handling deferred query responses + +The Apollo Router supports the incremental delivery of query response data via [the `@defer` directive](../executing-operations/defer-support/): + +```mermaid +sequenceDiagram + Client->>Router: Sends a query that
defers some fields + Note over Router: Resolves non-deferred
fields + Router->>Client: Returns data for
non-deferred fields + Note over Router: Resolves deferred
fields + Router->>Client: Returns data for
deferred fields +``` + +For a single query with deferred fields, your router sends multiple "chunks" of response data to the client. If you enable coprocessor requests for the `RouterResponse` stage, your router sends a separate coprocessor request for _each chunk_ it returns as part of a deferred query. + +**Note the following about handling deferred response chunks:** + +- The [`status_code`](#status_code) and [`headers`](#headers) fields are included only in the coprocessor request for any response's _first_ chunk. These values can't change after the first chunk is returned to the client, so they're subsequently omitted. + +- If your coprocessor modifes the response [`body`](#body) for a response chunk, it must provide the new value as a _string_, _not_ as an object. This is because response chunk bodies include multipart boundary information in addition to the actual serialized JSON response data. [See examples.](#examples-of-deferred-response-chunks) + - Many responses will not contain deferred streams and for these the body string can usually be fairly reliably transformed into a JSON object for easy manipulation within the coprocessor. Coprocessors should be carefully coded to allow for the presence of a body that is not a valid JSON object. + +- Because the data is a JSON string at both `RouterRequest` and `RouterResponse`, it's entirely possible for a coprocessor to rewrite the body from invalid JSON content into valid JSON content. This is one of the primary use cases for `RouterRequest` body processing. + +### Examples of deferred response chunks + +The examples below illustrate the differences between the _first_ chunk of a deferred response and all subsequent chunks: + +#### First response chunk + +The first response chunk includes `headers` and `statusCode` fields: + +```json +{ + "version": 1, + "stage": "RouterResponse", + "id": "8dee7fe947273640a5c2c7e1da90208c", + "sdl": "...", // String omitted due to length + // highlight-start + "headers": { + "content-type": [ + "multipart/mixed;boundary=\"graphql\";deferSpec=20220824" + ], + "vary": [ + "origin" + ] + }, + // highlight-end + "body": "\r\n--graphql\r\ncontent-type: application/json\r\n\r\n{\"data\":{\"me\":{\"id\":\"1\"}},\"hasNext\":true}\r\n--graphql\r\n", + "context": { + "entries": { + "apollo_telemetry::operation_kind": "query", + "apollo_telemetry::client_version": "", + "apollo_telemetry::client_name": "manual" + } + }, + "statusCode": 200 //highlight-line +} +``` + +#### Subsequent response chunk + +Subsequent response chunks omit the `headers` and `statusCode` fields: + +```json +{ + "version": 1, + "stage": "RouterResponse", + "id": "8dee7fe947273640a5c2c7e1da90208c", + "sdl": "...", // String omitted due to length + "body": "content-type: application/json\r\n\r\n{\"hasNext\":false,\"incremental\":[{\"data\":{\"name\":\"Ada Lovelace\"},\"path\":[\"me\"]}]}\r\n--graphql--\r\n", + "context": { + "entries": { + "apollo_telemetry::operation_kind": "query", + "apollo_telemetry::client_version": "", + "apollo_telemetry::client_name": "manual" + } + } +} +``` From 94b8364874daaae6cc8624abc31fa06ae55893b5 Mon Sep 17 00:00:00 2001 From: Gary Pennington Date: Wed, 24 May 2023 15:19:32 +0100 Subject: [PATCH 09/39] don't try to convert bytes back to JSON on RouterRequest (#3138) Now that we expect bytes back from the coprocessor, just take the bytes and don't try to convert back to JSON. There was an error in the RouterRequest processing logic. I was still trying to convert coprocessor response bytes back to JSON and that worked but resulted in double escaped text which failed when the query planner tried to make sense of it. --- apollo-router/src/plugins/coprocessor.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apollo-router/src/plugins/coprocessor.rs b/apollo-router/src/plugins/coprocessor.rs index a2807807b4e..2c914eb1c97 100644 --- a/apollo-router/src/plugins/coprocessor.rs +++ b/apollo-router/src/plugins/coprocessor.rs @@ -582,7 +582,7 @@ where // are present in our co_processor_output. let new_body = match co_processor_output.body { - Some(bytes) => Body::from(serde_json::to_vec(&bytes)?), + Some(bytes) => Body::from(bytes), None => Body::from(bytes), }; From c679c1626b0841ac7b3cf14667603e8275a3102e Mon Sep 17 00:00:00 2001 From: Kyle OBrien Date: Wed, 24 May 2023 13:30:44 -0500 Subject: [PATCH 10/39] docs(logging): Change `contains_attributes` to `when_header` (#3127) Ref: https://github.com/apollographql/router/pull/2040 --- docs/source/configuration/logging.mdx | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/source/configuration/logging.mdx b/docs/source/configuration/logging.mdx index 832cdccddb1..a6f902970d5 100644 --- a/docs/source/configuration/logging.mdx +++ b/docs/source/configuration/logging.mdx @@ -71,9 +71,13 @@ JSON-formatted logging provides compatibility with common searchable logging too > This is part of an experimental feature, it means any time until it's stabilized (without the prefix `experimental_`) we might change the configuration shape or adding/removing features. > If you want to give feedback or participate in that feature feel free to join [this discussion on GitHub](https://github.com/apollographql/router/discussions/1961). -By default some of our logs containing sensitive data (like request body, response body, headers) are not displayed even if we are in the right log level. -For example if you need to display raw responses from one of your subgraph it won't be displayed by default. To enable them you have to configure it thanks to the `contains_attributes` setting. -Here is an example on how you can configure it: +By default, the router _doesn't_ log certain values that might contain sensitive data, even if a sufficient log level is set: + + - Request bodies + - Response bodies + - Headers + +You can enable selective logging of these values via the `when_header` option: ```yaml title="router.yaml" telemetry: From 3ed3e857f84d0155cf5173acd38a7ecc33eafd19 Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Thu, 25 May 2023 12:40:34 +0300 Subject: [PATCH 11/39] Update Uplink schema via GitHub Actions and remove Rust assert test (#3120) This uses a combination of Rover and https://github.com/peter-evans/create-pull-request to create a pull request when a schema's introspection has changed. --- .github/workflows/update_uplink_schema.yml | 33 +++++++++++++++++++++ apollo-router/src/uplink/mod.rs | 34 ---------------------- 2 files changed, 33 insertions(+), 34 deletions(-) create mode 100644 .github/workflows/update_uplink_schema.yml diff --git a/.github/workflows/update_uplink_schema.yml b/.github/workflows/update_uplink_schema.yml new file mode 100644 index 00000000000..20a7560c0b2 --- /dev/null +++ b/.github/workflows/update_uplink_schema.yml @@ -0,0 +1,33 @@ +name: Update Uplink Schema +run-name: ${{ github.actor }} is updating the Uplink schema 🚀 +on: + workflow_dispatch: + schedule: + # On the 5 of every hour + - cron: '5 * * * *' +jobs: + Update-Uplink-Schema: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Install Rover + run: | + curl -sSL https://rover.apollo.dev/nix/v0.14.1 | sh + echo "$HOME/.rover/bin" >> $GITHUB_PATH + - name: Make changes to pull request + run: | + rover graph introspect https://uplink.api.apollographql.com/ | perl -pe 'chomp if eof' > ./apollo-router/src/uplink/uplink.graphql + - name: Create Pull Request + id: cpr + uses: peter-evans/create-pull-request@v5 + with: + commit-message: Update Uplink schema + committer: GitHub + author: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com> + branch: create-pull-request/uplink-schema-updates + add-paths: | + apollo-router/src/uplink/uplink.graphql + delete-branch: true + title: 'chore: Update Uplink schema' + body: | + This updates the copy of `uplink.graphql` which this repository relies on with the latest copy fetched via `rover graph introspect`. diff --git a/apollo-router/src/uplink/mod.rs b/apollo-router/src/uplink/mod.rs index 3a6801be426..bdcb9df3e0d 100644 --- a/apollo-router/src/uplink/mod.rs +++ b/apollo-router/src/uplink/mod.rs @@ -418,40 +418,6 @@ mod test { } } - #[test] - #[cfg(not(windows))] // Don’t bother with line ending differences - fn test_uplink_schema_is_up_to_date() { - use std::path::PathBuf; - - use introspector_gadget::blocking::GraphQLClient; - use introspector_gadget::introspect; - use introspector_gadget::introspect::GraphIntrospectInput; - - let client = GraphQLClient::new( - "https://uplink.api.apollographql.com/", - reqwest::blocking::Client::new(), - ); - - let should_retry = true; - let introspection_response = introspect::run( - GraphIntrospectInput { - headers: Default::default(), - }, - &client, - should_retry, - ) - .unwrap(); - if introspection_response.schema_sdl != include_str!("uplink.graphql") { - let path = PathBuf::from(std::env::var_os("OUT_DIR").unwrap()).join("uplink.graphql"); - std::fs::write(&path, introspection_response.schema_sdl).unwrap(); - panic!( - "\n\nUplink schema is out of date. Run this command to update it:\n\n \ - mv {} apollo-router/src/uplink/uplink.graphql\n\n", - path.to_str().unwrap() - ); - } - } - #[test] fn test_round_robin_endpoints() { let url1 = Url::parse("http://example1.com").expect("url must be valid"); From 42c8d52e7b14863ed41ec5f10eb87163c5f8fc98 Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Fri, 26 May 2023 10:02:11 +0300 Subject: [PATCH 12/39] changelog edits: https://github.com/apollographql/router/pull/3031 (#3148) This updates the changelog for https://github.com/apollographql/router/pull/3031 to be a `fix` and updates the changelog text. --- .../feat_geal_jwt_test_multiple_matching_keys.md | 9 --------- .../fix_geal_jwt_test_multiple_matching_keys.md | 11 +++++++++++ 2 files changed, 11 insertions(+), 9 deletions(-) delete mode 100644 .changesets/feat_geal_jwt_test_multiple_matching_keys.md create mode 100644 .changesets/fix_geal_jwt_test_multiple_matching_keys.md diff --git a/.changesets/feat_geal_jwt_test_multiple_matching_keys.md b/.changesets/feat_geal_jwt_test_multiple_matching_keys.md deleted file mode 100644 index 56d9ef14f8e..00000000000 --- a/.changesets/feat_geal_jwt_test_multiple_matching_keys.md +++ /dev/null @@ -1,9 +0,0 @@ -### Test multiple keys matching a JWT criteria ([Issue #3017](https://github.com/apollographql/router/issues/3017)) - -In some cases, multiple keys can match what a JWT asks (algorithm and optional kid). Previously, we scored each possible match and only took the one with the highest score. But even then, we can have multiple keys with the same score (example: colliding kid between multiple JWKS in tests). -This changes the behaviour to: -- return a list of matching key instead of the one with the highest score -- try them one by one until the JWT is validated, or return an error -- if some keys were found with the highest possible score (matching alg, kid is present and matching too), then we only test those ones - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3031 \ No newline at end of file diff --git a/.changesets/fix_geal_jwt_test_multiple_matching_keys.md b/.changesets/fix_geal_jwt_test_multiple_matching_keys.md new file mode 100644 index 00000000000..de76fdf0fb9 --- /dev/null +++ b/.changesets/fix_geal_jwt_test_multiple_matching_keys.md @@ -0,0 +1,11 @@ +### Evaluate multiple keys matching a JWT criteria ([Issue #3017](https://github.com/apollographql/router/issues/3017)) + +In some cases, multiple keys could match what a JWT asks for (both the algorithm, `alg`, and optional key identifier, `kid`). Previously, we scored each possible match and only took the one with the highest score. But even then, we could have multiple keys with the same score (e.g., colliding `kid` between multiple JWKS in tests). + +The improved behavior will: + +- Return a list of those matching `key` instead of the one with the highest score. +- Try them one by one until the JWT is validated, or return an error. +- If some keys were found with the highest possible score (matching `alg`, with `kid` present and matching, too), then we only test those keys. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3031 From fbeaf57920e8f15073590f7dcd4cac548fb0e087 Mon Sep 17 00:00:00 2001 From: Geoffroy Couprie Date: Fri, 26 May 2023 11:58:05 +0200 Subject: [PATCH 13/39] Update the query planner to 2.4.6 (#3135) Fix #3133 This fixes some errors in query planning on fragment with overlapping subselections, with a message of the form "Cannot add selection of field X to selection set of parent type Y". The new router-bridge version also allows updating some dependencies that were fixed to older versions: bytes, regex, once_cell, tokio, uuid --- .../fix_geal_update_router_bridge_deno.md | 7 + Cargo.lock | 124 ++++++++++++------ apollo-router/Cargo.toml | 4 +- 3 files changed, 93 insertions(+), 42 deletions(-) create mode 100644 .changesets/fix_geal_update_router_bridge_deno.md diff --git a/.changesets/fix_geal_update_router_bridge_deno.md b/.changesets/fix_geal_update_router_bridge_deno.md new file mode 100644 index 00000000000..e7d53867cd2 --- /dev/null +++ b/.changesets/fix_geal_update_router_bridge_deno.md @@ -0,0 +1,7 @@ +### Update the query planner to 2.4.6 ([Issue #3133](https://github.com/apollographql/router/issues/3133)) + +This fixes some errors in query planning on fragment with overlapping subselections, with a message of the form "Cannot add selection of field X to selection set of parent type Y". + +The new router-bridge version also allows updating some dependencies that were fixed to older versions: bytes, regex, once_cell, tokio, uuid + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3135 \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index 0480847d2df..b6432bf91a2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -119,6 +119,15 @@ dependencies = [ "memchr", ] +[[package]] +name = "aho-corasick" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "67fc08ce920c31afb70f013dcce1bfc3a3195de6a228474e45e1f145b36f8d04" +dependencies = [ + "memchr", +] + [[package]] name = "alloc-no-stdlib" version = "2.0.4" @@ -890,9 +899,9 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "bytes" -version = "1.2.1" +version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec8a7b6a70fde80372154c65702f00a0f56f3e1c36abbc6c440484be248856db" +checksum = "89b2fd2a0dcf38d7971e2194b6b6eebab45ae01067456a7fd93d5547a61b70be" [[package]] name = "bytes-utils" @@ -1555,18 +1564,18 @@ checksum = "eaa37046cc0f6c3cc6090fbdbf73ef0b8ef4cfcc37f6befc0020f63e8cf121e1" [[package]] name = "deno_console" -version = "0.89.0" +version = "0.105.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6cda6cf4635c2261951074023288f23756ac6852e7e63a6bd416a88f0e98c52e" +checksum = "1ce6d5caccaac26056182333e915d28b3b5b332b199dd12ab3467590cbda0039" dependencies = [ "deno_core", ] [[package]] name = "deno_core" -version = "0.171.0" +version = "0.187.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dc41944f05dfeacfc2610e91f40ddcf246f3aeeac8ae4c26df46bfbf01a3902" +checksum = "922ed10fa6019414f58095894140e77479662833a62c568b023226e8be103e93" dependencies = [ "anyhow", "bytes", @@ -1583,15 +1592,16 @@ dependencies = [ "serde_v8", "smallvec", "sourcemap", + "tokio", "url", "v8", ] [[package]] name = "deno_crypto" -version = "0.103.0" +version = "0.119.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f4e2a590be03f643d1147e12e8bc2fb04671b9bd68da9c8857d7d0b11a0255c" +checksum = "9603a2705c5cce5995b98b8fecb743c1fa59d4907b50955160d67e3f5ab6c23e" dependencies = [ "aes", "aes-gcm", @@ -1626,10 +1636,11 @@ dependencies = [ [[package]] name = "deno_ops" -version = "0.49.0" +version = "0.65.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4740bc5738ad07dc1f523a232a4079a995fa2ad11efd71e09e8e32bf28f21ee1" +checksum = "47d3fbb72196f1880ff7a2824e4f3e111f6601b78f38e715ae3d3d412d9e0a42" dependencies = [ + "lazy-regex", "once_cell", "pmutil", "proc-macro-crate", @@ -1641,9 +1652,9 @@ dependencies = [ [[package]] name = "deno_url" -version = "0.89.0" +version = "0.105.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1fe82b011d8b2af63c4587551536d951f47ffc3ba2a710e455b383d4f4b06ba" +checksum = "8e3451bf3b98d028a4f61fae2bba1d58aad1ba790cfe0d14a0b11cd17623f1ee" dependencies = [ "deno_core", "serde", @@ -1653,9 +1664,9 @@ dependencies = [ [[package]] name = "deno_web" -version = "0.120.0" +version = "0.136.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7379502a7a333f573949558803e8bfe2e8fba3ef180cdbb4a882951803c87d20" +checksum = "08198c3ae53f5b722907ebde32d340c6f9223fa347689619cb5d500ee9a176bd" dependencies = [ "async-trait", "base64-simd", @@ -1665,13 +1676,14 @@ dependencies = [ "serde", "tokio", "uuid", + "windows-sys 0.48.0", ] [[package]] name = "deno_webidl" -version = "0.89.0" +version = "0.105.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d046c6ac75f22be851219f44824c42927345f51e0ae5fb825e8bf8ea658d8ee8" +checksum = "3d2c11261edf0f1459f6b7dab67db6241af2c74b1e764d117c607aa649aea338" dependencies = [ "deno_core", ] @@ -2455,7 +2467,7 @@ version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "029d74589adefde59de1a0c4f4732695c32805624aec7b68d91503d4dba79afc" dependencies = [ - "aho-corasick", + "aho-corasick 0.7.20", "bstr 1.4.0", "fnv", "log", @@ -3152,6 +3164,29 @@ dependencies = [ "libc", ] +[[package]] +name = "lazy-regex" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff63c423c68ea6814b7da9e88ce585f793c87ddd9e78f646970891769c8235d4" +dependencies = [ + "lazy-regex-proc_macros", + "once_cell", + "regex", +] + +[[package]] +name = "lazy-regex-proc_macros" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8edfc11b8f56ce85e207e62ea21557cfa09bb24a8f6b04ae181b086ff8611c22" +dependencies = [ + "proc-macro2", + "quote", + "regex", + "syn 1.0.109", +] + [[package]] name = "lazy_static" version = "1.4.0" @@ -3573,6 +3608,7 @@ dependencies = [ "autocfg", "num-integer", "num-traits", + "rand 0.8.5", ] [[package]] @@ -3677,9 +3713,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.16.0" +version = "1.17.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86f0b0d4bf799edbc74508c1e8bf170ff5f41238e5f8225603ca7caaae2b7860" +checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3" [[package]] name = "oorandom" @@ -4644,13 +4680,13 @@ dependencies = [ [[package]] name = "regex" -version = "1.6.0" +version = "1.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b" +checksum = "d1a59b5d8e97dee33696bf13c5ba8ab85341c002922fba050069326b9c498974" dependencies = [ - "aho-corasick", + "aho-corasick 1.0.1", "memchr", - "regex-syntax", + "regex-syntax 0.7.2", ] [[package]] @@ -4659,7 +4695,7 @@ version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" dependencies = [ - "regex-syntax", + "regex-syntax 0.6.29", ] [[package]] @@ -4668,6 +4704,12 @@ version = "0.6.29" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" +[[package]] +name = "regex-syntax" +version = "0.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78" + [[package]] name = "reqwest" version = "0.11.16" @@ -4842,9 +4884,9 @@ dependencies = [ [[package]] name = "router-bridge" -version = "0.2.4+v2.4.5" +version = "0.2.5+v2.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd4da971fb256903c3f1eecd56f8ad862f4a82853d94f53759c8908f5862d222" +checksum = "1173fe0ee2c06cfd0fbcecc037fac9ac33b3e220e967f15ef970856f1127a482" dependencies = [ "anyhow", "async-channel", @@ -5303,15 +5345,17 @@ dependencies = [ [[package]] name = "serde_v8" -version = "0.82.0" +version = "0.98.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c060fd38f18c420e82ab21592ec1f088b39bccb6897b1dda394d63628e22158d" +checksum = "ac09be069e49932c7c1df9b25c9e76ecb235e2127530462885926431c00d05f3" dependencies = [ "bytes", "derive_more", + "num-bigint", "serde", "serde_bytes", "smallvec", + "thiserror", "v8", ] @@ -5968,14 +6012,13 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.24.2" +version = "1.28.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "597a12a59981d9e3c38d216785b0c37399f6e415e8d0712047620f189371b0bb" +checksum = "0aa32867d44e6f2ce3385e89dceb990188b8bb0fb25b0cf576647a6f98ac5105" dependencies = [ "autocfg", "bytes", "libc", - "memchr", "mio", "num_cpus", "parking_lot 0.12.1", @@ -5984,7 +6027,7 @@ dependencies = [ "socket2", "tokio-macros", "tracing", - "windows-sys 0.42.0", + "windows-sys 0.48.0", ] [[package]] @@ -5999,13 +6042,13 @@ dependencies = [ [[package]] name = "tokio-macros" -version = "1.8.2" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d266c00fde287f55d3f1c3e96c500c362a2b8c695076ec180f27918820bc6df8" +checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.13", ] [[package]] @@ -6593,23 +6636,24 @@ checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" [[package]] name = "uuid" -version = "1.1.2" +version = "1.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd6469f4314d5f1ffec476e05f17cc9a78bc7a27a6a857842170bdf8d6f98d2f" +checksum = "345444e32442451b267fc254ae85a209c64be56d2890e601a0c37ff0c3c5ecd2" dependencies = [ "getrandom 0.2.8", "serde", + "wasm-bindgen", ] [[package]] name = "v8" -version = "0.60.1" +version = "0.71.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07fd5b3ed559897ff02c0f62bc0a5f300bfe79bb4c77a50031b8df771701c628" +checksum = "1a4bbfd886a9c2f87170438c0cdb6b1ddbfe80412ab591c83d24c7e48e487313" dependencies = [ "bitflags", "fslock", - "lazy_static", + "once_cell", "which", ] diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml index 4ebb7343f32..0c90e5d3f30 100644 --- a/apollo-router/Cargo.toml +++ b/apollo-router/Cargo.toml @@ -55,7 +55,7 @@ axum = { version = "0.6.6", features = ["headers", "json", "original-uri"] } backtrace = "0.3.67" base64 = "0.20.0" buildstructor = "0.5.2" -bytes = "1.2.1" +bytes = "1.4.0" clap = { version = "4.1.4", default-features = false, features = [ "env", "derive", @@ -157,7 +157,7 @@ reqwest = { version = "0.11.15", default-features = false, features = [ "json", "stream", ] } -router-bridge = "=0.2.4+v2.4.5" +router-bridge = "0.2.5+v2.4.6" rust-embed="6.4.2" rustls = "0.20.8" rustls-pemfile = "1.0.2" From 8f8cf8eaf37321fb4eac81f726cb8d62454d4dc7 Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Fri, 26 May 2023 13:26:09 +0300 Subject: [PATCH 14/39] chore(deps): `xtask/` dependency updates (#3149) This is effectively running `cargo update` in the `xtask/` directory (our directory of tooling; not runtime components) to bring things more up to date. This changeset takes extra care to update `chrono`'s features to remove the `time` dependency which is impacted by CVE-2020-26235. --------- Co-authored-by: Geoffroy Couprie --- .../maint_grease_footwear_strike_swimsuit.md | 10 + xtask/Cargo.lock | 410 +++++++----------- xtask/Cargo.toml | 5 +- 3 files changed, 170 insertions(+), 255 deletions(-) create mode 100644 .changesets/maint_grease_footwear_strike_swimsuit.md diff --git a/.changesets/maint_grease_footwear_strike_swimsuit.md b/.changesets/maint_grease_footwear_strike_swimsuit.md new file mode 100644 index 00000000000..21cc130bd39 --- /dev/null +++ b/.changesets/maint_grease_footwear_strike_swimsuit.md @@ -0,0 +1,10 @@ +### chore(deps): `xtask/` dependency updates ([PR #3149](https://github.com/apollographql/router/pull/3149)) + +This is effectively running `cargo update` in the `xtask/` directory (our +directory of tooling; not runtime components) to bring things more up to +date. + +This changeset takes extra care to update `chrono`'s features to remove the +`time` dependency which is impacted by CVE-2020-26235. + +By [@abernix](https://github.com/abernix) in https://github.com/apollographql/router/pull/3149 \ No newline at end of file diff --git a/xtask/Cargo.lock b/xtask/Cargo.lock index 4331e6443f5..d74a4076d36 100644 --- a/xtask/Cargo.lock +++ b/xtask/Cargo.lock @@ -10,9 +10,9 @@ checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" [[package]] name = "aho-corasick" -version = "0.7.20" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" +checksum = "67fc08ce920c31afb70f013dcce1bfc3a3195de6a228474e45e1f145b36f8d04" dependencies = [ "memchr", ] @@ -28,49 +28,58 @@ dependencies = [ [[package]] name = "anstream" -version = "0.2.6" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "342258dd14006105c2b75ab1bd7543a03bdf0cfc94383303ac212a04939dff6f" +checksum = "0ca84f3628370c59db74ee214b3263d58f9aadd9b4fe7e711fd87dc452b7f163" dependencies = [ "anstyle", "anstyle-parse", + "anstyle-query", "anstyle-wincon", - "concolor-override", - "concolor-query", + "colorchoice", "is-terminal", "utf8parse", ] [[package]] name = "anstyle" -version = "0.3.5" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23ea9e81bd02e310c216d080f6223c179012256e5151c41db88d12c88a1684d2" +checksum = "41ed9a86bf92ae6580e0a31281f65a1b1d867c0cc68d5346e2ae128dddfa6a7d" [[package]] name = "anstyle-parse" -version = "0.1.1" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a7d1bb534e9efed14f3e5f44e7dd1a4f709384023a4165199a4241e18dff0116" +checksum = "e765fd216e48e067936442276d1d57399e37bce53c264d6fefbe298080cb57ee" dependencies = [ "utf8parse", ] +[[package]] +name = "anstyle-query" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b" +dependencies = [ + "windows-sys 0.48.0", +] + [[package]] name = "anstyle-wincon" -version = "0.2.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3127af6145b149f3287bb9a0d10ad9c5692dba8c53ad48285e5bec4063834fa" +checksum = "180abfa45703aebe0093f79badacc01b8fd4ea2e35118747e5811127f926e188" dependencies = [ "anstyle", - "windows-sys 0.45.0", + "windows-sys 0.48.0", ] [[package]] name = "anyhow" -version = "1.0.70" +version = "1.0.71" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7de8ce5e0f9f8d88245311066a578d72b7af3e7088f32783804676302df237e4" +checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8" [[package]] name = "ascii" @@ -92,9 +101,9 @@ checksum = "0ea22880d78093b0cbe17c89f64a7d457941e65759157ec6cb31a31d652b05e5" [[package]] name = "base64" -version = "0.21.0" +version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4a4ddaa51a5bc52a6948f74c06d20aaaddb71924eab79b8c97a8c556e942d6a" +checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d" [[package]] name = "bitflags" @@ -104,9 +113,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bumpalo" -version = "3.12.0" +version = "3.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" +checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1" [[package]] name = "byteorder" @@ -116,9 +125,9 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "bytes" -version = "1.1.0" +version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" +checksum = "89b2fd2a0dcf38d7971e2194b6b6eebab45ae01067456a7fd93d5547a61b70be" [[package]] name = "camino" @@ -171,19 +180,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4e3c5919066adf22df73762e50cffcde3a758f2a848b113b586d1f86728b673b" dependencies = [ "iana-time-zone", - "js-sys", "num-integer", "num-traits", - "time", - "wasm-bindgen", "winapi", ] [[package]] name = "clap" -version = "4.2.1" +version = "4.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "046ae530c528f252094e4a77886ee1374437744b2bff1497aa898bbddbbb29b3" +checksum = "93aae7a4192245f70fe75dd9157fc7b4a5bf53e88d30bd4396f7d8f9284d5acc" dependencies = [ "clap_builder", "clap_derive", @@ -192,9 +198,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.2.1" +version = "4.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "223163f58c9a40c3b0a43e1c4b50a9ce09f007ea2cb1ec258a687945b4b7929f" +checksum = "4f423e341edefb78c9caba2d9c7f7687d0e72e89df3ce3394554754393ac3990" dependencies = [ "anstream", "anstyle", @@ -205,31 +211,27 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.2.0" +version = "4.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f9644cd56d6b87dbe899ef8b053e331c0637664e9e21a33dfcdc36093f5c5c4" +checksum = "191d9573962933b4027f932c600cd252ce27a8ad5979418fe78e43c07996f27b" dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.13", + "syn 2.0.17", ] [[package]] name = "clap_lex" -version = "0.4.1" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a2dd5a6fe8c6e3502f568a6353e5273bbb15193ad9a89e457b9970798efbea1" +checksum = "2da6da31387c7e4ef160ffab6d5e7f00c42626fe39aea70a7b0f1773f7dd6c1b" [[package]] -name = "codespan-reporting" -version = "0.11.1" +name = "colorchoice" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" -dependencies = [ - "termcolor", - "unicode-width", -] +checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" [[package]] name = "combine" @@ -244,32 +246,17 @@ dependencies = [ "unreachable", ] -[[package]] -name = "concolor-override" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a855d4a1978dc52fb0536a04d384c2c0c1aa273597f08b77c8c4d3b2eec6037f" - -[[package]] -name = "concolor-query" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88d11d52c3d7ca2e6d0040212be9e4dbbcd78b6447f535b6b561f449427944cf" -dependencies = [ - "windows-sys 0.45.0", -] - [[package]] name = "console" -version = "0.15.5" +version = "0.15.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3d79fbe8970a77e3e34151cc13d3b3e248aa0faaecb9f6091fa07ebefe5ad60" +checksum = "c926e00cc70edefdc64d3a5ff31cc65bb97a3460097762bd23afb4d8145fccf8" dependencies = [ "encode_unicode", "lazy_static", "libc", "unicode-width", - "windows-sys 0.42.0", + "windows-sys 0.45.0", ] [[package]] @@ -306,55 +293,11 @@ dependencies = [ "cfg-if", ] -[[package]] -name = "cxx" -version = "1.0.94" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f61f1b6389c3fe1c316bf8a4dccc90a38208354b330925bce1f74a6c4756eb93" -dependencies = [ - "cc", - "cxxbridge-flags", - "cxxbridge-macro", - "link-cplusplus", -] - -[[package]] -name = "cxx-build" -version = "1.0.94" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12cee708e8962df2aeb38f594aae5d827c022b6460ac71a7a3e2c3c2aae5a07b" -dependencies = [ - "cc", - "codespan-reporting", - "once_cell", - "proc-macro2", - "quote", - "scratch", - "syn 2.0.13", -] - -[[package]] -name = "cxxbridge-flags" -version = "1.0.94" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7944172ae7e4068c533afbb984114a56c46e9ccddda550499caa222902c7f7bb" - -[[package]] -name = "cxxbridge-macro" -version = "1.0.94" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2345488264226bf682893e25de0769f3360aac9957980ec49361b083ddaa5bc5" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.13", -] - [[package]] name = "dialoguer" -version = "0.10.3" +version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af3c796f3b0b408d9fd581611b47fa850821fcb84aa640b83a3c1a5be2d691f2" +checksum = "59c6f2989294b9a498d3ad5491a79c6deb604617378e1cdc4bfc1c1361fe2f87" dependencies = [ "console", "shell-words", @@ -385,13 +328,13 @@ dependencies = [ [[package]] name = "errno" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50d6a0976c999d473fe89ad888d5a284e55366d9dc9038b1ba2aa15128c4afa0" +checksum = "4bcfec3a70f97c962c307b2d2c56e358cf1d00b558d74262b5f929ee8cc7e73a" dependencies = [ "errno-dragonfly", "libc", - "windows-sys 0.45.0", + "windows-sys 0.48.0", ] [[package]] @@ -415,21 +358,21 @@ dependencies = [ [[package]] name = "filetime" -version = "0.2.20" +version = "0.2.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a3de6e8d11b22ff9edc6d916f890800597d60f8b2da1caf2955c274638d6412" +checksum = "5cbc844cecaee9d4443931972e1289c8ff485cb4cc2767cb03ca139ed6885153" dependencies = [ "cfg-if", "libc", "redox_syscall 0.2.16", - "windows-sys 0.45.0", + "windows-sys 0.48.0", ] [[package]] name = "flate2" -version = "1.0.25" +version = "1.0.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8a2db397cb1c8772f31494cb8917e48cd1e64f0fa7efac59fbd741a0a8ce841" +checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743" dependencies = [ "crc32fast", "miniz_oxide", @@ -443,11 +386,10 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "form_urlencoded" -version = "1.0.1" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191" +checksum = "a9c384f161156f5260c24a097c56119f9be8c798586aecc13afbcbe7b7e26bf8" dependencies = [ - "matches", "percent-encoding", ] @@ -571,9 +513,9 @@ dependencies = [ [[package]] name = "h2" -version = "0.3.16" +version = "0.3.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5be7b54589b581f624f566bf5d8eb2bab1db736c51528720b6bd36b96b55924d" +checksum = "d357c7ae988e7d2182f7d7871d0b963962420b0678b0997ce7de72001aeab782" dependencies = [ "bytes", "fnv", @@ -651,9 +593,9 @@ checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" [[package]] name = "hyper" -version = "0.14.25" +version = "0.14.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc5e554ff619822309ffd57d8734d77cd5ce6238bc956f037ea06c58238c9899" +checksum = "ab302d72a6f11a3b910431ff93aae7e773078c769f0a3ef15fb9ec692ed147d4" dependencies = [ "bytes", "futures-channel", @@ -675,9 +617,9 @@ dependencies = [ [[package]] name = "hyper-rustls" -version = "0.23.2" +version = "0.24.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1788965e61b367cd03a62950836d5cd41560c3577d90e40e0819373194d1661c" +checksum = "0646026eb1b3eea4cd9ba47912ea5ce9cc07713d105b1a14698f4e6433d348b7" dependencies = [ "http", "hyper", @@ -702,21 +644,19 @@ dependencies = [ [[package]] name = "iana-time-zone-haiku" -version = "0.1.1" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0703ae284fc167426161c2e3f1da3ea71d94b21bedbcc9494e92b28e334e3dca" +checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" dependencies = [ - "cxx", - "cxx-build", + "cc", ] [[package]] name = "idna" -version = "0.2.3" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "418a0a6fab821475f634efe3ccc45c013f742efe03d853e8d3355d5cb850ecf8" +checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6" dependencies = [ - "matches", "unicode-bidi", "unicode-normalization", ] @@ -742,9 +682,9 @@ dependencies = [ [[package]] name = "io-lifetimes" -version = "1.0.10" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c66c74d2ae7e79a5a8f7ac924adbe38ee42a859c6539ad869eb51f0b52dc220" +checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" dependencies = [ "hermit-abi 0.3.1", "libc", @@ -759,14 +699,14 @@ checksum = "12b6ee2129af8d4fb011108c73d99a1b83a85977f23b82460c0ae2e25bb4b57f" [[package]] name = "is-terminal" -version = "0.4.6" +version = "0.4.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "256017f749ab3117e93acb91063009e1f1bb56d03965b14c2c8df4eb02c524d8" +checksum = "adcf93614601c8129ddf72e2d5633df827ba6551541c6d8c59520a371475be1f" dependencies = [ "hermit-abi 0.3.1", "io-lifetimes", "rustix", - "windows-sys 0.45.0", + "windows-sys 0.48.0", ] [[package]] @@ -786,9 +726,9 @@ checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6" [[package]] name = "js-sys" -version = "0.3.61" +version = "0.3.63" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "445dde2150c55e483f3d8416706b97ec8e8237c307e5b7b4b8dd15e6af2a0730" +checksum = "2f37a4a5928311ac501dee68b3c7613a1037d0edb30c8e5427bd832d55d1b790" dependencies = [ "wasm-bindgen", ] @@ -801,24 +741,15 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.141" +version = "0.2.144" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3304a64d199bb964be99741b7a14d26972741915b3649639149b2479bb46f4b5" - -[[package]] -name = "link-cplusplus" -version = "1.0.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ecd207c9c713c34f95a097a5b029ac2ce6010530c7b49d7fea24d977dede04f5" -dependencies = [ - "cc", -] +checksum = "2b00cc1c228a6782d0f076e7b232802e0c5689d41bb5df366f2a6b6621cfdfe1" [[package]] name = "linux-raw-sys" -version = "0.3.1" +version = "0.3.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d59d8c75012853d2e872fb56bc8a2e53718e2cafe1a4c823143141c6d90c322f" +checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" [[package]] name = "log" @@ -829,12 +760,6 @@ dependencies = [ "cfg-if", ] -[[package]] -name = "matches" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2532096657941c2fea9c289d370a250971c689d4f143798ff67113ec042024a5" - [[package]] name = "memchr" version = "2.5.0" @@ -858,9 +783,9 @@ checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" [[package]] name = "miniz_oxide" -version = "0.6.2" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" +checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" dependencies = [ "adler", ] @@ -929,9 +854,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "percent-encoding" -version = "2.1.0" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" +checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" [[package]] name = "pin-project-lite" @@ -953,18 +878,18 @@ checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" [[package]] name = "proc-macro2" -version = "1.0.56" +version = "1.0.59" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b63bdb0cd06f1f4dedf69b254734f9b45af66e4a031e42a7480257d9898b435" +checksum = "6aeca18b86b413c660b781aa319e4e2648a3e6f9eadc9b47e9038e6fe9f3451b" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.26" +version = "1.0.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4424af4bf778aae2051a77b60283332f386554255d722233d09fbfc7e30da2fc" +checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" dependencies = [ "proc-macro2", ] @@ -1030,9 +955,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.7.3" +version = "1.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b1f693b24f6ac912f4893ef08244d70b6067480d2f1a46e950c9691e6749d1d" +checksum = "81ca098a9821bd52d6b24fd8b10bd081f47d39c22778cafaa75a2857a62c6390" dependencies = [ "aho-corasick", "memchr", @@ -1041,17 +966,17 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.6.29" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" +checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78" [[package]] name = "reqwest" -version = "0.11.16" +version = "0.11.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "27b71749df584b7f4cac2c426c127a7c785a5106cc98f7a8feb044115f0fa254" +checksum = "cde824a14b7c14f85caff81225f411faacc04a2013f41670f41443742b1c1c55" dependencies = [ - "base64 0.21.0", + "base64 0.21.2", "bytes", "encoding_rs", "futures-core", @@ -1102,28 +1027,28 @@ dependencies = [ [[package]] name = "rustix" -version = "0.37.7" +version = "0.37.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2aae838e49b3d63e9274e1c01833cc8139d3fec468c3b84688c628f44b1ae11d" +checksum = "acf8729d8542766f1b2cf77eb034d52f40d375bb8b615d0b147089946e16613d" dependencies = [ "bitflags", "errno", "io-lifetimes", "libc", "linux-raw-sys", - "windows-sys 0.45.0", + "windows-sys 0.48.0", ] [[package]] name = "rustls" -version = "0.20.8" +version = "0.21.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fff78fc74d175294f4e83b28343315ffcfb114b156f0185e9741cb5570f50e2f" +checksum = "c911ba11bc8433e811ce56fde130ccf32f5127cab0e0194e9c68c5a5b671791e" dependencies = [ "log", "ring", + "rustls-webpki", "sct", - "webpki", ] [[package]] @@ -1144,7 +1069,17 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d194b56d58803a43635bdc398cd17e383d6f71f9182b9a192c127ca42494a59b" dependencies = [ - "base64 0.21.0", + "base64 0.21.2", +] + +[[package]] +name = "rustls-webpki" +version = "0.100.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d6207cd5ed3d8dca7816f8f3725513a34609c0c765bf652b8c3cb4cfd87db46b" +dependencies = [ + "ring", + "untrusted", ] [[package]] @@ -1171,12 +1106,6 @@ dependencies = [ "windows-sys 0.42.0", ] -[[package]] -name = "scratch" -version = "1.0.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1792db035ce95be60c3f8853017b3999209281c24e2ba5bc8e59bf97a0c590c1" - [[package]] name = "sct" version = "0.7.0" @@ -1189,9 +1118,9 @@ dependencies = [ [[package]] name = "security-framework" -version = "2.8.2" +version = "2.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a332be01508d814fed64bf28f798a146d73792121129962fdf335bb3c49a4254" +checksum = "1fc758eb7bffce5b308734e9b0c1468893cae9ff70ebf13e7090be8dcbcc83a8" dependencies = [ "bitflags", "core-foundation", @@ -1202,9 +1131,9 @@ dependencies = [ [[package]] name = "security-framework-sys" -version = "2.8.0" +version = "2.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31c9bb296072e961fcbd8853511dd39c2d8be2deb1e17c6860b1d30732b323b4" +checksum = "f51d0c0d83bec45f16480d0ce0058397a69e48fcdc52d1dc8855fb68acbd31a7" dependencies = [ "core-foundation-sys", "libc", @@ -1221,29 +1150,29 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.159" +version = "1.0.163" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c04e8343c3daeec41f58990b9d77068df31209f2af111e059e9fe9646693065" +checksum = "2113ab51b87a539ae008b5c6c02dc020ffa39afd2d83cffcb3f4eb2722cebec2" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.159" +version = "1.0.163" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c614d17805b093df4b147b51339e7e44bf05ef59fba1e45d83500bcfb4d8585" +checksum = "8c805777e3930c8883389c602315a24224bcc738b63905ef87cd1420353ea93e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.13", + "syn 2.0.17", ] [[package]] name = "serde_json" -version = "1.0.95" +version = "1.0.96" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d721eca97ac802aa7777b701877c8004d950fc142651367300d21c1cc0194744" +checksum = "057d394a50403bcac12672b2b18fb387ab6d289d957dab67dd201875391e52f1" dependencies = [ "itoa", "ryu", @@ -1318,9 +1247,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.13" +version = "2.0.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c9da457c5285ac1f936ebd076af6dac17a61cfe7826f2076b4d015cf47bc8ec" +checksum = "45b6ddbb36c5b969c182aec3c4a0bce7df3fbad4b77114706a49aacc80567388" dependencies = [ "proc-macro2", "quote", @@ -1357,15 +1286,6 @@ dependencies = [ "windows-sys 0.45.0", ] -[[package]] -name = "termcolor" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be55cf8942feac5c765c2c993422806843c9a9a45d4d5c407ad6dd2ea95eb9b6" -dependencies = [ - "winapi-util", -] - [[package]] name = "thiserror" version = "1.0.40" @@ -1383,18 +1303,7 @@ checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.13", -] - -[[package]] -name = "time" -version = "0.1.45" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b797afad3f312d1c66a56d11d0316f916356d11bd158fbc6ca6389ff6bf805a" -dependencies = [ - "libc", - "wasi 0.10.0+wasi-snapshot-preview1", - "winapi", + "syn 2.0.17", ] [[package]] @@ -1424,9 +1333,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.27.0" +version = "1.28.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0de47a4eecbe11f498978a9b29d792f0d2692d1dd003650c24c76510e3bc001" +checksum = "0aa32867d44e6f2ce3385e89dceb990188b8bb0fb25b0cf576647a6f98ac5105" dependencies = [ "autocfg", "bytes", @@ -1435,25 +1344,24 @@ dependencies = [ "num_cpus", "pin-project-lite", "socket2", - "windows-sys 0.45.0", + "windows-sys 0.48.0", ] [[package]] name = "tokio-rustls" -version = "0.23.4" +version = "0.24.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59" +checksum = "e0d409377ff5b1e3ca6437aa86c1eb7d40c134bfec254e44c830defa92669db5" dependencies = [ "rustls", "tokio", - "webpki", ] [[package]] name = "tokio-util" -version = "0.7.7" +version = "0.7.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5427d89453009325de0d8f342c9490009f76e999cb7672d77e46267448f7e6b2" +checksum = "806fe8c2c87eccc8b3267cbae29ed3ab2d0bd37fca70ab622e46aaa9375ddb7d" dependencies = [ "bytes", "futures-core", @@ -1482,9 +1390,9 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.30" +version = "0.1.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a" +checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a" dependencies = [ "once_cell", ] @@ -1503,9 +1411,9 @@ checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460" [[package]] name = "unicode-ident" -version = "1.0.8" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5464a87b239f13a63a501f2701565754bae92d243d4bb7eb12f6d57d2269bf4" +checksum = "b15811caf2415fb889178633e7724bad2509101cde276048e013b9def5e51fa0" [[package]] name = "unicode-normalization" @@ -1539,9 +1447,9 @@ checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" [[package]] name = "url" -version = "2.3.0" +version = "2.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22fe195a4f217c25b25cb5058ced57059824a678474874038dc88d211bf508d3" +checksum = "0d68c799ae75762b8c3fe375feb6600ef5602c883c5d21eb51c09f22b83c4643" dependencies = [ "form_urlencoded", "idna", @@ -1586,12 +1494,6 @@ version = "0.9.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" -[[package]] -name = "wasi" -version = "0.10.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" - [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" @@ -1600,9 +1502,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.84" +version = "0.2.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31f8dcbc21f30d9b8f2ea926ecb58f6b91192c17e9d33594b3df58b2007ca53b" +checksum = "5bba0e8cb82ba49ff4e229459ff22a191bbe9a1cb3a341610c9c33efc27ddf73" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -1610,24 +1512,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.84" +version = "0.2.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95ce90fd5bcc06af55a641a86428ee4229e44e07033963a2290a8e241607ccb9" +checksum = "19b04bc93f9d6bdee709f6bd2118f57dd6679cf1176a1af464fca3ab0d66d8fb" dependencies = [ "bumpalo", "log", "once_cell", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.17", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-futures" -version = "0.4.34" +version = "0.4.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f219e0d211ba40266969f6dbdd90636da12f75bee4fc9d6c23d1260dadb51454" +checksum = "2d1985d03709c53167ce907ff394f5316aa22cb4e12761295c5dc57dacb6297e" dependencies = [ "cfg-if", "js-sys", @@ -1637,9 +1539,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.84" +version = "0.2.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c21f77c0bedc37fd5dc21f897894a5ca01e7bb159884559461862ae90c0b4c5" +checksum = "14d6b024f1a526bb0234f52840389927257beb670610081360e5a03c5df9c258" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -1647,28 +1549,28 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.84" +version = "0.2.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2aff81306fcac3c7515ad4e177f521b5c9a15f2b08f4e32d823066102f35a5f6" +checksum = "e128beba882dd1eb6200e1dc92ae6c5dbaa4311aa7bb211ca035779e5efc39f8" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.17", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.84" +version = "0.2.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" +checksum = "ed9d5b4305409d1fc9482fee2d7f9bcbf24b3972bf59817ef757e23982242a93" [[package]] name = "web-sys" -version = "0.3.61" +version = "0.3.63" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e33b99f4b23ba3eec1a53ac264e35a755f00e966e0065077d6027c0f575b0b97" +checksum = "3bdd9ef4e984da1187bf8110c5cf5b845fbc87a23602cdf912386a76fcd3a7c2" dependencies = [ "js-sys", "wasm-bindgen", @@ -1951,9 +1853,9 @@ checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9" [[package]] name = "zip" -version = "0.6.4" +version = "0.6.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0445d0fbc924bb93539b4316c11afb121ea39296f99a3c4c9edad09e3658cdef" +checksum = "760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261" dependencies = [ "byteorder", "crc32fast", diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml index 675a2f6eaf4..b6cce1399d5 100644 --- a/xtask/Cargo.toml +++ b/xtask/Cargo.toml @@ -14,7 +14,10 @@ base64 = "0.20" camino = "1" clap = { version = "4.1.10", features = ["derive"] } cargo_metadata = "0.15" -chrono = "0.4.24" +# Only use the `clock` features of `chrono` to avoid the `time` dependency +# impacted by CVE-2020-26235. https://github.com/chronotope/chrono/issues/602 +# and https://github.com/chronotope/chrono/issues/1073 will explain more. +chrono = { version = "0.4.24", default-features = false, features = ["clock"] } console = "0.15.5" dialoguer = "0.10.3" flate2 = "1" From 239c745ab07da245a60a0f86b4d9eb7fd54d573d Mon Sep 17 00:00:00 2001 From: Jesse Rosenberger Date: Fri, 26 May 2023 14:04:28 +0300 Subject: [PATCH 15/39] chore(tools): Use PR number in changeset titles when Issue is absent (#3152) Previously, it was just leaving it off, but it left things a bit unharmonic/off-balance in terms of the resulting changeset template. I'd also just been manually adding those during the release process thus far, so figured I'd just automate it now. Also added a lot of tests and fixed a couple bugs with trailing spaces. Relates to #https://github.com/apollographql/router/issues/2261 --- xtask/Cargo.lock | 549 +++++++++++++----- xtask/Cargo.toml | 3 + xtask/src/commands/changeset/mod.rs | 239 +++++++- ...latizes_with_multiple_issues_in_title.snap | 10 + ...s_in_title_and_multiple_prs_in_footer.snap | 10 + ...mplatizes_with_multiple_prs_in_footer.snap | 10 + ...emplatizes_with_neither_issues_or_prs.snap | 10 + ...s_with_prs_in_title_when_empty_issues.snap | 10 + ...emplatizes_with_prs_when_empty_issues.snap | 10 + ...hout_prs_in_title_when_issues_present.snap | 10 + 10 files changed, 700 insertions(+), 161 deletions(-) create mode 100644 xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_issues_in_title.snap create mode 100644 xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_issues_in_title_and_multiple_prs_in_footer.snap create mode 100644 xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_prs_in_footer.snap create mode 100644 xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_neither_issues_or_prs.snap create mode 100644 xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_prs_in_title_when_empty_issues.snap create mode 100644 xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_prs_when_empty_issues.snap create mode 100644 xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_without_prs_in_title_when_issues_present.snap diff --git a/xtask/Cargo.lock b/xtask/Cargo.lock index d74a4076d36..5ced3553de1 100644 --- a/xtask/Cargo.lock +++ b/xtask/Cargo.lock @@ -10,9 +10,9 @@ checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" [[package]] name = "aho-corasick" -version = "1.0.1" +version = "0.7.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67fc08ce920c31afb70f013dcce1bfc3a3195de6a228474e45e1f145b36f8d04" +checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" dependencies = [ "memchr", ] @@ -28,58 +28,49 @@ dependencies = [ [[package]] name = "anstream" -version = "0.3.2" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ca84f3628370c59db74ee214b3263d58f9aadd9b4fe7e711fd87dc452b7f163" +checksum = "342258dd14006105c2b75ab1bd7543a03bdf0cfc94383303ac212a04939dff6f" dependencies = [ "anstyle", "anstyle-parse", - "anstyle-query", "anstyle-wincon", - "colorchoice", + "concolor-override", + "concolor-query", "is-terminal", "utf8parse", ] [[package]] name = "anstyle" -version = "1.0.0" +version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41ed9a86bf92ae6580e0a31281f65a1b1d867c0cc68d5346e2ae128dddfa6a7d" +checksum = "23ea9e81bd02e310c216d080f6223c179012256e5151c41db88d12c88a1684d2" [[package]] name = "anstyle-parse" -version = "0.2.0" +version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e765fd216e48e067936442276d1d57399e37bce53c264d6fefbe298080cb57ee" +checksum = "a7d1bb534e9efed14f3e5f44e7dd1a4f709384023a4165199a4241e18dff0116" dependencies = [ "utf8parse", ] -[[package]] -name = "anstyle-query" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b" -dependencies = [ - "windows-sys 0.48.0", -] - [[package]] name = "anstyle-wincon" -version = "1.0.1" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "180abfa45703aebe0093f79badacc01b8fd4ea2e35118747e5811127f926e188" +checksum = "c3127af6145b149f3287bb9a0d10ad9c5692dba8c53ad48285e5bec4063834fa" dependencies = [ "anstyle", - "windows-sys 0.48.0", + "windows-sys 0.45.0", ] [[package]] name = "anyhow" -version = "1.0.71" +version = "1.0.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8" +checksum = "7de8ce5e0f9f8d88245311066a578d72b7af3e7088f32783804676302df237e4" [[package]] name = "ascii" @@ -101,9 +92,9 @@ checksum = "0ea22880d78093b0cbe17c89f64a7d457941e65759157ec6cb31a31d652b05e5" [[package]] name = "base64" -version = "0.21.2" +version = "0.21.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d" +checksum = "a4a4ddaa51a5bc52a6948f74c06d20aaaddb71924eab79b8c97a8c556e942d6a" [[package]] name = "bitflags" @@ -111,11 +102,20 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "block-buffer" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +dependencies = [ + "generic-array", +] + [[package]] name = "bumpalo" -version = "3.13.0" +version = "3.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1" +checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" [[package]] name = "byteorder" @@ -125,9 +125,9 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "bytes" -version = "1.4.0" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89b2fd2a0dcf38d7971e2194b6b6eebab45ae01067456a7fd93d5547a61b70be" +checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" [[package]] name = "camino" @@ -187,9 +187,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.3.0" +version = "4.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "93aae7a4192245f70fe75dd9157fc7b4a5bf53e88d30bd4396f7d8f9284d5acc" +checksum = "046ae530c528f252094e4a77886ee1374437744b2bff1497aa898bbddbbb29b3" dependencies = [ "clap_builder", "clap_derive", @@ -198,9 +198,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.3.0" +version = "4.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f423e341edefb78c9caba2d9c7f7687d0e72e89df3ce3394554754393ac3990" +checksum = "223163f58c9a40c3b0a43e1c4b50a9ce09f007ea2cb1ec258a687945b4b7929f" dependencies = [ "anstream", "anstyle", @@ -211,27 +211,31 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.3.0" +version = "4.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "191d9573962933b4027f932c600cd252ce27a8ad5979418fe78e43c07996f27b" +checksum = "3f9644cd56d6b87dbe899ef8b053e331c0637664e9e21a33dfcdc36093f5c5c4" dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.17", + "syn 2.0.13", ] [[package]] name = "clap_lex" -version = "0.5.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2da6da31387c7e4ef160ffab6d5e7f00c42626fe39aea70a7b0f1773f7dd6c1b" +checksum = "8a2dd5a6fe8c6e3502f568a6353e5273bbb15193ad9a89e457b9970798efbea1" [[package]] -name = "colorchoice" -version = "1.0.0" +name = "codespan-reporting" +version = "0.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" +checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" +dependencies = [ + "termcolor", + "unicode-width", +] [[package]] name = "combine" @@ -246,17 +250,32 @@ dependencies = [ "unreachable", ] +[[package]] +name = "concolor-override" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a855d4a1978dc52fb0536a04d384c2c0c1aa273597f08b77c8c4d3b2eec6037f" + +[[package]] +name = "concolor-query" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "88d11d52c3d7ca2e6d0040212be9e4dbbcd78b6447f535b6b561f449427944cf" +dependencies = [ + "windows-sys 0.45.0", +] + [[package]] name = "console" -version = "0.15.7" +version = "0.15.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c926e00cc70edefdc64d3a5ff31cc65bb97a3460097762bd23afb4d8145fccf8" +checksum = "c3d79fbe8970a77e3e34151cc13d3b3e248aa0faaecb9f6091fa07ebefe5ad60" dependencies = [ "encode_unicode", "lazy_static", "libc", "unicode-width", - "windows-sys 0.45.0", + "windows-sys 0.42.0", ] [[package]] @@ -275,6 +294,15 @@ version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa" +[[package]] +name = "cpufeatures" +version = "0.2.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e4c1eaa2012c47becbbad2ab175484c2a84d1185b566fb2cc5b8707343dfe58" +dependencies = [ + "libc", +] + [[package]] name = "crc32fast" version = "1.3.2" @@ -293,11 +321,65 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array", + "typenum", +] + +[[package]] +name = "cxx" +version = "1.0.94" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f61f1b6389c3fe1c316bf8a4dccc90a38208354b330925bce1f74a6c4756eb93" +dependencies = [ + "cc", + "cxxbridge-flags", + "cxxbridge-macro", + "link-cplusplus", +] + +[[package]] +name = "cxx-build" +version = "1.0.94" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12cee708e8962df2aeb38f594aae5d827c022b6460ac71a7a3e2c3c2aae5a07b" +dependencies = [ + "cc", + "codespan-reporting", + "once_cell", + "proc-macro2", + "quote", + "scratch", + "syn 2.0.13", +] + +[[package]] +name = "cxxbridge-flags" +version = "1.0.94" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7944172ae7e4068c533afbb984114a56c46e9ccddda550499caa222902c7f7bb" + +[[package]] +name = "cxxbridge-macro" +version = "1.0.94" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2345488264226bf682893e25de0769f3360aac9957980ec49361b083ddaa5bc5" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.13", +] + [[package]] name = "dialoguer" -version = "0.10.4" +version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "59c6f2989294b9a498d3ad5491a79c6deb604617378e1cdc4bfc1c1361fe2f87" +checksum = "af3c796f3b0b408d9fd581611b47fa850821fcb84aa640b83a3c1a5be2d691f2" dependencies = [ "console", "shell-words", @@ -305,6 +387,16 @@ dependencies = [ "zeroize", ] +[[package]] +name = "digest" +version = "0.10.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +dependencies = [ + "block-buffer", + "crypto-common", +] + [[package]] name = "either" version = "1.8.1" @@ -328,13 +420,13 @@ dependencies = [ [[package]] name = "errno" -version = "0.3.1" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bcfec3a70f97c962c307b2d2c56e358cf1d00b558d74262b5f929ee8cc7e73a" +checksum = "50d6a0976c999d473fe89ad888d5a284e55366d9dc9038b1ba2aa15128c4afa0" dependencies = [ "errno-dragonfly", "libc", - "windows-sys 0.48.0", + "windows-sys 0.45.0", ] [[package]] @@ -358,21 +450,21 @@ dependencies = [ [[package]] name = "filetime" -version = "0.2.21" +version = "0.2.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5cbc844cecaee9d4443931972e1289c8ff485cb4cc2767cb03ca139ed6885153" +checksum = "8a3de6e8d11b22ff9edc6d916f890800597d60f8b2da1caf2955c274638d6412" dependencies = [ "cfg-if", "libc", "redox_syscall 0.2.16", - "windows-sys 0.48.0", + "windows-sys 0.45.0", ] [[package]] name = "flate2" -version = "1.0.26" +version = "1.0.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743" +checksum = "a8a2db397cb1c8772f31494cb8917e48cd1e64f0fa7efac59fbd741a0a8ce841" dependencies = [ "crc32fast", "miniz_oxide", @@ -386,10 +478,11 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "form_urlencoded" -version = "1.1.0" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a9c384f161156f5260c24a097c56119f9be8c798586aecc13afbcbe7b7e26bf8" +checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191" dependencies = [ + "matches", "percent-encoding", ] @@ -441,6 +534,16 @@ dependencies = [ "slab", ] +[[package]] +name = "generic-array" +version = "0.14.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" +dependencies = [ + "typenum", + "version_check", +] + [[package]] name = "getrandom" version = "0.1.16" @@ -513,9 +616,9 @@ dependencies = [ [[package]] name = "h2" -version = "0.3.19" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d357c7ae988e7d2182f7d7871d0b963962420b0678b0997ce7de72001aeab782" +checksum = "5be7b54589b581f624f566bf5d8eb2bab1db736c51528720b6bd36b96b55924d" dependencies = [ "bytes", "fnv", @@ -593,9 +696,9 @@ checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" [[package]] name = "hyper" -version = "0.14.26" +version = "0.14.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab302d72a6f11a3b910431ff93aae7e773078c769f0a3ef15fb9ec692ed147d4" +checksum = "cc5e554ff619822309ffd57d8734d77cd5ce6238bc956f037ea06c58238c9899" dependencies = [ "bytes", "futures-channel", @@ -617,9 +720,9 @@ dependencies = [ [[package]] name = "hyper-rustls" -version = "0.24.0" +version = "0.23.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0646026eb1b3eea4cd9ba47912ea5ce9cc07713d105b1a14698f4e6433d348b7" +checksum = "1788965e61b367cd03a62950836d5cd41560c3577d90e40e0819373194d1661c" dependencies = [ "http", "hyper", @@ -644,19 +747,21 @@ dependencies = [ [[package]] name = "iana-time-zone-haiku" -version = "0.1.2" +version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" +checksum = "0703ae284fc167426161c2e3f1da3ea71d94b21bedbcc9494e92b28e334e3dca" dependencies = [ - "cc", + "cxx", + "cxx-build", ] [[package]] name = "idna" -version = "0.3.0" +version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6" +checksum = "418a0a6fab821475f634efe3ccc45c013f742efe03d853e8d3355d5cb850ecf8" dependencies = [ + "matches", "unicode-bidi", "unicode-normalization", ] @@ -671,6 +776,22 @@ dependencies = [ "hashbrown", ] +[[package]] +name = "insta" +version = "1.29.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a28d25139df397cbca21408bb742cf6837e04cdbebf1b07b760caf971d6a972" +dependencies = [ + "console", + "lazy_static", + "linked-hash-map", + "pest", + "pest_derive", + "serde", + "similar", + "yaml-rust", +] + [[package]] name = "instant" version = "0.1.12" @@ -682,9 +803,9 @@ dependencies = [ [[package]] name = "io-lifetimes" -version = "1.0.11" +version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" +checksum = "9c66c74d2ae7e79a5a8f7ac924adbe38ee42a859c6539ad869eb51f0b52dc220" dependencies = [ "hermit-abi 0.3.1", "libc", @@ -699,14 +820,14 @@ checksum = "12b6ee2129af8d4fb011108c73d99a1b83a85977f23b82460c0ae2e25bb4b57f" [[package]] name = "is-terminal" -version = "0.4.7" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adcf93614601c8129ddf72e2d5633df827ba6551541c6d8c59520a371475be1f" +checksum = "256017f749ab3117e93acb91063009e1f1bb56d03965b14c2c8df4eb02c524d8" dependencies = [ "hermit-abi 0.3.1", "io-lifetimes", "rustix", - "windows-sys 0.48.0", + "windows-sys 0.45.0", ] [[package]] @@ -726,9 +847,9 @@ checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6" [[package]] name = "js-sys" -version = "0.3.63" +version = "0.3.61" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f37a4a5928311ac501dee68b3c7613a1037d0edb30c8e5427bd832d55d1b790" +checksum = "445dde2150c55e483f3d8416706b97ec8e8237c307e5b7b4b8dd15e6af2a0730" dependencies = [ "wasm-bindgen", ] @@ -741,15 +862,30 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.144" +version = "0.2.141" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3304a64d199bb964be99741b7a14d26972741915b3649639149b2479bb46f4b5" + +[[package]] +name = "link-cplusplus" +version = "1.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b00cc1c228a6782d0f076e7b232802e0c5689d41bb5df366f2a6b6621cfdfe1" +checksum = "ecd207c9c713c34f95a097a5b029ac2ce6010530c7b49d7fea24d977dede04f5" +dependencies = [ + "cc", +] + +[[package]] +name = "linked-hash-map" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" [[package]] name = "linux-raw-sys" -version = "0.3.8" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" +checksum = "d59d8c75012853d2e872fb56bc8a2e53718e2cafe1a4c823143141c6d90c322f" [[package]] name = "log" @@ -760,6 +896,12 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "matches" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2532096657941c2fea9c289d370a250971c689d4f143798ff67113ec042024a5" + [[package]] name = "memchr" version = "2.5.0" @@ -783,9 +925,9 @@ checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" [[package]] name = "miniz_oxide" -version = "0.7.1" +version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" +checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" dependencies = [ "adler", ] @@ -854,9 +996,53 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "percent-encoding" -version = "2.2.0" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" +checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e" + +[[package]] +name = "pest" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e68e84bfb01f0507134eac1e9b410a12ba379d064eab48c50ba4ce329a527b70" +dependencies = [ + "thiserror", + "ucd-trie", +] + +[[package]] +name = "pest_derive" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b79d4c71c865a25a4322296122e3924d30bc8ee0834c8bfc8b95f7f054afbfb" +dependencies = [ + "pest", + "pest_generator", +] + +[[package]] +name = "pest_generator" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c435bf1076437b851ebc8edc3a18442796b30f1728ffea6262d59bbe28b077e" +dependencies = [ + "pest", + "pest_meta", + "proc-macro2", + "quote", + "syn 2.0.13", +] + +[[package]] +name = "pest_meta" +version = "2.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "745a452f8eb71e39ffd8ee32b3c5f51d03845f99786fa9b68db6ff509c505411" +dependencies = [ + "once_cell", + "pest", + "sha2", +] [[package]] name = "pin-project-lite" @@ -878,18 +1064,18 @@ checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" [[package]] name = "proc-macro2" -version = "1.0.59" +version = "1.0.56" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6aeca18b86b413c660b781aa319e4e2648a3e6f9eadc9b47e9038e6fe9f3451b" +checksum = "2b63bdb0cd06f1f4dedf69b254734f9b45af66e4a031e42a7480257d9898b435" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.28" +version = "1.0.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" +checksum = "4424af4bf778aae2051a77b60283332f386554255d722233d09fbfc7e30da2fc" dependencies = [ "proc-macro2", ] @@ -955,9 +1141,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.8.3" +version = "1.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81ca098a9821bd52d6b24fd8b10bd081f47d39c22778cafaa75a2857a62c6390" +checksum = "8b1f693b24f6ac912f4893ef08244d70b6067480d2f1a46e950c9691e6749d1d" dependencies = [ "aho-corasick", "memchr", @@ -966,17 +1152,17 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.7.2" +version = "0.6.29" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78" +checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" [[package]] name = "reqwest" -version = "0.11.18" +version = "0.11.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cde824a14b7c14f85caff81225f411faacc04a2013f41670f41443742b1c1c55" +checksum = "27b71749df584b7f4cac2c426c127a7c785a5106cc98f7a8feb044115f0fa254" dependencies = [ - "base64 0.21.2", + "base64 0.21.0", "bytes", "encoding_rs", "futures-core", @@ -1027,28 +1213,28 @@ dependencies = [ [[package]] name = "rustix" -version = "0.37.19" +version = "0.37.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "acf8729d8542766f1b2cf77eb034d52f40d375bb8b615d0b147089946e16613d" +checksum = "2aae838e49b3d63e9274e1c01833cc8139d3fec468c3b84688c628f44b1ae11d" dependencies = [ "bitflags", "errno", "io-lifetimes", "libc", "linux-raw-sys", - "windows-sys 0.48.0", + "windows-sys 0.45.0", ] [[package]] name = "rustls" -version = "0.21.1" +version = "0.20.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c911ba11bc8433e811ce56fde130ccf32f5127cab0e0194e9c68c5a5b671791e" +checksum = "fff78fc74d175294f4e83b28343315ffcfb114b156f0185e9741cb5570f50e2f" dependencies = [ "log", "ring", - "rustls-webpki", "sct", + "webpki", ] [[package]] @@ -1069,17 +1255,7 @@ version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d194b56d58803a43635bdc398cd17e383d6f71f9182b9a192c127ca42494a59b" dependencies = [ - "base64 0.21.2", -] - -[[package]] -name = "rustls-webpki" -version = "0.100.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6207cd5ed3d8dca7816f8f3725513a34609c0c765bf652b8c3cb4cfd87db46b" -dependencies = [ - "ring", - "untrusted", + "base64 0.21.0", ] [[package]] @@ -1106,6 +1282,12 @@ dependencies = [ "windows-sys 0.42.0", ] +[[package]] +name = "scratch" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1792db035ce95be60c3f8853017b3999209281c24e2ba5bc8e59bf97a0c590c1" + [[package]] name = "sct" version = "0.7.0" @@ -1118,9 +1300,9 @@ dependencies = [ [[package]] name = "security-framework" -version = "2.9.1" +version = "2.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fc758eb7bffce5b308734e9b0c1468893cae9ff70ebf13e7090be8dcbcc83a8" +checksum = "a332be01508d814fed64bf28f798a146d73792121129962fdf335bb3c49a4254" dependencies = [ "bitflags", "core-foundation", @@ -1131,9 +1313,9 @@ dependencies = [ [[package]] name = "security-framework-sys" -version = "2.9.0" +version = "2.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f51d0c0d83bec45f16480d0ce0058397a69e48fcdc52d1dc8855fb68acbd31a7" +checksum = "31c9bb296072e961fcbd8853511dd39c2d8be2deb1e17c6860b1d30732b323b4" dependencies = [ "core-foundation-sys", "libc", @@ -1150,29 +1332,29 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.163" +version = "1.0.159" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2113ab51b87a539ae008b5c6c02dc020ffa39afd2d83cffcb3f4eb2722cebec2" +checksum = "3c04e8343c3daeec41f58990b9d77068df31209f2af111e059e9fe9646693065" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.163" +version = "1.0.159" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c805777e3930c8883389c602315a24224bcc738b63905ef87cd1420353ea93e" +checksum = "4c614d17805b093df4b147b51339e7e44bf05ef59fba1e45d83500bcfb4d8585" dependencies = [ "proc-macro2", "quote", - "syn 2.0.17", + "syn 2.0.13", ] [[package]] name = "serde_json" -version = "1.0.96" +version = "1.0.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "057d394a50403bcac12672b2b18fb387ab6d289d957dab67dd201875391e52f1" +checksum = "d721eca97ac802aa7777b701877c8004d950fc142651367300d21c1cc0194744" dependencies = [ "itoa", "ryu", @@ -1197,12 +1379,29 @@ dependencies = [ "serde", ] +[[package]] +name = "sha2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest", +] + [[package]] name = "shell-words" version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "24188a676b6ae68c3b2cb3a01be17fbf7240ce009799bb56d5b1409051e78fde" +[[package]] +name = "similar" +version = "2.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "420acb44afdae038210c99e69aae24109f32f15500aa708e81d46c9f29d55fcf" + [[package]] name = "slab" version = "0.4.8" @@ -1247,9 +1446,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.17" +version = "2.0.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "45b6ddbb36c5b969c182aec3c4a0bce7df3fbad4b77114706a49aacc80567388" +checksum = "4c9da457c5285ac1f936ebd076af6dac17a61cfe7826f2076b4d015cf47bc8ec" dependencies = [ "proc-macro2", "quote", @@ -1286,6 +1485,15 @@ dependencies = [ "windows-sys 0.45.0", ] +[[package]] +name = "termcolor" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be55cf8942feac5c765c2c993422806843c9a9a45d4d5c407ad6dd2ea95eb9b6" +dependencies = [ + "winapi-util", +] + [[package]] name = "thiserror" version = "1.0.40" @@ -1303,7 +1511,7 @@ checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.17", + "syn 2.0.13", ] [[package]] @@ -1333,9 +1541,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.28.1" +version = "1.27.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0aa32867d44e6f2ce3385e89dceb990188b8bb0fb25b0cf576647a6f98ac5105" +checksum = "d0de47a4eecbe11f498978a9b29d792f0d2692d1dd003650c24c76510e3bc001" dependencies = [ "autocfg", "bytes", @@ -1344,24 +1552,25 @@ dependencies = [ "num_cpus", "pin-project-lite", "socket2", - "windows-sys 0.48.0", + "windows-sys 0.45.0", ] [[package]] name = "tokio-rustls" -version = "0.24.0" +version = "0.23.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e0d409377ff5b1e3ca6437aa86c1eb7d40c134bfec254e44c830defa92669db5" +checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59" dependencies = [ "rustls", "tokio", + "webpki", ] [[package]] name = "tokio-util" -version = "0.7.8" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "806fe8c2c87eccc8b3267cbae29ed3ab2d0bd37fca70ab622e46aaa9375ddb7d" +checksum = "5427d89453009325de0d8f342c9490009f76e999cb7672d77e46267448f7e6b2" dependencies = [ "bytes", "futures-core", @@ -1390,9 +1599,9 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.31" +version = "0.1.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a" +checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a" dependencies = [ "once_cell", ] @@ -1403,6 +1612,18 @@ version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed" +[[package]] +name = "typenum" +version = "1.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" + +[[package]] +name = "ucd-trie" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e79c4d996edb816c91e4308506774452e55e95c3c9de07b6729e17e15a5ef81" + [[package]] name = "unicode-bidi" version = "0.3.13" @@ -1411,9 +1632,9 @@ checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460" [[package]] name = "unicode-ident" -version = "1.0.9" +version = "1.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b15811caf2415fb889178633e7724bad2509101cde276048e013b9def5e51fa0" +checksum = "e5464a87b239f13a63a501f2701565754bae92d243d4bb7eb12f6d57d2269bf4" [[package]] name = "unicode-normalization" @@ -1447,9 +1668,9 @@ checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" [[package]] name = "url" -version = "2.3.1" +version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d68c799ae75762b8c3fe375feb6600ef5602c883c5d21eb51c09f22b83c4643" +checksum = "22fe195a4f217c25b25cb5058ced57059824a678474874038dc88d211bf508d3" dependencies = [ "form_urlencoded", "idna", @@ -1462,6 +1683,12 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + [[package]] name = "void" version = "1.0.2" @@ -1502,9 +1729,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.86" +version = "0.2.84" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5bba0e8cb82ba49ff4e229459ff22a191bbe9a1cb3a341610c9c33efc27ddf73" +checksum = "31f8dcbc21f30d9b8f2ea926ecb58f6b91192c17e9d33594b3df58b2007ca53b" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -1512,24 +1739,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.86" +version = "0.2.84" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19b04bc93f9d6bdee709f6bd2118f57dd6679cf1176a1af464fca3ab0d66d8fb" +checksum = "95ce90fd5bcc06af55a641a86428ee4229e44e07033963a2290a8e241607ccb9" dependencies = [ "bumpalo", "log", "once_cell", "proc-macro2", "quote", - "syn 2.0.17", + "syn 1.0.109", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-futures" -version = "0.4.36" +version = "0.4.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2d1985d03709c53167ce907ff394f5316aa22cb4e12761295c5dc57dacb6297e" +checksum = "f219e0d211ba40266969f6dbdd90636da12f75bee4fc9d6c23d1260dadb51454" dependencies = [ "cfg-if", "js-sys", @@ -1539,9 +1766,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.86" +version = "0.2.84" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14d6b024f1a526bb0234f52840389927257beb670610081360e5a03c5df9c258" +checksum = "4c21f77c0bedc37fd5dc21f897894a5ca01e7bb159884559461862ae90c0b4c5" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -1549,28 +1776,28 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.86" +version = "0.2.84" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e128beba882dd1eb6200e1dc92ae6c5dbaa4311aa7bb211ca035779e5efc39f8" +checksum = "2aff81306fcac3c7515ad4e177f521b5c9a15f2b08f4e32d823066102f35a5f6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.17", + "syn 1.0.109", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.86" +version = "0.2.84" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed9d5b4305409d1fc9482fee2d7f9bcbf24b3972bf59817ef757e23982242a93" +checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" [[package]] name = "web-sys" -version = "0.3.63" +version = "0.3.61" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3bdd9ef4e984da1187bf8110c5cf5b845fbc87a23602cdf912386a76fcd3a7c2" +checksum = "e33b99f4b23ba3eec1a53ac264e35a755f00e966e0065077d6027c0f575b0b97" dependencies = [ "js-sys", "wasm-bindgen", @@ -1825,6 +2052,7 @@ dependencies = [ "dialoguer", "flate2", "graphql_client", + "insta", "itertools", "libc", "memorable-wordlist", @@ -1845,6 +2073,15 @@ dependencies = [ "zip", ] +[[package]] +name = "yaml-rust" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56c1936c4cc7a1c9ab21a1ebb602eb942ba868cbd44a99cb7cdc5892335e1c85" +dependencies = [ + "linked-hash-map", +] + [[package]] name = "zeroize" version = "1.6.0" @@ -1853,9 +2090,9 @@ checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9" [[package]] name = "zip" -version = "0.6.6" +version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261" +checksum = "0445d0fbc924bb93539b4316c11afb121ea39296f99a3c4c9edad09e3658cdef" dependencies = [ "byteorder", "crc32fast", diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml index b6cce1399d5..0d94015cfc1 100644 --- a/xtask/Cargo.toml +++ b/xtask/Cargo.toml @@ -44,3 +44,6 @@ tokio = "1.25.0" which = "4" zip = { version = "0.6", default-features = false } walkdir = "2.3.2" + +[dev-dependencies] +insta = { version = "1.26.0", features = ["json", "redactions", "yaml"] } diff --git a/xtask/src/commands/changeset/mod.rs b/xtask/src/commands/changeset/mod.rs index 4b4aa578481..005e2ea446e 100644 --- a/xtask/src/commands/changeset/mod.rs +++ b/xtask/src/commands/changeset/mod.rs @@ -66,15 +66,29 @@ struct TemplateContext { const REPO_WITH_OWNER: &'static str = "apollographql/router"; -const EXAMPLE_TEMPLATE: &'static str = "### {title} {{ for issue in issues -}} -([Issue #{issue.number}]({issue.url})){{ if not @last }}, {{ endif }} -{{- endfor }} +const EXAMPLE_TEMPLATE: &'static str = "### { title } +{{- if issues -}} + {{- if issues }} {{ endif -}} + {{- for issue in issues -}} + ([Issue #{issue.number}]({issue.url})) + {{- if not @last }}, {{ endif -}} + {{- endfor -}} +{{ else -}} + {{- if pulls -}} + {{- if pulls }} {{ endif -}} + {{- for pull in pulls -}} + ([PR #{pull.number}]({pull.url})) + {{- if not @last }}, {{ endif -}} + {{- endfor -}} + {{- else -}} + {{- endif -}} +{{- endif }} {body} -By [@{author}](https://github.com/{author}) in {{ for pull in pulls -}} +By [@{author}](https://github.com/{author}){{ if pulls }} in {{ for pull in pulls -}} {pull.url}{{ if not @last }}, {{ endif }} -{{- endfor }} +{{- endfor }}{{ endif }} "; impl Command { @@ -610,3 +624,218 @@ impl TryFrom<&DirEntry> for Changeset { }) } } + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn it_templatizes_with_multiple_issues_in_title_and_multiple_prs_in_footer() { + let test_context = TemplateContext { + title: String::from("TITLE"), + issues: vec![ + TemplateResource { + url: format!( + "https://github.com/{}/issues/ISSUE_NUMBER1", + String::from("REPO_WITH_OWNER") + ), + number: String::from("ISSUE_NUMBER1"), + }, + TemplateResource { + url: format!( + "https://github.com/{}/issues/ISSUE_NUMBER2", + String::from("REPO_WITH_OWNER") + ), + number: String::from("ISSUE_NUMBER2"), + }, + ], + pulls: vec![ + TemplateResource { + url: format!( + "https://github.com/{}/pull/PULL_NUMBER1", + String::from("REPO_WITH_OWNER") + ), + number: String::from("PULL_NUMBER1"), + }, + TemplateResource { + url: format!( + "https://github.com/{}/pull/PULL_NUMBER2", + String::from("REPO_WITH_OWNER") + ), + number: String::from("PULL_NUMBER2"), + }, + ], + author: String::from("AUTHOR"), + body: String::from("BODY"), + }; + + let mut tt = TinyTemplate::new(); + tt.add_template("message", EXAMPLE_TEMPLATE).unwrap(); + tt.set_default_formatter(&format_unescaped); + let rendered_template = tt + .render("message", &test_context) + .unwrap() + .replace('\r', ""); + insta::assert_snapshot!(rendered_template); + } + + #[test] + fn it_templatizes_with_multiple_prs_in_footer() { + let test_context = TemplateContext { + title: String::from("TITLE"), + issues: vec![TemplateResource { + url: format!( + "https://github.com/{}/issues/ISSUE_NUMBER", + String::from("REPO_WITH_OWNER") + ), + number: String::from("ISSUE_NUMBER"), + }], + pulls: vec![ + TemplateResource { + url: format!( + "https://github.com/{}/pull/PULL_NUMBER1", + String::from("REPO_WITH_OWNER") + ), + number: String::from("PULL_NUMBER1"), + }, + TemplateResource { + url: format!( + "https://github.com/{}/pull/PULL_NUMBER2", + String::from("REPO_WITH_OWNER") + ), + number: String::from("PULL_NUMBER2"), + }, + ], + author: String::from("AUTHOR"), + body: String::from("BODY"), + }; + + let mut tt = TinyTemplate::new(); + tt.add_template("message", EXAMPLE_TEMPLATE).unwrap(); + tt.set_default_formatter(&format_unescaped); + let rendered_template = tt + .render("message", &test_context) + .unwrap() + .replace('\r', ""); + insta::assert_snapshot!(rendered_template); + } + + #[test] + fn it_templatizes_with_multiple_issues_in_title() { + let test_context = TemplateContext { + title: String::from("TITLE"), + issues: vec![ + TemplateResource { + url: format!( + "https://github.com/{}/issues/ISSUE_NUMBER1", + String::from("REPO_WITH_OWNER") + ), + number: String::from("ISSUE_NUMBER1"), + }, + TemplateResource { + url: format!( + "https://github.com/{}/issues/ISSUE_NUMBER2", + String::from("REPO_WITH_OWNER") + ), + number: String::from("ISSUE_NUMBER2"), + }, + ], + pulls: vec![TemplateResource { + url: format!( + "https://github.com/{}/pull/PULL_NUMBER", + String::from("REPO_WITH_OWNER") + ), + number: String::from("PULL_NUMBER"), + }], + author: String::from("AUTHOR"), + body: String::from("BODY"), + }; + + let mut tt = TinyTemplate::new(); + tt.add_template("message", EXAMPLE_TEMPLATE).unwrap(); + tt.set_default_formatter(&format_unescaped); + let rendered_template = tt + .render("message", &test_context) + .unwrap() + .replace('\r', ""); + insta::assert_snapshot!(rendered_template); + } + + #[test] + fn it_templatizes_with_prs_in_title_when_empty_issues() { + let test_context = TemplateContext { + title: String::from("TITLE"), + issues: vec![], + pulls: vec![TemplateResource { + url: format!( + "https://github.com/{}/pull/PULL_NUMBER", + String::from("REPO_WITH_OWNER") + ), + number: String::from("PULL_NUMBER"), + }], + author: String::from("AUTHOR"), + body: String::from("BODY"), + }; + + let mut tt = TinyTemplate::new(); + tt.add_template("message", EXAMPLE_TEMPLATE).unwrap(); + tt.set_default_formatter(&format_unescaped); + let rendered_template = tt + .render("message", &test_context) + .unwrap() + .replace('\r', ""); + insta::assert_snapshot!(rendered_template); + } + + #[test] + fn it_templatizes_without_prs_in_title_when_issues_present() { + let test_context = TemplateContext { + title: String::from("TITLE"), + issues: vec![TemplateResource { + url: format!( + "https://github.com/{}/pull/ISSUE_NUMBER", + String::from("REPO_WITH_OWNER") + ), + number: String::from("ISSUE_NUMBER"), + }], + pulls: vec![TemplateResource { + url: format!( + "https://github.com/{}/pull/PULL_NUMBER", + String::from("REPO_WITH_OWNER") + ), + number: String::from("PULL_NUMBER"), + }], + author: String::from("AUTHOR"), + body: String::from("BODY"), + }; + + let mut tt = TinyTemplate::new(); + tt.add_template("message", EXAMPLE_TEMPLATE).unwrap(); + tt.set_default_formatter(&format_unescaped); + let rendered_template = tt + .render("message", &test_context) + .unwrap() + .replace('\r', ""); + insta::assert_snapshot!(rendered_template); + } + + #[test] + fn it_templatizes_with_neither_issues_or_prs() { + let test_context = TemplateContext { + title: String::from("TITLE"), + issues: vec![], + pulls: vec![], + author: String::from("AUTHOR"), + body: String::from("BODY"), + }; + + let mut tt = TinyTemplate::new(); + tt.add_template("message", EXAMPLE_TEMPLATE).unwrap(); + tt.set_default_formatter(&format_unescaped); + let rendered_template = tt + .render("message", &test_context) + .unwrap() + .replace('\r', ""); + insta::assert_snapshot!(rendered_template); + } +} diff --git a/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_issues_in_title.snap b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_issues_in_title.snap new file mode 100644 index 00000000000..da70c69e359 --- /dev/null +++ b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_issues_in_title.snap @@ -0,0 +1,10 @@ +--- +source: src/commands/changeset/mod.rs +expression: rendered_template +--- +### TITLE ([Issue #ISSUE_NUMBER1](https://github.com/REPO_WITH_OWNER/issues/ISSUE_NUMBER1)), ([Issue #ISSUE_NUMBER2](https://github.com/REPO_WITH_OWNER/issues/ISSUE_NUMBER2)) + +BODY + +By [@AUTHOR](https://github.com/AUTHOR) in https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER + diff --git a/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_issues_in_title_and_multiple_prs_in_footer.snap b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_issues_in_title_and_multiple_prs_in_footer.snap new file mode 100644 index 00000000000..eebeb051aa0 --- /dev/null +++ b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_issues_in_title_and_multiple_prs_in_footer.snap @@ -0,0 +1,10 @@ +--- +source: src/commands/changeset/mod.rs +expression: rendered_template +--- +### TITLE ([Issue #ISSUE_NUMBER1](https://github.com/REPO_WITH_OWNER/issues/ISSUE_NUMBER1)), ([Issue #ISSUE_NUMBER2](https://github.com/REPO_WITH_OWNER/issues/ISSUE_NUMBER2)) + +BODY + +By [@AUTHOR](https://github.com/AUTHOR) in https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER1, https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER2 + diff --git a/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_prs_in_footer.snap b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_prs_in_footer.snap new file mode 100644 index 00000000000..03483bda37a --- /dev/null +++ b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_multiple_prs_in_footer.snap @@ -0,0 +1,10 @@ +--- +source: src/commands/changeset/mod.rs +expression: rendered_template +--- +### TITLE ([Issue #ISSUE_NUMBER](https://github.com/REPO_WITH_OWNER/issues/ISSUE_NUMBER)) + +BODY + +By [@AUTHOR](https://github.com/AUTHOR) in https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER1, https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER2 + diff --git a/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_neither_issues_or_prs.snap b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_neither_issues_or_prs.snap new file mode 100644 index 00000000000..11751d066f4 --- /dev/null +++ b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_neither_issues_or_prs.snap @@ -0,0 +1,10 @@ +--- +source: src/commands/changeset/mod.rs +expression: rendered_template +--- +### TITLE + +BODY + +By [@AUTHOR](https://github.com/AUTHOR) + diff --git a/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_prs_in_title_when_empty_issues.snap b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_prs_in_title_when_empty_issues.snap new file mode 100644 index 00000000000..c9c293d6840 --- /dev/null +++ b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_prs_in_title_when_empty_issues.snap @@ -0,0 +1,10 @@ +--- +source: src/commands/changeset/mod.rs +expression: rendered_template +--- +### TITLE ([PR #PULL_NUMBER](https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER)) + +BODY + +By [@AUTHOR](https://github.com/AUTHOR) in https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER + diff --git a/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_prs_when_empty_issues.snap b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_prs_when_empty_issues.snap new file mode 100644 index 00000000000..e0f310c4ae1 --- /dev/null +++ b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_with_prs_when_empty_issues.snap @@ -0,0 +1,10 @@ +--- +source: src/commands/changeset/mod.rs +expression: rendered_template +--- +### TITLE ([Pull #PULL_NUMBER](https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER)) + +BODY + +By [@AUTHOR](https://github.com/AUTHOR) in https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER + diff --git a/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_without_prs_in_title_when_issues_present.snap b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_without_prs_in_title_when_issues_present.snap new file mode 100644 index 00000000000..06e4c08b512 --- /dev/null +++ b/xtask/src/commands/changeset/snapshots/xtask__commands__changeset__tests__it_templatizes_without_prs_in_title_when_issues_present.snap @@ -0,0 +1,10 @@ +--- +source: src/commands/changeset/mod.rs +expression: rendered_template +--- +### TITLE ([Issue #ISSUE_NUMBER](https://github.com/REPO_WITH_OWNER/pull/ISSUE_NUMBER)) + +BODY + +By [@AUTHOR](https://github.com/AUTHOR) in https://github.com/REPO_WITH_OWNER/pull/PULL_NUMBER + From 3c104069bf2d14e2c3e8a332f431e5e68984a311 Mon Sep 17 00:00:00 2001 From: Geoffroy Couprie Date: Fri, 26 May 2023 14:50:48 +0200 Subject: [PATCH 16/39] prep release: v1.19.1 --- .changesets/fix_bnjjj_fix_redact_error.md | 5 -- .changesets/fix_garypen_3015_and_friends.md | 11 --- ...ix_geal_jwt_test_multiple_matching_keys.md | 11 --- .changesets/fix_geal_query_plan_cache_key.md | 5 -- .../fix_geal_update_router_bridge_deno.md | 7 -- .../maint_grease_footwear_strike_swimsuit.md | 10 --- .../maint_peer_caboose_prosecutor_puppy.md | 5 -- CHANGELOG.md | 85 +++++++++++++++++-- Cargo.lock | 6 +- apollo-router-benchmarks/Cargo.toml | 4 +- apollo-router-scaffold/Cargo.toml | 2 +- .../templates/base/Cargo.toml | 2 +- .../templates/base/xtask/Cargo.toml | 2 +- apollo-router/Cargo.toml | 2 +- .../tracing/docker-compose.datadog.yml | 2 +- dockerfiles/tracing/docker-compose.jaeger.yml | 2 +- dockerfiles/tracing/docker-compose.zipkin.yml | 2 +- docs/source/containerization/docker.mdx | 2 +- docs/source/containerization/kubernetes.mdx | 28 +++--- docs/source/federation-version-support.mdx | 10 ++- helm/chart/router/Chart.yaml | 4 +- helm/chart/router/README.md | 6 +- licenses.html | 75 ++++++++-------- scripts/install.sh | 2 +- 24 files changed, 159 insertions(+), 131 deletions(-) delete mode 100644 .changesets/fix_bnjjj_fix_redact_error.md delete mode 100644 .changesets/fix_garypen_3015_and_friends.md delete mode 100644 .changesets/fix_geal_jwt_test_multiple_matching_keys.md delete mode 100644 .changesets/fix_geal_query_plan_cache_key.md delete mode 100644 .changesets/fix_geal_update_router_bridge_deno.md delete mode 100644 .changesets/maint_grease_footwear_strike_swimsuit.md delete mode 100644 .changesets/maint_peer_caboose_prosecutor_puppy.md diff --git a/.changesets/fix_bnjjj_fix_redact_error.md b/.changesets/fix_bnjjj_fix_redact_error.md deleted file mode 100644 index f4ee9cfdfdb..00000000000 --- a/.changesets/fix_bnjjj_fix_redact_error.md +++ /dev/null @@ -1,5 +0,0 @@ -### Fix the redact error feature for Studio - -If you were using `tracing.apollo.errors.subgraph.all.redact` and set it to `false` it was still readacting the error until this fix. - -By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3137 \ No newline at end of file diff --git a/.changesets/fix_garypen_3015_and_friends.md b/.changesets/fix_garypen_3015_and_friends.md deleted file mode 100644 index 5f66ac1a286..00000000000 --- a/.changesets/fix_garypen_3015_and_friends.md +++ /dev/null @@ -1,11 +0,0 @@ -### Fix router coprocessor deferred response buffering and change JSON body type from Object to String ([Issue #3015](https://github.com/apollographql/router/issues/3015)) - -The current implementation of the `RouterResponse` processing for coprocessors forces buffering of response data before passing the data to a coprocessor. This is a bug, because deferred responses should be processed progressively with a stream of calls to the coprocessor as each chunk of data becomes available. - -Furthermore, the data type was assumed to be valid JSON for both `RouterRequest` and `RouterResponse` coprocessor processing. This is also a bug, because data at this stage of processing was never necessarily valid JSON. This is a particular issue when dealing with deferred (when using `@defer`) `RouterResponses`. - -This change fixes both of these bugs by modifying the router so that coprocessors are invoked with a `body` payload which is a JSON `String`, not a JSON `Object`. Furthermore, the router now processes each chunk of response data separately so that a coprocessor will receive multiple calls (once for each chunk) for a deferred response. - -For more details about how this works see the [coprocessor documentation](https://www.apollographql.com/docs/router/customizations/coprocessor/). - -By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3104 diff --git a/.changesets/fix_geal_jwt_test_multiple_matching_keys.md b/.changesets/fix_geal_jwt_test_multiple_matching_keys.md deleted file mode 100644 index de76fdf0fb9..00000000000 --- a/.changesets/fix_geal_jwt_test_multiple_matching_keys.md +++ /dev/null @@ -1,11 +0,0 @@ -### Evaluate multiple keys matching a JWT criteria ([Issue #3017](https://github.com/apollographql/router/issues/3017)) - -In some cases, multiple keys could match what a JWT asks for (both the algorithm, `alg`, and optional key identifier, `kid`). Previously, we scored each possible match and only took the one with the highest score. But even then, we could have multiple keys with the same score (e.g., colliding `kid` between multiple JWKS in tests). - -The improved behavior will: - -- Return a list of those matching `key` instead of the one with the highest score. -- Try them one by one until the JWT is validated, or return an error. -- If some keys were found with the highest possible score (matching `alg`, with `kid` present and matching, too), then we only test those keys. - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3031 diff --git a/.changesets/fix_geal_query_plan_cache_key.md b/.changesets/fix_geal_query_plan_cache_key.md deleted file mode 100644 index 2fd7f276870..00000000000 --- a/.changesets/fix_geal_query_plan_cache_key.md +++ /dev/null @@ -1,5 +0,0 @@ -### hash the query and operation name in the query plan cache key ([Issue #2998](https://github.com/apollographql/router/issues/2998)) - -The query and operation name can be too large to transmit as part of a Redis cache key. They will now be hashed with SHA256 before writing them as part of the cache key. - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3101 \ No newline at end of file diff --git a/.changesets/fix_geal_update_router_bridge_deno.md b/.changesets/fix_geal_update_router_bridge_deno.md deleted file mode 100644 index e7d53867cd2..00000000000 --- a/.changesets/fix_geal_update_router_bridge_deno.md +++ /dev/null @@ -1,7 +0,0 @@ -### Update the query planner to 2.4.6 ([Issue #3133](https://github.com/apollographql/router/issues/3133)) - -This fixes some errors in query planning on fragment with overlapping subselections, with a message of the form "Cannot add selection of field X to selection set of parent type Y". - -The new router-bridge version also allows updating some dependencies that were fixed to older versions: bytes, regex, once_cell, tokio, uuid - -By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3135 \ No newline at end of file diff --git a/.changesets/maint_grease_footwear_strike_swimsuit.md b/.changesets/maint_grease_footwear_strike_swimsuit.md deleted file mode 100644 index 21cc130bd39..00000000000 --- a/.changesets/maint_grease_footwear_strike_swimsuit.md +++ /dev/null @@ -1,10 +0,0 @@ -### chore(deps): `xtask/` dependency updates ([PR #3149](https://github.com/apollographql/router/pull/3149)) - -This is effectively running `cargo update` in the `xtask/` directory (our -directory of tooling; not runtime components) to bring things more up to -date. - -This changeset takes extra care to update `chrono`'s features to remove the -`time` dependency which is impacted by CVE-2020-26235. - -By [@abernix](https://github.com/abernix) in https://github.com/apollographql/router/pull/3149 \ No newline at end of file diff --git a/.changesets/maint_peer_caboose_prosecutor_puppy.md b/.changesets/maint_peer_caboose_prosecutor_puppy.md deleted file mode 100644 index c0ac81b6bd0..00000000000 --- a/.changesets/maint_peer_caboose_prosecutor_puppy.md +++ /dev/null @@ -1,5 +0,0 @@ -### Improve the way we can test the state_machine in integration - -This changeset provides an internal TestRouterHttpServer for finer grained integration tests. - -By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3099 diff --git a/CHANGELOG.md b/CHANGELOG.md index 576e37112c8..ef2effde261 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,10 +4,83 @@ All notable changes to Router will be documented in this file. This project adheres to [Semantic Versioning v2.0.0](https://semver.org/spec/v2.0.0.html). +# [1.19.1] - 2023-05-26 + +## 🐛 Fixes + +### Fix router coprocessor deferred response buffering and change JSON body type from Object to String ([Issue #3015](https://github.com/apollographql/router/issues/3015)) + +The current implementation of the `RouterResponse` processing for coprocessors forces buffering of response data before passing the data to a coprocessor. This is a bug, because deferred responses should be processed progressively with a stream of calls to the coprocessor as each chunk of data becomes available. + +Furthermore, the data type was assumed to be valid JSON for both `RouterRequest` and `RouterResponse` coprocessor processing. This is also a bug, because data at this stage of processing was never necessarily valid JSON. This is a particular issue when dealing with deferred (when using `@defer`) `RouterResponses`. + +This change fixes both of these bugs by modifying the router so that coprocessors are invoked with a `body` payload which is a JSON `String`, not a JSON `Object`. Furthermore, the router now processes each chunk of response data separately so that a coprocessor will receive multiple calls (once for each chunk) for a deferred response. + +For more details about how this works see the [coprocessor documentation](https://www.apollographql.com/docs/router/customizations/coprocessor/). + +By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3104 + +### Experimental: Query plan cache keys now include a hash of the query and operation name ([Issue #2998](https://github.com/apollographql/router/issues/2998)) + +> **Note** +> This feature is still _experimental_ and not recommended under normal use nor is it validated that caching query plans in a distributed fashion will result in improved performance. + +The experimental feature for caching query plans in a distributed store (e.g., Redis) will now create a SHA-256 hash of the query and operation name and include that hash in the cache key, rather than using the operation document as it was previously. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3101 + +### Federation v2.4.6 ([Issue #3133](https://github.com/apollographql/router/issues/3133)) + +This release bumps the Router's Federation support from v2.4.5 to v2.4.6, which brings in notable query planner fixes from [v2.4.6](https://github.com/apollographql/federation/releases/tag/%40apollo%2Fquery-planner%402.4.6). Of note from those releases, this brings query planner fixes that (per that dependency's changelog): + +- Fix assertion error in some overlapping fragment cases. In some cases, when fragments overlaps on some sub-selections ([apollographql/federation#2594](https://github.com/apollographql/federation/pull/2594)) and some interface field implementation relied on sub-typing, an assertion error could be raised with a message of the form `Cannot add selection of field X to selection set of parent type Y` and this fixes this problem. + +- Fix possible fragment-related assertion error during query planning. This prevents a rare case where an assertion with a ([apollographql/federation#2596](https://github.com/apollographql/federation/pull/2596)) message of the form `Cannot add fragment of condition X (runtimes: ...) to parent type Y (runtimes: ...)` could fail during query planning. + +In addition, the packaging includes dependency updates for `bytes`, `regex`, `once_cell`, `tokio`, and `uuid`. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3135 + +### Error redaction for subgraphs now respects _disabling_ it + +This follows-up on the new ability to selectively disable Studio-bound error redaction which was released in https://github.com/apollographql/router/pull/3011 by fixing a bug which was preventing users from _disabling_ that behavior on subgraphs. Redaction continues to be on by default and both the default behavior and the explicit `redact: true` option were behaving correctly. + +With this fix, the `tracing.apollo.errors.subgraph.all.redact` option set to `false` will now transmit the un-redacted error message to Studio. + +By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3137 + +### Evaluate multiple keys matching a JWT criteria ([Issue #3017](https://github.com/apollographql/router/issues/3017)) + +In some cases, multiple keys could match what a JWT asks for (both the algorithm, `alg`, and optional key identifier, `kid`). Previously, we scored each possible match and only took the one with the highest score. But even then, we could have multiple keys with the same score (e.g., colliding `kid` between multiple JWKS in tests). + +The improved behavior will: + +- Return a list of those matching `key` instead of the one with the highest score. +- Try them one by one until the JWT is validated, or return an error. +- If some keys were found with the highest possible score (matching `alg`, with `kid` present and matching, too), then we only test those keys. + +By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3031 + +## 🛠 Maintenance + +### chore(deps): `xtask/` dependency updates ([PR #3149](https://github.com/apollographql/router/pull/3149)) + +This is effectively running `cargo update` in the `xtask/` directory (our directory of tooling; not runtime components) to bring things more up to date. + +This changeset takes extra care to update `chrono`'s features to remove the `time` dependency which is impacted by [CVE-2020-26235](https://nvd.nist.gov/vuln/detail/CVE-2020-26235), resolving a moderate severity which was appearing in scans. Again, this is not a runtime dependency and there was no actual/known impact to any users. + +By [@abernix](https://github.com/abernix) in https://github.com/apollographql/router/pull/3149 + +### Improve testability of the `state_machine` in integration tests + +We have introduced a `TestRouterHttpServer` for writing more fine-grained integration tests in the Router core for the behaviors of the state machine. + +By [@o0Ignition0o](https://github.com/o0Ignition0o) in https://github.com/apollographql/router/pull/3099 + # [1.19.0] - 2023-05-19 > **Note** -> This release focused a notable amount of effort on improving both CPU usage and memory utilization/fragmentization. Our testing and pre-release feedback has been overwhelmingly positive. 🙌 +> This release focused a notable amount of effort on improving both CPU usage and memory utilization/fragmentization. Our testing and pre-release feedback has been overwhelmingly positive. 🙌 ## 🚀 Features @@ -29,9 +102,9 @@ By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/p ## 🐛 Fixes -### Prevent span attributes from being formatted to write logs +### Prevent span attributes from being formatted to write logs -We do not show span attributes in our logs, but the log formatter still spends time formatting them to a string, even when there will be no logs written for the trace. This adds the `NullFieldFormatter` that entirely avoids formatting the attributes to improve performance. +We do not show span attributes in our logs, but the log formatter still spends time formatting them to a string, even when there will be no logs written for the trace. This adds the `NullFieldFormatter` that entirely avoids formatting the attributes to improve performance. By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/2890 @@ -41,7 +114,7 @@ This release bumps the Router's Federation support from v2.4.2 to v2.4.5, which - Improves the heuristics used to try to reuse the query named fragments in subgraph fetches. Said fragment will be reused ([apollographql/federation#2541](https://github.com/apollographql/federation/pull/2541)) more often, which can lead to smaller subgraph queries (and hence overall faster processing). - Fix potential assertion error during query planning in some multi-field `@requires` case. This error could be triggered ([#2575](https://github.com/apollographql/federation/pull/2575)) when a field in a `@requires` depended on another field that was also part of that same requires (for instance, if a field has a `@requires(fields: "id otherField")` and that `id` is also a key necessary to reach the subgraph providing `otherField`). - + The assertion error thrown in that case contained the message `Root groups (...) should have no remaining groups unhandled (...)` By [@abernix](https://github.com/abernix) in https://github.com/apollographql/router/pull/3107 @@ -65,7 +138,7 @@ By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/p If you were using local schema or config then previously the Router was performing blocking IO in an async thread. This could have caused stalls to serving requests. The Router now uses async IO for all config and schema reloads. -Fixing the above surfaced an issue with the experimental `force_hot_reload` feature introduced for testing. This has also been fixed and renamed to `force_reload`. +Fixing the above surfaced an issue with the experimental `force_hot_reload` feature introduced for testing. This has also been fixed and renamed to `force_reload`. ```diff experimental_chaos: @@ -99,7 +172,7 @@ Adds an integration test that iterates over `./examples` looking for `.yaml` fil By [@EverlastingBugstopper](https://github.com/EverlastingBugstopper) in https://github.com/apollographql/router/pull/3097 -### Improve memory fragmentation and resource consumption by switching to `jemalloc` as the memory allocator on Linux ([PR #2882](https://github.com/apollographql/router/pull/2882)) +### Improve memory fragmentation and resource consumption by switching to `jemalloc` as the memory allocator on Linux ([PR #2882](https://github.com/apollographql/router/pull/2882)) Detailed memory investigation revealed significant memory fragmentation when using the default allocator, `glibc`, on Linux. Performance testing and flame-graph analysis suggested that using `jemalloc` on Linux would yield notable performance improvements. In our tests, this figure shows performance to be about 35% faster than the default allocator, on account of spending less time managing memory fragmentation. diff --git a/Cargo.lock b/Cargo.lock index b6432bf91a2..7af67a83775 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -281,7 +281,7 @@ dependencies = [ [[package]] name = "apollo-router" -version = "1.19.0" +version = "1.19.1" dependencies = [ "access-json", "anyhow", @@ -419,7 +419,7 @@ dependencies = [ [[package]] name = "apollo-router-benchmarks" -version = "1.19.0" +version = "1.19.1" dependencies = [ "apollo-parser 0.4.1", "apollo-router", @@ -435,7 +435,7 @@ dependencies = [ [[package]] name = "apollo-router-scaffold" -version = "1.19.0" +version = "1.19.1" dependencies = [ "anyhow", "cargo-scaffold", diff --git a/apollo-router-benchmarks/Cargo.toml b/apollo-router-benchmarks/Cargo.toml index 91b596b3575..ce4a783b6c0 100644 --- a/apollo-router-benchmarks/Cargo.toml +++ b/apollo-router-benchmarks/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router-benchmarks" -version = "1.19.0" +version = "1.19.1" authors = ["Apollo Graph, Inc. "] edition = "2021" license = "Elastic-2.0" @@ -28,4 +28,4 @@ harness = false [[bench]] name = "memory_use" -harness = false \ No newline at end of file +harness = false diff --git a/apollo-router-scaffold/Cargo.toml b/apollo-router-scaffold/Cargo.toml index d79f396f29b..2a6aff3c44b 100644 --- a/apollo-router-scaffold/Cargo.toml +++ b/apollo-router-scaffold/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router-scaffold" -version = "1.19.0" +version = "1.19.1" authors = ["Apollo Graph, Inc. "] edition = "2021" license = "Elastic-2.0" diff --git a/apollo-router-scaffold/templates/base/Cargo.toml b/apollo-router-scaffold/templates/base/Cargo.toml index 81b6ea80d22..3e38905a334 100644 --- a/apollo-router-scaffold/templates/base/Cargo.toml +++ b/apollo-router-scaffold/templates/base/Cargo.toml @@ -22,7 +22,7 @@ apollo-router = { path ="{{integration_test}}apollo-router" } apollo-router = { git="https://github.com/apollographql/router.git", branch="{{branch}}" } {{else}} # Note if you update these dependencies then also update xtask/Cargo.toml -apollo-router = "1.19.0" +apollo-router = "1.19.1" {{/if}} {{/if}} async-trait = "0.1.52" diff --git a/apollo-router-scaffold/templates/base/xtask/Cargo.toml b/apollo-router-scaffold/templates/base/xtask/Cargo.toml index d38b0491382..155fdaeb06c 100644 --- a/apollo-router-scaffold/templates/base/xtask/Cargo.toml +++ b/apollo-router-scaffold/templates/base/xtask/Cargo.toml @@ -13,7 +13,7 @@ apollo-router-scaffold = { path ="{{integration_test}}apollo-router-scaffold" } {{#if branch}} apollo-router-scaffold = { git="https://github.com/apollographql/router.git", branch="{{branch}}" } {{else}} -apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.19.0" } +apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.19.1" } {{/if}} {{/if}} anyhow = "1.0.58" diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml index 0c90e5d3f30..b08c4ec9c05 100644 --- a/apollo-router/Cargo.toml +++ b/apollo-router/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "apollo-router" -version = "1.19.0" +version = "1.19.1" authors = ["Apollo Graph, Inc. "] repository = "https://github.com/apollographql/router/" documentation = "https://docs.rs/apollo-router" diff --git a/dockerfiles/tracing/docker-compose.datadog.yml b/dockerfiles/tracing/docker-compose.datadog.yml index 62aa0e247ca..3918ae52938 100644 --- a/dockerfiles/tracing/docker-compose.datadog.yml +++ b/dockerfiles/tracing/docker-compose.datadog.yml @@ -3,7 +3,7 @@ services: apollo-router: container_name: apollo-router - image: ghcr.io/apollographql/router:v1.19.0 + image: ghcr.io/apollographql/router:v1.19.1 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/datadog.router.yaml:/etc/config/configuration.yaml diff --git a/dockerfiles/tracing/docker-compose.jaeger.yml b/dockerfiles/tracing/docker-compose.jaeger.yml index fecd8f38a2b..50db6affc3e 100644 --- a/dockerfiles/tracing/docker-compose.jaeger.yml +++ b/dockerfiles/tracing/docker-compose.jaeger.yml @@ -4,7 +4,7 @@ services: apollo-router: container_name: apollo-router #build: ./router - image: ghcr.io/apollographql/router:v1.19.0 + image: ghcr.io/apollographql/router:v1.19.1 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/jaeger.router.yaml:/etc/config/configuration.yaml diff --git a/dockerfiles/tracing/docker-compose.zipkin.yml b/dockerfiles/tracing/docker-compose.zipkin.yml index f73c5a9d47a..40599efe583 100644 --- a/dockerfiles/tracing/docker-compose.zipkin.yml +++ b/dockerfiles/tracing/docker-compose.zipkin.yml @@ -4,7 +4,7 @@ services: apollo-router: container_name: apollo-router build: ./router - image: ghcr.io/apollographql/router:v1.19.0 + image: ghcr.io/apollographql/router:v1.19.1 volumes: - ./supergraph.graphql:/etc/config/supergraph.graphql - ./router/zipkin.router.yaml:/etc/config/configuration.yaml diff --git a/docs/source/containerization/docker.mdx b/docs/source/containerization/docker.mdx index 1a433a33273..f613df6eca5 100644 --- a/docs/source/containerization/docker.mdx +++ b/docs/source/containerization/docker.mdx @@ -11,7 +11,7 @@ The default behaviour of the router images is suitable for a quickstart or devel Note: The [docker documentation](https://docs.docker.com/engine/reference/run/) for the run command may be helpful when reading through the examples. -Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `` with your chosen version. e.g.: `v1.19.0` +Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `` with your chosen version. e.g.: `v1.19.1` ## Override the configuration diff --git a/docs/source/containerization/kubernetes.mdx b/docs/source/containerization/kubernetes.mdx index c31862d7403..0fd138dd8d7 100644 --- a/docs/source/containerization/kubernetes.mdx +++ b/docs/source/containerization/kubernetes.mdx @@ -13,7 +13,7 @@ import { Link } from 'gatsby'; [Helm](https://helm.sh) is the package manager for kubernetes. -There is a complete [helm chart definition](https://github.com/apollographql/router/tree/v1.19.0/helm/chart/router) in the repo which illustrates how to use helm to deploy the router in kubernetes. +There is a complete [helm chart definition](https://github.com/apollographql/router/tree/v1.19.1/helm/chart/router) in the repo which illustrates how to use helm to deploy the router in kubernetes. In both the following examples, we are using helm to install the router: - into namespace "router-deploy" (create namespace if it doesn't exist) @@ -64,10 +64,10 @@ kind: ServiceAccount metadata: name: release-name-router labels: - helm.sh/chart: router-1.19.0 + helm.sh/chart: router-1.19.1 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.19.0" + app.kubernetes.io/version: "v1.19.1" app.kubernetes.io/managed-by: Helm --- # Source: router/templates/secret.yaml @@ -76,10 +76,10 @@ kind: Secret metadata: name: "release-name-router" labels: - helm.sh/chart: router-1.19.0 + helm.sh/chart: router-1.19.1 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.19.0" + app.kubernetes.io/version: "v1.19.1" app.kubernetes.io/managed-by: Helm data: managedFederationApiKey: "UkVEQUNURUQ=" @@ -90,10 +90,10 @@ kind: ConfigMap metadata: name: release-name-router labels: - helm.sh/chart: router-1.19.0 + helm.sh/chart: router-1.19.1 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.19.0" + app.kubernetes.io/version: "v1.19.1" app.kubernetes.io/managed-by: Helm data: configuration.yaml: | @@ -117,10 +117,10 @@ kind: Service metadata: name: release-name-router labels: - helm.sh/chart: router-1.19.0 + helm.sh/chart: router-1.19.1 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.19.0" + app.kubernetes.io/version: "v1.19.1" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP @@ -143,10 +143,10 @@ kind: Deployment metadata: name: release-name-router labels: - helm.sh/chart: router-1.19.0 + helm.sh/chart: router-1.19.1 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.19.0" + app.kubernetes.io/version: "v1.19.1" app.kubernetes.io/managed-by: Helm annotations: @@ -172,7 +172,7 @@ spec: - name: router securityContext: {} - image: "ghcr.io/apollographql/router:v1.19.0" + image: "ghcr.io/apollographql/router:v1.19.1" imagePullPolicy: IfNotPresent args: - --hot-reload @@ -223,10 +223,10 @@ kind: Pod metadata: name: "release-name-router-test-connection" labels: - helm.sh/chart: router-1.19.0 + helm.sh/chart: router-1.19.1 app.kubernetes.io/name: router app.kubernetes.io/instance: release-name - app.kubernetes.io/version: "v1.19.0" + app.kubernetes.io/version: "v1.19.1" app.kubernetes.io/managed-by: Helm annotations: "helm.sh/hook": test diff --git a/docs/source/federation-version-support.mdx b/docs/source/federation-version-support.mdx index 89d50ba4431..d8c41f58731 100644 --- a/docs/source/federation-version-support.mdx +++ b/docs/source/federation-version-support.mdx @@ -25,9 +25,17 @@ The table below shows which version of federation each router release is compile + + + v1.19.1 and later (see latest releases) + + + 2.4.6 + + - v1.19.0 and later (see latest releases) + v1.19.0 2.4.5 diff --git a/helm/chart/router/Chart.yaml b/helm/chart/router/Chart.yaml index 785c5719754..ff09307c1a1 100644 --- a/helm/chart/router/Chart.yaml +++ b/helm/chart/router/Chart.yaml @@ -20,10 +20,10 @@ type: application # so it matches the shape of our release process and release automation. # By proxy of that decision, this version uses SemVer 2.0.0, though the prefix # of "v" is not included. -version: 1.19.0 +version: 1.19.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "v1.19.0" +appVersion: "v1.19.1" diff --git a/helm/chart/router/README.md b/helm/chart/router/README.md index 78d198670d2..943e311c06d 100644 --- a/helm/chart/router/README.md +++ b/helm/chart/router/README.md @@ -2,7 +2,7 @@ [router](https://github.com/apollographql/router) Rust Graph Routing runtime for Apollo Federation -![Version: 1.19.0](https://img.shields.io/badge/Version-1.19.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.19.0](https://img.shields.io/badge/AppVersion-v1.19.0-informational?style=flat-square) +![Version: 1.19.1](https://img.shields.io/badge/Version-1.19.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.19.1](https://img.shields.io/badge/AppVersion-v1.19.1-informational?style=flat-square) ## Prerequisites @@ -11,7 +11,7 @@ ## Get Repo Info ```console -helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.19.0 +helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.19.1 ``` ## Install Chart @@ -19,7 +19,7 @@ helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.19.0 **Important:** only helm3 is supported ```console -helm upgrade --install [RELEASE_NAME] oci://ghcr.io/apollographql/helm-charts/router --version 1.19.0 --values my-values.yaml +helm upgrade --install [RELEASE_NAME] oci://ghcr.io/apollographql/helm-charts/router --version 1.19.1 --values my-values.yaml ``` _See [configuration](#configuration) below._ diff --git a/licenses.html b/licenses.html index 9f673ea53b5..74a0c3f055e 100644 --- a/licenses.html +++ b/licenses.html @@ -6434,6 +6434,7 @@

Used by:

  • proteus
  • regex
  • regex-syntax
    • +
  • regex-syntax
  • rowan
  • rustc-demangle
  • rustc-hash
    • @@ -6480,6 +6481,7 @@

    Used by:

  • unicode-segmentation
  • unicode-width
  • url
    • +
  • uuid
  • version_check
  • wasi
  • wasi
    • @@ -9003,7 +9005,6 @@

    Apache License 2.0

    Used by:

                                  Apache License
                         Version 2.0, January 2004
@@ -12723,8 +12724,10 @@ 
    MIT License
    
                 
    Used by:
    
                 
-                
    Copyright (c) 2022 Tokio Contributors
+                
    Copyright (c) 2023 Tokio Contributors
 
 Permission is hereby granted, free of charge, to any
 person obtaining a copy of this software and associated
@@ -12757,7 +12760,7 @@ 
    Used by:
    
                 
-                
    Copyright (c) 2022 Tokio Contributors
+                
    Copyright (c) 2023 Tokio Contributors
 
 Permission is hereby granted, free of charge, to any
 person obtaining a copy of this software and associated
@@ -12804,40 +12807,6 @@ 
    Used by:
    
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
-
    
-            
-            
  • 
-                
    MIT License
    
-                
    Used by:
    
-                
-                
    Copyright (c) 2023 Tokio Contributors
-
-Permission is hereby granted, free of charge, to any
-person obtaining a copy of this software and associated
-documentation files (the "Software"), to deal in the
-Software without restriction, including without
-limitation the rights to use, copy, modify, merge,
-publish, distribute, sublicense, and/or sell copies of
-the Software, and to permit persons to whom the Software
-is furnished to do so, subject to the following
-conditions:
-
-The above copyright notice and this permission notice
-shall be included in all copies or substantial portions
-of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
-ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
-TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
-PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
-SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
-CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
-IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
-DEALINGS IN THE SOFTWARE.
 
    
             
    • 
             
  • 
@@ -13022,6 +12991,35 @@ 
    Used by:
    
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
    • 
+            
+            
  • 
+                
    MIT License
    
+                
    Used by:
    
+                
+                
    MIT License
+
+Copyright (c) 2018 Canop
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -13394,6 +13392,7 @@ 
    Used by:
    
                     
  • deno_webidl
    • 
                     
  • difflib
    • 
                     
  • jsonschema
    • 
+                    
  • lazy-regex-proc_macros
    • 
                     
  • serde_v8
    • 
                     
  • v8
    • 
                     
  • valuable
    • 
@@ -13752,6 +13751,7 @@ 
    Used by:
    
                 
    MIT License
    
                 
    Used by:
    
                 
      
+                    
    • aho-corasick
      • 
                     
    • aho-corasick
      • 
                     
    • byteorder
      • 
                     
    • globset
      • 
@@ -14370,6 +14370,7 @@ 
      Used by:
      
                 
      MIT License
      
                 
      Used by:
      
                 
        
+                    
      • aho-corasick
        • 
                     
      • aho-corasick
        • 
                     
      • byteorder
        • 
                     
      • globset
        • 
diff --git a/scripts/install.sh b/scripts/install.sh
index 8e84dab7659..f174fbacdb0 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -11,7 +11,7 @@ BINARY_DOWNLOAD_PREFIX="https://github.com/apollographql/router/releases/downloa
 
 # Router version defined in apollo-router's Cargo.toml
 # Note: Change this line manually during the release steps.
-PACKAGE_VERSION="v1.19.0"
+PACKAGE_VERSION="v1.19.1"
 
 download_binary() {
     downloader --check

From 08d006dcdbf76a51e2ee0165a969f8ff40c7f5d1 Mon Sep 17 00:00:00 2001
From: Simon Sapin 
Date: Fri, 26 May 2023 17:40:47 +0200
Subject: [PATCH 17/39] Set the global allocator in the library crate, not just
 the executable (#3157)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes https://github.com/apollographql/router/issues/3126

In 1.19, Apollo Router [switched to use jemalloc as the global Rust allocator on
Linux](https://github.com/apollographql/router/blob/dev/CHANGELOG.md#improve-memory-fragmentation-and-resource-consumption-by-switching-to-jemalloc-as-the-memory-allocator-on-linux-pr-2882)
to reduce memory fragmentation. However this is only done in the
executable binary provided by the `apollo-router` crate, so that [custom
binaries](https://www.apollographql.com/docs/router/customizations/custom-binary)
using the crate as a library were not affected.

Instead, the `apollo-router` library crate now sets the global allocator
so that custom binaries also take advantage of this by default. If some
other choice is desired, the `global-allocator` Cargo feature flag can
be disabled in `Cargo.toml` with:

```toml
[dependencies]
apollo-router = {version = "[…]", default-features = false}
```

Library crates that depend on `apollo-router` (if any) should also do
this in order to leave the choice to the eventual executable. (Cargo
default features are only disabled if *all* dependents specify
`default-features = false`.)



**Checklist**

Complete the checklist (and note appropriate exceptions) before a final
PR is raised.

- [ ] Changes are compatible[^1]
- [x] Documentation[^2] completed
- [x] Performance impact assessed and acceptable
- Tests added and passing[^3]
    - [ ] Unit Tests
    - [ ] Integration Tests
    - [x] Manual Tests

**Exceptions**

* If a custom binary was already using `#[global_allocator]`, upgrading
to this Router version will cause a compilation error until they disable
the Cargo feature flag as described above.
* Because of how default Cargo feature work, as explained in
https://github.com/apollographql/router/issues/3126, the test added in
this PR is in a separate workspace. Re-compiling the whole dependency
graph a second time on every CI run would be costly, so CI does not run
this test. I deem manual testing enough to check that `cfg` is spelled
correctly to make `#[global_allocator]` conditional on the relevant
Cargo feature.

**Notes**

[^1]. It may be appropriate to bring upcoming changes to the attention
of other (impacted) groups. Please endeavour to do this before seeking
PR approval. The mechanism for doing this will vary considerably, so use
your judgement as to how and when to do this.
[^2]. Configuration is an important part of many changes. Where
applicable please try to document configuration examples.
[^3]. Tick whichever testing boxes are applicable. If you are adding
Manual Tests:
- please document the manual testing (extensively) in the Exceptions.
- please raise a separate issue to automate the test and label it (or
ask for it to be labeled) as `manual test`
---
 .changesets/fix_lib_global_alloc.md          | 14 ++++++++
 apollo-router/Cargo.toml                     | 15 +++++++-
 apollo-router/src/executable.rs              |  8 +++++
 apollo-router/src/main.rs                    | 12 -------
 docs/source/customizations/custom-binary.mdx | 18 ++++++++++
 examples/custom-global-allocator/.gitignore  |  1 +
 examples/custom-global-allocator/Cargo.toml  | 19 ++++++++++
 examples/custom-global-allocator/src/main.rs | 38 ++++++++++++++++++++
 8 files changed, 112 insertions(+), 13 deletions(-)
 create mode 100644 .changesets/fix_lib_global_alloc.md
 create mode 100644 examples/custom-global-allocator/.gitignore
 create mode 100644 examples/custom-global-allocator/Cargo.toml
 create mode 100644 examples/custom-global-allocator/src/main.rs

diff --git a/.changesets/fix_lib_global_alloc.md b/.changesets/fix_lib_global_alloc.md
new file mode 100644
index 00000000000..37cbf6e03d9
--- /dev/null
+++ b/.changesets/fix_lib_global_alloc.md
@@ -0,0 +1,14 @@
+### Set the global allocator in the library crate, not just the executable ([Issue #3126](https://github.com/apollographql/router/issues/3126))
+
+In 1.19, Apollo Router [switched to use jemalloc as the global Rust allocator on Linux](https://github.com/apollographql/router/blob/dev/CHANGELOG.md#improve-memory-fragmentation-and-resource-consumption-by-switching-to-jemalloc-as-the-memory-allocator-on-linux-pr-2882) to reduce memory fragmentation. However this is only done in the executable binary provided by the `apollo-router` crate, so that [custom binaries](https://www.apollographql.com/docs/router/customizations/custom-binary) using the crate as a library were not affected.
+
+Instead, the `apollo-router` library crate now sets the global allocator so that custom binaries also take advantage of this by default. If some other choice is desired, the `global-allocator` Cargo feature flag can be disabled in `Cargo.toml` with:
+
+```toml
+[dependencies]
+apollo-router = {version = "[…]", default-features = false}
+```
+
+Library crates that depend on `apollo-router` (if any) should also do this in order to leave the choice to the eventual executable. (Cargo default features are only disabled if *all* dependents specify `default-features = false`.)
+
+By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3157
diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml
index b08c4ec9c05..b77573cc550 100644
--- a/apollo-router/Cargo.toml
+++ b/apollo-router/Cargo.toml
@@ -17,21 +17,34 @@ name = "router"
 path = "src/main.rs"
 
 [features]
+default = ["global-allocator"]
+
+# Set the Rust global allocator on some platforms
+# https://doc.rust-lang.org/std/alloc/index.html#the-global_allocator-attribute
+# Enabled by default. Disable default features in library crates or to set it yourself:
+# ```
+# [dependencies]
+# apollo-router = {version = "1.20", default-features = false}
+# ```
+global-allocator = []
+
 # if you are doing heap profiling
 dhat-heap = ["dhat"]
 dhat-ad-hoc = ["dhat"]
+
 # Prevents the query execution to continue if any error occurs while fetching
 # the data of a subgraph. This is useful in development as you want to be
 # alerted early when something is wrong instead of receiving an invalid result.
 failfast = []
+
 # Enables usage of tokio-console with the router
 # tokio-console also requires at build time the environment variable
 # RUSTFLAGS="--cfg tokio_unstable"
 console = ["tokio/tracing", "console-subscriber"]
+
 # "fake" feature to disable V8 usage when building on docs.rs
 # See https://github.com/apollographql/federation-rs/pull/185
 docs_rs = ["router-bridge/docs_rs"]
-default = []
 
 [package.metadata.docs.rs]
 features = ["docs_rs"]
diff --git a/apollo-router/src/executable.rs b/apollo-router/src/executable.rs
index f696b8e6a52..a3e27c8af34 100644
--- a/apollo-router/src/executable.rs
+++ b/apollo-router/src/executable.rs
@@ -33,6 +33,14 @@ use crate::router::SchemaSource;
 use crate::router::ShutdownSource;
 use crate::EntitlementSource;
 
+#[cfg(all(
+    feature = "global-allocator",
+    not(feature = "dhat-heap"),
+    target_os = "linux"
+))]
+#[global_allocator]
+static ALLOC: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc;
+
 // Note: the dhat-heap and dhat-ad-hoc features should not be both enabled. We name our functions
 // and variables identically to prevent this from happening.
 
diff --git a/apollo-router/src/main.rs b/apollo-router/src/main.rs
index 413189a7535..4384157e0af 100644
--- a/apollo-router/src/main.rs
+++ b/apollo-router/src/main.rs
@@ -1,15 +1,3 @@
-//! Main entry point for CLI command to start server.
-// Note: We want to use jemalloc on linux, but we don't enable it if dhat-heap is in use because we
-// can only have one global allocator
-#[cfg(target_os = "linux")]
-#[cfg(not(feature = "dhat-heap"))]
-use tikv_jemallocator::Jemalloc;
-
-#[cfg(target_os = "linux")]
-#[cfg(not(feature = "dhat-heap"))]
-#[global_allocator]
-static GLOBAL: Jemalloc = Jemalloc;
-
 fn main() {
     match apollo_router::main() {
         Ok(_) => {}
diff --git a/docs/source/customizations/custom-binary.mdx b/docs/source/customizations/custom-binary.mdx
index 5a3c8ed6e98..d8fb7372094 100644
--- a/docs/source/customizations/custom-binary.mdx
+++ b/docs/source/customizations/custom-binary.mdx
@@ -160,6 +160,24 @@ cargo router plugin remove hello_world
 
 Note that depending on the structure of your plugin, the command might fail to remove all of its associated files.
 
+## Memory allocator
+
+On Linux the `apollo-router` crate sets [jemalloc](http://jemalloc.net/) 
+as [the global memory allocator for Rust](https://doc.rust-lang.org/std/alloc/index.html#the-global_allocator-attribute)
+to reduce memory fragmentation.
+Future versions may do so on more platforms, or switch to yet a different allocator.
+This is enabled by default and controlled by a `global-allocator` Cargo feature flag.
+If you want to choose a different allocator, disable it in your `Cargo.toml`:
+
+```toml
+[dependencies]
+apollo-router = {version = "[…]", default-features = false}
+```
+
+If you make a library crate, also specify `default-features = false`
+in order to leave the choice open for the eventual executable crate.
+(Cargo default features are only disabled if *all* dependents specify `default-features = false`.)
+
 ## Docker
 
 You can use the provided [Dockerfile](https://github.com/apollographql/router/tree/main/apollo-router-scaffold/templates/base/Dockerfile) to build a release container.
diff --git a/examples/custom-global-allocator/.gitignore b/examples/custom-global-allocator/.gitignore
new file mode 100644
index 00000000000..ffa3bbd20ea
--- /dev/null
+++ b/examples/custom-global-allocator/.gitignore
@@ -0,0 +1 @@
+Cargo.lock
\ No newline at end of file
diff --git a/examples/custom-global-allocator/Cargo.toml b/examples/custom-global-allocator/Cargo.toml
new file mode 100644
index 00000000000..6689b745ba0
--- /dev/null
+++ b/examples/custom-global-allocator/Cargo.toml
@@ -0,0 +1,19 @@
+[workspace]
+# Make this a separate workspace.
+#
+# If this package was in the same workspace as other examples
+# which don’t specify `default-features = false`, then apollo-router
+# would be compiled with its default global-allocator feature
+# and compilation of this example would fail.
+#
+# To manually test this example:
+# cargo run --manifest-path examples/custom-global-allocator/Cargo.toml -- --help
+
+[package]
+name = "custom-global-allocator"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+# The apollo-router/global-allocator feature is enabled by default, disable it here
+apollo-router = {path = "../../apollo-router", default-features = false}
\ No newline at end of file
diff --git a/examples/custom-global-allocator/src/main.rs b/examples/custom-global-allocator/src/main.rs
new file mode 100644
index 00000000000..7508c888376
--- /dev/null
+++ b/examples/custom-global-allocator/src/main.rs
@@ -0,0 +1,38 @@
+use std::alloc::GlobalAlloc;
+use std::alloc::Layout;
+use std::alloc::System;
+
+#[global_allocator]
+static ALLOC: CustomAlloc = CustomAlloc;
+
+struct CustomAlloc;
+
+// This is where one would do something interesting.
+// Alternatively, use an existing type and impl from a library crate like `tikv-jemallocator`
+unsafe impl GlobalAlloc for CustomAlloc {
+    unsafe fn alloc(&self, layout: Layout) -> *mut u8 {
+        System.alloc(layout)
+    }
+
+    unsafe fn dealloc(&self, ptr: *mut u8, layout: Layout) {
+        System.dealloc(ptr, layout)
+    }
+
+    unsafe fn alloc_zeroed(&self, layout: Layout) -> *mut u8 {
+        System.alloc_zeroed(layout)
+    }
+
+    unsafe fn realloc(&self, ptr: *mut u8, layout: Layout, new_size: usize) -> *mut u8 {
+        System.realloc(ptr, layout, new_size)
+    }
+}
+
+fn main() {
+    match apollo_router::main() {
+        Ok(_) => {}
+        Err(e) => {
+            eprintln!("{e}");
+            std::process::exit(1)
+        }
+    }
+}

From db1dd5eb73e7399d5d276daad7993eda25a128e6 Mon Sep 17 00:00:00 2001
From: Jesse Rosenberger 
Date: Fri, 26 May 2023 18:56:15 +0300
Subject: [PATCH 18/39] Move `curl` dependency to separate layer in Docker
 image (#3146)

The `curl` command is only used in the image we produce today for the
sake
of downloading dependencies. It is never used after that, but we can
move
it to a separate layer to further remove it from the image.

Ref: https://github.com/apollographql/router/issues/3144
---
 .changesets/fix_abernix_remove_curl.md      |  5 +++++
 dockerfiles/Dockerfile.router               | 24 ++++++++++++++-------
 dockerfiles/diy/dockerfiles/Dockerfile.repo |  7 ++----
 3 files changed, 23 insertions(+), 13 deletions(-)
 create mode 100644 .changesets/fix_abernix_remove_curl.md

diff --git a/.changesets/fix_abernix_remove_curl.md b/.changesets/fix_abernix_remove_curl.md
new file mode 100644
index 00000000000..0b7ddd7d57e
--- /dev/null
+++ b/.changesets/fix_abernix_remove_curl.md
@@ -0,0 +1,5 @@
+### Move `curl` dependency to separate layer in Docker image ([Issue #3144](https://github.com/apollographql/router/issues/3144))
+
+We've moved `curl` out of the Docker image we publish.  The `curl` command is only used in the image we produce today for the sake of downloading dependencies.  It is never used after that, but we can move it to a separate layer to further remove it from the image.
+
+By [@abernix](https://github.com/abernix) in https://github.com/apollographql/router/pull/3146
\ No newline at end of file
diff --git a/dockerfiles/Dockerfile.router b/dockerfiles/Dockerfile.router
index f8b634cde07..734bb4afade 100644
--- a/dockerfiles/Dockerfile.router
+++ b/dockerfiles/Dockerfile.router
@@ -1,9 +1,5 @@
-FROM debian:bullseye-slim
-
+FROM debian:bullseye-slim AS downloader
 ARG ROUTER_RELEASE=latest
-ARG DEBUG_IMAGE=false
-
-WORKDIR /dist
 
 # Install curl
 RUN \
@@ -11,6 +7,21 @@ RUN \
   && apt-get install -y \
     curl
 
+WORKDIR /dist
+
+# Run the Router downloader which puts Router into current working directory
+RUN curl -sSL https://router.apollo.dev/download/nix/${ROUTER_RELEASE}/ | sh
+
+FROM debian:bullseye-slim AS distro
+ARG DEBUG_IMAGE=false
+
+WORKDIR /dist
+
+COPY --from=downloader /dist/router /dist
+
+# Update apt
+RUN apt-get update -y
+
 # If debug image, install heaptrack and make a data directory
 RUN \
   if [ "${DEBUG_IMAGE}" = "true" ]; then \
@@ -21,9 +32,6 @@ RUN \
 # Clean up apt lists
 RUN rm -rf /var/lib/apt/lists/*
 
-# Run the Router downloader which puts Router into current working directory
-RUN curl -sSL https://router.apollo.dev/download/nix/${ROUTER_RELEASE}/ | sh
-
 # Make directories for config and schema
 RUN mkdir config schema
 
diff --git a/dockerfiles/diy/dockerfiles/Dockerfile.repo b/dockerfiles/diy/dockerfiles/Dockerfile.repo
index 63a5e41a8fc..a9f89b99f96 100644
--- a/dockerfiles/diy/dockerfiles/Dockerfile.repo
+++ b/dockerfiles/diy/dockerfiles/Dockerfile.repo
@@ -36,11 +36,8 @@ ARG DEBUG_IMAGE=false
 
 WORKDIR /dist
 
-# Install curl
-RUN \
-  apt-get update -y \
-  && apt-get install -y \
-    curl
+# Update apt
+RUN apt-get update -y
 
 # Copy in the required files from our build image
 COPY --from=build --chown=root:root /dist /dist

From 2e4dd1468bb4ab47d23263d3ba348a94e1a131c8 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 26 May 2023 21:10:38 +0300
Subject: [PATCH 19/39] chore(deps): update cimg/redis docker tag to v7.0.11
 (#2851)

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index f81a9dfc8a7..bef1354cc6d 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -21,7 +21,7 @@ executors:
   amd_linux_test: &amd_linux_test_executor
     docker:
       - image: cimg/base:stable
-      - image: cimg/redis:7.0.9
+      - image: cimg/redis:7.0.11
       - image: jaegertracing/all-in-one:1.42.0
     resource_class: xlarge
     environment:

From 6c675e59445135160bb56474d96cc0ff3bc1d3db Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 26 May 2023 19:27:28 +0100
Subject: [PATCH 20/39] chore(deps): update dependency typescript to v5 (#2799)

---
 .../tracing/datadog-subgraph/package-lock.json   | 16 ++++++++--------
 .../tracing/datadog-subgraph/package.json        |  2 +-
 .../tracing/jaeger-subgraph/package-lock.json    | 16 ++++++++--------
 dockerfiles/tracing/jaeger-subgraph/package.json |  2 +-
 .../tracing/zipkin-subgraph/package-lock.json    | 16 ++++++++--------
 dockerfiles/tracing/zipkin-subgraph/package.json |  2 +-
 6 files changed, 27 insertions(+), 27 deletions(-)

diff --git a/dockerfiles/tracing/datadog-subgraph/package-lock.json b/dockerfiles/tracing/datadog-subgraph/package-lock.json
index 12f38d9c43f..fdddf82c1a5 100644
--- a/dockerfiles/tracing/datadog-subgraph/package-lock.json
+++ b/dockerfiles/tracing/datadog-subgraph/package-lock.json
@@ -17,7 +17,7 @@
         "graphql": "^16.5.0"
       },
       "devDependencies": {
-        "typescript": "4.9.5"
+        "typescript": "5.0.4"
       }
     },
     "node_modules/@apollo/cache-control-types": {
@@ -1728,16 +1728,16 @@
       }
     },
     "node_modules/typescript": {
-      "version": "4.9.5",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz",
-      "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==",
+      "version": "5.0.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
+      "integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
       "dev": true,
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
       },
       "engines": {
-        "node": ">=4.2.0"
+        "node": ">=12.20"
       }
     },
     "node_modules/unpipe": {
@@ -3135,9 +3135,9 @@
       }
     },
     "typescript": {
-      "version": "4.9.5",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz",
-      "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==",
+      "version": "5.0.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
+      "integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
       "dev": true
     },
     "unpipe": {
diff --git a/dockerfiles/tracing/datadog-subgraph/package.json b/dockerfiles/tracing/datadog-subgraph/package.json
index 5b87f1f38b7..b4ea6222529 100644
--- a/dockerfiles/tracing/datadog-subgraph/package.json
+++ b/dockerfiles/tracing/datadog-subgraph/package.json
@@ -18,6 +18,6 @@
     "graphql": "^16.5.0"
   },
   "devDependencies": {
-    "typescript": "4.9.5"
+    "typescript": "5.0.4"
   }
 }
diff --git a/dockerfiles/tracing/jaeger-subgraph/package-lock.json b/dockerfiles/tracing/jaeger-subgraph/package-lock.json
index a63f42a7fcd..097d3590e27 100644
--- a/dockerfiles/tracing/jaeger-subgraph/package-lock.json
+++ b/dockerfiles/tracing/jaeger-subgraph/package-lock.json
@@ -18,7 +18,7 @@
         "opentracing": "^0.14.7"
       },
       "devDependencies": {
-        "typescript": "4.9.5"
+        "typescript": "5.0.4"
       }
     },
     "node_modules/@apollo/cache-control-types": {
@@ -1372,16 +1372,16 @@
       }
     },
     "node_modules/typescript": {
-      "version": "4.9.5",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz",
-      "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==",
+      "version": "5.0.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
+      "integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
       "dev": true,
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
       },
       "engines": {
-        "node": ">=4.2.0"
+        "node": ">=12.20"
       }
     },
     "node_modules/unpipe": {
@@ -2508,9 +2508,9 @@
       }
     },
     "typescript": {
-      "version": "4.9.5",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz",
-      "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==",
+      "version": "5.0.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
+      "integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
       "dev": true
     },
     "unpipe": {
diff --git a/dockerfiles/tracing/jaeger-subgraph/package.json b/dockerfiles/tracing/jaeger-subgraph/package.json
index c5a7907fba9..ee41d863203 100644
--- a/dockerfiles/tracing/jaeger-subgraph/package.json
+++ b/dockerfiles/tracing/jaeger-subgraph/package.json
@@ -19,6 +19,6 @@
     "opentracing": "^0.14.7"
   },
   "devDependencies": {
-    "typescript": "4.9.5"
+    "typescript": "5.0.4"
   }
 }
diff --git a/dockerfiles/tracing/zipkin-subgraph/package-lock.json b/dockerfiles/tracing/zipkin-subgraph/package-lock.json
index b736a93a0cb..8157d1a9afd 100644
--- a/dockerfiles/tracing/zipkin-subgraph/package-lock.json
+++ b/dockerfiles/tracing/zipkin-subgraph/package-lock.json
@@ -19,7 +19,7 @@
         "zipkin-javascript-opentracing": "^3.0.0"
       },
       "devDependencies": {
-        "typescript": "4.9.5"
+        "typescript": "5.0.4"
       }
     },
     "node_modules/@apollo/cache-control-types": {
@@ -1399,16 +1399,16 @@
       }
     },
     "node_modules/typescript": {
-      "version": "4.9.5",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz",
-      "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==",
+      "version": "5.0.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
+      "integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
       "dev": true,
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
       },
       "engines": {
-        "node": ">=4.2.0"
+        "node": ">=12.20"
       }
     },
     "node_modules/unpipe": {
@@ -2579,9 +2579,9 @@
       }
     },
     "typescript": {
-      "version": "4.9.5",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.9.5.tgz",
-      "integrity": "sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==",
+      "version": "5.0.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.0.4.tgz",
+      "integrity": "sha512-cW9T5W9xY37cc+jfEnaUvX91foxtHkza3Nw3wkoF4sSlKn0MONdkdEndig/qPBWXNkmplh3NzayQzCiHM4/hqw==",
       "dev": true
     },
     "unpipe": {
diff --git a/dockerfiles/tracing/zipkin-subgraph/package.json b/dockerfiles/tracing/zipkin-subgraph/package.json
index 92a1597083a..f0a98da3e50 100644
--- a/dockerfiles/tracing/zipkin-subgraph/package.json
+++ b/dockerfiles/tracing/zipkin-subgraph/package.json
@@ -20,6 +20,6 @@
     "zipkin-javascript-opentracing": "^3.0.0"
   },
   "devDependencies": {
-    "typescript": "4.9.5"
+    "typescript": "5.0.4"
   }
 }

From 2cbd53d34e72a785b16e789344ff43edba48da56 Mon Sep 17 00:00:00 2001
From: Jesse Rosenberger 
Date: Fri, 26 May 2023 21:45:28 +0300
Subject: [PATCH 21/39] Update RELEASE_CHECKLIST.md (#3156)

cc @Geal
---
 RELEASE_CHECKLIST.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/RELEASE_CHECKLIST.md b/RELEASE_CHECKLIST.md
index dfbd149ab82..0d6a359a651 100644
--- a/RELEASE_CHECKLIST.md
+++ b/RELEASE_CHECKLIST.md
@@ -135,7 +135,7 @@ A release can be cut from any branch, but we assume you'll be doing it from `dev
 14. Now push the branch up to the correct remote:
 
     ```
-    git push --set-upstream "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" "${APOLLO_ROUTER_RELEASE_VERSION}"
+    git push --set-upstream "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" "prep-${APOLLO_ROUTER_RELEASE_VERSION}"
     ```
 
 15. Programatically create a small temporary file called `this_release.md` with the changelog details of _precisely this release_ from the `CHANGELOG.md`:

From 89c0dc599347d69ae2937c9390d18c12a29d0dd1 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 26 May 2023 22:30:44 +0300
Subject: [PATCH 22/39] chore(deps): update jaegertracing/all-in-one docker tag
 to v1.45.0 (#2785)

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index bef1354cc6d..414c365640d 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -22,7 +22,7 @@ executors:
     docker:
       - image: cimg/base:stable
       - image: cimg/redis:7.0.11
-      - image: jaegertracing/all-in-one:1.42.0
+      - image: jaegertracing/all-in-one:1.45.0
     resource_class: xlarge
     environment:
       CARGO_BUILD_JOBS: 4

From 0a088c3e001770117a0f83164adb02e0b85dfe56 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 26 May 2023 19:58:38 +0000
Subject: [PATCH 23/39] chore(deps): update slack orb to v4.12.5 (#3163)

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 414c365640d..eb3ed281750 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -4,7 +4,7 @@ version: 2.1
 # across projects.  See https://circleci.com/orbs/ for more information.
 orbs:
   gh: circleci/github-cli@2.2.0
-  slack: circleci/slack@4.12.1
+  slack: circleci/slack@4.12.5
 
 executors:
   amd_linux_build: &amd_linux_build_executor

From 1caaacc3367f8c59d183b6cd83f4efed6a6cee55 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 26 May 2023 20:02:10 +0000
Subject: [PATCH 24/39] chore(deps): update openzipkin/zipkin docker tag to
 v2.24.1 (#3160)

---
 dockerfiles/tracing/docker-compose.zipkin.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dockerfiles/tracing/docker-compose.zipkin.yml b/dockerfiles/tracing/docker-compose.zipkin.yml
index 40599efe583..1d29b451ba3 100644
--- a/dockerfiles/tracing/docker-compose.zipkin.yml
+++ b/dockerfiles/tracing/docker-compose.zipkin.yml
@@ -36,6 +36,6 @@ services:
 
   zipkin:
     container_name: zipkin
-    image: openzipkin/zipkin:2.24.0
+    image: openzipkin/zipkin:2.24.1
     ports:
       - 9411:9411

From 3ae91baf8566a0f170f7488c4583f08d4dded86c Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 26 May 2023 20:09:01 +0000
Subject: [PATCH 25/39] fix(deps): update cargo pre-1.0 packages

---
 Cargo.lock               | 216 ++++++++++++++++++++++-----------------
 apollo-router/Cargo.toml |  38 +++----
 xtask/Cargo.lock         |  10 +-
 xtask/Cargo.toml         |   4 +-
 4 files changed, 151 insertions(+), 117 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 7af67a83775..492dff76247 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -221,7 +221,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "adfb4c7364494ca41e3fec600b6a4570320db83ae0aa938ca70036632bb9365e"
 dependencies = [
  "apollo-ariadne",
- "apollo-parser 0.5.1",
+ "apollo-parser 0.5.3",
  "indexmap",
  "ordered-float 2.10.0",
  "rowan",
@@ -230,16 +230,6 @@ dependencies = [
  "uuid",
 ]
 
-[[package]]
-name = "apollo-encoder"
-version = "0.3.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8b17d38f06e92256e9b0b271b878e20309822a587b2acfa234a60d36d92b6b43"
-dependencies = [
- "apollo-parser 0.3.2",
- "thiserror",
-]
-
 [[package]]
 name = "apollo-encoder"
 version = "0.4.0"
@@ -250,15 +240,6 @@ dependencies = [
  "thiserror",
 ]
 
-[[package]]
-name = "apollo-parser"
-version = "0.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d640c8fb7f9ab98a78a8086bb413d8ecf3ee44849976e1636e27265f09e9e544"
-dependencies = [
- "rowan",
-]
-
 [[package]]
 name = "apollo-parser"
 version = "0.4.1"
@@ -271,9 +252,9 @@ dependencies = [
 
 [[package]]
 name = "apollo-parser"
-version = "0.5.1"
+version = "0.5.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22cee3beb80302b36d9d1d3d2feaf3d4a47a4da18d8a4088e71948989a494999"
+checksum = "ec05c087cc9d21576b18337d9dbaadc87cea1b33c4f2b8d59e735ed90e880984"
 dependencies = [
  "rowan",
  "thiserror",
@@ -286,7 +267,7 @@ dependencies = [
  "access-json",
  "anyhow",
  "apollo-compiler",
- "apollo-parser 0.5.1",
+ "apollo-parser 0.5.3",
  "arc-swap",
  "askama",
  "async-compression",
@@ -322,7 +303,7 @@ dependencies = [
  "humantime 2.1.0",
  "humantime-serde",
  "hyper",
- "hyper-rustls",
+ "hyper-rustls 0.23.2",
  "indexmap",
  "insta",
  "introspector-gadget",
@@ -370,7 +351,7 @@ dependencies = [
  "router-bridge",
  "rstack",
  "rust-embed",
- "rustls",
+ "rustls 0.20.8",
  "rustls-pemfile",
  "schemars",
  "serde",
@@ -390,13 +371,13 @@ dependencies = [
  "thiserror",
  "tikv-jemallocator",
  "tokio",
- "tokio-rustls",
+ "tokio-rustls 0.23.4",
  "tokio-stream",
  "tokio-util",
- "tonic",
+ "tonic 0.8.3",
  "tonic-build",
  "tower",
- "tower-http 0.3.5",
+ "tower-http",
  "tower-service",
  "tower-test",
  "tracing",
@@ -453,7 +434,7 @@ version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7b4ab369b6c748e8e1ea87733a7f98d8e8671bf848cd8a8290308d5b0f90299b"
 dependencies = [
- "apollo-encoder 0.4.0",
+ "apollo-encoder",
  "apollo-parser 0.4.1",
  "arbitrary",
  "once_cell",
@@ -638,9 +619,9 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa"
 
 [[package]]
 name = "axum"
-version = "0.6.9"
+version = "0.6.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6137c6234afb339e75e764c866e3594900f0211e1315d33779f269bbe2ec6967"
+checksum = "f8175979259124331c1d7bf6586ee7e0da434155e4b2d48ec2c8386281d8df39"
 dependencies = [
  "async-trait",
  "axum-core",
@@ -665,16 +646,15 @@ dependencies = [
  "sync_wrapper",
  "tokio",
  "tower",
- "tower-http 0.4.0",
  "tower-layer",
  "tower-service",
 ]
 
 [[package]]
 name = "axum-core"
-version = "0.3.3"
+version = "0.3.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b2f958c80c248b34b9a877a643811be8dbca03ca5ba827f2b63baf3a81e5fc4e"
+checksum = "759fa577a247914fd3f7f76d62972792636412fbfd634cd452f6a385a74d2d2c"
 dependencies = [
  "async-trait",
  "bytes",
@@ -1204,21 +1184,21 @@ dependencies = [
 
 [[package]]
 name = "console-api"
-version = "0.4.0"
+version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e57ff02e8ad8e06ab9731d5dc72dc23bef9200778eae1a89d555d8c42e5d4a86"
+checksum = "c2895653b4d9f1538a83970077cb01dfc77a4810524e51a110944688e916b18e"
 dependencies = [
  "prost",
  "prost-types",
- "tonic",
+ "tonic 0.9.2",
  "tracing-core",
 ]
 
 [[package]]
 name = "console-subscriber"
-version = "0.1.8"
+version = "0.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22a3a81dfaf6b66bce5d159eddae701e3a002f194d378cbf7be5f053c281d9be"
+checksum = "57ab2224a0311582eb03adba4caaf18644f7b1f10a760803a803b9b605187fc7"
 dependencies = [
  "console-api",
  "crossbeam-channel",
@@ -1232,7 +1212,7 @@ dependencies = [
  "thread_local",
  "tokio",
  "tokio-stream",
- "tonic",
+ "tonic 0.9.2",
  "tracing",
  "tracing-core",
  "tracing-subscriber",
@@ -2218,12 +2198,12 @@ dependencies = [
  "pretty_env_logger",
  "rand 0.8.5",
  "redis-protocol",
- "rustls",
+ "rustls 0.20.8",
  "rustls-native-certs",
  "semver 1.0.17",
  "sha-1",
  "tokio",
- "tokio-rustls",
+ "tokio-rustls 0.23.4",
  "tokio-stream",
  "tokio-util",
  "url",
@@ -2811,9 +2791,9 @@ dependencies = [
 
 [[package]]
 name = "hyper"
-version = "0.14.25"
+version = "0.14.26"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cc5e554ff619822309ffd57d8734d77cd5ce6238bc956f037ea06c58238c9899"
+checksum = "ab302d72a6f11a3b910431ff93aae7e773078c769f0a3ef15fb9ec692ed147d4"
 dependencies = [
  "bytes",
  "futures-channel",
@@ -2842,10 +2822,23 @@ dependencies = [
  "http",
  "hyper",
  "log",
- "rustls",
+ "rustls 0.20.8",
  "rustls-native-certs",
  "tokio",
- "tokio-rustls",
+ "tokio-rustls 0.23.4",
+]
+
+[[package]]
+name = "hyper-rustls"
+version = "0.24.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0646026eb1b3eea4cd9ba47912ea5ce9cc07713d105b1a14698f4e6433d348b7"
+dependencies = [
+ "http",
+ "hyper",
+ "rustls 0.21.1",
+ "tokio",
+ "tokio-rustls 0.24.0",
 ]
 
 [[package]]
@@ -2968,11 +2961,11 @@ checksum = "8bb03732005da905c88227371639bf1ad885cc712789c011c31c5fb3ab3ccf02"
 
 [[package]]
 name = "introspector-gadget"
-version = "0.2.0"
+version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b9360a9dd04f347bf40cbb128bf622d4ef524fb89aee8cff836b88471d4f14dd"
+checksum = "7d8b71efbbc9b5600183f9a46ca29062e56db6424e4b185cac3a042e9bfa87e8"
 dependencies = [
- "apollo-encoder 0.3.4",
+ "apollo-encoder",
  "backoff",
  "graphql_client",
  "hyper",
@@ -3198,9 +3191,9 @@ dependencies = [
 
 [[package]]
 name = "libc"
-version = "0.2.141"
+version = "0.2.144"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3304a64d199bb964be99741b7a14d26972741915b3649639149b2479bb46f4b5"
+checksum = "2b00cc1c228a6782d0f076e7b232802e0c5689d41bb5df366f2a6b6621cfdfe1"
 
 [[package]]
 name = "libfuzzer-sys"
@@ -3851,7 +3844,7 @@ dependencies = [
  "reqwest",
  "thiserror",
  "tokio",
- "tonic",
+ "tonic 0.8.3",
 ]
 
 [[package]]
@@ -3875,7 +3868,7 @@ dependencies = [
  "futures-util",
  "opentelemetry",
  "prost",
- "tonic",
+ "tonic 0.8.3",
  "tonic-build",
 ]
 
@@ -4435,9 +4428,9 @@ dependencies = [
 
 [[package]]
 name = "prost"
-version = "0.11.8"
+version = "0.11.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e48e50df39172a3e7eb17e14642445da64996989bc212b583015435d39a58537"
+checksum = "0b82eaa1d779e9a4bc1c3217db8ffbeabaae1dca241bf70183242128d48681cd"
 dependencies = [
  "bytes",
  "prost-derive",
@@ -4467,9 +4460,9 @@ dependencies = [
 
 [[package]]
 name = "prost-derive"
-version = "0.11.8"
+version = "0.11.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4ea9b0f8cbe5e15a8a042d030bd96668db28ecb567ec37d691971ff5731d2b1b"
+checksum = "e5d2d8d10f3c6ded6da8b05b5fb3b8a5082514344d56c9f871412d29b4e075b4"
 dependencies = [
  "anyhow",
  "itertools",
@@ -4480,9 +4473,9 @@ dependencies = [
 
 [[package]]
 name = "prost-types"
-version = "0.11.8"
+version = "0.11.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "379119666929a1afd7a043aa6cf96fa67a6dce9af60c88095a4686dbce4c9c88"
+checksum = "213622a1460818959ac1181aaeb2dc9c7f63df720db7d788b3e24eacd1983e13"
 dependencies = [
  "prost",
 ]
@@ -4712,9 +4705,9 @@ checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78"
 
 [[package]]
 name = "reqwest"
-version = "0.11.16"
+version = "0.11.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "27b71749df584b7f4cac2c426c127a7c785a5106cc98f7a8feb044115f0fa254"
+checksum = "cde824a14b7c14f85caff81225f411faacc04a2013f41670f41443742b1c1c55"
 dependencies = [
  "base64 0.21.0",
  "bytes",
@@ -4725,7 +4718,7 @@ dependencies = [
  "http",
  "http-body",
  "hyper",
- "hyper-rustls",
+ "hyper-rustls 0.24.0",
  "ipnet",
  "js-sys",
  "log",
@@ -4733,14 +4726,14 @@ dependencies = [
  "once_cell",
  "percent-encoding",
  "pin-project-lite",
- "rustls",
+ "rustls 0.21.1",
  "rustls-native-certs",
  "rustls-pemfile",
  "serde",
  "serde_json",
  "serde_urlencoded",
  "tokio",
- "tokio-rustls",
+ "tokio-rustls 0.24.0",
  "tokio-util",
  "tower-service",
  "url",
@@ -5057,6 +5050,18 @@ dependencies = [
  "webpki",
 ]
 
+[[package]]
+name = "rustls"
+version = "0.21.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c911ba11bc8433e811ce56fde130ccf32f5127cab0e0194e9c68c5a5b671791e"
+dependencies = [
+ "log",
+ "ring",
+ "rustls-webpki",
+ "sct",
+]
+
 [[package]]
 name = "rustls-native-certs"
 version = "0.6.2"
@@ -5078,6 +5083,16 @@ dependencies = [
  "base64 0.21.0",
 ]
 
+[[package]]
+name = "rustls-webpki"
+version = "0.100.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d6207cd5ed3d8dca7816f8f3725513a34609c0c765bf652b8c3cb4cfd87db46b"
+dependencies = [
+ "ring",
+ "untrusted",
+]
+
 [[package]]
 name = "rustversion"
 version = "1.0.12"
@@ -5290,9 +5305,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json_bytes"
-version = "0.2.0"
+version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d07cc85f924551185aa24952d5bf52c8433ffd040eeeff3908bb684c55035002"
+checksum = "46deda3f831d90694634ede6f2f9b956bec326a67499333c7fc3943832d06050"
 dependencies = [
  "bytes",
  "indexmap",
@@ -6057,16 +6072,26 @@ version = "0.23.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59"
 dependencies = [
- "rustls",
+ "rustls 0.20.8",
  "tokio",
  "webpki",
 ]
 
+[[package]]
+name = "tokio-rustls"
+version = "0.24.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e0d409377ff5b1e3ca6437aa86c1eb7d40c134bfec254e44c830defa92669db5"
+dependencies = [
+ "rustls 0.21.1",
+ "tokio",
+]
+
 [[package]]
 name = "tokio-stream"
-version = "0.1.12"
+version = "0.1.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8fb52b74f05dbf495a8fba459fdc331812b96aa086d9eb78101fa0d4569c3313"
+checksum = "397c988d37662c7dda6d2208364a706264bf3d6138b11d436cbac0ad38832842"
 dependencies = [
  "futures-core",
  "pin-project-lite",
@@ -6089,9 +6114,9 @@ dependencies = [
 
 [[package]]
 name = "tokio-util"
-version = "0.7.7"
+version = "0.7.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5427d89453009325de0d8f342c9490009f76e999cb7672d77e46267448f7e6b2"
+checksum = "806fe8c2c87eccc8b3267cbae29ed3ab2d0bd37fca70ab622e46aaa9375ddb7d"
 dependencies = [
  "bytes",
  "futures-core",
@@ -6154,7 +6179,7 @@ dependencies = [
  "rustls-native-certs",
  "rustls-pemfile",
  "tokio",
- "tokio-rustls",
+ "tokio-rustls 0.23.4",
  "tokio-stream",
  "tokio-util",
  "tower",
@@ -6164,6 +6189,34 @@ dependencies = [
  "tracing-futures",
 ]
 
+[[package]]
+name = "tonic"
+version = "0.9.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3082666a3a6433f7f511c7192923fa1fe07c69332d3c6a2e6bb040b569199d5a"
+dependencies = [
+ "async-trait",
+ "axum",
+ "base64 0.21.0",
+ "bytes",
+ "futures-core",
+ "futures-util",
+ "h2",
+ "http",
+ "http-body",
+ "hyper",
+ "hyper-timeout",
+ "percent-encoding",
+ "pin-project",
+ "prost",
+ "tokio",
+ "tokio-stream",
+ "tower",
+ "tower-layer",
+ "tower-service",
+ "tracing",
+]
+
 [[package]]
 name = "tonic-build"
 version = "0.8.4"
@@ -6220,25 +6273,6 @@ dependencies = [
  "tracing",
 ]
 
-[[package]]
-name = "tower-http"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5d1d42a9b3f3ec46ba828e8d376aec14592ea199f70a06a548587ecd1c4ab658"
-dependencies = [
- "bitflags",
- "bytes",
- "futures-core",
- "futures-util",
- "http",
- "http-body",
- "http-range-header",
- "pin-project-lite",
- "tower",
- "tower-layer",
- "tower-service",
-]
-
 [[package]]
 name = "tower-layer"
 version = "0.3.2"
diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml
index b77573cc550..da8284c4c8b 100644
--- a/apollo-router/Cargo.toml
+++ b/apollo-router/Cargo.toml
@@ -54,7 +54,7 @@ askama = "0.11.1"
 access-json = "0.1.0"
 anyhow = "1.0.68"
 apollo-compiler = "0.8.0"
-apollo-parser = "0.5.1"
+apollo-parser = "0.5.3"
 arc-swap = "1.6.0"
 async-compression = { version = "0.3.15", features = [
     "tokio",
@@ -62,9 +62,9 @@ async-compression = { version = "0.3.15", features = [
     "gzip",
     "deflate",
 ] }
-async-trait = "0.1.67"
+async-trait = "0.1.68"
 atty = "0.2.14"
-axum = { version = "0.6.6", features = ["headers", "json", "original-uri"] }
+axum = { version = "0.6.18", features = ["headers", "json", "original-uri"] }
 backtrace = "0.3.67"
 base64 = "0.20.0"
 buildstructor = "0.5.2"
@@ -75,7 +75,7 @@ clap = { version = "4.1.4", default-features = false, features = [
     "std",
     "help",
 ] }
-console-subscriber = { version = "0.1.8", optional = true }
+console-subscriber = { version = "0.1.9", optional = true }
 ci_info = {version="0.14.10", features=["serde-1"] }
 dashmap = { version = "5.4.0", features = ["serde"] }
 derivative = "2.2.0"
@@ -89,7 +89,7 @@ directories = "4.0.1"
 displaydoc = "0.2"
 flate2 = "1.0.24"
 fred = { version = "6.0.0", features = ["enable-rustls", "no-client-setname"] }
-futures = { version = "0.3.27", features = ["thread-pool"] }
+futures = { version = "0.3.28", features = ["thread-pool"] }
 graphql_client = "0.11.0"
 hex = "0.4.3"
 http = "0.2.9"
@@ -97,7 +97,7 @@ http-body = "0.4.5"
 heck = "0.4.1"
 humantime = "2.1.0"
 humantime-serde = "1.1.1"
-hyper = { version = "0.14.25", features = ["server", "client"] }
+hyper = { version = "0.14.26", features = ["server", "client"] }
 hyper-rustls = { version = "0.23.2", features = ["http1", "http2"] }
 indexmap = { version = "1.9.2", features = ["serde-1"] }
 itertools = "0.10.5"
@@ -105,11 +105,11 @@ jsonpath_lib = "0.3.0"
 jsonschema = { version = "0.16.1", default-features = false }
 jsonwebtoken = "8.2.0"
 lazy_static = "1.4.0"
-libc = "0.2.140"
+libc = "0.2.144"
 linkme = "0.3.9"
 lru = "0.8.1"
 mediatype = "0.19.13"
-mockall = "0.11.3"
+mockall = "0.11.4"
 miette = { version = "5.5.0", features = ["fancy"] }
 mime = "0.3.17"
 multer = "2.0.4"
@@ -158,13 +158,13 @@ opentelemetry-prometheus = "0.11.0"
 paste = "1.0.11"
 pin-project-lite = "0.2.9"
 prometheus = "0.13"
-prost = "0.11.8"
-prost-types = "0.11.8"
+prost = "0.11.9"
+prost-types = "0.11.9"
 proteus = "0.5.0"
 rand = "0.8.5"
 rhai = { version = "1.12.0", features = ["sync", "serde", "internals"] }
 regex = "1.6.0"
-reqwest = { version = "0.11.15", default-features = false, features = [
+reqwest = { version = "0.11.18", default-features = false, features = [
     "rustls-tls",
     "rustls-native-certs",
     "json",
@@ -178,7 +178,7 @@ schemars = { version = "0.8.12", features = ["url"] }
 shellexpand = "3.0.0"
 sha2 = "0.10.6"
 serde = { version = "1.0.149", features = ["derive", "rc"] }
-serde_json_bytes = { version = "0.2.0", features = ["preserve_order"] }
+serde_json_bytes = { version = "0.2.1", features = ["preserve_order"] }
 serde_json = { version = "1.0.85", features = ["preserve_order"] }
 serde_urlencoded = "0.7.1"
 serde_yaml = "0.8.26"
@@ -187,8 +187,8 @@ strum_macros = "0.24.3"
 sys-info = "0.9.1"
 thiserror = "1.0.38"
 tokio = { version = "1.24.2", features = ["full"] }
-tokio-stream = { version = "0.1.12", features = ["sync", "net"] }
-tokio-util = { version = "0.7.7", features = ["net", "codec", "time"] }
+tokio-stream = { version = "0.1.14", features = ["sync", "net"] }
+tokio-util = { version = "0.7.8", features = ["net", "codec", "time"] }
 tonic = { version = "0.8.3", features = ["transport", "tls", "tls-roots", "gzip"] }
 tower = { version = "0.4.13", features = ["full"] }
 tower-http = { version = "0.3.5", features = [
@@ -235,16 +235,16 @@ tikv-jemallocator = "0.5"
 ecdsa = { version = "0.15.1", features = ["signing", "pem", "pkcs8"] }
 fred = "6.0.0-beta.2"
 redis = { version = "0.21.7", features = ["tokio-comp"] }
-futures-test = "0.3.27"
+futures-test = "0.3.28"
 insta = { version = "1.26.0", features = ["json", "redactions", "yaml"] }
-introspector-gadget = "0.2.0"
+introspector-gadget = "0.2.1"
 maplit = "1.0.2"
 memchr = { version = "2.5.0", default-features = false }
-mockall = "0.11.3"
+mockall = "0.11.4"
 once_cell = "1.16.0"
 p256 = "0.12.0"
 rand_core = "0.6.4"
-reqwest = { version = "0.11.15", default-features = false, features = [
+reqwest = { version = "0.11.18", default-features = false, features = [
     "json",
     "stream",
 ] }
@@ -264,7 +264,7 @@ tracing-subscriber = { version = "0.3", default-features = false, features = [
 ] }
 tracing-test = "0.2.2"
 walkdir = "2.3.2"
-wiremock = "0.5.17"
+wiremock = "0.5.18"
 
 [target.'cfg(target_os = "linux")'.dev-dependencies]
 rstack = { version = "0.3.3", features = ["dw"], default-features = false }
diff --git a/xtask/Cargo.lock b/xtask/Cargo.lock
index 5ced3553de1..1b831659e7d 100644
--- a/xtask/Cargo.lock
+++ b/xtask/Cargo.lock
@@ -267,15 +267,15 @@ dependencies = [
 
 [[package]]
 name = "console"
-version = "0.15.5"
+version = "0.15.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c3d79fbe8970a77e3e34151cc13d3b3e248aa0faaecb9f6091fa07ebefe5ad60"
+checksum = "c926e00cc70edefdc64d3a5ff31cc65bb97a3460097762bd23afb4d8145fccf8"
 dependencies = [
  "encode_unicode",
  "lazy_static",
  "libc",
  "unicode-width",
- "windows-sys 0.42.0",
+ "windows-sys 0.45.0",
 ]
 
 [[package]]
@@ -377,9 +377,9 @@ dependencies = [
 
 [[package]]
 name = "dialoguer"
-version = "0.10.3"
+version = "0.10.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "af3c796f3b0b408d9fd581611b47fa850821fcb84aa640b83a3c1a5be2d691f2"
+checksum = "59c6f2989294b9a498d3ad5491a79c6deb604617378e1cdc4bfc1c1361fe2f87"
 dependencies = [
  "console",
  "shell-words",
diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml
index 0d94015cfc1..2f2a597ae00 100644
--- a/xtask/Cargo.toml
+++ b/xtask/Cargo.toml
@@ -18,8 +18,8 @@ cargo_metadata = "0.15"
 # impacted by CVE-2020-26235.  https://github.com/chronotope/chrono/issues/602
 # and https://github.com/chronotope/chrono/issues/1073 will explain more.
 chrono = { version = "0.4.24", default-features = false, features = ["clock"] }
-console = "0.15.5"
-dialoguer = "0.10.3"
+console = "0.15.7"
+dialoguer = "0.10.4"
 flate2 = "1"
 graphql_client = { version = "0.12.0", features = ["reqwest-rustls"] }
 itertools = "0.10.5"

From 12599824175ffe2da60003b9a2189b3a0fe0463e Mon Sep 17 00:00:00 2001
From: Coenen Benjamin 
Date: Tue, 30 May 2023 10:19:14 +0200
Subject: [PATCH 26/39] feat(telemetry): add configurable histogram buckets for
 metrics (#3098)

You can customize the buckets for all generated histograms:

```yaml title="router.yaml"
telemetry:
  metrics:
    common:
      buckets:
        - 0.05
        - 0.10
        - 0.25
        - 0.50
        - 1.00
        - 2.50
        - 5.00
        - 10.00
        - 20.00
```

Fixes #2333

**Checklist**

Complete the checklist (and note appropriate exceptions) before a final
PR is raised.

- [x] Changes are compatible[^1]
- [x] Documentation[^2] completed
- [ ] Performance impact assessed and acceptable
- Tests added and passing[^3]
    - [x] Unit Tests
    - [ ] Integration Tests
    - [x] Manual Tests

**Exceptions**

*Note any exceptions here*

**Notes**

[^1]. It may be appropriate to bring upcoming changes to the attention
of other (impacted) groups. Please endeavour to do this before seeking
PR approval. The mechanism for doing this will vary considerably, so use
your judgement as to how and when to do this.
[^2]. Configuration is an important part of many changes. Where
applicable please try to document configuration examples.
[^3]. Tick whichever testing boxes are applicable. If you are adding
Manual Tests:
- please document the manual testing (extensively) in the Exceptions.
- please raise a separate issue to automate the test and label it (or
ask for it to be labeled) as `manual test`

---------

Signed-off-by: Benjamin Coenen <5719034+bnjjj@users.noreply.github.com>
---
 .changesets/feat_swan_cub_foot_audience.md    |  21 ++
 ...nfiguration__tests__schema_generation.snap |  24 ++
 apollo-router/src/plugins/telemetry/config.rs |  12 +-
 .../src/plugins/telemetry/metrics/otlp.rs     |   4 +-
 .../plugins/telemetry/metrics/prometheus.rs   |   4 +-
 apollo-router/src/plugins/telemetry/mod.rs    | 281 ++++++++++++++++++
 ...est_prometheus_metrics_custom_buckets.snap |  20 ++
 docs/source/configuration/metrics.mdx         |  20 ++
 8 files changed, 378 insertions(+), 8 deletions(-)
 create mode 100644 .changesets/feat_swan_cub_foot_audience.md
 create mode 100644 apollo-router/src/plugins/telemetry/snapshots/apollo_router__plugins__telemetry__tests__it_test_prometheus_metrics_custom_buckets.snap

diff --git a/.changesets/feat_swan_cub_foot_audience.md b/.changesets/feat_swan_cub_foot_audience.md
new file mode 100644
index 00000000000..89408bc37f0
--- /dev/null
+++ b/.changesets/feat_swan_cub_foot_audience.md
@@ -0,0 +1,21 @@
+### Configurable histogram buckets for metrics ([Issue #2333](https://github.com/apollographql/router/issues/2333))
+
+You can customize the buckets for all generated histograms:
+
+```yaml title="router.yaml"
+telemetry:
+  metrics:
+    common:
+      buckets:
+        - 0.05
+        - 0.10
+        - 0.25
+        - 0.50
+        - 1.00
+        - 2.50
+        - 5.00
+        - 10.00
+        - 20.00
+```
+
+By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3098
\ No newline at end of file
diff --git a/apollo-router/src/configuration/snapshots/apollo_router__configuration__tests__schema_generation.snap b/apollo-router/src/configuration/snapshots/apollo_router__configuration__tests__schema_generation.snap
index f0cae7a315c..9048ab187a6 100644
--- a/apollo-router/src/configuration/snapshots/apollo_router__configuration__tests__schema_generation.snap
+++ b/apollo-router/src/configuration/snapshots/apollo_router__configuration__tests__schema_generation.snap
@@ -3711,6 +3711,28 @@ expression: "&schema"
                   "additionalProperties": false,
                   "nullable": true
                 },
+                "buckets": {
+                  "description": "Custom buckets for histograms",
+                  "default": [
+                    0.001,
+                    0.005,
+                    0.015,
+                    0.05,
+                    0.1,
+                    0.2,
+                    0.3,
+                    0.4,
+                    0.5,
+                    1.0,
+                    5.0,
+                    10.0
+                  ],
+                  "type": "array",
+                  "items": {
+                    "type": "number",
+                    "format": "double"
+                  }
+                },
                 "resources": {
                   "description": "Resources",
                   "default": {},
@@ -3721,11 +3743,13 @@ expression: "&schema"
                 },
                 "service_name": {
                   "description": "Set a service.name resource in your metrics",
+                  "default": null,
                   "type": "string",
                   "nullable": true
                 },
                 "service_namespace": {
                   "description": "Set a service.namespace attribute in your metrics",
+                  "default": null,
                   "type": "string",
                   "nullable": true
                 }
diff --git a/apollo-router/src/plugins/telemetry/config.rs b/apollo-router/src/plugins/telemetry/config.rs
index 21bb70387f6..afc99d28a12 100644
--- a/apollo-router/src/plugins/telemetry/config.rs
+++ b/apollo-router/src/plugins/telemetry/config.rs
@@ -80,7 +80,7 @@ pub(crate) struct Metrics {
 }
 
 #[derive(Clone, Default, Debug, Deserialize, JsonSchema)]
-#[serde(deny_unknown_fields, rename_all = "snake_case")]
+#[serde(deny_unknown_fields, rename_all = "snake_case", default)]
 pub(crate) struct MetricsCommon {
     /// Configuration to add custom labels/attributes to metrics
     pub(crate) attributes: Option,
@@ -88,9 +88,17 @@ pub(crate) struct MetricsCommon {
     pub(crate) service_name: Option,
     /// Set a service.namespace attribute in your metrics
     pub(crate) service_namespace: Option,
-    #[serde(default)]
     /// Resources
     pub(crate) resources: HashMap,
+    /// Custom buckets for histograms
+    #[serde(default = "default_buckets")]
+    pub(crate) buckets: Vec,
+}
+
+fn default_buckets() -> Vec {
+    vec![
+        0.001, 0.005, 0.015, 0.05, 0.1, 0.2, 0.3, 0.4, 0.5, 1.0, 5.0, 10.0,
+    ]
 }
 
 /// Tracing configuration
diff --git a/apollo-router/src/plugins/telemetry/metrics/otlp.rs b/apollo-router/src/plugins/telemetry/metrics/otlp.rs
index d4883a56bea..de18f0f9f10 100644
--- a/apollo-router/src/plugins/telemetry/metrics/otlp.rs
+++ b/apollo-router/src/plugins/telemetry/metrics/otlp.rs
@@ -42,9 +42,7 @@ impl MetricsConfigurator for super::super::otlp::Config {
             Some(exporter) => {
                 let exporter = opentelemetry_otlp::new_pipeline()
                     .metrics(
-                        selectors::simple::histogram([
-                            0.001, 0.005, 0.015, 0.05, 0.1, 0.2, 0.3, 0.4, 0.5, 1.0, 5.0, 10.0,
-                        ]),
+                        selectors::simple::histogram(metrics_config.buckets.clone()),
                         aggregation::stateless_temporality_selector(),
                         opentelemetry::runtime::Tokio,
                     )
diff --git a/apollo-router/src/plugins/telemetry/metrics/prometheus.rs b/apollo-router/src/plugins/telemetry/metrics/prometheus.rs
index f830b31152c..5d6e6c84bb8 100644
--- a/apollo-router/src/plugins/telemetry/metrics/prometheus.rs
+++ b/apollo-router/src/plugins/telemetry/metrics/prometheus.rs
@@ -85,9 +85,7 @@ impl MetricsConfigurator for Config {
         if self.enabled {
             let mut controller = controllers::basic(
                 processors::factory(
-                    selectors::simple::histogram([
-                        0.001, 0.005, 0.015, 0.05, 0.1, 0.2, 0.3, 0.4, 0.5, 1.0, 5.0, 10.0,
-                    ]),
+                    selectors::simple::histogram(metrics_config.buckets.clone()),
                     aggregation::stateless_temporality_selector(),
                 )
                 .with_memory(true),
diff --git a/apollo-router/src/plugins/telemetry/mod.rs b/apollo-router/src/plugins/telemetry/mod.rs
index 05f50f90054..ec2850d2627 100644
--- a/apollo-router/src/plugins/telemetry/mod.rs
+++ b/apollo-router/src/plugins/telemetry/mod.rs
@@ -2098,6 +2098,287 @@ mod tests {
         assert_snapshot!(prom_metrics);
     }
 
+    #[tokio::test(flavor = "multi_thread")]
+    async fn it_test_prometheus_metrics_custom_buckets() {
+        let mut mock_service = MockSupergraphService::new();
+        mock_service
+            .expect_call()
+            .times(1)
+            .returning(move |req: SupergraphRequest| {
+                Ok(SupergraphResponse::fake_builder()
+                    .context(req.context)
+                    .header("x-custom", "coming_from_header")
+                    .data(json!({"data": {"my_value": 2usize}}))
+                    .build()
+                    .unwrap())
+            });
+
+        let mut mock_bad_request_service = MockSupergraphService::new();
+        mock_bad_request_service
+            .expect_call()
+            .times(1)
+            .returning(move |req: SupergraphRequest| {
+                Ok(SupergraphResponse::fake_builder()
+                    .context(req.context)
+                    .status_code(StatusCode::BAD_REQUEST)
+                    .data(json!({"errors": [{"message": "nope"}]}))
+                    .build()
+                    .unwrap())
+            });
+
+        let mut mock_subgraph_service = MockSubgraphService::new();
+        mock_subgraph_service
+            .expect_call()
+            .times(1)
+            .returning(move |req: SubgraphRequest| {
+                let mut extension = Object::new();
+                extension.insert(
+                    serde_json_bytes::ByteString::from("status"),
+                    serde_json_bytes::Value::String(ByteString::from("INTERNAL_SERVER_ERROR")),
+                );
+                let _ = req
+                    .context
+                    .insert("my_key", "my_custom_attribute_from_context".to_string())
+                    .unwrap();
+                Ok(SubgraphResponse::fake_builder()
+                    .context(req.context)
+                    .error(
+                        Error::builder()
+                            .message(String::from("an error occured"))
+                            .extensions(extension)
+                            .extension_code("FETCH_ERROR")
+                            .build(),
+                    )
+                    .build())
+            });
+
+        let mut mock_subgraph_service_in_error = MockSubgraphService::new();
+        mock_subgraph_service_in_error
+            .expect_call()
+            .times(1)
+            .returning(move |_req: SubgraphRequest| {
+                Err(Box::new(FetchError::SubrequestHttpError {
+                    status_code: None,
+                    service: String::from("my_subgraph_name_error"),
+                    reason: String::from("cannot contact the subgraph"),
+                }))
+            });
+
+        let dyn_plugin: Box = crate::plugin::plugins()
+            .find(|factory| factory.name == "apollo.telemetry")
+            .expect("Plugin not found")
+            .create_instance(
+                &Value::from_str(
+                    r#"{
+                "apollo": {
+                    "client_name_header": "name_header",
+                    "client_version_header": "version_header",
+                    "schema_id": "schema_sha"
+                },
+                "metrics": {
+                    "common": {
+                        "service_name": "apollo-router",
+                        "buckets": [5.0, 10.0, 20.0],
+                        "attributes": {
+                            "supergraph": {
+                                "static": [
+                                    {
+                                        "name": "myname",
+                                        "value": "label_value"
+                                    }
+                                ],
+                                "request": {
+                                    "header": [
+                                        {
+                                            "named": "test",
+                                            "default": "default_value",
+                                            "rename": "renamed_value"
+                                        },
+                                        {
+                                            "named": "another_test",
+                                            "default": "my_default_value"
+                                        }
+                                    ]
+                                },
+                                "response": {
+                                    "header": [{
+                                        "named": "x-custom"
+                                    }],
+                                    "body": [{
+                                        "path": ".data.data.my_value",
+                                        "name": "my_value"
+                                    }]
+                                }
+                            },
+                            "subgraph": {
+                                "all": {
+                                    "errors": {
+                                        "include_messages": true,
+                                        "extensions": [{
+                                            "name": "subgraph_error_extended_code",
+                                            "path": ".code"
+                                        }, {
+                                            "name": "message",
+                                            "path": ".reason"
+                                        }]
+                                    }
+                                },
+                                "subgraphs": {
+                                    "my_subgraph_name": {
+                                        "request": {
+                                            "body": [{
+                                                "path": ".query",
+                                                "name": "query_from_request"
+                                            }, {
+                                                "path": ".data",
+                                                "name": "unknown_data",
+                                                "default": "default_value"
+                                            }, {
+                                                "path": ".data2",
+                                                "name": "unknown_data_bis"
+                                            }]
+                                        },
+                                        "response": {
+                                            "body": [{
+                                                "path": ".errors[0].extensions.status",
+                                                "name": "error"
+                                            }]
+                                        },
+                                        "context": [
+                                            {
+                                                "named": "my_key"
+                                            }
+                                        ]
+                                    }
+                                }
+                            }
+                        }
+                    },
+                    "prometheus": {
+                        "enabled": true
+                    }
+                }
+            }"#,
+                )
+                .unwrap(),
+                Default::default(),
+            )
+            .await
+            .unwrap();
+        let mut supergraph_service = dyn_plugin.supergraph_service(BoxService::new(mock_service));
+        let router_req = SupergraphRequest::fake_builder().header("test", "my_value_set");
+
+        let _router_response = supergraph_service
+            .ready()
+            .await
+            .unwrap()
+            .call(router_req.build().unwrap())
+            .await
+            .unwrap()
+            .next_response()
+            .await
+            .unwrap();
+
+        let mut bad_request_supergraph_service =
+            dyn_plugin.supergraph_service(BoxService::new(mock_bad_request_service));
+        let router_req = SupergraphRequest::fake_builder().header("test", "my_value_set");
+
+        let _router_response = bad_request_supergraph_service
+            .ready()
+            .await
+            .unwrap()
+            .call(router_req.build().unwrap())
+            .await
+            .unwrap()
+            .next_response()
+            .await
+            .unwrap();
+
+        let mut subgraph_service =
+            dyn_plugin.subgraph_service("my_subgraph_name", BoxService::new(mock_subgraph_service));
+        let subgraph_req = SubgraphRequest::fake_builder()
+            .subgraph_request(
+                http_ext::Request::fake_builder()
+                    .header("test", "my_value_set")
+                    .body(
+                        Request::fake_builder()
+                            .query(String::from("query { test }"))
+                            .build(),
+                    )
+                    .build()
+                    .unwrap(),
+            )
+            .build();
+        let _subgraph_response = subgraph_service
+            .ready()
+            .await
+            .unwrap()
+            .call(subgraph_req)
+            .await
+            .unwrap();
+        // Another subgraph
+        let mut subgraph_service = dyn_plugin.subgraph_service(
+            "my_subgraph_name_error",
+            BoxService::new(mock_subgraph_service_in_error),
+        );
+        let subgraph_req = SubgraphRequest::fake_builder()
+            .subgraph_request(
+                http_ext::Request::fake_builder()
+                    .header("test", "my_value_set")
+                    .body(
+                        Request::fake_builder()
+                            .query(String::from("query { test }"))
+                            .build(),
+                    )
+                    .build()
+                    .unwrap(),
+            )
+            .build();
+        let _subgraph_response = subgraph_service
+            .ready()
+            .await
+            .unwrap()
+            .call(subgraph_req)
+            .await
+            .expect_err("Must be in error");
+
+        let http_req_prom = http::Request::get("http://localhost:9090/WRONG/URL/metrics")
+            .body(Default::default())
+            .unwrap();
+        let mut web_endpoint = dyn_plugin
+            .web_endpoints()
+            .into_iter()
+            .next()
+            .unwrap()
+            .1
+            .into_iter()
+            .next()
+            .unwrap()
+            .into_router();
+        let resp = web_endpoint
+            .ready()
+            .await
+            .unwrap()
+            .call(http_req_prom)
+            .await
+            .unwrap();
+        assert_eq!(resp.status(), StatusCode::NOT_FOUND);
+
+        let http_req_prom = http::Request::get("http://localhost:9090/metrics")
+            .body(Default::default())
+            .unwrap();
+        let mut resp = web_endpoint.oneshot(http_req_prom).await.unwrap();
+        assert_eq!(resp.status(), StatusCode::OK);
+        let body = hyper::body::to_bytes(resp.body_mut()).await.unwrap();
+        let prom_metrics = String::from_utf8_lossy(&body)
+            .to_string()
+            .split('\n')
+            .filter(|l| l.contains("bucket") && !l.contains("apollo_router_span_count"))
+            .sorted()
+            .join("\n");
+        assert_snapshot!(prom_metrics);
+    }
+
     #[test]
     fn it_test_send_headers_to_studio() {
         let fw_headers = ForwardHeaders::Only(vec![
diff --git a/apollo-router/src/plugins/telemetry/snapshots/apollo_router__plugins__telemetry__tests__it_test_prometheus_metrics_custom_buckets.snap b/apollo-router/src/plugins/telemetry/snapshots/apollo_router__plugins__telemetry__tests__it_test_prometheus_metrics_custom_buckets.snap
new file mode 100644
index 00000000000..a973b2aaaed
--- /dev/null
+++ b/apollo-router/src/plugins/telemetry/snapshots/apollo_router__plugins__telemetry__tests__it_test_prometheus_metrics_custom_buckets.snap
@@ -0,0 +1,20 @@
+---
+source: apollo-router/src/plugins/telemetry/mod.rs
+expression: prom_metrics
+---
+apollo_router_http_request_duration_seconds_bucket{another_test="my_default_value",error="400 Bad Request",myname="label_value",renamed_value="my_value_set",service_name="apollo-router",status="400",le="+Inf"} 1
+apollo_router_http_request_duration_seconds_bucket{another_test="my_default_value",error="400 Bad Request",myname="label_value",renamed_value="my_value_set",service_name="apollo-router",status="400",le="10"} 1
+apollo_router_http_request_duration_seconds_bucket{another_test="my_default_value",error="400 Bad Request",myname="label_value",renamed_value="my_value_set",service_name="apollo-router",status="400",le="20"} 1
+apollo_router_http_request_duration_seconds_bucket{another_test="my_default_value",error="400 Bad Request",myname="label_value",renamed_value="my_value_set",service_name="apollo-router",status="400",le="5"} 1
+apollo_router_http_request_duration_seconds_bucket{another_test="my_default_value",my_value="2",myname="label_value",renamed_value="my_value_set",service_name="apollo-router",status="200",x_custom="coming_from_header",le="+Inf"} 1
+apollo_router_http_request_duration_seconds_bucket{another_test="my_default_value",my_value="2",myname="label_value",renamed_value="my_value_set",service_name="apollo-router",status="200",x_custom="coming_from_header",le="10"} 1
+apollo_router_http_request_duration_seconds_bucket{another_test="my_default_value",my_value="2",myname="label_value",renamed_value="my_value_set",service_name="apollo-router",status="200",x_custom="coming_from_header",le="20"} 1
+apollo_router_http_request_duration_seconds_bucket{another_test="my_default_value",my_value="2",myname="label_value",renamed_value="my_value_set",service_name="apollo-router",status="200",x_custom="coming_from_header",le="5"} 1
+apollo_router_http_request_duration_seconds_bucket{error="INTERNAL_SERVER_ERROR",my_key="my_custom_attribute_from_context",query_from_request="query { test }",service_name="apollo-router",status="200",subgraph="my_subgraph_name",unknown_data="default_value",le="+Inf"} 1
+apollo_router_http_request_duration_seconds_bucket{error="INTERNAL_SERVER_ERROR",my_key="my_custom_attribute_from_context",query_from_request="query { test }",service_name="apollo-router",status="200",subgraph="my_subgraph_name",unknown_data="default_value",le="10"} 1
+apollo_router_http_request_duration_seconds_bucket{error="INTERNAL_SERVER_ERROR",my_key="my_custom_attribute_from_context",query_from_request="query { test }",service_name="apollo-router",status="200",subgraph="my_subgraph_name",unknown_data="default_value",le="20"} 1
+apollo_router_http_request_duration_seconds_bucket{error="INTERNAL_SERVER_ERROR",my_key="my_custom_attribute_from_context",query_from_request="query { test }",service_name="apollo-router",status="200",subgraph="my_subgraph_name",unknown_data="default_value",le="5"} 1
+apollo_router_http_request_duration_seconds_bucket{message="cannot contact the subgraph",service_name="apollo-router",status="500",subgraph="my_subgraph_name_error",subgraph_error_extended_code="SUBREQUEST_HTTP_ERROR",le="+Inf"} 1
+apollo_router_http_request_duration_seconds_bucket{message="cannot contact the subgraph",service_name="apollo-router",status="500",subgraph="my_subgraph_name_error",subgraph_error_extended_code="SUBREQUEST_HTTP_ERROR",le="10"} 1
+apollo_router_http_request_duration_seconds_bucket{message="cannot contact the subgraph",service_name="apollo-router",status="500",subgraph="my_subgraph_name_error",subgraph_error_extended_code="SUBREQUEST_HTTP_ERROR",le="20"} 1
+apollo_router_http_request_duration_seconds_bucket{message="cannot contact the subgraph",service_name="apollo-router",status="500",subgraph="my_subgraph_name_error",subgraph_error_extended_code="SUBREQUEST_HTTP_ERROR",le="5"} 1
diff --git a/docs/source/configuration/metrics.mdx b/docs/source/configuration/metrics.mdx
index f68a8f1d770..8abef3d50ed 100644
--- a/docs/source/configuration/metrics.mdx
+++ b/docs/source/configuration/metrics.mdx
@@ -233,6 +233,26 @@ To fetch the value of the field `x`, the corresponding path is `.items[0].wanted
 
 JSON path queries always begin with a period `.`
 
+## Changing default buckets for histograms
+
+You can customize the buckets for all generated histograms:
+
+```yaml title="router.yaml"
+telemetry:
+  metrics:
+    common:
+      buckets:
+        - 0.05
+        - 0.10
+        - 0.25
+        - 0.50
+        - 1.00
+        - 2.50
+        - 5.00
+        - 10.00
+        - 20.00
+```
+
 ## Adding custom resources
 
 Resources are similar to [attributes](#adding-custom-attributeslabels), but there are more globals. They're configured directly on the metrics exporter, which means they're always present on each of your metrics.

From 114d6418367dd4701b9ca85e8c123efb0a8f92ca Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 30 May 2023 08:21:34 +0000
Subject: [PATCH 27/39] fix(deps): update rust crate chrono to 0.4.25

---
 xtask/Cargo.lock | 22 +++++++++-------------
 xtask/Cargo.toml |  2 +-
 2 files changed, 10 insertions(+), 14 deletions(-)

diff --git a/xtask/Cargo.lock b/xtask/Cargo.lock
index 1b831659e7d..7847d704c05 100644
--- a/xtask/Cargo.lock
+++ b/xtask/Cargo.lock
@@ -17,6 +17,12 @@ dependencies = [
  "memchr",
 ]
 
+[[package]]
+name = "android-tzdata"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0"
+
 [[package]]
 name = "android_system_properties"
 version = "0.1.5"
@@ -175,12 +181,12 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 
 [[package]]
 name = "chrono"
-version = "0.4.24"
+version = "0.4.25"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4e3c5919066adf22df73762e50cffcde3a758f2a848b113b586d1f86728b673b"
+checksum = "fdbc37d37da9e5bce8173f3a41b71d9bf3c674deebbaceacd0ebdabde76efb03"
 dependencies = [
+ "android-tzdata",
  "iana-time-zone",
- "num-integer",
  "num-traits",
  "winapi",
 ]
@@ -953,16 +959,6 @@ dependencies = [
  "windows-sys 0.45.0",
 ]
 
-[[package]]
-name = "num-integer"
-version = "0.1.45"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9"
-dependencies = [
- "autocfg",
- "num-traits",
-]
-
 [[package]]
 name = "num-traits"
 version = "0.2.15"
diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml
index 2f2a597ae00..420ce8b3da2 100644
--- a/xtask/Cargo.toml
+++ b/xtask/Cargo.toml
@@ -17,7 +17,7 @@ cargo_metadata = "0.15"
 # Only use the `clock` features of `chrono` to avoid the `time` dependency
 # impacted by CVE-2020-26235.  https://github.com/chronotope/chrono/issues/602
 # and https://github.com/chronotope/chrono/issues/1073 will explain more.
-chrono = { version = "0.4.24", default-features = false, features = ["clock"] }
+chrono = { version = "0.4.25", default-features = false, features = ["clock"] }
 console = "0.15.7"
 dialoguer = "0.10.4"
 flate2 = "1"

From 11cabfd9fc9dc4db7149b2247e6bf92e5e18708a Mon Sep 17 00:00:00 2001
From: Gary Pennington 
Date: Tue, 30 May 2023 12:07:19 +0100
Subject: [PATCH 28/39] install ca-certificates into final docker image (#3174)

The router needs CA certificates for TLS to work. This used to be
installed indirectly from `curl`, but now we no longer install `curl`
and must install certificates directly.

fixes: #3173



**Checklist**

Complete the checklist (and note appropriate exceptions) before a final
PR is raised.

- [x] Changes are compatible[^1]

**Exceptions**

*Note any exceptions here*

**Notes**

[^1]. It may be appropriate to bring upcoming changes to the attention
of other (impacted) groups. Please endeavour to do this before seeking
PR approval. The mechanism for doing this will vary considerably, so use
your judgement as to how and when to do this.
[^2]. Configuration is an important part of many changes. Where
applicable please try to document configuration examples.
[^3]. Tick whichever testing boxes are applicable. If you are adding
Manual Tests:
- please document the manual testing (extensively) in the Exceptions.
- please raise a separate issue to automate the test and label it (or
ask for it to be labeled) as `manual test`
---
 .changesets/fix_garypen_3173_ca_certs.md    | 7 +++++++
 dockerfiles/Dockerfile.router               | 7 +++++--
 dockerfiles/diy/dockerfiles/Dockerfile.repo | 7 +++++--
 3 files changed, 17 insertions(+), 4 deletions(-)
 create mode 100644 .changesets/fix_garypen_3173_ca_certs.md

diff --git a/.changesets/fix_garypen_3173_ca_certs.md b/.changesets/fix_garypen_3173_ca_certs.md
new file mode 100644
index 00000000000..9279b8980e9
--- /dev/null
+++ b/.changesets/fix_garypen_3173_ca_certs.md
@@ -0,0 +1,7 @@
+### Add ca-certificates to our docker image ([Issue #3173](https://github.com/apollographql/router/issues/3173))
+
+We removed `curl` from our docker images to improve security, which meant that our implicit install of `ca-certificates` (as a dependency of `curl`) was no longer performed.
+
+This fix manually installs the `ca-certificates` package which is required for the router to be able to process TLS requests.
+
+By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3174
\ No newline at end of file
diff --git a/dockerfiles/Dockerfile.router b/dockerfiles/Dockerfile.router
index 734bb4afade..55897acb387 100644
--- a/dockerfiles/Dockerfile.router
+++ b/dockerfiles/Dockerfile.router
@@ -19,8 +19,11 @@ WORKDIR /dist
 
 COPY --from=downloader /dist/router /dist
 
-# Update apt
-RUN apt-get update -y
+# Update apt and install ca-certificates
+RUN \
+  apt-get update -y \
+  && apt-get install -y \
+    ca-certificates
 
 # If debug image, install heaptrack and make a data directory
 RUN \
diff --git a/dockerfiles/diy/dockerfiles/Dockerfile.repo b/dockerfiles/diy/dockerfiles/Dockerfile.repo
index a9f89b99f96..0892d53c7f2 100644
--- a/dockerfiles/diy/dockerfiles/Dockerfile.repo
+++ b/dockerfiles/diy/dockerfiles/Dockerfile.repo
@@ -36,8 +36,11 @@ ARG DEBUG_IMAGE=false
 
 WORKDIR /dist
 
-# Update apt
-RUN apt-get update -y
+# Update apt and install ca-certificates
+RUN \
+  apt-get update -y \
+  && apt-get install -y \
+    ca-certificates
 
 # Copy in the required files from our build image
 COPY --from=build --chown=root:root /dist /dist

From 91650403d2364a2ff829d24c073dad18a68fb422 Mon Sep 17 00:00:00 2001
From: Jesse Rosenberger 
Date: Tue, 30 May 2023 14:10:12 +0300
Subject: [PATCH 29/39] chore(deps): `xtask/` dependency updates, again (#3164)

This is the result of running `cargo update` in the `xtask/` directory
(our
directory of tooling; not runtime components) to bring things more up to
date.

Follows-up: https://github.com/apollographql/router/pull/3149

Some of the changes in https://github.com/apollographql/router/pull/3152
seem to have undone some of the dependency updates, so this re-applies
them.
---
 xtask/Cargo.lock | 382 +++++++++++++++++++----------------------------
 1 file changed, 152 insertions(+), 230 deletions(-)

diff --git a/xtask/Cargo.lock b/xtask/Cargo.lock
index 7847d704c05..6ffeb9338b9 100644
--- a/xtask/Cargo.lock
+++ b/xtask/Cargo.lock
@@ -10,9 +10,9 @@ checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe"
 
 [[package]]
 name = "aho-corasick"
-version = "0.7.20"
+version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac"
+checksum = "67fc08ce920c31afb70f013dcce1bfc3a3195de6a228474e45e1f145b36f8d04"
 dependencies = [
  "memchr",
 ]
@@ -34,49 +34,58 @@ dependencies = [
 
 [[package]]
 name = "anstream"
-version = "0.2.6"
+version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "342258dd14006105c2b75ab1bd7543a03bdf0cfc94383303ac212a04939dff6f"
+checksum = "0ca84f3628370c59db74ee214b3263d58f9aadd9b4fe7e711fd87dc452b7f163"
 dependencies = [
  "anstyle",
  "anstyle-parse",
+ "anstyle-query",
  "anstyle-wincon",
- "concolor-override",
- "concolor-query",
+ "colorchoice",
  "is-terminal",
  "utf8parse",
 ]
 
 [[package]]
 name = "anstyle"
-version = "0.3.5"
+version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "23ea9e81bd02e310c216d080f6223c179012256e5151c41db88d12c88a1684d2"
+checksum = "41ed9a86bf92ae6580e0a31281f65a1b1d867c0cc68d5346e2ae128dddfa6a7d"
 
 [[package]]
 name = "anstyle-parse"
-version = "0.1.1"
+version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a7d1bb534e9efed14f3e5f44e7dd1a4f709384023a4165199a4241e18dff0116"
+checksum = "e765fd216e48e067936442276d1d57399e37bce53c264d6fefbe298080cb57ee"
 dependencies = [
  "utf8parse",
 ]
 
+[[package]]
+name = "anstyle-query"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b"
+dependencies = [
+ "windows-sys 0.48.0",
+]
+
 [[package]]
 name = "anstyle-wincon"
-version = "0.2.0"
+version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c3127af6145b149f3287bb9a0d10ad9c5692dba8c53ad48285e5bec4063834fa"
+checksum = "180abfa45703aebe0093f79badacc01b8fd4ea2e35118747e5811127f926e188"
 dependencies = [
  "anstyle",
- "windows-sys 0.45.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
 name = "anyhow"
-version = "1.0.70"
+version = "1.0.71"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7de8ce5e0f9f8d88245311066a578d72b7af3e7088f32783804676302df237e4"
+checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8"
 
 [[package]]
 name = "ascii"
@@ -98,9 +107,9 @@ checksum = "0ea22880d78093b0cbe17c89f64a7d457941e65759157ec6cb31a31d652b05e5"
 
 [[package]]
 name = "base64"
-version = "0.21.0"
+version = "0.21.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a4a4ddaa51a5bc52a6948f74c06d20aaaddb71924eab79b8c97a8c556e942d6a"
+checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d"
 
 [[package]]
 name = "bitflags"
@@ -119,9 +128,9 @@ dependencies = [
 
 [[package]]
 name = "bumpalo"
-version = "3.12.0"
+version = "3.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535"
+checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1"
 
 [[package]]
 name = "byteorder"
@@ -131,9 +140,9 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610"
 
 [[package]]
 name = "bytes"
-version = "1.1.0"
+version = "1.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8"
+checksum = "89b2fd2a0dcf38d7971e2194b6b6eebab45ae01067456a7fd93d5547a61b70be"
 
 [[package]]
 name = "camino"
@@ -193,9 +202,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "4.2.1"
+version = "4.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "046ae530c528f252094e4a77886ee1374437744b2bff1497aa898bbddbbb29b3"
+checksum = "93aae7a4192245f70fe75dd9157fc7b4a5bf53e88d30bd4396f7d8f9284d5acc"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -204,9 +213,9 @@ dependencies = [
 
 [[package]]
 name = "clap_builder"
-version = "4.2.1"
+version = "4.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "223163f58c9a40c3b0a43e1c4b50a9ce09f007ea2cb1ec258a687945b4b7929f"
+checksum = "4f423e341edefb78c9caba2d9c7f7687d0e72e89df3ce3394554754393ac3990"
 dependencies = [
  "anstream",
  "anstyle",
@@ -217,31 +226,27 @@ dependencies = [
 
 [[package]]
 name = "clap_derive"
-version = "4.2.0"
+version = "4.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3f9644cd56d6b87dbe899ef8b053e331c0637664e9e21a33dfcdc36093f5c5c4"
+checksum = "191d9573962933b4027f932c600cd252ce27a8ad5979418fe78e43c07996f27b"
 dependencies = [
  "heck",
  "proc-macro2",
  "quote",
- "syn 2.0.13",
+ "syn 2.0.18",
 ]
 
 [[package]]
 name = "clap_lex"
-version = "0.4.1"
+version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8a2dd5a6fe8c6e3502f568a6353e5273bbb15193ad9a89e457b9970798efbea1"
+checksum = "2da6da31387c7e4ef160ffab6d5e7f00c42626fe39aea70a7b0f1773f7dd6c1b"
 
 [[package]]
-name = "codespan-reporting"
-version = "0.11.1"
+name = "colorchoice"
+version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e"
-dependencies = [
- "termcolor",
- "unicode-width",
-]
+checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7"
 
 [[package]]
 name = "combine"
@@ -256,21 +261,6 @@ dependencies = [
  "unreachable",
 ]
 
-[[package]]
-name = "concolor-override"
-version = "1.0.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a855d4a1978dc52fb0536a04d384c2c0c1aa273597f08b77c8c4d3b2eec6037f"
-
-[[package]]
-name = "concolor-query"
-version = "0.3.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "88d11d52c3d7ca2e6d0040212be9e4dbbcd78b6447f535b6b561f449427944cf"
-dependencies = [
- "windows-sys 0.45.0",
-]
-
 [[package]]
 name = "console"
 version = "0.15.7"
@@ -337,50 +327,6 @@ dependencies = [
  "typenum",
 ]
 
-[[package]]
-name = "cxx"
-version = "1.0.94"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f61f1b6389c3fe1c316bf8a4dccc90a38208354b330925bce1f74a6c4756eb93"
-dependencies = [
- "cc",
- "cxxbridge-flags",
- "cxxbridge-macro",
- "link-cplusplus",
-]
-
-[[package]]
-name = "cxx-build"
-version = "1.0.94"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "12cee708e8962df2aeb38f594aae5d827c022b6460ac71a7a3e2c3c2aae5a07b"
-dependencies = [
- "cc",
- "codespan-reporting",
- "once_cell",
- "proc-macro2",
- "quote",
- "scratch",
- "syn 2.0.13",
-]
-
-[[package]]
-name = "cxxbridge-flags"
-version = "1.0.94"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7944172ae7e4068c533afbb984114a56c46e9ccddda550499caa222902c7f7bb"
-
-[[package]]
-name = "cxxbridge-macro"
-version = "1.0.94"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2345488264226bf682893e25de0769f3360aac9957980ec49361b083ddaa5bc5"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.13",
-]
-
 [[package]]
 name = "dialoguer"
 version = "0.10.4"
@@ -426,13 +372,13 @@ dependencies = [
 
 [[package]]
 name = "errno"
-version = "0.3.0"
+version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "50d6a0976c999d473fe89ad888d5a284e55366d9dc9038b1ba2aa15128c4afa0"
+checksum = "4bcfec3a70f97c962c307b2d2c56e358cf1d00b558d74262b5f929ee8cc7e73a"
 dependencies = [
  "errno-dragonfly",
  "libc",
- "windows-sys 0.45.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -456,21 +402,21 @@ dependencies = [
 
 [[package]]
 name = "filetime"
-version = "0.2.20"
+version = "0.2.21"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8a3de6e8d11b22ff9edc6d916f890800597d60f8b2da1caf2955c274638d6412"
+checksum = "5cbc844cecaee9d4443931972e1289c8ff485cb4cc2767cb03ca139ed6885153"
 dependencies = [
  "cfg-if",
  "libc",
  "redox_syscall 0.2.16",
- "windows-sys 0.45.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
 name = "flate2"
-version = "1.0.25"
+version = "1.0.26"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a8a2db397cb1c8772f31494cb8917e48cd1e64f0fa7efac59fbd741a0a8ce841"
+checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743"
 dependencies = [
  "crc32fast",
  "miniz_oxide",
@@ -484,11 +430,10 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
 
 [[package]]
 name = "form_urlencoded"
-version = "1.0.1"
+version = "1.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191"
+checksum = "a9c384f161156f5260c24a097c56119f9be8c798586aecc13afbcbe7b7e26bf8"
 dependencies = [
- "matches",
  "percent-encoding",
 ]
 
@@ -622,9 +567,9 @@ dependencies = [
 
 [[package]]
 name = "h2"
-version = "0.3.16"
+version = "0.3.19"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5be7b54589b581f624f566bf5d8eb2bab1db736c51528720b6bd36b96b55924d"
+checksum = "d357c7ae988e7d2182f7d7871d0b963962420b0678b0997ce7de72001aeab782"
 dependencies = [
  "bytes",
  "fnv",
@@ -702,9 +647,9 @@ checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421"
 
 [[package]]
 name = "hyper"
-version = "0.14.25"
+version = "0.14.26"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cc5e554ff619822309ffd57d8734d77cd5ce6238bc956f037ea06c58238c9899"
+checksum = "ab302d72a6f11a3b910431ff93aae7e773078c769f0a3ef15fb9ec692ed147d4"
 dependencies = [
  "bytes",
  "futures-channel",
@@ -726,9 +671,9 @@ dependencies = [
 
 [[package]]
 name = "hyper-rustls"
-version = "0.23.2"
+version = "0.24.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1788965e61b367cd03a62950836d5cd41560c3577d90e40e0819373194d1661c"
+checksum = "0646026eb1b3eea4cd9ba47912ea5ce9cc07713d105b1a14698f4e6433d348b7"
 dependencies = [
  "http",
  "hyper",
@@ -753,21 +698,19 @@ dependencies = [
 
 [[package]]
 name = "iana-time-zone-haiku"
-version = "0.1.1"
+version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0703ae284fc167426161c2e3f1da3ea71d94b21bedbcc9494e92b28e334e3dca"
+checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f"
 dependencies = [
- "cxx",
- "cxx-build",
+ "cc",
 ]
 
 [[package]]
 name = "idna"
-version = "0.2.3"
+version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "418a0a6fab821475f634efe3ccc45c013f742efe03d853e8d3355d5cb850ecf8"
+checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6"
 dependencies = [
- "matches",
  "unicode-bidi",
  "unicode-normalization",
 ]
@@ -809,9 +752,9 @@ dependencies = [
 
 [[package]]
 name = "io-lifetimes"
-version = "1.0.10"
+version = "1.0.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9c66c74d2ae7e79a5a8f7ac924adbe38ee42a859c6539ad869eb51f0b52dc220"
+checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2"
 dependencies = [
  "hermit-abi 0.3.1",
  "libc",
@@ -826,14 +769,14 @@ checksum = "12b6ee2129af8d4fb011108c73d99a1b83a85977f23b82460c0ae2e25bb4b57f"
 
 [[package]]
 name = "is-terminal"
-version = "0.4.6"
+version = "0.4.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "256017f749ab3117e93acb91063009e1f1bb56d03965b14c2c8df4eb02c524d8"
+checksum = "adcf93614601c8129ddf72e2d5633df827ba6551541c6d8c59520a371475be1f"
 dependencies = [
  "hermit-abi 0.3.1",
  "io-lifetimes",
  "rustix",
- "windows-sys 0.45.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -853,9 +796,9 @@ checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6"
 
 [[package]]
 name = "js-sys"
-version = "0.3.61"
+version = "0.3.63"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "445dde2150c55e483f3d8416706b97ec8e8237c307e5b7b4b8dd15e6af2a0730"
+checksum = "2f37a4a5928311ac501dee68b3c7613a1037d0edb30c8e5427bd832d55d1b790"
 dependencies = [
  "wasm-bindgen",
 ]
@@ -868,18 +811,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
 
 [[package]]
 name = "libc"
-version = "0.2.141"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3304a64d199bb964be99741b7a14d26972741915b3649639149b2479bb46f4b5"
-
-[[package]]
-name = "link-cplusplus"
-version = "1.0.8"
+version = "0.2.144"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ecd207c9c713c34f95a097a5b029ac2ce6010530c7b49d7fea24d977dede04f5"
-dependencies = [
- "cc",
-]
+checksum = "2b00cc1c228a6782d0f076e7b232802e0c5689d41bb5df366f2a6b6621cfdfe1"
 
 [[package]]
 name = "linked-hash-map"
@@ -889,9 +823,9 @@ checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f"
 
 [[package]]
 name = "linux-raw-sys"
-version = "0.3.1"
+version = "0.3.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d59d8c75012853d2e872fb56bc8a2e53718e2cafe1a4c823143141c6d90c322f"
+checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519"
 
 [[package]]
 name = "log"
@@ -902,12 +836,6 @@ dependencies = [
  "cfg-if",
 ]
 
-[[package]]
-name = "matches"
-version = "0.1.10"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2532096657941c2fea9c289d370a250971c689d4f143798ff67113ec042024a5"
-
 [[package]]
 name = "memchr"
 version = "2.5.0"
@@ -931,9 +859,9 @@ checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"
 
 [[package]]
 name = "miniz_oxide"
-version = "0.6.2"
+version = "0.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa"
+checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7"
 dependencies = [
  "adler",
 ]
@@ -992,9 +920,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
 
 [[package]]
 name = "percent-encoding"
-version = "2.1.0"
+version = "2.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e"
+checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e"
 
 [[package]]
 name = "pest"
@@ -1026,7 +954,7 @@ dependencies = [
  "pest_meta",
  "proc-macro2",
  "quote",
- "syn 2.0.13",
+ "syn 2.0.18",
 ]
 
 [[package]]
@@ -1060,18 +988,18 @@ checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de"
 
 [[package]]
 name = "proc-macro2"
-version = "1.0.56"
+version = "1.0.59"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2b63bdb0cd06f1f4dedf69b254734f9b45af66e4a031e42a7480257d9898b435"
+checksum = "6aeca18b86b413c660b781aa319e4e2648a3e6f9eadc9b47e9038e6fe9f3451b"
 dependencies = [
  "unicode-ident",
 ]
 
 [[package]]
 name = "quote"
-version = "1.0.26"
+version = "1.0.28"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4424af4bf778aae2051a77b60283332f386554255d722233d09fbfc7e30da2fc"
+checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488"
 dependencies = [
  "proc-macro2",
 ]
@@ -1137,9 +1065,9 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.7.3"
+version = "1.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8b1f693b24f6ac912f4893ef08244d70b6067480d2f1a46e950c9691e6749d1d"
+checksum = "81ca098a9821bd52d6b24fd8b10bd081f47d39c22778cafaa75a2857a62c6390"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -1148,17 +1076,17 @@ dependencies = [
 
 [[package]]
 name = "regex-syntax"
-version = "0.6.29"
+version = "0.7.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1"
+checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78"
 
 [[package]]
 name = "reqwest"
-version = "0.11.16"
+version = "0.11.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "27b71749df584b7f4cac2c426c127a7c785a5106cc98f7a8feb044115f0fa254"
+checksum = "cde824a14b7c14f85caff81225f411faacc04a2013f41670f41443742b1c1c55"
 dependencies = [
- "base64 0.21.0",
+ "base64 0.21.2",
  "bytes",
  "encoding_rs",
  "futures-core",
@@ -1209,28 +1137,28 @@ dependencies = [
 
 [[package]]
 name = "rustix"
-version = "0.37.7"
+version = "0.37.19"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2aae838e49b3d63e9274e1c01833cc8139d3fec468c3b84688c628f44b1ae11d"
+checksum = "acf8729d8542766f1b2cf77eb034d52f40d375bb8b615d0b147089946e16613d"
 dependencies = [
  "bitflags",
  "errno",
  "io-lifetimes",
  "libc",
  "linux-raw-sys",
- "windows-sys 0.45.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
 name = "rustls"
-version = "0.20.8"
+version = "0.21.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fff78fc74d175294f4e83b28343315ffcfb114b156f0185e9741cb5570f50e2f"
+checksum = "c911ba11bc8433e811ce56fde130ccf32f5127cab0e0194e9c68c5a5b671791e"
 dependencies = [
  "log",
  "ring",
+ "rustls-webpki",
  "sct",
- "webpki",
 ]
 
 [[package]]
@@ -1251,7 +1179,17 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d194b56d58803a43635bdc398cd17e383d6f71f9182b9a192c127ca42494a59b"
 dependencies = [
- "base64 0.21.0",
+ "base64 0.21.2",
+]
+
+[[package]]
+name = "rustls-webpki"
+version = "0.100.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d6207cd5ed3d8dca7816f8f3725513a34609c0c765bf652b8c3cb4cfd87db46b"
+dependencies = [
+ "ring",
+ "untrusted",
 ]
 
 [[package]]
@@ -1278,12 +1216,6 @@ dependencies = [
  "windows-sys 0.42.0",
 ]
 
-[[package]]
-name = "scratch"
-version = "1.0.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1792db035ce95be60c3f8853017b3999209281c24e2ba5bc8e59bf97a0c590c1"
-
 [[package]]
 name = "sct"
 version = "0.7.0"
@@ -1296,9 +1228,9 @@ dependencies = [
 
 [[package]]
 name = "security-framework"
-version = "2.8.2"
+version = "2.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a332be01508d814fed64bf28f798a146d73792121129962fdf335bb3c49a4254"
+checksum = "1fc758eb7bffce5b308734e9b0c1468893cae9ff70ebf13e7090be8dcbcc83a8"
 dependencies = [
  "bitflags",
  "core-foundation",
@@ -1309,9 +1241,9 @@ dependencies = [
 
 [[package]]
 name = "security-framework-sys"
-version = "2.8.0"
+version = "2.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "31c9bb296072e961fcbd8853511dd39c2d8be2deb1e17c6860b1d30732b323b4"
+checksum = "f51d0c0d83bec45f16480d0ce0058397a69e48fcdc52d1dc8855fb68acbd31a7"
 dependencies = [
  "core-foundation-sys",
  "libc",
@@ -1328,29 +1260,29 @@ dependencies = [
 
 [[package]]
 name = "serde"
-version = "1.0.159"
+version = "1.0.163"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3c04e8343c3daeec41f58990b9d77068df31209f2af111e059e9fe9646693065"
+checksum = "2113ab51b87a539ae008b5c6c02dc020ffa39afd2d83cffcb3f4eb2722cebec2"
 dependencies = [
  "serde_derive",
 ]
 
 [[package]]
 name = "serde_derive"
-version = "1.0.159"
+version = "1.0.163"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4c614d17805b093df4b147b51339e7e44bf05ef59fba1e45d83500bcfb4d8585"
+checksum = "8c805777e3930c8883389c602315a24224bcc738b63905ef87cd1420353ea93e"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.13",
+ "syn 2.0.18",
 ]
 
 [[package]]
 name = "serde_json"
-version = "1.0.95"
+version = "1.0.96"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d721eca97ac802aa7777b701877c8004d950fc142651367300d21c1cc0194744"
+checksum = "057d394a50403bcac12672b2b18fb387ab6d289d957dab67dd201875391e52f1"
 dependencies = [
  "itoa",
  "ryu",
@@ -1442,9 +1374,9 @@ dependencies = [
 
 [[package]]
 name = "syn"
-version = "2.0.13"
+version = "2.0.18"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4c9da457c5285ac1f936ebd076af6dac17a61cfe7826f2076b4d015cf47bc8ec"
+checksum = "32d41677bcbe24c20c52e7c70b0d8db04134c5d1066bf98662e2871ad200ea3e"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -1481,15 +1413,6 @@ dependencies = [
  "windows-sys 0.45.0",
 ]
 
-[[package]]
-name = "termcolor"
-version = "1.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "be55cf8942feac5c765c2c993422806843c9a9a45d4d5c407ad6dd2ea95eb9b6"
-dependencies = [
- "winapi-util",
-]
-
 [[package]]
 name = "thiserror"
 version = "1.0.40"
@@ -1507,7 +1430,7 @@ checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.13",
+ "syn 2.0.18",
 ]
 
 [[package]]
@@ -1537,9 +1460,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
 
 [[package]]
 name = "tokio"
-version = "1.27.0"
+version = "1.28.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d0de47a4eecbe11f498978a9b29d792f0d2692d1dd003650c24c76510e3bc001"
+checksum = "0aa32867d44e6f2ce3385e89dceb990188b8bb0fb25b0cf576647a6f98ac5105"
 dependencies = [
  "autocfg",
  "bytes",
@@ -1548,25 +1471,24 @@ dependencies = [
  "num_cpus",
  "pin-project-lite",
  "socket2",
- "windows-sys 0.45.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
 name = "tokio-rustls"
-version = "0.23.4"
+version = "0.24.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59"
+checksum = "e0d409377ff5b1e3ca6437aa86c1eb7d40c134bfec254e44c830defa92669db5"
 dependencies = [
  "rustls",
  "tokio",
- "webpki",
 ]
 
 [[package]]
 name = "tokio-util"
-version = "0.7.7"
+version = "0.7.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5427d89453009325de0d8f342c9490009f76e999cb7672d77e46267448f7e6b2"
+checksum = "806fe8c2c87eccc8b3267cbae29ed3ab2d0bd37fca70ab622e46aaa9375ddb7d"
 dependencies = [
  "bytes",
  "futures-core",
@@ -1595,9 +1517,9 @@ dependencies = [
 
 [[package]]
 name = "tracing-core"
-version = "0.1.30"
+version = "0.1.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a"
+checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a"
 dependencies = [
  "once_cell",
 ]
@@ -1628,9 +1550,9 @@ checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460"
 
 [[package]]
 name = "unicode-ident"
-version = "1.0.8"
+version = "1.0.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e5464a87b239f13a63a501f2701565754bae92d243d4bb7eb12f6d57d2269bf4"
+checksum = "b15811caf2415fb889178633e7724bad2509101cde276048e013b9def5e51fa0"
 
 [[package]]
 name = "unicode-normalization"
@@ -1664,9 +1586,9 @@ checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a"
 
 [[package]]
 name = "url"
-version = "2.3.0"
+version = "2.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22fe195a4f217c25b25cb5058ced57059824a678474874038dc88d211bf508d3"
+checksum = "0d68c799ae75762b8c3fe375feb6600ef5602c883c5d21eb51c09f22b83c4643"
 dependencies = [
  "form_urlencoded",
  "idna",
@@ -1725,9 +1647,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
 
 [[package]]
 name = "wasm-bindgen"
-version = "0.2.84"
+version = "0.2.86"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "31f8dcbc21f30d9b8f2ea926ecb58f6b91192c17e9d33594b3df58b2007ca53b"
+checksum = "5bba0e8cb82ba49ff4e229459ff22a191bbe9a1cb3a341610c9c33efc27ddf73"
 dependencies = [
  "cfg-if",
  "wasm-bindgen-macro",
@@ -1735,24 +1657,24 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-backend"
-version = "0.2.84"
+version = "0.2.86"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "95ce90fd5bcc06af55a641a86428ee4229e44e07033963a2290a8e241607ccb9"
+checksum = "19b04bc93f9d6bdee709f6bd2118f57dd6679cf1176a1af464fca3ab0d66d8fb"
 dependencies = [
  "bumpalo",
  "log",
  "once_cell",
  "proc-macro2",
  "quote",
- "syn 1.0.109",
+ "syn 2.0.18",
  "wasm-bindgen-shared",
 ]
 
 [[package]]
 name = "wasm-bindgen-futures"
-version = "0.4.34"
+version = "0.4.36"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f219e0d211ba40266969f6dbdd90636da12f75bee4fc9d6c23d1260dadb51454"
+checksum = "2d1985d03709c53167ce907ff394f5316aa22cb4e12761295c5dc57dacb6297e"
 dependencies = [
  "cfg-if",
  "js-sys",
@@ -1762,9 +1684,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-macro"
-version = "0.2.84"
+version = "0.2.86"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4c21f77c0bedc37fd5dc21f897894a5ca01e7bb159884559461862ae90c0b4c5"
+checksum = "14d6b024f1a526bb0234f52840389927257beb670610081360e5a03c5df9c258"
 dependencies = [
  "quote",
  "wasm-bindgen-macro-support",
@@ -1772,28 +1694,28 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-macro-support"
-version = "0.2.84"
+version = "0.2.86"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2aff81306fcac3c7515ad4e177f521b5c9a15f2b08f4e32d823066102f35a5f6"
+checksum = "e128beba882dd1eb6200e1dc92ae6c5dbaa4311aa7bb211ca035779e5efc39f8"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 1.0.109",
+ "syn 2.0.18",
  "wasm-bindgen-backend",
  "wasm-bindgen-shared",
 ]
 
 [[package]]
 name = "wasm-bindgen-shared"
-version = "0.2.84"
+version = "0.2.86"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d"
+checksum = "ed9d5b4305409d1fc9482fee2d7f9bcbf24b3972bf59817ef757e23982242a93"
 
 [[package]]
 name = "web-sys"
-version = "0.3.61"
+version = "0.3.63"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e33b99f4b23ba3eec1a53ac264e35a755f00e966e0065077d6027c0f575b0b97"
+checksum = "3bdd9ef4e984da1187bf8110c5cf5b845fbc87a23602cdf912386a76fcd3a7c2"
 dependencies = [
  "js-sys",
  "wasm-bindgen",
@@ -2086,9 +2008,9 @@ checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9"
 
 [[package]]
 name = "zip"
-version = "0.6.4"
+version = "0.6.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0445d0fbc924bb93539b4316c11afb121ea39296f99a3c4c9edad09e3658cdef"
+checksum = "760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261"
 dependencies = [
  "byteorder",
  "crc32fast",

From febf1aff5a29f82e9cd139f489d8bd529e9b3b62 Mon Sep 17 00:00:00 2001
From: Gary Pennington 
Date: Tue, 30 May 2023 12:53:49 +0100
Subject: [PATCH 30/39] filter NOASSERTION licenses (#3178)

Add support for new cargo about option to filter NOASSERTION licenses.

fixes: #3176



**Checklist**

Complete the checklist (and note appropriate exceptions) before a final
PR is raised.

- [x] Changes are compatible[^1]

**Exceptions**

*Note any exceptions here*

**Notes**

[^1]. It may be appropriate to bring upcoming changes to the attention
of other (impacted) groups. Please endeavour to do this before seeking
PR approval. The mechanism for doing this will vary considerably, so use
your judgement as to how and when to do this.
[^2]. Configuration is an important part of many changes. Where
applicable please try to document configuration examples.
[^3]. Tick whichever testing boxes are applicable. If you are adding
Manual Tests:
- please document the manual testing (extensively) in the Exceptions.
- please raise a separate issue to automate the test and label it (or
ask for it to be labeled) as `manual test`
---
 .changesets/maint_garypen_3176_filter_licenses.md | 5 +++++
 about.toml                                        | 3 +++
 2 files changed, 8 insertions(+)
 create mode 100644 .changesets/maint_garypen_3176_filter_licenses.md

diff --git a/.changesets/maint_garypen_3176_filter_licenses.md b/.changesets/maint_garypen_3176_filter_licenses.md
new file mode 100644
index 00000000000..c292eaaae8d
--- /dev/null
+++ b/.changesets/maint_garypen_3176_filter_licenses.md
@@ -0,0 +1,5 @@
+### Improve `cargo-about` license checking ([Issue #3176](https://github.com/apollographql/router/issues/3176))
+
+From the description of this [cargo about PR](https://github.com/EmbarkStudios/cargo-about/pull/216), it is possible for "NOASSERTION" identifiers to be added when gathering license information, causing license checks to fail. This change uses the new `cargo-about` configuration `filter-noassertion` to eliminate the problem.
+
+By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3178
\ No newline at end of file
diff --git a/about.toml b/about.toml
index 7facbe8b8ff..dbd148a7a40 100644
--- a/about.toml
+++ b/about.toml
@@ -12,6 +12,9 @@ accepted = [
     "Unicode-DFS-2016"
 ]
 
+# See https://github.com/EmbarkStudios/cargo-about/pull/216
+filter-noassertion = true
+
 # Ignore non plublished crates, such as xtask for example
 private = { ignore = true }
 # Ignore dependencies used in tests only, test-log for example

From c1c3f10d19a43ecf262bf48cdbbf6dded1ec9a34 Mon Sep 17 00:00:00 2001
From: Bernard Bardawil - EST
 <130993125+bbardawilwiser@users.noreply.github.com>
Date: Tue, 30 May 2023 12:20:52 -0400
Subject: [PATCH 31/39] Update test-connection.yaml (#3096)

wget keeps failing even if the router is up. This is due to the case
that there might be nothing available on the root endpoint. netcat tests
that the router is up and running on the service port without calling
checking the response of the url

*Description here*

Fixes #issue_number



**Checklist**

Complete the checklist (and note appropriate exceptions) before a final
PR is raised.

- [ ] Changes are compatible[^1]
- [ ] Documentation[^2] completed
- [ ] Performance impact assessed and acceptable
- Tests added and passing[^3]
    - [ ] Unit Tests
    - [ ] Integration Tests
    - [ ] Manual Tests

**Exceptions**

*Note any exceptions here*

**Notes**

[^1]. It may be appropriate to bring upcoming changes to the attention
of other (impacted) groups. Please endeavour to do this before seeking
PR approval. The mechanism for doing this will vary considerably, so use
your judgement as to how and when to do this.
[^2]. Configuration is an important part of many changes. Where
applicable please try to document configuration examples.
[^3]. Tick whichever testing boxes are applicable. If you are adding
Manual Tests:
- please document the manual testing (extensively) in the Exceptions.
- please raise a separate issue to automate the test and label it (or
ask for it to be labeled) as `manual test`

---------

Co-authored-by: Gary Pennington 
---
 .changesets/fix_bernard_helmtest.md                    | 5 +++++
 helm/chart/router/templates/tests/test-connection.yaml | 6 +++---
 2 files changed, 8 insertions(+), 3 deletions(-)
 create mode 100644 .changesets/fix_bernard_helmtest.md

diff --git a/.changesets/fix_bernard_helmtest.md b/.changesets/fix_bernard_helmtest.md
new file mode 100644
index 00000000000..5a11249a33d
--- /dev/null
+++ b/.changesets/fix_bernard_helmtest.md
@@ -0,0 +1,5 @@
+### helm test always fails
+
+When running helm test it always generates an error because wget expects a 200 response, however calling a graphql endpoint without the proper body will return a 400 which is causing the test to fail. Using netcat (nc) will check that the port is up and return sucess once the router is working instead.
+
+By [@bbardawilwiser](https://github.com/bbardawilwiser) in https://github.com/apollographql/router/pull/3096
diff --git a/helm/chart/router/templates/tests/test-connection.yaml b/helm/chart/router/templates/tests/test-connection.yaml
index 286fd508dcd..0bf06127190 100644
--- a/helm/chart/router/templates/tests/test-connection.yaml
+++ b/helm/chart/router/templates/tests/test-connection.yaml
@@ -8,8 +8,8 @@ metadata:
     "helm.sh/hook": test
 spec:
   containers:
-    - name: wget
+    - name: netcat
       image: busybox
-      command: ['wget']
-      args: ['{{ include "router.fullname" . }}:{{ .Values.service.port }}']
+      command: ['nc']
+      args: ['-vz','-w','1','{{ include "router.fullname" . }}:{{.Values.service.port }}']
   restartPolicy: Never

From 3674bfb52058aa22b342fd3819f113d6db9990ea Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 30 May 2023 21:36:51 +0000
Subject: [PATCH 32/39] fix(deps): update rust crate chrono to 0.4.26

---
 xtask/Cargo.lock | 4 ++--
 xtask/Cargo.toml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/xtask/Cargo.lock b/xtask/Cargo.lock
index 6ffeb9338b9..f291d2381f3 100644
--- a/xtask/Cargo.lock
+++ b/xtask/Cargo.lock
@@ -190,9 +190,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 
 [[package]]
 name = "chrono"
-version = "0.4.25"
+version = "0.4.26"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fdbc37d37da9e5bce8173f3a41b71d9bf3c674deebbaceacd0ebdabde76efb03"
+checksum = "ec837a71355b28f6556dbd569b37b3f363091c0bd4b2e735674521b4c5fd9bc5"
 dependencies = [
  "android-tzdata",
  "iana-time-zone",
diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml
index 420ce8b3da2..8b63bc35d54 100644
--- a/xtask/Cargo.toml
+++ b/xtask/Cargo.toml
@@ -17,7 +17,7 @@ cargo_metadata = "0.15"
 # Only use the `clock` features of `chrono` to avoid the `time` dependency
 # impacted by CVE-2020-26235.  https://github.com/chronotope/chrono/issues/602
 # and https://github.com/chronotope/chrono/issues/1073 will explain more.
-chrono = { version = "0.4.25", default-features = false, features = ["clock"] }
+chrono = { version = "0.4.26", default-features = false, features = ["clock"] }
 console = "0.15.7"
 dialoguer = "0.10.4"
 flate2 = "1"

From feefbb3835b7c8f26c5ece61dd8a37d0212684dc Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 31 May 2023 12:00:26 +0200
Subject: [PATCH 33/39] fix(deps): update rust crate router-bridge to
 0.2.6+v2.4.7 (#3185)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [router-bridge](https://www.apollographql.com/apollo-federation/)
([source](https://togithub.com/apollographql/federation)) | dependencies
| patch | `0.2.5+v2.4.6` -> `0.2.6+v2.4.7` |

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 Cargo.lock               | 4 ++--
 apollo-router/Cargo.toml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 492dff76247..a4a3912c132 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -4877,9 +4877,9 @@ dependencies = [
 
 [[package]]
 name = "router-bridge"
-version = "0.2.5+v2.4.6"
+version = "0.2.6+v2.4.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1173fe0ee2c06cfd0fbcecc037fac9ac33b3e220e967f15ef970856f1127a482"
+checksum = "bbcd2822ebb7b954f2444eb6691d1e4eb354cf276eb4f6dfbe59216819859623"
 dependencies = [
  "anyhow",
  "async-channel",
diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml
index da8284c4c8b..1d219fa8714 100644
--- a/apollo-router/Cargo.toml
+++ b/apollo-router/Cargo.toml
@@ -170,7 +170,7 @@ reqwest = { version = "0.11.18", default-features = false, features = [
     "json",
     "stream",
 ] }
-router-bridge = "0.2.5+v2.4.6"
+router-bridge = "0.2.6+v2.4.7"
 rust-embed="6.4.2"
 rustls = "0.20.8"
 rustls-pemfile = "1.0.2"

From d204a321d1c503f2dd30dec1995f82f7cbb82913 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 31 May 2023 11:56:32 +0100
Subject: [PATCH 34/39] fix(deps): update all non-major packages >= 1.0 (#2511)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [anyhow](https://togithub.com/dtolnay/anyhow) | dependencies | patch |
`1.0.68` -> `1.0.69` |
| [bytes](https://togithub.com/tokio-rs/bytes) | dependencies | minor |
`1.2.1` -> `1.4.0` |
| [clap](https://togithub.com/clap-rs/clap) | dependencies | patch |
`4.1.4` -> `4.1.6` |
| [insta](https://insta.rs/)
([source](https://togithub.com/mitsuhiko/insta)) | dev-dependencies |
minor | `1.26.0` -> `1.28.0` |
| [once_cell](https://togithub.com/matklad/once_cell) | dev-dependencies
| minor | `1.16.0` -> `1.17.1` |
| [once_cell](https://togithub.com/matklad/once_cell) | dependencies |
minor | `1.16.0` -> `1.17.1` |
| [regex](https://togithub.com/rust-lang/regex) | dependencies | minor |
`1.6.0` -> `1.7.1` |
| [serde](https://serde.rs)
([source](https://togithub.com/serde-rs/serde)) | dependencies | patch |
`1.0.149` -> `1.0.152` |
| [serde_json](https://togithub.com/serde-rs/json) | dependencies |
patch | `1.0.85` -> `1.0.93` |
| [tempfile](https://stebalien.com/projects/tempfile-rs/)
([source](https://togithub.com/Stebalien/tempfile)) | dev-dependencies |
minor | `3.3.0` -> `3.4.0` |
| [uuid](https://togithub.com/uuid-rs/uuid) | dependencies | minor |
`1.2.2` -> `1.3.0` |

---

### Release Notes


        
dtolnay/anyhow

### [`v1.0.69`](https://togithub.com/dtolnay/anyhow/releases/tag/1.0.69)

[Compare
Source](https://togithub.com/dtolnay/anyhow/compare/1.0.68...1.0.69)

-   Documentation improvements


        


        
tokio-rs/bytes

###
[`v1.4.0`](https://togithub.com/tokio-rs/bytes/blob/HEAD/CHANGELOG.md#​140-January-31-2023)

[Compare
Source](https://togithub.com/tokio-rs/bytes/compare/v1.3.0...v1.4.0)

##### Added

- Make `IntoIter` constructor public
([#​581](https://togithub.com/tokio-rs/bytes/issues/581))

##### Fixed

- Avoid large reallocations when freezing `BytesMut`
([#​592](https://togithub.com/tokio-rs/bytes/issues/592))

##### Documented

- Document which functions require `std`
([#​591](https://togithub.com/tokio-rs/bytes/issues/591))
- Fix duplicate "the the" typos
([#​585](https://togithub.com/tokio-rs/bytes/issues/585))

###
[`v1.3.0`](https://togithub.com/tokio-rs/bytes/blob/HEAD/CHANGELOG.md#​130-November-20-2022)

[Compare
Source](https://togithub.com/tokio-rs/bytes/compare/v1.2.1...v1.3.0)

##### Added

- Rename and expose `BytesMut::spare_capacity_mut`
([#​572](https://togithub.com/tokio-rs/bytes/issues/572))
- Implement native-endian get and put functions for `Buf` and `BufMut`
([#​576](https://togithub.com/tokio-rs/bytes/issues/576))

##### Fixed

- Don't have important data in unused capacity when calling reserve
([#​563](https://togithub.com/tokio-rs/bytes/issues/563))

##### Documented

- `Bytes::new` etc should return `Self` not `Bytes`
([#​568](https://togithub.com/tokio-rs/bytes/issues/568))


        


        
clap-rs/clap

###
[`v4.1.6`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​416---2023-02-15)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.1.5...v4.1.6)

##### Fixes

- *(help)* Don't show long help for `--help` just because hidden
possible values include a description

###
[`v4.1.5`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​415---2023-02-15)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.1.4...v4.1.5)

##### Fixes

- *(help)* Don't show long help for `--help` just because a hidden arg
has a possible value with a description


        


        
mitsuhiko/insta

###
[`v1.28.0`](https://togithub.com/mitsuhiko/insta/blob/HEAD/CHANGELOG.md#​1280)

[Compare
Source](https://togithub.com/mitsuhiko/insta/compare/1.26.0...1.28.0)

-   Added `allow_duplicates!` to enable multiple assertions for a
single snapshot.
([#​346](https://togithub.com/mitsuhiko/insta/issues/346))
-   Ensure that expressions formatted with `rustfmt` use unix newlines.
- Added a way to disable diffing in review.
([#​348](https://togithub.com/mitsuhiko/insta/issues/348))
-   Added three argument version of `glob!` to set a different base
path. ([#​347](https://togithub.com/mitsuhiko/insta/issues/347))
- Added `rounded_redaction` to truncate floating point values.
([#​350](https://togithub.com/mitsuhiko/insta/issues/350))


        


        
matklad/once_cell

###
[`v1.17.1`](https://togithub.com/matklad/once_cell/blob/HEAD/CHANGELOG.md#​1171)

[Compare
Source](https://togithub.com/matklad/once_cell/compare/v1.17.0...v1.17.1)

- Make `OnceRef` implementation compliant with [strict
provenance](https://togithub.com/rust-lang/rust/issues/95228).

###
[`v1.17.0`](https://togithub.com/matklad/once_cell/blob/HEAD/CHANGELOG.md#​1170)

[Compare
Source](https://togithub.com/matklad/once_cell/compare/v1.16.0...v1.17.0)

-   Add `race::OnceRef` for storing a `&'a T`.


        


        
rust-lang/regex

###
[`v1.7.1`](https://togithub.com/rust-lang/regex/blob/HEAD/CHANGELOG.md#​171-2023-01-09)

[Compare
Source](https://togithub.com/rust-lang/regex/compare/1.7.0...1.7.1)

\==================
This release was done principally to try and fix the doc.rs rendering
for the
regex crate.

Performance improvements:

-   [PERF #​930](https://togithub.com/rust-lang/regex/pull/930):
Optimize `replacen`. This also applies to `replace`, but not
`replace_all`.

Bug fixes:

-   [BUG #​945](https://togithub.com/rust-lang/regex/issues/945):
    Maybe fix rustdoc rendering by just bumping a new release?

###
[`v1.7.0`](https://togithub.com/rust-lang/regex/blob/HEAD/CHANGELOG.md#​170-2022-11-05)

[Compare
Source](https://togithub.com/rust-lang/regex/compare/1.6.0...1.7.0)

\==================
This release principally includes an upgrade to Unicode 15.

New features:

- [FEATURE
#​832](https://togithub.com/rust-lang/regex/issues/916):
    Upgrade to Unicode 15.


        


        
serde-rs/serde

###
[`v1.0.152`](https://togithub.com/serde-rs/serde/releases/tag/v1.0.152)

[Compare
Source](https://togithub.com/serde-rs/serde/compare/v1.0.151...v1.0.152)

-   Documentation improvements

###
[`v1.0.151`](https://togithub.com/serde-rs/serde/releases/tag/v1.0.151)

[Compare
Source](https://togithub.com/serde-rs/serde/compare/v1.0.150...v1.0.151)

- Update `serde::`{`ser`,`de`}`::StdError` to re-export
`core::error::Error` when serde is built with `feature="std"` **off**
and `feature="unstable"` **on**
([#​2344](https://togithub.com/serde-rs/serde/issues/2344))

###
[`v1.0.150`](https://togithub.com/serde-rs/serde/releases/tag/v1.0.150)

[Compare
Source](https://togithub.com/serde-rs/serde/compare/v1.0.149...v1.0.150)

- Relax some trait bounds from the `Serialize` impl of `HashMap` and
`BTreeMap`
([#​2334](https://togithub.com/serde-rs/serde/issues/2334))
- Enable `Serialize` and `Deserialize` impls of `std::sync::atomic`
types on more platforms
([#​2337](https://togithub.com/serde-rs/serde/issues/2337), thanks
[@​badboy](https://togithub.com/badboy))


        


        
serde-rs/json

### [`v1.0.93`](https://togithub.com/serde-rs/json/releases/tag/v1.0.93)

[Compare
Source](https://togithub.com/serde-rs/json/compare/v1.0.92...v1.0.93)

- Support 128-bit integers in serde_json::to_value
([#​982](https://togithub.com/serde-rs/json/issues/982))

### [`v1.0.92`](https://togithub.com/serde-rs/json/releases/tag/v1.0.92)

[Compare
Source](https://togithub.com/serde-rs/json/compare/v1.0.91...v1.0.92)

-   Documentation improvements

### [`v1.0.91`](https://togithub.com/serde-rs/json/releases/tag/v1.0.91)

[Compare
Source](https://togithub.com/serde-rs/json/compare/v1.0.90...v1.0.91)

-   Opt out of `-Zrustdoc-scrape-examples` on docs.rs for now

### [`v1.0.90`](https://togithub.com/serde-rs/json/releases/tag/v1.0.90)

[Compare
Source](https://togithub.com/serde-rs/json/compare/v1.0.89...v1.0.90)

-   Documentation improvements

### [`v1.0.89`](https://togithub.com/serde-rs/json/releases/tag/v1.0.89)

[Compare
Source](https://togithub.com/serde-rs/json/compare/v1.0.88...v1.0.89)

- Fix invalid JSON incorrectly accepted when a large number has no
digits after decimal point
([#​953](https://togithub.com/serde-rs/json/issues/953))

### [`v1.0.88`](https://togithub.com/serde-rs/json/releases/tag/v1.0.88)

[Compare
Source](https://togithub.com/serde-rs/json/compare/v1.0.87...v1.0.88)

- Optimize serde_json::Map's implementation of `append` and `clone_from`
([#​952](https://togithub.com/serde-rs/json/issues/952), thanks
[@​Lucretiel](https://togithub.com/Lucretiel))

### [`v1.0.87`](https://togithub.com/serde-rs/json/releases/tag/v1.0.87)

[Compare
Source](https://togithub.com/serde-rs/json/compare/v1.0.86...v1.0.87)

- Add `write_i128` and `write_u128` methods to `serde_json::Formatter`
to control the formatting of 128-bit integers
([#​940](https://togithub.com/serde-rs/json/issues/940), thanks
[@​Lucretiel](https://togithub.com/Lucretiel))

### [`v1.0.86`](https://togithub.com/serde-rs/json/releases/tag/v1.0.86)

[Compare
Source](https://togithub.com/serde-rs/json/compare/v1.0.85...v1.0.86)

- Support `arbitrary_precision` feature even in no-std mode
([#​928](https://togithub.com/serde-rs/json/issues/928), thanks
[@​kvinwang](https://togithub.com/kvinwang))


        


        
uuid-rs/uuid

### [`v1.3.0`](https://togithub.com/uuid-rs/uuid/releases/tag/1.3.0)

[Compare
Source](https://togithub.com/uuid-rs/uuid/compare/1.2.2...1.3.0)

#### What's Changed

- Fix error message. by
[@​basbossink-ds](https://togithub.com/basbossink-ds) in
[https://github.com/uuid-rs/uuid/pull/656](https://togithub.com/uuid-rs/uuid/pull/656)
- implement Arbitrary::size_hint by
[@​Ekleog](https://togithub.com/Ekleog) in
[https://github.com/uuid-rs/uuid/pull/657](https://togithub.com/uuid-rs/uuid/pull/657)
- Always use hyphenated format regardless of flags by
[@​KodrAus](https://togithub.com/KodrAus) in
[https://github.com/uuid-rs/uuid/pull/658](https://togithub.com/uuid-rs/uuid/pull/658)
- Update windows-sys requirement from 0.42.0 to 0.45.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/uuid-rs/uuid/pull/654](https://togithub.com/uuid-rs/uuid/pull/654)
- Prepare for 1.3.0 release by
[@​KodrAus](https://togithub.com/KodrAus) in
[https://github.com/uuid-rs/uuid/pull/659](https://togithub.com/uuid-rs/uuid/pull/659)

#### New Contributors

- [@​basbossink-ds](https://togithub.com/basbossink-ds) made their
first contribution in
[https://github.com/uuid-rs/uuid/pull/656](https://togithub.com/uuid-rs/uuid/pull/656)
- [@​Ekleog](https://togithub.com/Ekleog) made their first
contribution in
[https://github.com/uuid-rs/uuid/pull/657](https://togithub.com/uuid-rs/uuid/pull/657)

**Full Changelog**:
https://github.com/uuid-rs/uuid/compare/1.2.2...1.3.0


        

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/apollographql/router).



---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Geoffroy Couprie 
Co-authored-by: Gary Pennington 
---
 apollo-router-scaffold/Cargo.toml |  6 +++---
 apollo-router/Cargo.toml          | 22 +++++++++++-----------
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/apollo-router-scaffold/Cargo.toml b/apollo-router-scaffold/Cargo.toml
index 2a6aff3c44b..615307f2be3 100644
--- a/apollo-router-scaffold/Cargo.toml
+++ b/apollo-router-scaffold/Cargo.toml
@@ -7,12 +7,12 @@ license = "Elastic-2.0"
 publish = false
 
 [dependencies]
-anyhow = "1.0.68"
-clap = { version = "4.1.4", features = ["derive"] }
+anyhow = "1.0.69"
+clap = { version = "4.1.6", features = ["derive"] }
 cargo-scaffold = { version = "0.8.9", default-features = false }
 regex = "1"
 str_inflector = "0.12.0"
 toml = "0.5.11"
 [dev-dependencies]
-tempfile = "3.3.0"
+tempfile = "3.4.0"
 copy_dir = "0.1.2"
diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml
index 1d219fa8714..f955bf19e70 100644
--- a/apollo-router/Cargo.toml
+++ b/apollo-router/Cargo.toml
@@ -52,7 +52,7 @@ features = ["docs_rs"]
 [dependencies]
 askama = "0.11.1"
 access-json = "0.1.0"
-anyhow = "1.0.68"
+anyhow = "1.0.69"
 apollo-compiler = "0.8.0"
 apollo-parser = "0.5.3"
 arc-swap = "1.6.0"
@@ -69,7 +69,7 @@ backtrace = "0.3.67"
 base64 = "0.20.0"
 buildstructor = "0.5.2"
 bytes = "1.4.0"
-clap = { version = "4.1.4", default-features = false, features = [
+clap = { version = "4.1.6", default-features = false, features = [
     "env",
     "derive",
     "std",
@@ -117,7 +117,7 @@ multimap = "0.8.3"
 # To avoid tokio issues
 notify = { version = "5.1.0", default-features = false, features=["macos_kqueue"] }
 nu-ansi-term = "0.47"
-once_cell = "1.16.0"
+once_cell = "1.17.1"
 
 # Any package that starts with `opentelemetry` needs to be updated with care
 # because it is tightly intertwined with the `tracing` packages on account of
@@ -163,7 +163,7 @@ prost-types = "0.11.9"
 proteus = "0.5.0"
 rand = "0.8.5"
 rhai = { version = "1.12.0", features = ["sync", "serde", "internals"] }
-regex = "1.6.0"
+regex = "1.7.1"
 reqwest = { version = "0.11.18", default-features = false, features = [
     "rustls-tls",
     "rustls-native-certs",
@@ -177,9 +177,9 @@ rustls-pemfile = "1.0.2"
 schemars = { version = "0.8.12", features = ["url"] }
 shellexpand = "3.0.0"
 sha2 = "0.10.6"
-serde = { version = "1.0.149", features = ["derive", "rc"] }
+serde = { version = "1.0.152", features = ["derive", "rc"] }
 serde_json_bytes = { version = "0.2.1", features = ["preserve_order"] }
-serde_json = { version = "1.0.85", features = ["preserve_order"] }
+serde_json = { version = "1.0.93", features = ["preserve_order"] }
 serde_urlencoded = "0.7.1"
 serde_yaml = "0.8.26"
 static_assertions = "1.1.0"
@@ -211,7 +211,7 @@ tracing-opentelemetry = "0.18.0"
 tracing-subscriber = { version = "0.3.11", features = ["env-filter", "json"] }
 url = { version = "2.3.1", features = ["serde"] }
 urlencoding = "2.1.2"
-uuid = { version = "1.1.2", features = ["serde", "v4"] }
+uuid = { version = "1.3.0", features = ["serde", "v4"] }
 yaml-rust = "0.4.5"
 wsl = "0.1.0"
 tokio-rustls = "0.23.4"
@@ -233,17 +233,17 @@ tikv-jemallocator = "0.5"
 
 [dev-dependencies]
 ecdsa = { version = "0.15.1", features = ["signing", "pem", "pkcs8"] }
-fred = "6.0.0-beta.2"
-redis = { version = "0.21.7", features = ["tokio-comp"] }
+fred = { version = "6.0.0", features = ["enable-rustls", "no-client-setname"] }
 futures-test = "0.3.28"
-insta = { version = "1.26.0", features = ["json", "redactions", "yaml"] }
+insta = { version = "1.28.0", features = ["json", "redactions", "yaml"] }
 introspector-gadget = "0.2.1"
 maplit = "1.0.2"
 memchr = { version = "2.5.0", default-features = false }
 mockall = "0.11.4"
-once_cell = "1.16.0"
+once_cell = "1.17.1"
 p256 = "0.12.0"
 rand_core = "0.6.4"
+redis = { version = "0.21.7", features = ["tokio-comp"] }
 reqwest = { version = "0.11.18", default-features = false, features = [
     "json",
     "stream",

From f7bf95251fd1489aa9d9e76dc2ad4997862bb10f Mon Sep 17 00:00:00 2001
From: Jesse Rosenberger 
Date: Wed, 31 May 2023 15:00:24 +0300
Subject: [PATCH 35/39] chore: Some changelog prep prior to 1.20.0 release
 (#3187)

This should simplify the actual release in the next little bit and also
updates the `federation-version-support.mdx` file.
---
 .changesets/feat_swan_cub_foot_audience.md        |  4 ++--
 .changesets/fix_bernard_helmtest.md               |  4 ++--
 .changesets/fix_fed_247.md                        |  9 +++++++++
 .changesets/fix_garypen_3173_ca_certs.md          |  8 ++++----
 .changesets/fix_lib_global_alloc.md               |  4 ++--
 .changesets/maint_garypen_3176_filter_licenses.md |  4 ++--
 docs/source/federation-version-support.mdx        | 12 ++++++++++--
 7 files changed, 31 insertions(+), 14 deletions(-)
 create mode 100644 .changesets/fix_fed_247.md

diff --git a/.changesets/feat_swan_cub_foot_audience.md b/.changesets/feat_swan_cub_foot_audience.md
index 89408bc37f0..142570f807f 100644
--- a/.changesets/feat_swan_cub_foot_audience.md
+++ b/.changesets/feat_swan_cub_foot_audience.md
@@ -1,6 +1,6 @@
 ### Configurable histogram buckets for metrics ([Issue #2333](https://github.com/apollographql/router/issues/2333))
 
-You can customize the buckets for all generated histograms:
+It is now possible to change the default bucketing for histograms generated for metrics:
 
 ```yaml title="router.yaml"
 telemetry:
@@ -18,4 +18,4 @@ telemetry:
         - 20.00
 ```
 
-By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3098
\ No newline at end of file
+By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3098
diff --git a/.changesets/fix_bernard_helmtest.md b/.changesets/fix_bernard_helmtest.md
index 5a11249a33d..55de57bd768 100644
--- a/.changesets/fix_bernard_helmtest.md
+++ b/.changesets/fix_bernard_helmtest.md
@@ -1,5 +1,5 @@
-### helm test always fails
+### Helm: Running of `helm test` no longer fails
 
-When running helm test it always generates an error because wget expects a 200 response, however calling a graphql endpoint without the proper body will return a 400 which is causing the test to fail. Using netcat (nc) will check that the port is up and return sucess once the router is working instead.
+Running `helm test` was generating an error since `wget` was sending a request without a proper body and expecting an HTTP status response of 2xx.   Without the proper body, it expectedly resulted in an HTTP status of 400.  By switching to using `netcat` (or `nc`) we will now check that the port is up and use that to determine that the router is functional.
 
 By [@bbardawilwiser](https://github.com/bbardawilwiser) in https://github.com/apollographql/router/pull/3096
diff --git a/.changesets/fix_fed_247.md b/.changesets/fix_fed_247.md
new file mode 100644
index 00000000000..165b5b88922
--- /dev/null
+++ b/.changesets/fix_fed_247.md
@@ -0,0 +1,9 @@
+### Federation v2.4.7 ([Issue #3170](https://github.com/apollographql/router/issues/3170), [Issue #3133](https://github.com/apollographql/router/issues/3133))
+
+This release bumps the Router's Federation support from v2.4.7 to v2.4.7, which brings in notable query planner fixes from [v2.4.7](https://github.com/apollographql/federation/releases/tag/%40apollo%2Fquery-planner%402.4.7).  Of note from those releases, this brings query planner fixes that (per that dependency's changelog):
+
+- Re-work the code use to try to reuse query named fragments to improve performance (thus sometimes improving query ([#2604](https://github.com/apollographql/federation/pull/2604)) planning performance)
+- Fix a raised assertion error (again, with a message of form like `Cannot add selection of field X to selection set of parent type Y`).
+- Fix a rare issue where an `interface` or `union` field was not being queried for all the types it should be.
+
+By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3185
diff --git a/.changesets/fix_garypen_3173_ca_certs.md b/.changesets/fix_garypen_3173_ca_certs.md
index 9279b8980e9..1d3d8e02116 100644
--- a/.changesets/fix_garypen_3173_ca_certs.md
+++ b/.changesets/fix_garypen_3173_ca_certs.md
@@ -1,7 +1,7 @@
-### Add ca-certificates to our docker image ([Issue #3173](https://github.com/apollographql/router/issues/3173))
+### Add `ca-certificates` to our Docker image ([Issue #3173](https://github.com/apollographql/router/issues/3173))
 
-We removed `curl` from our docker images to improve security, which meant that our implicit install of `ca-certificates` (as a dependency of `curl`) was no longer performed.
+We removed `curl` from our Docker images to improve security, which meant that our implicit install of `ca-certificates` (as a dependency of `curl`) was no longer performed.
 
-This fix manually installs the `ca-certificates` package which is required for the router to be able to process TLS requests.
+This fix reinstates the `ca-certificates` package explicitly, which is required for the router to be able to process TLS requests.
 
-By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3174
\ No newline at end of file
+By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3174
diff --git a/.changesets/fix_lib_global_alloc.md b/.changesets/fix_lib_global_alloc.md
index 37cbf6e03d9..e7beb00f790 100644
--- a/.changesets/fix_lib_global_alloc.md
+++ b/.changesets/fix_lib_global_alloc.md
@@ -1,8 +1,8 @@
 ### Set the global allocator in the library crate, not just the executable ([Issue #3126](https://github.com/apollographql/router/issues/3126))
 
-In 1.19, Apollo Router [switched to use jemalloc as the global Rust allocator on Linux](https://github.com/apollographql/router/blob/dev/CHANGELOG.md#improve-memory-fragmentation-and-resource-consumption-by-switching-to-jemalloc-as-the-memory-allocator-on-linux-pr-2882) to reduce memory fragmentation. However this is only done in the executable binary provided by the `apollo-router` crate, so that [custom binaries](https://www.apollographql.com/docs/router/customizations/custom-binary) using the crate as a library were not affected.
+In 1.19, Apollo Router [switched to use `jemalloc` as the global Rust allocator on Linux](https://github.com/apollographql/router/blob/dev/CHANGELOG.md#improve-memory-fragmentation-and-resource-consumption-by-switching-to-jemalloc-as-the-memory-allocator-on-linux-pr-2882) to reduce memory fragmentation. However, prior to this change this was only occurring in the executable binary provided by the `apollo-router` crate and [custom binaries](https://www.apollographql.com/docs/router/customizations/custom-binary) using the crate _as a library_ were not getting this benefit.
 
-Instead, the `apollo-router` library crate now sets the global allocator so that custom binaries also take advantage of this by default. If some other choice is desired, the `global-allocator` Cargo feature flag can be disabled in `Cargo.toml` with:
+The `apollo-router` library crate now sets the global allocator so that custom binaries also take advantage of this by default. If some other choice is desired, the `global-allocator` Cargo [feature flag](https://doc.rust-lang.org/cargo/reference/features.html) can be disabled in `Cargo.toml` with:
 
 ```toml
 [dependencies]
diff --git a/.changesets/maint_garypen_3176_filter_licenses.md b/.changesets/maint_garypen_3176_filter_licenses.md
index c292eaaae8d..859a5b65ab7 100644
--- a/.changesets/maint_garypen_3176_filter_licenses.md
+++ b/.changesets/maint_garypen_3176_filter_licenses.md
@@ -1,5 +1,5 @@
 ### Improve `cargo-about` license checking ([Issue #3176](https://github.com/apollographql/router/issues/3176))
 
-From the description of this [cargo about PR](https://github.com/EmbarkStudios/cargo-about/pull/216), it is possible for "NOASSERTION" identifiers to be added when gathering license information, causing license checks to fail. This change uses the new `cargo-about` configuration `filter-noassertion` to eliminate the problem.
+From the description of this [cargo about PR](https://github.com/EmbarkStudios/cargo-about/pull/216), it is possible for `NOASSERTION` identifiers to be added when gathering license information, causing license checks to fail. This change uses the new `cargo-about` configuration `filter-noassertion` to eliminate the problem.
 
-By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3178
\ No newline at end of file
+By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3178
diff --git a/docs/source/federation-version-support.mdx b/docs/source/federation-version-support.mdx
index d8c41f58731..ac82b8af1ad 100644
--- a/docs/source/federation-version-support.mdx
+++ b/docs/source/federation-version-support.mdx
@@ -27,7 +27,15 @@ The table below shows which version of federation each router release is compile
     
     
     
-            v1.19.1 and later (see latest releases)
+            v1.20.0 and later (see latest releases)
+        
+        
+            2.4.7
+        
+    
+    
+        
+            ️⚠️ v1.19.1
         
         
             2.4.6
@@ -35,7 +43,7 @@ The table below shows which version of federation each router release is compile
     
     
         
-            v1.19.0
+            ⚠️ v1.19.0
         
         
             2.4.5

From 5fb7334792236841075ec16c6f05f154bd49e416 Mon Sep 17 00:00:00 2001
From: Gary Pennington 
Date: Wed, 31 May 2023 13:42:16 +0100
Subject: [PATCH 36/39] prep release: v1.20.0

---
 .changesets/feat_swan_cub_foot_audience.md    | 21 -----
 .changesets/fix_abernix_remove_curl.md        |  5 --
 .changesets/fix_bernard_helmtest.md           |  5 --
 .changesets/fix_fed_247.md                    |  9 --
 .changesets/fix_garypen_3173_ca_certs.md      |  7 --
 .changesets/fix_lib_global_alloc.md           | 14 ----
 .../maint_garypen_3176_filter_licenses.md     |  5 --
 CHANGELOG.md                                  | 83 +++++++++++++++++++
 Cargo.lock                                    |  6 +-
 apollo-router-benchmarks/Cargo.toml           |  2 +-
 apollo-router-scaffold/Cargo.toml             |  2 +-
 .../templates/base/Cargo.toml                 |  2 +-
 .../templates/base/xtask/Cargo.toml           |  2 +-
 apollo-router/Cargo.toml                      |  2 +-
 .../tracing/docker-compose.datadog.yml        |  2 +-
 dockerfiles/tracing/docker-compose.jaeger.yml |  2 +-
 dockerfiles/tracing/docker-compose.zipkin.yml |  2 +-
 docs/source/containerization/docker.mdx       |  2 +-
 docs/source/containerization/kubernetes.mdx   | 34 ++++----
 helm/chart/router/Chart.yaml                  |  4 +-
 helm/chart/router/README.md                   |  6 +-
 licenses.html                                 | 61 +++++++++++++-
 scripts/install.sh                            |  2 +-
 23 files changed, 175 insertions(+), 105 deletions(-)
 delete mode 100644 .changesets/feat_swan_cub_foot_audience.md
 delete mode 100644 .changesets/fix_abernix_remove_curl.md
 delete mode 100644 .changesets/fix_bernard_helmtest.md
 delete mode 100644 .changesets/fix_fed_247.md
 delete mode 100644 .changesets/fix_garypen_3173_ca_certs.md
 delete mode 100644 .changesets/fix_lib_global_alloc.md
 delete mode 100644 .changesets/maint_garypen_3176_filter_licenses.md

diff --git a/.changesets/feat_swan_cub_foot_audience.md b/.changesets/feat_swan_cub_foot_audience.md
deleted file mode 100644
index 142570f807f..00000000000
--- a/.changesets/feat_swan_cub_foot_audience.md
+++ /dev/null
@@ -1,21 +0,0 @@
-### Configurable histogram buckets for metrics ([Issue #2333](https://github.com/apollographql/router/issues/2333))
-
-It is now possible to change the default bucketing for histograms generated for metrics:
-
-```yaml title="router.yaml"
-telemetry:
-  metrics:
-    common:
-      buckets:
-        - 0.05
-        - 0.10
-        - 0.25
-        - 0.50
-        - 1.00
-        - 2.50
-        - 5.00
-        - 10.00
-        - 20.00
-```
-
-By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3098
diff --git a/.changesets/fix_abernix_remove_curl.md b/.changesets/fix_abernix_remove_curl.md
deleted file mode 100644
index 0b7ddd7d57e..00000000000
--- a/.changesets/fix_abernix_remove_curl.md
+++ /dev/null
@@ -1,5 +0,0 @@
-### Move `curl` dependency to separate layer in Docker image ([Issue #3144](https://github.com/apollographql/router/issues/3144))
-
-We've moved `curl` out of the Docker image we publish.  The `curl` command is only used in the image we produce today for the sake of downloading dependencies.  It is never used after that, but we can move it to a separate layer to further remove it from the image.
-
-By [@abernix](https://github.com/abernix) in https://github.com/apollographql/router/pull/3146
\ No newline at end of file
diff --git a/.changesets/fix_bernard_helmtest.md b/.changesets/fix_bernard_helmtest.md
deleted file mode 100644
index 55de57bd768..00000000000
--- a/.changesets/fix_bernard_helmtest.md
+++ /dev/null
@@ -1,5 +0,0 @@
-### Helm: Running of `helm test` no longer fails
-
-Running `helm test` was generating an error since `wget` was sending a request without a proper body and expecting an HTTP status response of 2xx.   Without the proper body, it expectedly resulted in an HTTP status of 400.  By switching to using `netcat` (or `nc`) we will now check that the port is up and use that to determine that the router is functional.
-
-By [@bbardawilwiser](https://github.com/bbardawilwiser) in https://github.com/apollographql/router/pull/3096
diff --git a/.changesets/fix_fed_247.md b/.changesets/fix_fed_247.md
deleted file mode 100644
index 165b5b88922..00000000000
--- a/.changesets/fix_fed_247.md
+++ /dev/null
@@ -1,9 +0,0 @@
-### Federation v2.4.7 ([Issue #3170](https://github.com/apollographql/router/issues/3170), [Issue #3133](https://github.com/apollographql/router/issues/3133))
-
-This release bumps the Router's Federation support from v2.4.7 to v2.4.7, which brings in notable query planner fixes from [v2.4.7](https://github.com/apollographql/federation/releases/tag/%40apollo%2Fquery-planner%402.4.7).  Of note from those releases, this brings query planner fixes that (per that dependency's changelog):
-
-- Re-work the code use to try to reuse query named fragments to improve performance (thus sometimes improving query ([#2604](https://github.com/apollographql/federation/pull/2604)) planning performance)
-- Fix a raised assertion error (again, with a message of form like `Cannot add selection of field X to selection set of parent type Y`).
-- Fix a rare issue where an `interface` or `union` field was not being queried for all the types it should be.
-
-By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3185
diff --git a/.changesets/fix_garypen_3173_ca_certs.md b/.changesets/fix_garypen_3173_ca_certs.md
deleted file mode 100644
index 1d3d8e02116..00000000000
--- a/.changesets/fix_garypen_3173_ca_certs.md
+++ /dev/null
@@ -1,7 +0,0 @@
-### Add `ca-certificates` to our Docker image ([Issue #3173](https://github.com/apollographql/router/issues/3173))
-
-We removed `curl` from our Docker images to improve security, which meant that our implicit install of `ca-certificates` (as a dependency of `curl`) was no longer performed.
-
-This fix reinstates the `ca-certificates` package explicitly, which is required for the router to be able to process TLS requests.
-
-By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3174
diff --git a/.changesets/fix_lib_global_alloc.md b/.changesets/fix_lib_global_alloc.md
deleted file mode 100644
index e7beb00f790..00000000000
--- a/.changesets/fix_lib_global_alloc.md
+++ /dev/null
@@ -1,14 +0,0 @@
-### Set the global allocator in the library crate, not just the executable ([Issue #3126](https://github.com/apollographql/router/issues/3126))
-
-In 1.19, Apollo Router [switched to use `jemalloc` as the global Rust allocator on Linux](https://github.com/apollographql/router/blob/dev/CHANGELOG.md#improve-memory-fragmentation-and-resource-consumption-by-switching-to-jemalloc-as-the-memory-allocator-on-linux-pr-2882) to reduce memory fragmentation. However, prior to this change this was only occurring in the executable binary provided by the `apollo-router` crate and [custom binaries](https://www.apollographql.com/docs/router/customizations/custom-binary) using the crate _as a library_ were not getting this benefit.
-
-The `apollo-router` library crate now sets the global allocator so that custom binaries also take advantage of this by default. If some other choice is desired, the `global-allocator` Cargo [feature flag](https://doc.rust-lang.org/cargo/reference/features.html) can be disabled in `Cargo.toml` with:
-
-```toml
-[dependencies]
-apollo-router = {version = "[…]", default-features = false}
-```
-
-Library crates that depend on `apollo-router` (if any) should also do this in order to leave the choice to the eventual executable. (Cargo default features are only disabled if *all* dependents specify `default-features = false`.)
-
-By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3157
diff --git a/.changesets/maint_garypen_3176_filter_licenses.md b/.changesets/maint_garypen_3176_filter_licenses.md
deleted file mode 100644
index 859a5b65ab7..00000000000
--- a/.changesets/maint_garypen_3176_filter_licenses.md
+++ /dev/null
@@ -1,5 +0,0 @@
-### Improve `cargo-about` license checking ([Issue #3176](https://github.com/apollographql/router/issues/3176))
-
-From the description of this [cargo about PR](https://github.com/EmbarkStudios/cargo-about/pull/216), it is possible for `NOASSERTION` identifiers to be added when gathering license information, causing license checks to fail. This change uses the new `cargo-about` configuration `filter-noassertion` to eliminate the problem.
-
-By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3178
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ef2effde261..54417acba8f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,89 @@ All notable changes to Router will be documented in this file.
 
 This project adheres to [Semantic Versioning v2.0.0](https://semver.org/spec/v2.0.0.html).
 
+# [1.20.0] - 2023-05-31
+
+## 🚀 Features
+
+### Configurable histogram buckets for metrics ([Issue #2333](https://github.com/apollographql/router/issues/2333))
+
+It is now possible to change the default bucketing for histograms generated for metrics:
+
+```yaml title="router.yaml"
+telemetry:
+  metrics:
+    common:
+      buckets:
+        - 0.05
+        - 0.10
+        - 0.25
+        - 0.50
+        - 1.00
+        - 2.50
+        - 5.00
+        - 10.00
+        - 20.00
+```
+
+By [@bnjjj](https://github.com/bnjjj) in https://github.com/apollographql/router/pull/3098
+
+## 🐛 Fixes
+
+### Federation v2.4.7 ([Issue #3170](https://github.com/apollographql/router/issues/3170), [Issue #3133](https://github.com/apollographql/router/issues/3133))
+
+This release bumps the Router's Federation support from v2.4.7 to v2.4.7, which brings in notable query planner fixes from [v2.4.7](https://github.com/apollographql/federation/releases/tag/%40apollo%2Fquery-planner%402.4.7).  Of note from those releases, this brings query planner fixes that (per that dependency's changelog):
+
+- Re-work the code use to try to reuse query named fragments to improve performance (thus sometimes improving query ([#2604](https://github.com/apollographql/federation/pull/2604)) planning performance)
+- Fix a raised assertion error (again, with a message of form like `Cannot add selection of field X to selection set of parent type Y`).
+- Fix a rare issue where an `interface` or `union` field was not being queried for all the types it should be.
+
+By [@Geal](https://github.com/Geal) in https://github.com/apollographql/router/pull/3185
+
+### Set the global allocator in the library crate, not just the executable ([Issue #3126](https://github.com/apollographql/router/issues/3126))
+
+In 1.19, Apollo Router [switched to use `jemalloc` as the global Rust allocator on Linux](https://github.com/apollographql/router/blob/dev/CHANGELOG.md#improve-memory-fragmentation-and-resource-consumption-by-switching-to-jemalloc-as-the-memory-allocator-on-linux-pr-2882) to reduce memory fragmentation. However, prior to this change this was only occurring in the executable binary provided by the `apollo-router` crate and [custom binaries](https://www.apollographql.com/docs/router/customizations/custom-binary) using the crate _as a library_ were not getting this benefit.
+
+The `apollo-router` library crate now sets the global allocator so that custom binaries also take advantage of this by default. If some other choice is desired, the `global-allocator` Cargo [feature flag](https://doc.rust-lang.org/cargo/reference/features.html) can be disabled in `Cargo.toml` with:
+
+```toml
+[dependencies]
+apollo-router = {version = "[…]", default-features = false}
+```
+
+Library crates that depend on `apollo-router` (if any) should also do this in order to leave the choice to the eventual executable. (Cargo default features are only disabled if *all* dependents specify `default-features = false`.)
+
+By [@SimonSapin](https://github.com/SimonSapin) in https://github.com/apollographql/router/pull/3157
+
+### Add `ca-certificates` to our Docker image ([Issue #3173](https://github.com/apollographql/router/issues/3173))
+
+We removed `curl` from our Docker images to improve security, which meant that our implicit install of `ca-certificates` (as a dependency of `curl`) was no longer performed.
+
+This fix reinstates the `ca-certificates` package explicitly, which is required for the router to be able to process TLS requests.
+
+By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3174
+
+### Helm: Running of `helm test` no longer fails
+
+Running `helm test` was generating an error since `wget` was sending a request without a proper body and expecting an HTTP status response of 2xx.   Without the proper body, it expectedly resulted in an HTTP status of 400.  By switching to using `netcat` (or `nc`) we will now check that the port is up and use that to determine that the router is functional.
+
+By [@bbardawilwiser](https://github.com/bbardawilwiser) in https://github.com/apollographql/router/pull/3096
+
+### Move `curl` dependency to separate layer in Docker image ([Issue #3144](https://github.com/apollographql/router/issues/3144))
+
+We've moved `curl` out of the Docker image we publish.  The `curl` command is only used in the image we produce today for the sake of downloading dependencies.  It is never used after that, but we can move it to a separate layer to further remove it from the image.
+
+By [@abernix](https://github.com/abernix) in https://github.com/apollographql/router/pull/3146
+
+## 🛠 Maintenance
+
+### Improve `cargo-about` license checking ([Issue #3176](https://github.com/apollographql/router/issues/3176))
+
+From the description of this [cargo about PR](https://github.com/EmbarkStudios/cargo-about/pull/216), it is possible for `NOASSERTION` identifiers to be added when gathering license information, causing license checks to fail. This change uses the new `cargo-about` configuration `filter-noassertion` to eliminate the problem.
+
+By [@garypen](https://github.com/garypen) in https://github.com/apollographql/router/pull/3178
+
+
+
 # [1.19.1] - 2023-05-26
 
 ## 🐛 Fixes
diff --git a/Cargo.lock b/Cargo.lock
index a4a3912c132..0ebe07dccc9 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -262,7 +262,7 @@ dependencies = [
 
 [[package]]
 name = "apollo-router"
-version = "1.19.1"
+version = "1.20.0"
 dependencies = [
  "access-json",
  "anyhow",
@@ -400,7 +400,7 @@ dependencies = [
 
 [[package]]
 name = "apollo-router-benchmarks"
-version = "1.19.1"
+version = "1.20.0"
 dependencies = [
  "apollo-parser 0.4.1",
  "apollo-router",
@@ -416,7 +416,7 @@ dependencies = [
 
 [[package]]
 name = "apollo-router-scaffold"
-version = "1.19.1"
+version = "1.20.0"
 dependencies = [
  "anyhow",
  "cargo-scaffold",
diff --git a/apollo-router-benchmarks/Cargo.toml b/apollo-router-benchmarks/Cargo.toml
index ce4a783b6c0..c10f6e19bea 100644
--- a/apollo-router-benchmarks/Cargo.toml
+++ b/apollo-router-benchmarks/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "apollo-router-benchmarks"
-version = "1.19.1"
+version = "1.20.0"
 authors = ["Apollo Graph, Inc. "]
 edition = "2021"
 license = "Elastic-2.0"
diff --git a/apollo-router-scaffold/Cargo.toml b/apollo-router-scaffold/Cargo.toml
index 615307f2be3..5046867aa37 100644
--- a/apollo-router-scaffold/Cargo.toml
+++ b/apollo-router-scaffold/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "apollo-router-scaffold"
-version = "1.19.1"
+version = "1.20.0"
 authors = ["Apollo Graph, Inc. "]
 edition = "2021"
 license = "Elastic-2.0"
diff --git a/apollo-router-scaffold/templates/base/Cargo.toml b/apollo-router-scaffold/templates/base/Cargo.toml
index 3e38905a334..d30d3ae4c0e 100644
--- a/apollo-router-scaffold/templates/base/Cargo.toml
+++ b/apollo-router-scaffold/templates/base/Cargo.toml
@@ -22,7 +22,7 @@ apollo-router = { path ="{{integration_test}}apollo-router" }
 apollo-router = { git="https://github.com/apollographql/router.git", branch="{{branch}}" }
 {{else}}
 # Note if you update these dependencies then also update xtask/Cargo.toml
-apollo-router = "1.19.1"
+apollo-router = "1.20.0"
 {{/if}}
 {{/if}}
 async-trait = "0.1.52"
diff --git a/apollo-router-scaffold/templates/base/xtask/Cargo.toml b/apollo-router-scaffold/templates/base/xtask/Cargo.toml
index 155fdaeb06c..bf7074212d5 100644
--- a/apollo-router-scaffold/templates/base/xtask/Cargo.toml
+++ b/apollo-router-scaffold/templates/base/xtask/Cargo.toml
@@ -13,7 +13,7 @@ apollo-router-scaffold = { path ="{{integration_test}}apollo-router-scaffold" }
 {{#if branch}}
 apollo-router-scaffold = { git="https://github.com/apollographql/router.git", branch="{{branch}}" }
 {{else}}
-apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.19.1" }
+apollo-router-scaffold = { git = "https://github.com/apollographql/router.git", tag = "v1.20.0" }
 {{/if}}
 {{/if}}
 anyhow = "1.0.58"
diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml
index f955bf19e70..0b90e3e4d4f 100644
--- a/apollo-router/Cargo.toml
+++ b/apollo-router/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "apollo-router"
-version = "1.19.1"
+version = "1.20.0"
 authors = ["Apollo Graph, Inc. "]
 repository = "https://github.com/apollographql/router/"
 documentation = "https://docs.rs/apollo-router"
diff --git a/dockerfiles/tracing/docker-compose.datadog.yml b/dockerfiles/tracing/docker-compose.datadog.yml
index 3918ae52938..f90cb096b5e 100644
--- a/dockerfiles/tracing/docker-compose.datadog.yml
+++ b/dockerfiles/tracing/docker-compose.datadog.yml
@@ -3,7 +3,7 @@ services:
 
   apollo-router:
     container_name: apollo-router
-    image: ghcr.io/apollographql/router:v1.19.1
+    image: ghcr.io/apollographql/router:v1.20.0
     volumes:
       - ./supergraph.graphql:/etc/config/supergraph.graphql
       - ./router/datadog.router.yaml:/etc/config/configuration.yaml
diff --git a/dockerfiles/tracing/docker-compose.jaeger.yml b/dockerfiles/tracing/docker-compose.jaeger.yml
index 50db6affc3e..0dadb51f842 100644
--- a/dockerfiles/tracing/docker-compose.jaeger.yml
+++ b/dockerfiles/tracing/docker-compose.jaeger.yml
@@ -4,7 +4,7 @@ services:
   apollo-router:
     container_name: apollo-router
     #build: ./router
-    image: ghcr.io/apollographql/router:v1.19.1
+    image: ghcr.io/apollographql/router:v1.20.0
     volumes:
       - ./supergraph.graphql:/etc/config/supergraph.graphql
       - ./router/jaeger.router.yaml:/etc/config/configuration.yaml
diff --git a/dockerfiles/tracing/docker-compose.zipkin.yml b/dockerfiles/tracing/docker-compose.zipkin.yml
index 1d29b451ba3..f1de0bb17d8 100644
--- a/dockerfiles/tracing/docker-compose.zipkin.yml
+++ b/dockerfiles/tracing/docker-compose.zipkin.yml
@@ -4,7 +4,7 @@ services:
   apollo-router:
     container_name: apollo-router
     build: ./router
-    image: ghcr.io/apollographql/router:v1.19.1
+    image: ghcr.io/apollographql/router:v1.20.0
     volumes:
       - ./supergraph.graphql:/etc/config/supergraph.graphql
       - ./router/zipkin.router.yaml:/etc/config/configuration.yaml
diff --git a/docs/source/containerization/docker.mdx b/docs/source/containerization/docker.mdx
index f613df6eca5..bcf7e60371a 100644
--- a/docs/source/containerization/docker.mdx
+++ b/docs/source/containerization/docker.mdx
@@ -11,7 +11,7 @@ The default behaviour of the router images is suitable for a quickstart or devel
 
 Note: The [docker documentation](https://docs.docker.com/engine/reference/run/) for the run command may be helpful when reading through the examples.
 
-Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `` with your chosen version. e.g.: `v1.19.1`
+Note: The exact image version to use is your choice depending on which release you wish to use. In the following examples, replace `` with your chosen version. e.g.: `v1.20.0`
 
 ## Override the configuration
 
diff --git a/docs/source/containerization/kubernetes.mdx b/docs/source/containerization/kubernetes.mdx
index 0fd138dd8d7..18e210d38df 100644
--- a/docs/source/containerization/kubernetes.mdx
+++ b/docs/source/containerization/kubernetes.mdx
@@ -13,7 +13,7 @@ import { Link } from 'gatsby';
 
 [Helm](https://helm.sh) is the package manager for kubernetes.
 
-There is a complete [helm chart definition](https://github.com/apollographql/router/tree/v1.19.1/helm/chart/router) in the repo which illustrates how to use helm to deploy the router in kubernetes.
+There is a complete [helm chart definition](https://github.com/apollographql/router/tree/v1.20.0/helm/chart/router) in the repo which illustrates how to use helm to deploy the router in kubernetes.
 
 In both the following examples, we are using helm to install the router:
  - into namespace "router-deploy" (create namespace if it doesn't exist)
@@ -64,10 +64,10 @@ kind: ServiceAccount
 metadata:
   name: release-name-router
   labels:
-    helm.sh/chart: router-1.19.1
+    helm.sh/chart: router-1.20.0
     app.kubernetes.io/name: router
     app.kubernetes.io/instance: release-name
-    app.kubernetes.io/version: "v1.19.1"
+    app.kubernetes.io/version: "v1.20.0"
     app.kubernetes.io/managed-by: Helm
 ---
 # Source: router/templates/secret.yaml
@@ -76,10 +76,10 @@ kind: Secret
 metadata:
   name: "release-name-router"
   labels:
-    helm.sh/chart: router-1.19.1
+    helm.sh/chart: router-1.20.0
     app.kubernetes.io/name: router
     app.kubernetes.io/instance: release-name
-    app.kubernetes.io/version: "v1.19.1"
+    app.kubernetes.io/version: "v1.20.0"
     app.kubernetes.io/managed-by: Helm
 data:
   managedFederationApiKey: "UkVEQUNURUQ="
@@ -90,10 +90,10 @@ kind: ConfigMap
 metadata:
   name: release-name-router
   labels:
-    helm.sh/chart: router-1.19.1
+    helm.sh/chart: router-1.20.0
     app.kubernetes.io/name: router
     app.kubernetes.io/instance: release-name
-    app.kubernetes.io/version: "v1.19.1"
+    app.kubernetes.io/version: "v1.20.0"
     app.kubernetes.io/managed-by: Helm
 data:
   configuration.yaml: |
@@ -117,10 +117,10 @@ kind: Service
 metadata:
   name: release-name-router
   labels:
-    helm.sh/chart: router-1.19.1
+    helm.sh/chart: router-1.20.0
     app.kubernetes.io/name: router
     app.kubernetes.io/instance: release-name
-    app.kubernetes.io/version: "v1.19.1"
+    app.kubernetes.io/version: "v1.20.0"
     app.kubernetes.io/managed-by: Helm
 spec:
   type: ClusterIP
@@ -143,10 +143,10 @@ kind: Deployment
 metadata:
   name: release-name-router
   labels:
-    helm.sh/chart: router-1.19.1
+    helm.sh/chart: router-1.20.0
     app.kubernetes.io/name: router
     app.kubernetes.io/instance: release-name
-    app.kubernetes.io/version: "v1.19.1"
+    app.kubernetes.io/version: "v1.20.0"
     app.kubernetes.io/managed-by: Helm
   
   annotations:
@@ -172,7 +172,7 @@ spec:
         - name: router
           securityContext:
             {}
-          image: "ghcr.io/apollographql/router:v1.19.1"
+          image: "ghcr.io/apollographql/router:v1.20.0"
           imagePullPolicy: IfNotPresent
           args:
             - --hot-reload
@@ -223,19 +223,19 @@ kind: Pod
 metadata:
   name: "release-name-router-test-connection"
   labels:
-    helm.sh/chart: router-1.19.1
+    helm.sh/chart: router-1.20.0
     app.kubernetes.io/name: router
     app.kubernetes.io/instance: release-name
-    app.kubernetes.io/version: "v1.19.1"
+    app.kubernetes.io/version: "v1.20.0"
     app.kubernetes.io/managed-by: Helm
   annotations:
     "helm.sh/hook": test
 spec:
   containers:
-    - name: wget
+    - name: netcat
       image: busybox
-      command: ['wget']
-      args: ['release-name-router:80']
+      command: ['nc']
+      args: ['-vz','-w','1','release-name-router:80']
   restartPolicy: Never
 ```
 
diff --git a/helm/chart/router/Chart.yaml b/helm/chart/router/Chart.yaml
index ff09307c1a1..d7042ff3638 100644
--- a/helm/chart/router/Chart.yaml
+++ b/helm/chart/router/Chart.yaml
@@ -20,10 +20,10 @@ type: application
 # so it matches the shape of our release process and release automation.
 # By proxy of that decision, this version uses SemVer 2.0.0, though the prefix
 # of "v" is not included.
-version: 1.19.1
+version: 1.20.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "v1.19.1"
+appVersion: "v1.20.0"
diff --git a/helm/chart/router/README.md b/helm/chart/router/README.md
index 943e311c06d..8db7b2d8aa7 100644
--- a/helm/chart/router/README.md
+++ b/helm/chart/router/README.md
@@ -2,7 +2,7 @@
 
 [router](https://github.com/apollographql/router) Rust Graph Routing runtime for Apollo Federation
 
-![Version: 1.19.1](https://img.shields.io/badge/Version-1.19.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.19.1](https://img.shields.io/badge/AppVersion-v1.19.1-informational?style=flat-square)
+![Version: 1.20.0](https://img.shields.io/badge/Version-1.20.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.20.0](https://img.shields.io/badge/AppVersion-v1.20.0-informational?style=flat-square)
 
 ## Prerequisites
 
@@ -11,7 +11,7 @@
 ## Get Repo Info
 
 ```console
-helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.19.1
+helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.20.0
 ```
 
 ## Install Chart
@@ -19,7 +19,7 @@ helm pull oci://ghcr.io/apollographql/helm-charts/router --version 1.19.1
 **Important:** only helm3 is supported
 
 ```console
-helm upgrade --install [RELEASE_NAME] oci://ghcr.io/apollographql/helm-charts/router --version 1.19.1 --values my-values.yaml
+helm upgrade --install [RELEASE_NAME] oci://ghcr.io/apollographql/helm-charts/router --version 1.20.0 --values my-values.yaml
 ```
 
 _See [configuration](#configuration) below._
diff --git a/licenses.html b/licenses.html
index 74a0c3f055e..2b2f123efe9 100644
--- a/licenses.html
+++ b/licenses.html
@@ -46,8 +46,8 @@ 
        Overview of licenses:
        
         
                 
        ../../LICENSE-APACHE
        
@@ -10311,6 +10313,7 @@ 
        Used by:
        
                 
        Apache License 2.0
        
                 
        Used by:
        
                 
          
+                    
        • apollo-parser
          • 
                     
        • askama_shared
          • 
                     
        • backtrace-ext
          • 
                     
        • block-modes
          • 
@@ -10745,6 +10748,41 @@ 
          Used by:
          
 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
 
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
    
+            
    • 
+            
  • 
+                
    BSD 3-Clause "New" or "Revised" License
    
+                
    Used by:
    
+                
+                
    // Copyright 2015 The Chromium Authors. All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//    * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+//    * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following disclaimer
+// in the documentation and/or other materials provided with the
+// distribution.
+//    * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived from
+// this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
    
             
    • 
             
  • 
@@ -11634,6 +11672,22 @@ 
    Used by:
    
 
 The files under third-party/chromium are licensed as described in
 third-party/chromium/LICENSE.
+
    • 
+            
+            
  • 
+                
    ISC License
    
+                
    Used by:
    
+                
+                
    ISC License:
+
+Copyright (c) 2004-2010 by Internet Systems Consortium, Inc. ("ISC")
+Copyright (c) 1995-2003 by Internet Software Consortium
+
+Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
    
             
    • 
             
  • 
@@ -12662,7 +12716,6 @@ 
    MIT License
    
                 
    Used by:
    
                 
                 
    Copyright (c) 2019-2021 Tower Contributors
 
diff --git a/scripts/install.sh b/scripts/install.sh
index f174fbacdb0..af6b3aae829 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -11,7 +11,7 @@ BINARY_DOWNLOAD_PREFIX="https://github.com/apollographql/router/releases/downloa
 
 # Router version defined in apollo-router's Cargo.toml
 # Note: Change this line manually during the release steps.
-PACKAGE_VERSION="v1.19.1"
+PACKAGE_VERSION="v1.20.0"
 
 download_binary() {
     downloader --check

From 160629454b29ef4eab24443e7446ecbad5c961d2 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 31 May 2023 16:03:33 +0100
Subject: [PATCH 37/39] fix(deps): update all non-major packages >= 1.0 (#3188)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change | Age | Adoption | Passing |
Confidence |
|---|---|---|---|---|---|---|---|
| [anyhow](https://togithub.com/dtolnay/anyhow) | dependencies | patch |
`1.0.69` -> `1.0.71` |
[![age](https://badges.renovateapi.com/packages/crate/anyhow/1.0.71/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/anyhow/1.0.71/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/anyhow/1.0.71/compatibility-slim/1.0.69)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/anyhow/1.0.71/confidence-slim/1.0.69)](https://docs.renovatebot.com/merge-confidence/)
|
| [apollo-server-core](https://togithub.com/apollographql/apollo-server)
| dependencies | minor | [`3.11.0` ->
`3.12.0`](https://renovatebot.com/diffs/npm/apollo-server-core/3.11.0/3.12.0)
|
[![age](https://badges.renovateapi.com/packages/npm/apollo-server-core/3.12.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/apollo-server-core/3.12.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/apollo-server-core/3.12.0/compatibility-slim/3.11.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/apollo-server-core/3.12.0/confidence-slim/3.11.0)](https://docs.renovatebot.com/merge-confidence/)
|
|
[apollo-server-express](https://togithub.com/apollographql/apollo-server)
| dependencies | minor | [`3.10.0` ->
`3.12.0`](https://renovatebot.com/diffs/npm/apollo-server-express/3.10.0/3.12.0)
|
[![age](https://badges.renovateapi.com/packages/npm/apollo-server-express/3.12.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/apollo-server-express/3.12.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/apollo-server-express/3.12.0/compatibility-slim/3.10.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/apollo-server-express/3.12.0/confidence-slim/3.10.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [arbitrary](https://togithub.com/rust-fuzz/arbitrary) |
build-dependencies | minor | `1.2.3` -> `1.3.0` |
[![age](https://badges.renovateapi.com/packages/crate/arbitrary/1.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/arbitrary/1.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/arbitrary/1.3.0/compatibility-slim/1.2.3)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/arbitrary/1.3.0/confidence-slim/1.2.3)](https://docs.renovatebot.com/merge-confidence/)
|
| [clap](https://togithub.com/clap-rs/clap) | dependencies | minor |
`4.1.10` -> `4.3.0` |
[![age](https://badges.renovateapi.com/packages/crate/clap/4.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/clap/4.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/clap/4.3.0/compatibility-slim/4.1.10)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/clap/4.3.0/confidence-slim/4.1.10)](https://docs.renovatebot.com/merge-confidence/)
|
| [clap](https://togithub.com/clap-rs/clap) | dependencies | minor |
`4.1.6` -> `4.3.0` |
[![age](https://badges.renovateapi.com/packages/crate/clap/4.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/clap/4.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/clap/4.3.0/compatibility-slim/4.1.6)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/clap/4.3.0/confidence-slim/4.1.6)](https://docs.renovatebot.com/merge-confidence/)
|
| [dd-trace](https://togithub.com/DataDog/dd-trace-js) | dependencies |
minor | [`3.0.0` ->
`3.21.0`](https://renovatebot.com/diffs/npm/dd-trace/3.0.0/3.21.0) |
[![age](https://badges.renovateapi.com/packages/npm/dd-trace/3.21.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/dd-trace/3.21.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/dd-trace/3.21.0/compatibility-slim/3.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/dd-trace/3.21.0/confidence-slim/3.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [express](http://expressjs.com/)
([source](https://togithub.com/expressjs/express)) | dependencies |
patch | [`4.18.1` ->
`4.18.2`](https://renovatebot.com/diffs/npm/express/4.18.1/4.18.2) |
[![age](https://badges.renovateapi.com/packages/npm/express/4.18.2/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/express/4.18.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/express/4.18.2/compatibility-slim/4.18.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/express/4.18.2/confidence-slim/4.18.1)](https://docs.renovatebot.com/merge-confidence/)
|
| [flate2](https://togithub.com/rust-lang/flate2-rs) | dependencies |
patch | `1.0.24` -> `1.0.26` |
[![age](https://badges.renovateapi.com/packages/crate/flate2/1.0.26/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/flate2/1.0.26/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/flate2/1.0.26/compatibility-slim/1.0.24)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/flate2/1.0.26/confidence-slim/1.0.24)](https://docs.renovatebot.com/merge-confidence/)
|
| [fred](https://togithub.com/aembke/fred.rs) | dev-dependencies | minor
| `6.0.0` -> `6.3.0` |
[![age](https://badges.renovateapi.com/packages/crate/fred/6.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/fred/6.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/fred/6.3.0/compatibility-slim/6.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/fred/6.3.0/confidence-slim/6.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [fred](https://togithub.com/aembke/fred.rs) | dependencies | minor |
`6.0.0` -> `6.3.0` |
[![age](https://badges.renovateapi.com/packages/crate/fred/6.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/fred/6.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/fred/6.3.0/compatibility-slim/6.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/fred/6.3.0/confidence-slim/6.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [graphql](https://togithub.com/graphql/graphql-js) | dependencies |
minor | [`16.5.0` ->
`16.6.0`](https://renovatebot.com/diffs/npm/graphql/16.5.0/16.6.0) |
[![age](https://badges.renovateapi.com/packages/npm/graphql/16.6.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/graphql/16.6.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/graphql/16.6.0/compatibility-slim/16.5.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/graphql/16.6.0/confidence-slim/16.5.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [indexmap](https://togithub.com/bluss/indexmap) | dependencies | patch
| `1.9.2` -> `1.9.3` |
[![age](https://badges.renovateapi.com/packages/crate/indexmap/1.9.3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/indexmap/1.9.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/indexmap/1.9.3/compatibility-slim/1.9.2)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/indexmap/1.9.3/confidence-slim/1.9.2)](https://docs.renovatebot.com/merge-confidence/)
|
| [insta](https://insta.rs/)
([source](https://togithub.com/mitsuhiko/insta)) | dev-dependencies |
minor | `1.26.0` -> `1.29.0` |
[![age](https://badges.renovateapi.com/packages/crate/insta/1.29.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/insta/1.29.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/insta/1.29.0/compatibility-slim/1.26.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/insta/1.29.0/confidence-slim/1.26.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [insta](https://insta.rs/)
([source](https://togithub.com/mitsuhiko/insta)) | dev-dependencies |
minor | `1.28.0` -> `1.29.0` |
[![age](https://badges.renovateapi.com/packages/crate/insta/1.29.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/insta/1.29.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/insta/1.29.0/compatibility-slim/1.28.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/insta/1.29.0/confidence-slim/1.28.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [jsonwebtoken](https://togithub.com/Keats/jsonwebtoken) | dependencies
| minor | `8.2.0` -> `8.3.0` |
[![age](https://badges.renovateapi.com/packages/crate/jsonwebtoken/8.3.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/jsonwebtoken/8.3.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/jsonwebtoken/8.3.0/compatibility-slim/8.2.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/jsonwebtoken/8.3.0/confidence-slim/8.2.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [miette](https://togithub.com/zkat/miette) | dependencies | minor |
`5.5.0` -> `5.9.0` |
[![age](https://badges.renovateapi.com/packages/crate/miette/5.9.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/miette/5.9.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/miette/5.9.0/compatibility-slim/5.5.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/miette/5.9.0/confidence-slim/5.5.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [multer](https://togithub.com/rousan/multer-rs) | dependencies | minor
| `2.0.4` -> `2.1.0` |
[![age](https://badges.renovateapi.com/packages/crate/multer/2.1.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/multer/2.1.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/multer/2.1.0/compatibility-slim/2.0.4)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/multer/2.1.0/confidence-slim/2.0.4)](https://docs.renovatebot.com/merge-confidence/)
|
| [notify](https://togithub.com/notify-rs/notify) | dependencies | minor
| `5.1.0` -> `5.2.0` |
[![age](https://badges.renovateapi.com/packages/crate/notify/5.2.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/notify/5.2.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/notify/5.2.0/compatibility-slim/5.1.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/notify/5.2.0/confidence-slim/5.1.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [once_cell](https://togithub.com/matklad/once_cell) | dev-dependencies
| patch | `1.17.1` -> `1.17.2` |
[![age](https://badges.renovateapi.com/packages/crate/once_cell/1.17.2/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/once_cell/1.17.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/once_cell/1.17.2/compatibility-slim/1.17.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/once_cell/1.17.2/confidence-slim/1.17.1)](https://docs.renovatebot.com/merge-confidence/)
|
| [once_cell](https://togithub.com/matklad/once_cell) | dependencies |
patch | `1.17.1` -> `1.17.2` |
[![age](https://badges.renovateapi.com/packages/crate/once_cell/1.17.2/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/once_cell/1.17.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/once_cell/1.17.2/compatibility-slim/1.17.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/once_cell/1.17.2/confidence-slim/1.17.1)](https://docs.renovatebot.com/merge-confidence/)
|
| [paste](https://togithub.com/dtolnay/paste) | dependencies | patch |
`1.0.11` -> `1.0.12` |
[![age](https://badges.renovateapi.com/packages/crate/paste/1.0.12/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/paste/1.0.12/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/paste/1.0.12/compatibility-slim/1.0.11)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/paste/1.0.12/confidence-slim/1.0.11)](https://docs.renovatebot.com/merge-confidence/)
|
| [regex](https://togithub.com/rust-lang/regex) | dependencies | minor |
`1.7.1` -> `1.8.3` |
[![age](https://badges.renovateapi.com/packages/crate/regex/1.8.3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/regex/1.8.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/regex/1.8.3/compatibility-slim/1.7.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/regex/1.8.3/confidence-slim/1.7.1)](https://docs.renovatebot.com/merge-confidence/)
|
| [rhai](https://rhai.rs) ([source](https://togithub.com/rhaiscript)) |
dependencies | minor | `1.12.0` -> `1.14.0` |
[![age](https://badges.renovateapi.com/packages/crate/rhai/1.14.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/rhai/1.14.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/rhai/1.14.0/compatibility-slim/1.12.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/rhai/1.14.0/confidence-slim/1.12.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [rust-embed](https://togithub.com/pyros2097/rust-embed) | dependencies
| minor | `6.4.2` -> `6.6.1` |
[![age](https://badges.renovateapi.com/packages/crate/rust-embed/6.6.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/rust-embed/6.6.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/rust-embed/6.6.1/compatibility-slim/6.4.2)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/rust-embed/6.6.1/confidence-slim/6.4.2)](https://docs.renovatebot.com/merge-confidence/)
|
| [serde](https://serde.rs)
([source](https://togithub.com/serde-rs/serde)) | dependencies | patch |
`1.0.152` -> `1.0.163` |
[![age](https://badges.renovateapi.com/packages/crate/serde/1.0.163/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/serde/1.0.163/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/serde/1.0.163/compatibility-slim/1.0.152)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/serde/1.0.163/confidence-slim/1.0.152)](https://docs.renovatebot.com/merge-confidence/)
|
| [serde_json](https://togithub.com/serde-rs/json) | dependencies |
patch | `1.0.93` -> `1.0.96` |
[![age](https://badges.renovateapi.com/packages/crate/serde_json/1.0.96/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/serde_json/1.0.96/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/serde_json/1.0.96/compatibility-slim/1.0.93)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/serde_json/1.0.96/confidence-slim/1.0.93)](https://docs.renovatebot.com/merge-confidence/)
|
| [shellexpand](https://gitlab.com/ijackson/rust-shellexpand) |
dependencies | minor | `3.0.0` -> `3.1.0` |
[![age](https://badges.renovateapi.com/packages/crate/shellexpand/3.1.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/shellexpand/3.1.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/shellexpand/3.1.0/compatibility-slim/3.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/shellexpand/3.1.0/confidence-slim/3.0.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [tempfile](https://stebalien.com/projects/tempfile-rs/)
([source](https://togithub.com/Stebalien/tempfile)) | dev-dependencies |
minor | `3.4.0` -> `3.5.0` |
[![age](https://badges.renovateapi.com/packages/crate/tempfile/3.5.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/tempfile/3.5.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/tempfile/3.5.0/compatibility-slim/3.4.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/tempfile/3.5.0/confidence-slim/3.4.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [thiserror](https://togithub.com/dtolnay/thiserror) | dependencies |
patch | `1.0.38` -> `1.0.40` |
[![age](https://badges.renovateapi.com/packages/crate/thiserror/1.0.40/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/thiserror/1.0.40/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/thiserror/1.0.40/compatibility-slim/1.0.38)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/thiserror/1.0.40/confidence-slim/1.0.38)](https://docs.renovatebot.com/merge-confidence/)
|
| [tokio](https://tokio.rs)
([source](https://togithub.com/tokio-rs/tokio)) | dependencies | minor |
`1.25.0` -> `1.28.2` |
[![age](https://badges.renovateapi.com/packages/crate/tokio/1.28.2/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/tokio/1.28.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/tokio/1.28.2/compatibility-slim/1.25.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/tokio/1.28.2/confidence-slim/1.25.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [tokio](https://tokio.rs)
([source](https://togithub.com/tokio-rs/tokio)) | dependencies | minor |
`1.24.2` -> `1.28.2` |
[![age](https://badges.renovateapi.com/packages/crate/tokio/1.28.2/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/tokio/1.28.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/tokio/1.28.2/compatibility-slim/1.24.2)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/tokio/1.28.2/confidence-slim/1.24.2)](https://docs.renovatebot.com/merge-confidence/)
|
| [uuid](https://togithub.com/uuid-rs/uuid) | dependencies | patch |
`1.3.0` -> `1.3.3` |
[![age](https://badges.renovateapi.com/packages/crate/uuid/1.3.3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/uuid/1.3.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/uuid/1.3.3/compatibility-slim/1.3.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/uuid/1.3.3/confidence-slim/1.3.0)](https://docs.renovatebot.com/merge-confidence/)
|
| [walkdir](https://togithub.com/BurntSushi/walkdir) | dependencies |
patch | `2.3.2` -> `2.3.3` |
[![age](https://badges.renovateapi.com/packages/crate/walkdir/2.3.3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/walkdir/2.3.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/walkdir/2.3.3/compatibility-slim/2.3.2)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/walkdir/2.3.3/confidence-slim/2.3.2)](https://docs.renovatebot.com/merge-confidence/)
|
| [walkdir](https://togithub.com/BurntSushi/walkdir) | dev-dependencies
| patch | `2.3.2` -> `2.3.3` |
[![age](https://badges.renovateapi.com/packages/crate/walkdir/2.3.3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/walkdir/2.3.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/walkdir/2.3.3/compatibility-slim/2.3.2)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/walkdir/2.3.3/confidence-slim/2.3.2)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes


    
dtolnay/anyhow

### [`v1.0.71`](https://togithub.com/dtolnay/anyhow/releases/tag/1.0.71)

[Compare
Source](https://togithub.com/dtolnay/anyhow/compare/1.0.70...1.0.71)

-   Documentation improvements

### [`v1.0.70`](https://togithub.com/dtolnay/anyhow/releases/tag/1.0.70)

[Compare
Source](https://togithub.com/dtolnay/anyhow/compare/1.0.69...1.0.70)

-   Update syn dependency to 2.x


    


    
apollographql/apollo-server (apollo-server-core)

###
[`v3.12.0`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-core@3.11.1...apollo-server-core@3.12.0)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-core@3.11.1...apollo-server-core@3.12.0)

###
[`v3.11.1`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-core@3.11.0...apollo-server-core@3.11.1)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-core@3.11.0...apollo-server-core@3.11.1)


    


    
apollographql/apollo-server (apollo-server-express)

###
[`v3.12.0`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.11.1...apollo-server-express@3.12.0)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.11.1...apollo-server-express@3.12.0)

###
[`v3.11.1`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.11.0...apollo-server-express@3.11.1)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.11.0...apollo-server-express@3.11.1)

###
[`v3.11.0`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.4...apollo-server-express@3.11.0)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.4...apollo-server-express@3.11.0)

###
[`v3.10.4`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.3...apollo-server-express@3.10.4)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.3...apollo-server-express@3.10.4)

###
[`v3.10.3`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.2...apollo-server-express@3.10.3)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.2...apollo-server-express@3.10.3)

###
[`v3.10.2`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.1...apollo-server-express@3.10.2)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.1...apollo-server-express@3.10.2)

###
[`v3.10.1`](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.0...apollo-server-express@3.10.1)

[Compare
Source](https://togithub.com/apollographql/apollo-server/compare/apollo-server-express@3.10.0...apollo-server-express@3.10.1)


    


    
rust-fuzz/arbitrary

###
[`v1.3.0`](https://togithub.com/rust-fuzz/arbitrary/blob/HEAD/CHANGELOG.md#​130)

[Compare
Source](https://togithub.com/rust-fuzz/arbitrary/compare/v1.2.3...v1.3.0)

Released 2023-03-13.

##### Added

-   Added the ability to manually specify derived trait bounds for
`Arbitrary`. See
[#​138](https://togithub.com/rust-fuzz/arbitrary/pull/138) for
    details.

##### Fixed

-   Fixed minimal versions correctness for `syn`.

***


    


    
clap-rs/clap

###
[`v4.3.0`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​430---2023-05-19)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.2.7...v4.3.0)

##### Fixes

-   *(assert)* Allow multiple, value-terminated, positional arguments
-   *(assert)* Clear up language on `last` assertion
- *(parser)* Correctly assign values to arguments when using multiple,
value-termianted, positional arguments
- *(parser)* Ensure `value_terminator` has higher precedence than
`allow_hyphen_values`
- *(help)* Only use next-line-help on subcommand list when explicitly
specified, not just with `--help`
-   *(help)* Correctly align possible values list
- *(help)* Don't waste code, vertical space in moving possible value
descriptions to next line

###
[`v4.2.7`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​427---2023-05-02)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.2.6...v4.2.7)

##### Fixes

- Correctly track remaining length for iterators provided by
`ArgMatches`

###
[`v4.2.6`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​426---2023-05-02)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.2.5...v4.2.6)

##### Features

-   `impl Eq for clap_builder::util::AnyValueId`

###
[`v4.2.5`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​425---2023-04-27)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.2.4...v4.2.5)

##### Fixes

-   Improve panic when a group requires a non-existent ID

###
[`v4.2.4`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​424---2023-04-19)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.2.3...v4.2.4)

##### Documentation

-   Corrected docs for `Command::style`

###
[`v4.2.3`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​423---2023-04-18)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.2.2...v4.2.3)

##### Features

-   `Command::styles` for theming help/errors (behind `unstable-styles`)

###
[`v4.2.2`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​422---2023-04-13)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.2.1...v4.2.2)

##### Internal

-   Update dependencies

###
[`v4.2.1`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​421---2023-03-28)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.2.0...v4.2.1)

##### Fixes

-   Don't highlight uninteresting parts of the error message

###
[`v4.2.0`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​420---2023-03-28)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.1.14...v4.2.0)

##### Compatibility

- Removed the languishing `unstable-replace` feature (open to discussion
at [#​2836](https://togithub.com/clap-rs/clap/issues/2836))
-   Removed the stablized `unstable-grouped` feature

##### Features

-   Allow any `StyledStr` to accept text styled with ANSI escape codes
-   Respect `CLICOLOR`, `CLICOLOR_FORCE`

##### Fixes

- Lighten the tone for "unexpected argument" errors (open to discussion
at [#​4638](https://togithub.com/clap-rs/clap/issues/4638))

###
[`v4.1.14`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​4114---2023-03-28)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.1.13...v4.1.14)

##### Features

-   *(derive)* `#[group]` raw attribute support

##### Performance

- *(derive)* `clap_builder` was pulled out of `clap` so it could build
in parallel to `clap_derive`
- `os_str_bytes` dependency was removed for faster builds and smaller
binaries

###
[`v4.1.13`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​4113---2023-03-18)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.1.12...v4.1.13)

##### Performance

-   Reduce repeated alloc calls when building a `Command`
-   Reduce duplicate dependencies for faster builds

###
[`v4.1.12`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​4112---2023-03-18)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.1.11...v4.1.12)

##### Internal

-   *(derive)* Update to `syn` v2

##### Performance

- *(derive)* Faster build times by dropping `proc-macro-error`
dependency

###
[`v4.1.11`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#​4111---2023-03-17)

[Compare
Source](https://togithub.com/clap-rs/clap/compare/v4.1.10...v4.1.11)

##### Internal

-   Update `bitflags`


    


    
DataDog/dd-trace-js

###
[`v3.21.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.21.0):
3.21.0

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.20.0...v3.21.0)

##### Features

- **ci-visibility:** add support for CodeFresh
([#​3120](https://togithub.com/DataDog/dd-trace-js/issues/3120))
- **source-code-integration:** add support for embedding commit hash and
repository url
([#​3118](https://togithub.com/DataDog/dd-trace-js/issues/3118),
[#​3135](https://togithub.com/DataDog/dd-trace-js/issues/3135))

##### Improvements

- **ci-visibility:** add additional labels to some CI providers
([#​3120](https://togithub.com/DataDog/dd-trace-js/issues/3120))
- **http/http2:** update integration to report outgoing host information
([#​3031](https://togithub.com/DataDog/dd-trace-js/issues/3031))
- **iast:** redact potentially sensitive data from vulnerability
evidence
([#​3117](https://togithub.com/DataDog/dd-trace-js/issues/3117))
- **profiling:** remove experimental interrupt callback strategy from
OOM heap profiler
([#​3004](https://togithub.com/DataDog/dd-trace-js/issues/3004))

##### Bug Fixes

- **ci-visibility:** fix test skipping logic for intelligent test runner
([#​3130](https://togithub.com/DataDog/dd-trace-js/issues/3130))
- **iast:** fix reporting whether the feature is enabled or disabled
([#​3138](https://togithub.com/DataDog/dd-trace-js/issues/3138))
- **iast:** fix whitespaces redaction being reported by command
sensitive analyzer
([#​3134](https://togithub.com/DataDog/dd-trace-js/issues/3134))
- **iast:** fix internal fs calls reporting path traversal
vulnerabilities
([#​3127](https://togithub.com/DataDog/dd-trace-js/issues/3127))
- **profiling:** fix segmentation fault when using worker threads
([#​3124](https://togithub.com/DataDog/dd-trace-js/issues/3124))

###
[`v3.20.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.20.0):
3.20.0

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.19.0...v3.20.0)

##### Bug Fixes

- **core**: Revert service naming framework introduction
([#​3093](https://togithub.com/DataDog/dd-trace-js/issues/3093))
- **kafka**: Fix kafka plugin trying to extract null headers as string
([#​3098](https://togithub.com/DataDog/dd-trace-js/issues/3098))
- **ci-visibility**: Fix potential issue when encoding `test_module_id`
([#​3101](https://togithub.com/DataDog/dd-trace-js/issues/3101))
- **ci-visibility**: Fix `test.fixme` logic in playwright
([#​3100](https://togithub.com/DataDog/dd-trace-js/issues/3100))

##### Improvements

- **asm**: Support array payloads in telemetry send-data
([#​3047](https://togithub.com/DataDog/dd-trace-js/issues/3047))
- **ci-visibility**: Improve performance of start line calculation in
mocha
([#​3079](https://togithub.com/DataDog/dd-trace-js/issues/3079))
- **pg**: Support query config objects in PG with DBM propagation
([#​3091](https://togithub.com/DataDog/dd-trace-js/issues/3091))
- **pg**: Add support for prepared statements in PG
([#​3087](https://togithub.com/DataDog/dd-trace-js/issues/3087))

###
[`v3.19.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.19.0):
3.19.0

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.18.0...v3.19.0)

##### Bug Fixes

- **ci-visibility:** correctly extract rootDir for playwright >=1.33.0
([#​3059](https://togithub.com/DataDog/dd-trace-js/issues/3059))

##### Improvements

- **core:** moves encoded trace debug log behind a config flag
([#​2979](https://togithub.com/DataDog/dd-trace-js/issues/2979))
- **asm:** add the possibility to update AppSec rules through remote
config
([#​2654](https://togithub.com/DataDog/dd-trace-js/issues/2654))
- **asm:** update embedded AppSec rules to 1.7.0
([#​3082](https://togithub.com/DataDog/dd-trace-js/issues/3082))
- **asm:** add the possibility to block incoming attacks
([#​2789](https://togithub.com/DataDog/dd-trace-js/issues/2789))
- **core:** introduce service naming framework
([#​2941](https://togithub.com/DataDog/dd-trace-js/issues/2941))

###
[`v3.18.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.18.0):
3.18.0

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.17.1...v3.18.0)

> **Warning**
> ESM support has been temporarily disabled starting from Node 20 as
significant changes are in progress.

##### Bug Fixes

- **asm:** fix remote configuration not working for IP and user blocking
([#​2995](https://togithub.com/DataDog/dd-trace-js/issues/2995))
- **core:** fix invalid value in sampling decision maker header
([#​2998](https://togithub.com/DataDog/dd-trace-js/issues/2998))
- **core:** fix requests to the agent when using ipv6
([#​3003](https://togithub.com/DataDog/dd-trace-js/issues/3003)),
fixes
[https://github.com/DataDog/dd-trace-js/issues/2449#issuecomment-1505488769](https://togithub.com/DataDog/dd-trace-js/issues/2449#issuecomment-1505488769)
- **core:** fix diagnostics channel error from bug in node 19.9.0
([#​3002](https://togithub.com/DataDog/dd-trace-js/issues/3002))
- **esbuild:** fix missing file in npm package
([#​2991](https://togithub.com/DataDog/dd-trace-js/issues/2991)),
fixes
[#​2983](https://togithub.com/DataDog/dd-trace-js/issues/2983)
- **iast:** fix null values breaking taint tracking
([#​2977](https://togithub.com/DataDog/dd-trace-js/issues/2977))
- **jest:** fix error when using jest-jasmine2
([#​2999](https://togithub.com/DataDog/dd-trace-js/issues/2999)),
fixes
[#​2989](https://togithub.com/DataDog/dd-trace-js/issues/2989)
- **stats:** fix trace stats duration always being 0
([#​3000](https://togithub.com/DataDog/dd-trace-js/issues/3000))
- **redis:** fix commands names in filters being case-sensitive
([#​3014](https://togithub.com/DataDog/dd-trace-js/issues/3014))
- **typescript:** fix type mismatch between tracer and plugin hook spans
([#​2982](https://togithub.com/DataDog/dd-trace-js/issues/2982)),
fixes
[#​2980](https://togithub.com/DataDog/dd-trace-js/issues/2980)

##### Improvements

- **core:** optimize tag processing
([#​2997](https://togithub.com/DataDog/dd-trace-js/issues/2997))
- **ci-visibility:** add source for the line of code of the test
([#​3011](https://togithub.com/DataDog/dd-trace-js/issues/3011))
- **core:** add support for node 20
([#​3029](https://togithub.com/DataDog/dd-trace-js/issues/3029))

###
[`v3.17.1`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.17.1)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.17.0...v3.17.1)

> **Warning**
> This version of the library contains a known bug with AppSec IP and
User Blocking. Please do not use this version if you want to use this
feature.

##### Bug Fixes

- \[lambda] update context extraction
([#​2981](https://togithub.com/DataDog/dd-trace-js/issues/2981))
- \[next.js] fix getServerSideProps error handling
([#​2971](https://togithub.com/DataDog/dd-trace-js/issues/2971))

###
[`v3.17.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.17.0)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.16.0...v3.17.0)

> **Warning**
> This version of the library contains a known bug with AppSec IP and
User Blocking. Please do not use this version if you want to use this
feature.

##### Bug Fixes

- \[iast] Increase timeout for tests on server
([#​2940](https://togithub.com/DataDog/dd-trace-js/issues/2940))
- \[core] Fix DBM propagation
([#​2938](https://togithub.com/DataDog/dd-trace-js/issues/2938),
[#​2976](https://togithub.com/DataDog/dd-trace-js/issues/2976))
- \[core] Fix error when using GCP pubsub while plugin is disabled
([#​2966](https://togithub.com/DataDog/dd-trace-js/issues/2966))

##### Improvements

- \[core] Preliminary support for bundling via esbuild
([#​2763](https://togithub.com/DataDog/dd-trace-js/issues/2763))
- \[appsec] Embed rules and templates files to be compatible with
bundlers
([#​2913](https://togithub.com/DataDog/dd-trace-js/issues/2913))
- \[core] add support for 128-bit trace id
([#​2944](https://togithub.com/DataDog/dd-trace-js/issues/2944))
- \[data-streams] Return remaining bytes when decoding
([#​2950](https://togithub.com/DataDog/dd-trace-js/issues/2950))
- \[iast] Exclude vulnerabilities coming from send module
([#​2567](https://togithub.com/DataDog/dd-trace-js/issues/2567))
- \[iast] Add support for setting the maximum number of concurrent
transactions
([#​2926](https://togithub.com/DataDog/dd-trace-js/issues/2926))
- \[appsec] Update ASM WAF rules to version 1.6.0
([#​2972](https://togithub.com/DataDog/dd-trace-js/issues/2972))

###
[`v3.16.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.16.0)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.15.0...v3.16.0)

##### Bug fixes

- \[tracing] Fix kafka client trying to use ipv6 in tests
([#​2877](https://togithub.com/DataDog/dd-trace-js/issues/2877))
- \[ci-visibility] Fix logic to validate commit SHAs
([#​2876](https://togithub.com/DataDog/dd-trace-js/issues/2876))
- \[ci-visibility] Fix error in test fingerprint calculation due to
`test.bundle`
([#​2880](https://togithub.com/DataDog/dd-trace-js/issues/2880))
- \[tracing] Switch to `network.destination.port` for client port tag
name
([#​2826](https://togithub.com/DataDog/dd-trace-js/issues/2826))
- \[tracing] Fix using pubsub internal api directly
([#​2883](https://togithub.com/DataDog/dd-trace-js/issues/2883))
- \[ci-visibility] Do not run mocha plugin if in parallel mode
([#​2900](https://togithub.com/DataDog/dd-trace-js/issues/2900))
- \[ci-visibility] Fix cypress errors when using interactive mode
([#​2895](https://togithub.com/DataDog/dd-trace-js/issues/2895))
- \[tracing] Fix nextjs resource name
([#​2834](https://togithub.com/DataDog/dd-trace-js/issues/2834))
- \[tracing] Use SpanContext name, not Span name, for single span
sampling rules
([#​2898](https://togithub.com/DataDog/dd-trace-js/issues/2898))
- \[lambda] Fix potential crash when no active span exists on impeding
timeout
([#​2871](https://togithub.com/DataDog/dd-trace-js/issues/2871))
- \[tracing] Fix tcp connections to the agent being traced
([#​2920](https://togithub.com/DataDog/dd-trace-js/issues/2920))
- \[tracing] Remove unhandled wrap() typescript method overload
([#​2914](https://togithub.com/DataDog/dd-trace-js/issues/2914))
- \[tracing] Fix mariadb connection pool spans leaking across queries
([#​2925](https://togithub.com/DataDog/dd-trace-js/issues/2925))
- \[tracing] Stop attempting to instrument removed mongo functions
([#​2823](https://togithub.com/DataDog/dd-trace-js/issues/2823))
- \[ci-visibility] Fix playwright require crash when tests are compiled
([#​2935](https://togithub.com/DataDog/dd-trace-js/issues/2935))
- \[tracing] Fix potential conflict with name property on plugin
constructors
([#​2937](https://togithub.com/DataDog/dd-trace-js/issues/2937))
- \[tracing] Fix mongoose v7 tests and restore support
([#​2936](https://togithub.com/DataDog/dd-trace-js/issues/2936))

##### Improvements

- \[tracing] Support Cloud Foundry container Ids
([#​2831](https://togithub.com/DataDog/dd-trace-js/issues/2831))
- \[appsec] Implement new appsec IP header detection
([#​2878](https://togithub.com/DataDog/dd-trace-js/issues/2878))
- \[ci-visibility] Change intelligent test runner default config
([#​2842](https://togithub.com/DataDog/dd-trace-js/issues/2842))
- \[ci-visibility] Add jest worker exporter
([#​2853](https://togithub.com/DataDog/dd-trace-js/issues/2853))
- \[tracing] Allow DD_TRACE_AWSSDK\_{SERVICE}\_ENABLED configuration
([#​2817](https://togithub.com/DataDog/dd-trace-js/issues/2817))
- \[ci-visibility] Add `test.toolchain` containing the package manager
name and version
([#​2907](https://togithub.com/DataDog/dd-trace-js/issues/2907))
- \[tracing] Next Plugin Next 13.2 updated handleAPIRequest support
([#​2905](https://togithub.com/DataDog/dd-trace-js/issues/2905))
- \[appsec] Report IAST internal exceptions with telemetry
([#​2699](https://togithub.com/DataDog/dd-trace-js/issues/2699))
- \[ci-visibility] Add Intelligent Test Runner support for cucumber
([#​2918](https://togithub.com/DataDog/dd-trace-js/issues/2918))
- \[ci-visibility] Add support for Team City CI provider
([#​2928](https://togithub.com/DataDog/dd-trace-js/issues/2928))
- \[ci-visibility] Report total code coverage for mocha and cucumber
([#​2922](https://togithub.com/DataDog/dd-trace-js/issues/2922))
- \[profiling] Export heap profile on v8 heap OOM
([#​2882](https://togithub.com/DataDog/dd-trace-js/issues/2882))
- \[appsec] Vulnerability deduplication rework
([#​2921](https://togithub.com/DataDog/dd-trace-js/issues/2921))

###
[`v3.15.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.15.0)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.14.1...v3.15.0)

##### Bugfixes

- \[asm] Don't send blocking response if headers have already been sent
([#​2807](https://togithub.com/DataDog/dd-trace-js/issues/2807))
- \[asm] Ldap plugin fixes
([#​2838](https://togithub.com/DataDog/dd-trace-js/issues/2838))
- \[ci-visibility] Fix latest playwright release instrumentation
([#​2836](https://togithub.com/DataDog/dd-trace-js/issues/2836))
- \[ci-visibility] Fix jest bug when parent id is null
([#​2848](https://togithub.com/DataDog/dd-trace-js/issues/2848))
- \[ci-visibility] Fix cucumber tests for node 12
([#​2863](https://togithub.com/DataDog/dd-trace-js/issues/2863))
([#​2864](https://togithub.com/DataDog/dd-trace-js/issues/2864))
- \[profiling] Make sure that current profiles are collected and
exported when process exits
([#​2720](https://togithub.com/DataDog/dd-trace-js/issues/2720))
- \[tracing] Fix span sampling
([#​2779](https://togithub.com/DataDog/dd-trace-js/issues/2779))

##### Improvements

- \[asm] User blocking
([#​2710](https://togithub.com/DataDog/dd-trace-js/issues/2710))
- \[asm] Update iast rewriter version 2.0.1
([#​2857](https://togithub.com/DataDog/dd-trace-js/issues/2857))
- \[asm] Update ASM WAF rules to 1.5.2 version
([#​2865](https://togithub.com/DataDog/dd-trace-js/issues/2865))
- \[ci-visibility] Support custom test configurations in ITR
([#​2809](https://togithub.com/DataDog/dd-trace-js/issues/2809))
- \[ci-visibility] Automatically unshallow repo
([#​2803](https://togithub.com/DataDog/dd-trace-js/issues/2803))
- \[ci-visibility] Change git upload to opt out
([#​2829](https://togithub.com/DataDog/dd-trace-js/issues/2829))
- \[core] Use log/writer as a logger
([#​2867](https://togithub.com/DataDog/dd-trace-js/issues/2867))
- \[docs] clarify supported node.js version ranges
([#​2830](https://togithub.com/DataDog/dd-trace-js/issues/2830))
- \[lambda] Modify how `DD_APM_FLUSH_DEADLINE_MILLISECONDS` is handled
([#​2824](https://togithub.com/DataDog/dd-trace-js/issues/2824))
- \[profiling] Control naming of profile filename for file exporter
([#​2806](https://togithub.com/DataDog/dd-trace-js/issues/2806))
- \[profiling] Update pprof-nodejs to 2.0.0
([#​2844](https://togithub.com/DataDog/dd-trace-js/issues/2844))
- \[tracing] add runtime.node.event_loop.utilization metric
([#​2846](https://togithub.com/DataDog/dd-trace-js/issues/2846))

###
[`v3.14.1`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.14.1)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.14.0...v3.14.1)

##### Bugfixes

- \[tracing] Fix traceparent version and version propagation
[#​2810](https://togithub.com/DataDog/dd-trace-js/issues/2810)
- \[tracing] Fix client errors being flagged as errors for boom
[#​2813](https://togithub.com/DataDog/dd-trace-js/issues/2813)

###
[`v3.14.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.14.0)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.13.2...v3.14.0)

##### Bugfixes

- \[tracing] Remove resource name truncation with agent
([#​2781](https://togithub.com/DataDog/dd-trace-js/issues/2781))
- \[tracing] Remove unused config fields from telemetry
([#​2778](https://togithub.com/DataDog/dd-trace-js/issues/2778))

##### Improvements

- \[aws-sdk] Add support for `aws-sdk v3`
([#​2754](https://togithub.com/DataDog/dd-trace-js/issues/2754))
- \[ci-visibility] Add test suite level visibility to `cucumber`
([#​2782](https://togithub.com/DataDog/dd-trace-js/issues/2782))
- \[ci-visibility] Add test suite level visibility to `cypress`
([#​2783](https://togithub.com/DataDog/dd-trace-js/issues/2783))
- \[tracing] Fully support W3C Trace Context headers
([#​2477](https://togithub.com/DataDog/dd-trace-js/issues/2477))

###
[`v3.13.2`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.13.2)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.13.1...v3.13.2)

##### Bugfixes

- **tracer**: Check if channel has subscribers before call unsubscribe
([#​2770](https://togithub.com/DataDog/dd-trace-js/issues/2770))

##### Improvements

- **ci-visibility**: Keep functionality with `.asyncResource`
([#​2756](https://togithub.com/DataDog/dd-trace-js/issues/2756))
- **ci-visibility** Update ITR tags
([#​2767](https://togithub.com/DataDog/dd-trace-js/issues/2767))
- **tracer**: Fix log error message when intake request fails
([#​2757](https://togithub.com/DataDog/dd-trace-js/issues/2757))
- **tracer**: Add missing telemetry host data
([#​2682](https://togithub.com/DataDog/dd-trace-js/issues/2682))

###
[`v3.13.1`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.13.1)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.13.0...v3.13.1)

##### Bugfixes

- Fix require("node:fs") bug
([#​2758](https://togithub.com/DataDog/dd-trace-js/issues/2758))

###
[`v3.13.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.13.0)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.12.1...v3.13.0)

##### Improvements

- **tracing**: Make automatic client IP extraction available as opt-in
outside of AppSec
([#​2717](https://togithub.com/DataDog/dd-trace-js/issues/2717))
- **tracing**: APM DBM Link for MySQL & MySQL2
([#​2648](https://togithub.com/DataDog/dd-trace-js/issues/2648))
- **ci-visibility**: Support
[@​playwright/test](https://togithub.com/playwright/test)
([#​2708](https://togithub.com/DataDog/dd-trace-js/issues/2708))
- **ci-visibility**: Add support for test modules
([#​2725](https://togithub.com/DataDog/dd-trace-js/issues/2725))
- **appsec**: Application Security Events Tracking SDK
([#​2698](https://togithub.com/DataDog/dd-trace-js/issues/2698))
- **appsec**: Update asm waf rules to 1.5.0 version.
([#​2742](https://togithub.com/DataDog/dd-trace-js/issues/2742))
- **appsec**: Detect path traversal vulnerabilities
([#​2587](https://togithub.com/DataDog/dd-trace-js/issues/2587))

###
[`v3.12.1`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.12.1)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.12.0...v3.12.1)

##### Bug Fixes

- Fix a bug where Lambda plugin would look for package.json from
dd-lambda-js, which wasn't needed and could break in some cases
[#​2721](https://togithub.com/DataDog/dd-trace-js/issues/2721)

**Full Changelog**:
https://github.com/DataDog/dd-trace-js/compare/v3.12.0...v3.12.1

###
[`v3.12.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.12.0)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.11.0...v3.12.0)

##### Bug Fixes

- Fix code_coverage tag in test session
[#​2680](https://togithub.com/DataDog/dd-trace-js/issues/2680)
- Update addRequestHeaders to stringify header value when an array
[#​2667](https://togithub.com/DataDog/dd-trace-js/issues/2667)
- Do not crash when prototype-free objects used for tags
[#​2687](https://togithub.com/DataDog/dd-trace-js/issues/2687)
- Always log inject service, version, and env
[#​2696](https://togithub.com/DataDog/dd-trace-js/issues/2696)
- require db name when calling injectDbmQuery()
[#​2700](https://togithub.com/DataDog/dd-trace-js/issues/2700)

##### Improvements

- Create a span for vulnerabilities outside of requests
([#​2686](https://togithub.com/DataDog/dd-trace-js/issues/2686))
- Configurable remote config poll interval
([#​2675](https://togithub.com/DataDog/dd-trace-js/issues/2675))
- Add \_dd.ci.env_vars to azure pipelines metadata extraction
[#​2673](https://togithub.com/DataDog/dd-trace-js/issues/2673)
- Remove user credentials from user provided git
[#​2672](https://togithub.com/DataDog/dd-trace-js/issues/2672)
- Support serviceMapping programmatic config
[#​2678](https://togithub.com/DataDog/dd-trace-js/issues/2678)
- Support IPv6 URLs for agent address
[#​2691](https://togithub.com/DataDog/dd-trace-js/issues/2691)
- Update asm waf rules to 1.4.3 version
[#​2689](https://togithub.com/DataDog/dd-trace-js/issues/2689)
- Add taint tracking support for concat, substring, substr, slice and
replace methods
[#​2629](https://togithub.com/DataDog/dd-trace-js/issues/2629)
- Optionally timeout tracer
[#​2476](https://togithub.com/DataDog/dd-trace-js/issues/2476)
- Rename environment variable for remote configuration polling interval
[#​2702](https://togithub.com/DataDog/dd-trace-js/issues/2702)
- add remoteConfigEnabled config
[#​2674](https://togithub.com/DataDog/dd-trace-js/issues/2674)
- Fix CiPlugin crashing when no CI Vis init is used
[#​2711](https://togithub.com/DataDog/dd-trace-js/issues/2711)
- Create spans for vulnerabilities outside of requests
[#​2686](https://togithub.com/DataDog/dd-trace-js/issues/2686)
- Upgrade CodeQL Github Action versions
[#​2715](https://togithub.com/DataDog/dd-trace-js/issues/2715)

**Full Changelog**:
https://github.com/DataDog/dd-trace-js/compare/v3.11.0...v3.12.0

###
[`v3.11.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.11.0)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.10.0...v3.11.0)

##### Bug Fixes

- Fix router plugin state restore on exit
([#​2641](https://togithub.com/DataDog/dd-trace-js/issues/2641))
- \[ci-visibility] Fix URL for intelligent test runner when using
agentless
([#​2664](https://togithub.com/DataDog/dd-trace-js/issues/2664))

##### Improvements

- Introduce a way to block incoming requests based on their IP addresses
([#​2574](https://togithub.com/DataDog/dd-trace-js/issues/2574))
- Add \_dd.iast.enabled tag
([#​2651](https://togithub.com/DataDog/dd-trace-js/issues/2651))
- Send relative path for the vulnerability instead of the absolute path
([#​2635](https://togithub.com/DataDog/dd-trace-js/issues/2635))
- Fix pg and add plugin style test in iast sqli detection
([#​2565](https://togithub.com/DataDog/dd-trace-js/issues/2565))
- CSI trim methods rewriting
([#​2568](https://togithub.com/DataDog/dd-trace-js/issues/2568))
- LDAP analyzer
([#​2618](https://togithub.com/DataDog/dd-trace-js/issues/2618))
- Update rewriter version
([#​2642](https://togithub.com/DataDog/dd-trace-js/issues/2642))

###
[`v3.10.0`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.10.0)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.9.3...v3.10.0)

##### Bug Fixes

- **core**: do not trace profiler export
([#​2600](https://togithub.com/DataDog/dd-trace-js/issues/2600))
- **core**: Add moduleLoadEndChannel, publish after load
([#​2543](https://togithub.com/DataDog/dd-trace-js/issues/2543))
- **http**: Fix http plugin restoring to prior store state in exit
([#​2633](https://togithub.com/DataDog/dd-trace-js/issues/2633))
- **core**: Remove query string from resource.name by default
([#​2631](https://togithub.com/DataDog/dd-trace-js/issues/2631))
- **router**: allow next('route') and next('router') in router plugin
([#​2621](https://togithub.com/DataDog/dd-trace-js/issues/2621))

##### Improvements

- **asm**: ASM Data listener to update rule data
([#​2588](https://togithub.com/DataDog/dd-trace-js/issues/2588))
- **ci-visibility**: Add support for buddy.works
([#​2615](https://togithub.com/DataDog/dd-trace-js/issues/2615))
- **ci-visibility**: Support CI Visibility encoding via the agent
through EVP proxy
([#​2566](https://togithub.com/DataDog/dd-trace-js/issues/2566))

###
[`v3.9.3`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.9.3)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.9.2...v3.9.3)

> **Warning**
> This version of the library contains a known memory leak. Please
upgrade to the latest version.

##### Bug Fixes

- **ci-visibility**: Fix `mocha` and `jest` not running tests when
dd-trace is imported but not init
([#​2599](https://togithub.com/DataDog/dd-trace-js/issues/2599))

###
[`v3.9.2`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.9.2)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.9.1...v3.9.2)

##### Bug Fixes

- **http**: reverts a change in v3.9.1
([#​2581](https://togithub.com/DataDog/dd-trace-js/issues/2581))
that causes some customers to crash
([#​2596](https://togithub.com/DataDog/dd-trace-js/issues/2596))
- **ci-visibility**: fixes some tests
([#​2576](https://togithub.com/DataDog/dd-trace-js/issues/2576),
[#​2594](https://togithub.com/DataDog/dd-trace-js/issues/2594))

###
[`v3.9.1`](https://togithub.com/DataDog/dd-trace-js/releases/tag/v3.9.1)

[Compare
Source](https://togithub.com/DataDog/dd-trace-js/compare/v3.9.0...v3.9.1)

**Note that this release introduces a bug for some customers (see
[#​2593](https://togithub.com/DataDog/dd-trace-js/issues/2593)).
Please upgrade if you encounter this bug.**

##### Bug Fixes

- **types**: update experimental exporter type
([#​2577](https://togithub.com/DataDog/dd-trace-js/issues/2577))
-   **types


    

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/apollographql/router).



---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Gary Pennington 
---
 Cargo.lock                                    | 129 +--
 apollo-router-benchmarks/Cargo.toml           |   2 +-
 apollo-router-scaffold/Cargo.toml             |   6 +-
 apollo-router/Cargo.toml                      |  48 +-
 .../datadog-subgraph/package-lock.json        | 858 +++++++-----------
 .../tracing/jaeger-subgraph/package-lock.json | 179 ++--
 .../tracing/zipkin-subgraph/package-lock.json | 179 ++--
 xtask/Cargo.lock                              |   4 +-
 xtask/Cargo.toml                              |  12 +-
 9 files changed, 612 insertions(+), 805 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 0ebe07dccc9..ce4d5061816 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -160,49 +160,58 @@ dependencies = [
 
 [[package]]
 name = "anstream"
-version = "0.2.6"
+version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "342258dd14006105c2b75ab1bd7543a03bdf0cfc94383303ac212a04939dff6f"
+checksum = "0ca84f3628370c59db74ee214b3263d58f9aadd9b4fe7e711fd87dc452b7f163"
 dependencies = [
  "anstyle",
  "anstyle-parse",
+ "anstyle-query",
  "anstyle-wincon",
- "concolor-override",
- "concolor-query",
+ "colorchoice",
  "is-terminal",
  "utf8parse",
 ]
 
 [[package]]
 name = "anstyle"
-version = "0.3.5"
+version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "23ea9e81bd02e310c216d080f6223c179012256e5151c41db88d12c88a1684d2"
+checksum = "41ed9a86bf92ae6580e0a31281f65a1b1d867c0cc68d5346e2ae128dddfa6a7d"
 
 [[package]]
 name = "anstyle-parse"
-version = "0.1.1"
+version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a7d1bb534e9efed14f3e5f44e7dd1a4f709384023a4165199a4241e18dff0116"
+checksum = "e765fd216e48e067936442276d1d57399e37bce53c264d6fefbe298080cb57ee"
 dependencies = [
  "utf8parse",
 ]
 
+[[package]]
+name = "anstyle-query"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b"
+dependencies = [
+ "windows-sys 0.48.0",
+]
+
 [[package]]
 name = "anstyle-wincon"
-version = "0.2.0"
+version = "1.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c3127af6145b149f3287bb9a0d10ad9c5692dba8c53ad48285e5bec4063834fa"
+checksum = "180abfa45703aebe0093f79badacc01b8fd4ea2e35118747e5811127f926e188"
 dependencies = [
  "anstyle",
- "windows-sys 0.45.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
 name = "anyhow"
-version = "1.0.70"
+version = "1.0.71"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7de8ce5e0f9f8d88245311066a578d72b7af3e7088f32783804676302df237e4"
+checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8"
 
 [[package]]
 name = "apollo-ariadne"
@@ -280,7 +289,7 @@ dependencies = [
  "buildstructor 0.5.2",
  "bytes",
  "ci_info",
- "clap 4.2.1",
+ "clap 4.3.0",
  "console-subscriber",
  "dashmap",
  "derivative",
@@ -420,7 +429,7 @@ version = "1.20.0"
 dependencies = [
  "anyhow",
  "cargo-scaffold",
- "clap 4.2.1",
+ "clap 4.3.0",
  "copy_dir",
  "regex",
  "str_inflector",
@@ -1035,9 +1044,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "4.2.1"
+version = "4.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "046ae530c528f252094e4a77886ee1374437744b2bff1497aa898bbddbbb29b3"
+checksum = "93aae7a4192245f70fe75dd9157fc7b4a5bf53e88d30bd4396f7d8f9284d5acc"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -1046,22 +1055,22 @@ dependencies = [
 
 [[package]]
 name = "clap_builder"
-version = "4.2.1"
+version = "4.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "223163f58c9a40c3b0a43e1c4b50a9ce09f007ea2cb1ec258a687945b4b7929f"
+checksum = "4f423e341edefb78c9caba2d9c7f7687d0e72e89df3ce3394554754393ac3990"
 dependencies = [
  "anstream",
  "anstyle",
  "bitflags",
- "clap_lex 0.4.1",
+ "clap_lex 0.5.0",
  "strsim 0.10.0",
 ]
 
 [[package]]
 name = "clap_derive"
-version = "4.2.0"
+version = "4.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3f9644cd56d6b87dbe899ef8b053e331c0637664e9e21a33dfcdc36093f5c5c4"
+checksum = "191d9573962933b4027f932c600cd252ce27a8ad5979418fe78e43c07996f27b"
 dependencies = [
  "heck 0.4.1",
  "proc-macro2",
@@ -1080,9 +1089,15 @@ dependencies = [
 
 [[package]]
 name = "clap_lex"
-version = "0.4.1"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2da6da31387c7e4ef160ffab6d5e7f00c42626fe39aea70a7b0f1773f7dd6c1b"
+
+[[package]]
+name = "colorchoice"
+version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8a2dd5a6fe8c6e3502f568a6353e5273bbb15193ad9a89e457b9970798efbea1"
+checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7"
 
 [[package]]
 name = "combine"
@@ -1111,21 +1126,6 @@ dependencies = [
  "tokio-util",
 ]
 
-[[package]]
-name = "concolor-override"
-version = "1.0.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a855d4a1978dc52fb0536a04d384c2c0c1aa273597f08b77c8c4d3b2eec6037f"
-
-[[package]]
-name = "concolor-query"
-version = "0.3.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "88d11d52c3d7ca2e6d0040212be9e4dbbcd78b6447f535b6b561f449427944cf"
-dependencies = [
- "windows-sys 0.45.0",
-]
-
 [[package]]
 name = "concurrent-queue"
 version = "2.1.0"
@@ -2180,9 +2180,9 @@ checksum = "6c2141d6d6c8512188a7891b4b01590a45f6dac67afb4f255c4124dbb86d4eaa"
 
 [[package]]
 name = "fred"
-version = "6.0.0"
+version = "6.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c52d60e6d9b2a715da13ec520d7da6e095121e25da5027cdac56b8f96684654b"
+checksum = "7e02c21b098d77b0e99fe0054ebd3e7c9f81bffb42aa843021415ffa793124a6"
 dependencies = [
  "arc-swap",
  "arcstr",
@@ -2198,12 +2198,13 @@ dependencies = [
  "pretty_env_logger",
  "rand 0.8.5",
  "redis-protocol",
- "rustls 0.20.8",
+ "rustls 0.21.1",
  "rustls-native-certs",
+ "rustls-webpki",
  "semver 1.0.17",
  "sha-1",
  "tokio",
- "tokio-rustls 0.23.4",
+ "tokio-rustls 0.24.0",
  "tokio-stream",
  "tokio-util",
  "url",
@@ -3381,9 +3382,9 @@ dependencies = [
 
 [[package]]
 name = "miette"
-version = "5.7.0"
+version = "5.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7abdc09c381c9336b9f2e9bd6067a9a5290d20e2d2e2296f275456121c33ae89"
+checksum = "a236ff270093b0b67451bc50a509bd1bad302cb1d3c7d37d5efe931238581fa9"
 dependencies = [
  "backtrace",
  "backtrace-ext",
@@ -3402,9 +3403,9 @@ dependencies = [
 
 [[package]]
 name = "miette-derive"
-version = "5.7.0"
+version = "5.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8842972f23939443013dfd3720f46772b743e86f1a81d120d4b6fb090f87de1c"
+checksum = "4901771e1d44ddb37964565c654a3223ba41a594d02b8da471cc4464912b5cfa"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -3545,9 +3546,9 @@ checksum = "61807f77802ff30975e01f4f071c8ba10c022052f98b3294119f3e615d13e5be"
 
 [[package]]
 name = "notify"
-version = "5.1.0"
+version = "5.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "58ea850aa68a06e48fdb069c0ec44d0d64c8dbffa49bf3b6f7f0a901fdea1ba9"
+checksum = "729f63e1ca555a43fe3efa4f3efdf4801c479da85b432242a7b726f353c88486"
 dependencies = [
  "bitflags",
  "filetime",
@@ -3556,7 +3557,7 @@ dependencies = [
  "libc",
  "mio",
  "walkdir 2.3.3",
- "windows-sys 0.42.0",
+ "windows-sys 0.45.0",
 ]
 
 [[package]]
@@ -3706,9 +3707,9 @@ dependencies = [
 
 [[package]]
 name = "once_cell"
-version = "1.17.1"
+version = "1.17.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3"
+checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b"
 
 [[package]]
 name = "oorandom"
@@ -4673,9 +4674,9 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.8.2"
+version = "1.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d1a59b5d8e97dee33696bf13c5ba8ab85341c002922fba050069326b9c498974"
+checksum = "81ca098a9821bd52d6b24fd8b10bd081f47d39c22778cafaa75a2857a62c6390"
 dependencies = [
  "aho-corasick 1.0.1",
  "memchr",
@@ -4764,9 +4765,9 @@ dependencies = [
 
 [[package]]
 name = "rhai"
-version = "1.13.0"
+version = "1.14.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fd29fa1f740be6dc91982013957e08c3c4232d7efcfe19e12da87d50bad47758"
+checksum = "b2c99b27f6661b4d217b6aa21727c6a0808729266edfc8a8877042d609b1904e"
 dependencies = [
  "ahash 0.8.3",
  "bitflags",
@@ -5253,9 +5254,9 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3"
 
 [[package]]
 name = "serde"
-version = "1.0.159"
+version = "1.0.163"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3c04e8343c3daeec41f58990b9d77068df31209f2af111e059e9fe9646693065"
+checksum = "2113ab51b87a539ae008b5c6c02dc020ffa39afd2d83cffcb3f4eb2722cebec2"
 dependencies = [
  "serde_derive",
 ]
@@ -5271,9 +5272,9 @@ dependencies = [
 
 [[package]]
 name = "serde_derive"
-version = "1.0.159"
+version = "1.0.163"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4c614d17805b093df4b147b51339e7e44bf05ef59fba1e45d83500bcfb4d8585"
+checksum = "8c805777e3930c8883389c602315a24224bcc738b63905ef87cd1420353ea93e"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -5293,9 +5294,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.95"
+version = "1.0.96"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d721eca97ac802aa7777b701877c8004d950fc142651367300d21c1cc0194744"
+checksum = "057d394a50403bcac12672b2b18fb387ab6d289d957dab67dd201875391e52f1"
 dependencies = [
  "indexmap",
  "itoa",
@@ -6027,9 +6028,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
 
 [[package]]
 name = "tokio"
-version = "1.28.1"
+version = "1.28.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0aa32867d44e6f2ce3385e89dceb990188b8bb0fb25b0cf576647a6f98ac5105"
+checksum = "94d7b1cfd2aa4011f2de74c2c4c63665e27a71006b0a192dcd2710272e73dfa2"
 dependencies = [
  "autocfg",
  "bytes",
diff --git a/apollo-router-benchmarks/Cargo.toml b/apollo-router-benchmarks/Cargo.toml
index c10f6e19bea..fa8fa5e18dc 100644
--- a/apollo-router-benchmarks/Cargo.toml
+++ b/apollo-router-benchmarks/Cargo.toml
@@ -20,7 +20,7 @@ tower = "0.4"
 [build-dependencies]
 apollo-smith = { version = "0.3.2", features = ["parser-impl"] }
 apollo-parser = "0.4.1"
-arbitrary = "1.2.3"
+arbitrary = "1.3.0"
 
 [[bench]]
 name = "basic_composition"
diff --git a/apollo-router-scaffold/Cargo.toml b/apollo-router-scaffold/Cargo.toml
index 5046867aa37..bd35941ead0 100644
--- a/apollo-router-scaffold/Cargo.toml
+++ b/apollo-router-scaffold/Cargo.toml
@@ -7,12 +7,12 @@ license = "Elastic-2.0"
 publish = false
 
 [dependencies]
-anyhow = "1.0.69"
-clap = { version = "4.1.6", features = ["derive"] }
+anyhow = "1.0.71"
+clap = { version = "4.3.0", features = ["derive"] }
 cargo-scaffold = { version = "0.8.9", default-features = false }
 regex = "1"
 str_inflector = "0.12.0"
 toml = "0.5.11"
 [dev-dependencies]
-tempfile = "3.4.0"
+tempfile = "3.5.0"
 copy_dir = "0.1.2"
diff --git a/apollo-router/Cargo.toml b/apollo-router/Cargo.toml
index 0b90e3e4d4f..60b5f3b10a4 100644
--- a/apollo-router/Cargo.toml
+++ b/apollo-router/Cargo.toml
@@ -52,7 +52,7 @@ features = ["docs_rs"]
 [dependencies]
 askama = "0.11.1"
 access-json = "0.1.0"
-anyhow = "1.0.69"
+anyhow = "1.0.71"
 apollo-compiler = "0.8.0"
 apollo-parser = "0.5.3"
 arc-swap = "1.6.0"
@@ -69,7 +69,7 @@ backtrace = "0.3.67"
 base64 = "0.20.0"
 buildstructor = "0.5.2"
 bytes = "1.4.0"
-clap = { version = "4.1.6", default-features = false, features = [
+clap = { version = "4.3.0", default-features = false, features = [
     "env",
     "derive",
     "std",
@@ -88,7 +88,7 @@ diff = "0.1.13"
 directories = "4.0.1"
 displaydoc = "0.2"
 flate2 = "1.0.24"
-fred = { version = "6.0.0", features = ["enable-rustls", "no-client-setname"] }
+fred = { version = "6.3.0", features = ["enable-rustls", "no-client-setname"] }
 futures = { version = "0.3.28", features = ["thread-pool"] }
 graphql_client = "0.11.0"
 hex = "0.4.3"
@@ -99,25 +99,25 @@ humantime = "2.1.0"
 humantime-serde = "1.1.1"
 hyper = { version = "0.14.26", features = ["server", "client"] }
 hyper-rustls = { version = "0.23.2", features = ["http1", "http2"] }
-indexmap = { version = "1.9.2", features = ["serde-1"] }
+indexmap = { version = "1.9.3", features = ["serde-1"] }
 itertools = "0.10.5"
 jsonpath_lib = "0.3.0"
 jsonschema = { version = "0.16.1", default-features = false }
-jsonwebtoken = "8.2.0"
+jsonwebtoken = "8.3.0"
 lazy_static = "1.4.0"
 libc = "0.2.144"
 linkme = "0.3.9"
 lru = "0.8.1"
 mediatype = "0.19.13"
 mockall = "0.11.4"
-miette = { version = "5.5.0", features = ["fancy"] }
+miette = { version = "5.9.0", features = ["fancy"] }
 mime = "0.3.17"
-multer = "2.0.4"
+multer = "2.1.0"
 multimap = "0.8.3"
 # To avoid tokio issues
-notify = { version = "5.1.0", default-features = false, features=["macos_kqueue"] }
+notify = { version = "5.2.0", default-features = false, features=["macos_kqueue"] }
 nu-ansi-term = "0.47"
-once_cell = "1.17.1"
+once_cell = "1.17.2"
 
 # Any package that starts with `opentelemetry` needs to be updated with care
 # because it is tightly intertwined with the `tracing` packages on account of
@@ -155,15 +155,15 @@ opentelemetry-zipkin = { version = "0.16.0", default-features = false, features
     "reqwest-rustls",
 ] }
 opentelemetry-prometheus = "0.11.0"
-paste = "1.0.11"
+paste = "1.0.12"
 pin-project-lite = "0.2.9"
 prometheus = "0.13"
 prost = "0.11.9"
 prost-types = "0.11.9"
 proteus = "0.5.0"
 rand = "0.8.5"
-rhai = { version = "1.12.0", features = ["sync", "serde", "internals"] }
-regex = "1.7.1"
+rhai = { version = "1.14.0", features = ["sync", "serde", "internals"] }
+regex = "1.8.3"
 reqwest = { version = "0.11.18", default-features = false, features = [
     "rustls-tls",
     "rustls-native-certs",
@@ -171,22 +171,22 @@ reqwest = { version = "0.11.18", default-features = false, features = [
     "stream",
 ] }
 router-bridge = "0.2.6+v2.4.7"
-rust-embed="6.4.2"
+rust-embed="6.6.1"
 rustls = "0.20.8"
 rustls-pemfile = "1.0.2"
 schemars = { version = "0.8.12", features = ["url"] }
-shellexpand = "3.0.0"
+shellexpand = "3.1.0"
 sha2 = "0.10.6"
-serde = { version = "1.0.152", features = ["derive", "rc"] }
+serde = { version = "1.0.163", features = ["derive", "rc"] }
 serde_json_bytes = { version = "0.2.1", features = ["preserve_order"] }
-serde_json = { version = "1.0.93", features = ["preserve_order"] }
+serde_json = { version = "1.0.96", features = ["preserve_order"] }
 serde_urlencoded = "0.7.1"
 serde_yaml = "0.8.26"
 static_assertions = "1.1.0"
 strum_macros = "0.24.3"
 sys-info = "0.9.1"
-thiserror = "1.0.38"
-tokio = { version = "1.24.2", features = ["full"] }
+thiserror = "1.0.40"
+tokio = { version = "1.28.2", features = ["full"] }
 tokio-stream = { version = "0.1.14", features = ["sync", "net"] }
 tokio-util = { version = "0.7.8", features = ["net", "codec", "time"] }
 tonic = { version = "0.8.3", features = ["transport", "tls", "tls-roots", "gzip"] }
@@ -211,7 +211,7 @@ tracing-opentelemetry = "0.18.0"
 tracing-subscriber = { version = "0.3.11", features = ["env-filter", "json"] }
 url = { version = "2.3.1", features = ["serde"] }
 urlencoding = "2.1.2"
-uuid = { version = "1.3.0", features = ["serde", "v4"] }
+uuid = { version = "1.3.3", features = ["serde", "v4"] }
 yaml-rust = "0.4.5"
 wsl = "0.1.0"
 tokio-rustls = "0.23.4"
@@ -233,14 +233,14 @@ tikv-jemallocator = "0.5"
 
 [dev-dependencies]
 ecdsa = { version = "0.15.1", features = ["signing", "pem", "pkcs8"] }
-fred = { version = "6.0.0", features = ["enable-rustls", "no-client-setname"] }
+fred = { version = "6.3.0", features = ["enable-rustls", "no-client-setname"] }
 futures-test = "0.3.28"
-insta = { version = "1.28.0", features = ["json", "redactions", "yaml"] }
+insta = { version = "1.29.0", features = ["json", "redactions", "yaml"] }
 introspector-gadget = "0.2.1"
 maplit = "1.0.2"
 memchr = { version = "2.5.0", default-features = false }
 mockall = "0.11.4"
-once_cell = "1.17.1"
+once_cell = "1.17.2"
 p256 = "0.12.0"
 rand_core = "0.6.4"
 redis = { version = "0.21.7", features = ["tokio-comp"] }
@@ -249,7 +249,7 @@ reqwest = { version = "0.11.18", default-features = false, features = [
     "stream",
 ] }
 similar-asserts = "1.4.2"
-tempfile = "3.4.0"
+tempfile = "3.5.0"
 test-log = { version = "0.2.11", default-features = false, features = [
     "trace",
 ] }
@@ -263,7 +263,7 @@ tracing-subscriber = { version = "0.3", default-features = false, features = [
     "fmt",
 ] }
 tracing-test = "0.2.2"
-walkdir = "2.3.2"
+walkdir = "2.3.3"
 wiremock = "0.5.18"
 
 [target.'cfg(target_os = "linux")'.dev-dependencies]
diff --git a/dockerfiles/tracing/datadog-subgraph/package-lock.json b/dockerfiles/tracing/datadog-subgraph/package-lock.json
index fdddf82c1a5..df2b4519cf8 100644
--- a/dockerfiles/tracing/datadog-subgraph/package-lock.json
+++ b/dockerfiles/tracing/datadog-subgraph/package-lock.json
@@ -203,29 +203,53 @@
       }
     },
     "node_modules/@datadog/native-appsec": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/@datadog/native-appsec/-/native-appsec-1.2.1.tgz",
-      "integrity": "sha512-jF+k7xhBmJIYYLtjvhCey08RBbItTG7O2zcSCDGFffhvCvo3ZOoou+IKtAm9z+U7hOoeOmD+Xg+h29xj/BB9MA==",
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/@datadog/native-appsec/-/native-appsec-3.2.0.tgz",
+      "integrity": "sha512-biAa7EFfuavjSWgSQaCit9CqGzr6Af5nhzfNNGJ38Y/Y387hDvLivAR374kK1z6XoxGZEOa+XPbVogmV/2Bcjw==",
       "hasInstallScript": true,
       "dependencies": {
-        "detect-libc": "^1.0.3",
-        "minimist": "^1.2.6",
-        "tar": "^6.1.11"
-      },
-      "bin": {
-        "appsec-reinstall": "bin/appsec-reinstall.js"
+        "node-gyp-build": "^3.9.0"
       },
       "engines": {
         "node": ">=12"
       }
     },
+    "node_modules/@datadog/native-iast-rewriter": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/@datadog/native-iast-rewriter/-/native-iast-rewriter-2.0.1.tgz",
+      "integrity": "sha512-Mm+FG3XxEbPrAfJQPOMHts7iZZXRvg9gnGeeFRGkyirmRcQcOpZO4wFe/8K61DUVa5pXpgAJQ2ZkBGYF1O9STg==",
+      "dependencies": {
+        "node-gyp-build": "^4.5.0"
+      },
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@datadog/native-iast-rewriter/node_modules/node-gyp-build": {
+      "version": "4.6.0",
+      "resolved": "https://registry.npmjs.org/node-gyp-build/-/node-gyp-build-4.6.0.tgz",
+      "integrity": "sha512-NTZVKn9IylLwUzaKjkas1e4u2DLNcV4rdYagA4PWdPwW87Bi7z+BznyKSRwS/761tV/lzCGXplWsiaMjLqP2zQ==",
+      "bin": {
+        "node-gyp-build": "bin.js",
+        "node-gyp-build-optional": "optional.js",
+        "node-gyp-build-test": "build-test.js"
+      }
+    },
+    "node_modules/@datadog/native-iast-taint-tracking": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/@datadog/native-iast-taint-tracking/-/native-iast-taint-tracking-1.4.1.tgz",
+      "integrity": "sha512-wWJebnK5fADXGGwmoHi9ElMsvR/M4IZpRxBxzAfKU2WI1GRkCvSxQBhbIFUTQEuO7l6ZOpASWQ9yUXK3cx8n+w==",
+      "dependencies": {
+        "node-gyp-build": "^3.9.0"
+      }
+    },
     "node_modules/@datadog/native-metrics": {
-      "version": "1.4.2",
-      "resolved": "https://registry.npmjs.org/@datadog/native-metrics/-/native-metrics-1.4.2.tgz",
-      "integrity": "sha512-ExSIZCEo3pXTNQRuyQllIa+0pc2bVDOntlx0JMnu7+GjeEjJxGyVLw8tTx5EQUmHSLt0Jm7aeMW63C8DJnO27A==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@datadog/native-metrics/-/native-metrics-2.0.0.tgz",
+      "integrity": "sha512-YklGVwUtmKGYqFf1MNZuOHvTYdKuR4+Af1XkWcMD8BwOAjxmd9Z+97328rCOY8TFUJzlGUPaXzB8j2qgG/BMwA==",
       "hasInstallScript": true,
       "dependencies": {
-        "nan": "^2.15.0",
+        "node-addon-api": "^6.1.0",
         "node-gyp-build": "^3.9.0"
       },
       "engines": {
@@ -233,20 +257,16 @@
       }
     },
     "node_modules/@datadog/pprof": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/@datadog/pprof/-/pprof-1.0.2.tgz",
-      "integrity": "sha512-AMTK55W3Aa2QX2X8mN9SQfDGw3HvwIK9Or8pXQFss+kjtH5pCkO9oqE5838MeXgRh9BR8HWrjAQE3Ji7FRCK2g==",
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/@datadog/pprof/-/pprof-2.2.1.tgz",
+      "integrity": "sha512-kPxN9ADjajUEU1zRtVqLT/q5AP8Ge7S1R1UkpUlKOzNgBznFXmNzhTtQqGhB8ew6LPssfIQTDVd/rBIcJvuMOw==",
       "hasInstallScript": true,
       "dependencies": {
         "delay": "^5.0.0",
-        "findit2": "^2.2.3",
-        "nan": "^2.16.0",
         "node-gyp-build": "^3.9.0",
         "p-limit": "^3.1.0",
         "pify": "^5.0.0",
-        "protobufjs": "^7.0.0",
-        "rimraf": "^3.0.2",
-        "semver": "^7.3.5",
+        "pprof-format": "^2.0.6",
         "source-map": "^0.7.3",
         "split": "^1.0.1"
       },
@@ -254,24 +274,10 @@
         "node": ">=12"
       }
     },
-    "node_modules/@datadog/pprof/node_modules/semver": {
-      "version": "7.3.7",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz",
-      "integrity": "sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==",
-      "dependencies": {
-        "lru-cache": "^6.0.0"
-      },
-      "bin": {
-        "semver": "bin/semver.js"
-      },
-      "engines": {
-        "node": ">=10"
-      }
-    },
     "node_modules/@datadog/sketches-js": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/@datadog/sketches-js/-/sketches-js-2.0.0.tgz",
-      "integrity": "sha512-cR9r5sGYU64HLUe7vRvWuZO8qFrCPWanB/a2nrPPW5E7JVwt5j9QCEjhtPZo6LoImfVr3SajcbmyGwZfFLsHjw=="
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/@datadog/sketches-js/-/sketches-js-2.1.0.tgz",
+      "integrity": "sha512-smLocSfrt3s53H/XSVP3/1kP42oqvrkjUPtyaFd1F79ux24oE31BKt+q0c6lsa6hOYrFzsIwyc5GXAI5JmfOew=="
     },
     "node_modules/@graphql-tools/merge": {
       "version": "8.3.0",
@@ -414,9 +420,9 @@
       "integrity": "sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw=="
     },
     "node_modules/@types/express": {
-      "version": "4.17.13",
-      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.13.tgz",
-      "integrity": "sha512-6bSZTPaTIACxn48l50SR+axgrqm6qXFIxrdAKaG6PaJk3+zuUr35hBlgT7vOmJcum+OEaIBLtHV/qloEAFITeA==",
+      "version": "4.17.14",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.14.tgz",
+      "integrity": "sha512-TEbt+vaPFQ+xpxFLFssxUDXj5cWCxZJjIcB7Yg0k0GMHGtgtQgpvx/MUQUeAkNbA9AAGrwkAsoeItdTgS7FMyg==",
       "dependencies": {
         "@types/body-parser": "*",
         "@types/express-serve-static-core": "^4.17.18",
@@ -425,9 +431,9 @@
       }
     },
     "node_modules/@types/express-serve-static-core": {
-      "version": "4.17.29",
-      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.29.tgz",
-      "integrity": "sha512-uMd++6dMKS32EOuw1Uli3e3BPgdLIXmezcfHv7N4c1s3gkhikBplORPpMq3fuWkxncZN1reb16d5n8yhQ80x7Q==",
+      "version": "4.17.31",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.31.tgz",
+      "integrity": "sha512-DxMhY+NAsTwMMFHBTtJFNp5qiHKJ7TeqOo23zVEM9alT1Ml27Q3xcTH0xwxn7Q0BbMcVEJOs/7aQtUWupUQN3Q==",
       "dependencies": {
         "@types/node": "*",
         "@types/qs": "*",
@@ -502,9 +508,9 @@
       }
     },
     "node_modules/apollo-server-core": {
-      "version": "3.11.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.11.0.tgz",
-      "integrity": "sha512-5iRlkbilXpQeY66/F2/t2oNO0YSqb+kFb5lyMUIqK9VLuBfI/hILQDa5H71ar7hhexKwoDzIDfSJRg5ASNmnQw==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.12.0.tgz",
+      "integrity": "sha512-hq7iH6Cgldgmnjs9FVSZeKWRpi0/ZR+iJ1arzeD2VXGxxgk1mAm/cz1Tx0TYgegZI+FvvrRl0UhKEx7sLnIxIg==",
       "deprecated": "The `apollo-server-core` package is part of Apollo Server v2 and v3, which are now deprecated (end-of-life October 22nd 2023). This package's functionality is now found in the `@apollo/server` package. See https://www.apollographql.com/docs/apollo-server/previous-versions/ for more details.",
       "dependencies": {
         "@apollo/utils.keyvaluecache": "^1.0.1",
@@ -516,11 +522,11 @@
         "@graphql-tools/schema": "^8.0.0",
         "@josephg/resolvable": "^1.0.0",
         "apollo-datasource": "^3.3.2",
-        "apollo-reporting-protobuf": "^3.3.3",
+        "apollo-reporting-protobuf": "^3.4.0",
         "apollo-server-env": "^4.2.1",
         "apollo-server-errors": "^3.3.1",
-        "apollo-server-plugin-base": "^3.7.0",
-        "apollo-server-types": "^3.7.0",
+        "apollo-server-plugin-base": "^3.7.2",
+        "apollo-server-types": "^3.8.0",
         "async-retry": "^1.2.1",
         "fast-json-stable-stringify": "^2.1.0",
         "graphql-tag": "^2.11.0",
@@ -561,18 +567,19 @@
       }
     },
     "node_modules/apollo-server-express": {
-      "version": "3.10.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.10.0.tgz",
-      "integrity": "sha512-ww3tZq9I/x3Oxtux8xlHAZcSB0NNQ17lRlY6yCLk1F+jCzdcjuj0x8XNg0GdTrMowt5v43o786bU9VYKD5OVnA==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.12.0.tgz",
+      "integrity": "sha512-m8FaGPUfDOEGSm7QRWRmUUGjG/vqvpQoorkId9/FXkC57fz/A59kEdrzkMt9538Xgsa5AV+X4MEWLJhTvlW3LQ==",
+      "deprecated": "The `apollo-server-express` package is part of Apollo Server v2 and v3, which are now deprecated (end-of-life October 22nd 2023). This package's functionality is now found in the `@apollo/server` package. See https://www.apollographql.com/docs/apollo-server/previous-versions/ for more details.",
       "dependencies": {
         "@types/accepts": "^1.3.5",
         "@types/body-parser": "1.19.2",
         "@types/cors": "2.8.12",
-        "@types/express": "4.17.13",
-        "@types/express-serve-static-core": "4.17.29",
+        "@types/express": "4.17.14",
+        "@types/express-serve-static-core": "4.17.31",
         "accepts": "^1.3.5",
-        "apollo-server-core": "^3.10.0",
-        "apollo-server-types": "^3.6.2",
+        "apollo-server-core": "^3.12.0",
+        "apollo-server-types": "^3.8.0",
         "body-parser": "^1.19.0",
         "cors": "^2.8.5",
         "parseurl": "^1.3.3"
@@ -631,15 +638,10 @@
         "retry": "0.13.1"
       }
     },
-    "node_modules/balanced-match": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
-      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="
-    },
     "node_modules/body-parser": {
-      "version": "1.20.0",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.0.tgz",
-      "integrity": "sha512-DfJ+q6EPcGKZD1QWUjSpqp+Q7bDQTsQIF4zfUAtZ6qk+H/3/QRhg9CEp39ss+/T2vw0+HaidC0ecJj/DRLIaKg==",
+      "version": "1.20.1",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+      "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
       "dependencies": {
         "bytes": "3.1.2",
         "content-type": "~1.0.4",
@@ -649,7 +651,7 @@
         "http-errors": "2.0.0",
         "iconv-lite": "0.4.24",
         "on-finished": "2.4.1",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "raw-body": "2.5.1",
         "type-is": "~1.6.18",
         "unpipe": "1.0.0"
@@ -659,15 +661,6 @@
         "npm": "1.2.8000 || >= 1.4.16"
       }
     },
-    "node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "dependencies": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "node_modules/bytes": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz",
@@ -688,24 +681,11 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
-    "node_modules/chownr": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz",
-      "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==",
-      "engines": {
-        "node": ">=10"
-      }
-    },
     "node_modules/commander": {
       "version": "2.20.3",
       "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz",
       "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ=="
     },
-    "node_modules/concat-map": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
-      "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg=="
-    },
     "node_modules/content-disposition": {
       "version": "0.5.4",
       "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz",
@@ -761,36 +741,59 @@
       "integrity": "sha512-FAaLDaplstoRsDR8XGYH51znUN0UY7nMc6Z9/fvE8EXGwvJE9hu7W2vHwx1+bd6gCYnln9nLbzxFTrcO9YQDZw=="
     },
     "node_modules/dd-trace": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/dd-trace/-/dd-trace-3.0.0.tgz",
-      "integrity": "sha512-WIph8PS1U/1D+SahEPSAbt6sAdH9lbEzNmhmOBAhkxYdHbuuFlxqgq6YpGHB8BviRqs4oCsYmR1Sr4HkBuglNg==",
+      "version": "3.21.0",
+      "resolved": "https://registry.npmjs.org/dd-trace/-/dd-trace-3.21.0.tgz",
+      "integrity": "sha512-c86ZIVihUlIWx5XvzQ8xikgNwT7+w+2PllY7NRYRrxbN6ZjIqdg7tTkoUYMaIo1bvpNBGtW2mRV7JN6b76PlhA==",
       "hasInstallScript": true,
       "dependencies": {
-        "@datadog/native-appsec": "^1.2.1",
-        "@datadog/native-metrics": "^1.4.2",
-        "@datadog/pprof": "^1.0.2",
-        "@datadog/sketches-js": "^2.0.0",
+        "@datadog/native-appsec": "^3.1.0",
+        "@datadog/native-iast-rewriter": "2.0.1",
+        "@datadog/native-iast-taint-tracking": "^1.4.1",
+        "@datadog/native-metrics": "^2.0.0",
+        "@datadog/pprof": "^2.2.1",
+        "@datadog/sketches-js": "^2.1.0",
         "crypto-randomuuid": "^1.0.0",
         "diagnostics_channel": "^1.1.0",
         "ignore": "^5.2.0",
-        "import-in-the-middle": "^1.3.0",
+        "import-in-the-middle": "^1.3.5",
+        "ipaddr.js": "^2.0.1",
+        "istanbul-lib-coverage": "3.2.0",
         "koalas": "^1.0.2",
         "limiter": "^1.1.4",
         "lodash.kebabcase": "^4.1.1",
         "lodash.pick": "^4.4.0",
         "lodash.sortby": "^4.7.0",
         "lodash.uniq": "^4.5.0",
+        "lru-cache": "^7.14.0",
         "methods": "^1.1.2",
         "module-details-from-path": "^1.0.3",
+        "node-abort-controller": "^3.0.1",
         "opentracing": ">=0.12.1",
         "path-to-regexp": "^0.1.2",
+        "protobufjs": "^7.1.2",
         "retry": "^0.10.1",
-        "semver": "^5.5.0"
+        "semver": "^7.3.8"
       },
       "engines": {
         "node": ">=14"
       }
     },
+    "node_modules/dd-trace/node_modules/ipaddr.js": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-2.1.0.tgz",
+      "integrity": "sha512-LlbxQ7xKzfBusov6UMi4MFpEg0m+mAm9xyNGEduwXMEDuf4WfzB/RZwMVYEd7IKGvh4IUkEXYxtAVu9T3OelJQ==",
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/dd-trace/node_modules/lru-cache": {
+      "version": "7.18.3",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
+      "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==",
+      "engines": {
+        "node": ">=12"
+      }
+    },
     "node_modules/dd-trace/node_modules/retry": {
       "version": "0.10.1",
       "resolved": "https://registry.npmjs.org/retry/-/retry-0.10.1.tgz",
@@ -835,17 +838,6 @@
         "npm": "1.2.8000 || >= 1.4.16"
       }
     },
-    "node_modules/detect-libc": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz",
-      "integrity": "sha512-pGjwhsmsp4kL2RTz08wcOlGN83otlqHeD/Z5T8GXZB+/YcpQ/dgo+lbU8ZsGxV0HIvqqxo9l7mqYwyYMD9bKDg==",
-      "bin": {
-        "detect-libc": "bin/detect-libc.js"
-      },
-      "engines": {
-        "node": ">=0.10"
-      }
-    },
     "node_modules/diagnostics_channel": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/diagnostics_channel/-/diagnostics_channel-1.1.0.tgz",
@@ -881,13 +873,13 @@
       }
     },
     "node_modules/express": {
-      "version": "4.18.1",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.1.tgz",
-      "integrity": "sha512-zZBcOX9TfehHQhtupq57OF8lFZ3UZi08Y97dwFCkD8p9d/d2Y3M+ykKcwaMDEL+4qyUolgBDX6AblpR3fL212Q==",
+      "version": "4.18.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz",
+      "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==",
       "dependencies": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
-        "body-parser": "1.20.0",
+        "body-parser": "1.20.1",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
         "cookie": "0.5.0",
@@ -906,7 +898,7 @@
         "parseurl": "~1.3.3",
         "path-to-regexp": "0.1.7",
         "proxy-addr": "~2.0.7",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "range-parser": "~1.2.1",
         "safe-buffer": "5.2.1",
         "send": "0.18.0",
@@ -943,14 +935,6 @@
         "node": ">= 0.8"
       }
     },
-    "node_modules/findit2": {
-      "version": "2.2.3",
-      "resolved": "https://registry.npmjs.org/findit2/-/findit2-2.2.3.tgz",
-      "integrity": "sha512-lg/Moejf4qXovVutL0Lz4IsaPoNYMuxt4PA0nGqFxnJ1CTTGGlEO2wKgoDpwknhvZ8k4Q2F+eesgkLbG2Mxfog==",
-      "engines": {
-        "node": ">=0.8.22"
-      }
-    },
     "node_modules/forwarded": {
       "version": "0.2.0",
       "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz",
@@ -967,63 +951,29 @@
         "node": ">= 0.6"
       }
     },
-    "node_modules/fs-minipass": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz",
-      "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==",
-      "dependencies": {
-        "minipass": "^3.0.0"
-      },
-      "engines": {
-        "node": ">= 8"
-      }
-    },
-    "node_modules/fs.realpath": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
-      "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw=="
-    },
     "node_modules/function-bind": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
       "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
     },
     "node_modules/get-intrinsic": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.1.2.tgz",
-      "integrity": "sha512-Jfm3OyCxHh9DJyc28qGk+JmfkpO41A4XkneDSujN9MDXrm4oDKdHvndhZ2dN94+ERNfkYJWDclW6k2L/ZGHjXA==",
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz",
+      "integrity": "sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==",
       "dependencies": {
         "function-bind": "^1.1.1",
         "has": "^1.0.3",
+        "has-proto": "^1.0.1",
         "has-symbols": "^1.0.3"
       },
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
     },
-    "node_modules/glob": {
-      "version": "7.2.3",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
-      "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
-      "dependencies": {
-        "fs.realpath": "^1.0.0",
-        "inflight": "^1.0.4",
-        "inherits": "2",
-        "minimatch": "^3.1.1",
-        "once": "^1.3.0",
-        "path-is-absolute": "^1.0.0"
-      },
-      "engines": {
-        "node": "*"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      }
-    },
     "node_modules/graphql": {
-      "version": "16.5.0",
-      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.5.0.tgz",
-      "integrity": "sha512-qbHgh8Ix+j/qY+a/ZcJnFQ+j8ezakqPiHwPiZhV/3PgGlgf96QMBB5/f2rkiC9sgLoy/xvT6TSiaf2nTHJh5iA==",
+      "version": "16.6.0",
+      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.6.0.tgz",
+      "integrity": "sha512-KPIBPDlW7NxrbT/eh4qPXz5FiFdL5UbaA0XUNz2Rp3Z3hqBSkbj0GVjwFDztsWVauZUWsbKHgMg++sk8UX0bkw==",
       "engines": {
         "node": "^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0"
       }
@@ -1053,6 +1003,17 @@
         "node": ">= 0.4.0"
       }
     },
+    "node_modules/has-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
+      "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg==",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/has-symbols": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
@@ -1099,22 +1060,13 @@
       }
     },
     "node_modules/import-in-the-middle": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/import-in-the-middle/-/import-in-the-middle-1.3.0.tgz",
-      "integrity": "sha512-esDCEWyzzg0bGShz1N5ybRrPIJFvKaJ7TfTaIFP1XovxFo98In2GiDpOR/Cn/8J1cfRO8i/RrQToQ9j0WL2b0Q==",
+      "version": "1.3.5",
+      "resolved": "https://registry.npmjs.org/import-in-the-middle/-/import-in-the-middle-1.3.5.tgz",
+      "integrity": "sha512-yzHlBqi1EBFrkieAnSt8eTgO5oLSl+YJ7qaOpUH/PMqQOMZoQ/RmDlwnTLQrwYto+gHYjRG+i/IbsB1eDx32NQ==",
       "dependencies": {
         "module-details-from-path": "^1.0.3"
       }
     },
-    "node_modules/inflight": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
-      "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==",
-      "dependencies": {
-        "once": "^1.3.0",
-        "wrappy": "1"
-      }
-    },
     "node_modules/inherits": {
       "version": "2.0.4",
       "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
@@ -1128,6 +1080,14 @@
         "node": ">= 0.10"
       }
     },
+    "node_modules/istanbul-lib-coverage": {
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz",
+      "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw==",
+      "engines": {
+        "node": ">=8"
+      }
+    },
     "node_modules/koalas": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/koalas/-/koalas-1.0.2.tgz",
@@ -1245,56 +1205,6 @@
         "node": ">= 0.6"
       }
     },
-    "node_modules/minimatch": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
-      "dependencies": {
-        "brace-expansion": "^1.1.7"
-      },
-      "engines": {
-        "node": "*"
-      }
-    },
-    "node_modules/minimist": {
-      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q=="
-    },
-    "node_modules/minipass": {
-      "version": "3.3.4",
-      "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.4.tgz",
-      "integrity": "sha512-I9WPbWHCGu8W+6k1ZiGpPu0GkoKBeorkfKNuAFBNS1HNFJvke82sxvI5bzcCNpWPorkOO5QQ+zomzzwRxejXiw==",
-      "dependencies": {
-        "yallist": "^4.0.0"
-      },
-      "engines": {
-        "node": ">=8"
-      }
-    },
-    "node_modules/minizlib": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz",
-      "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==",
-      "dependencies": {
-        "minipass": "^3.0.0",
-        "yallist": "^4.0.0"
-      },
-      "engines": {
-        "node": ">= 8"
-      }
-    },
-    "node_modules/mkdirp": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz",
-      "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==",
-      "bin": {
-        "mkdirp": "bin/cmd.js"
-      },
-      "engines": {
-        "node": ">=10"
-      }
-    },
     "node_modules/module-details-from-path": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/module-details-from-path/-/module-details-from-path-1.0.3.tgz",
@@ -1305,11 +1215,6 @@
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
       "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="
     },
-    "node_modules/nan": {
-      "version": "2.16.0",
-      "resolved": "https://registry.npmjs.org/nan/-/nan-2.16.0.tgz",
-      "integrity": "sha512-UdAqHyFngu7TfQKsCBgAA6pWDkT8MAO7d0jyOecVhN5354xbLqdn8mV9Tat9gepAupm0bt2DbeaSC8vS52MuFA=="
-    },
     "node_modules/negotiator": {
       "version": "0.6.3",
       "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz",
@@ -1323,6 +1228,11 @@
       "resolved": "https://registry.npmjs.org/node-abort-controller/-/node-abort-controller-3.1.1.tgz",
       "integrity": "sha512-AGK2yQKIjRuqnc6VkX2Xj5d+QW8xZ87pa1UK6yA6ouUyuxfHuMP6umE5QK7UmTeOAymo+Zx1Fxiuw9rVx8taHQ=="
     },
+    "node_modules/node-addon-api": {
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-6.1.0.tgz",
+      "integrity": "sha512-+eawOlIgy680F0kBzPUNFhMZGtJ1YmqM6l4+Crf4IkImjYrO/mqPwRMh352g23uIaQKFItcQ64I7KMaJxHgAVA=="
+    },
     "node_modules/node-fetch": {
       "version": "2.6.7",
       "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
@@ -1361,9 +1271,9 @@
       }
     },
     "node_modules/object-inspect": {
-      "version": "1.12.2",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.2.tgz",
-      "integrity": "sha512-z+cPxW0QGUp0mcqcsgQyLVRDoXFQbXOwBaqyF7VIgI4TWNQsDHrBpUQslRmIfAoYWdYzs6UlKJtB2XJpTaNSpQ==",
+      "version": "1.12.3",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==",
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
@@ -1379,14 +1289,6 @@
         "node": ">= 0.8"
       }
     },
-    "node_modules/once": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
-      "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==",
-      "dependencies": {
-        "wrappy": "1"
-      }
-    },
     "node_modules/opentracing": {
       "version": "0.14.7",
       "resolved": "https://registry.npmjs.org/opentracing/-/opentracing-0.14.7.tgz",
@@ -1417,14 +1319,6 @@
         "node": ">= 0.8"
       }
     },
-    "node_modules/path-is-absolute": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
-      "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==",
-      "engines": {
-        "node": ">=0.10.0"
-      }
-    },
     "node_modules/path-to-regexp": {
       "version": "0.1.7",
       "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
@@ -1441,10 +1335,15 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/pprof-format": {
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/pprof-format/-/pprof-format-2.0.7.tgz",
+      "integrity": "sha512-1qWaGAzwMpaXJP9opRa23nPnt2Egi7RMNoNBptEE/XwHbcn4fC2b/4U4bKc5arkGkIh2ZabpF2bEb+c5GNHEKA=="
+    },
     "node_modules/protobufjs": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.0.0.tgz",
-      "integrity": "sha512-ffNIEm+quOcYtQvHdW406v1NQmZSuqVklxsXk076BtuFnlYZfigLU+JOMrTD8TUOyqHYbRI/fSVNvgd25YeN3w==",
+      "version": "7.2.3",
+      "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.2.3.tgz",
+      "integrity": "sha512-TtpvOqwB5Gdz/PQmOjgsrGH1nHjAQVCN7JG4A6r1sXRWESL5rNMAiRcBQlCAdKxZcAbstExQePYG8xof/JVRgg==",
       "hasInstallScript": true,
       "dependencies": {
         "@protobufjs/aspromise": "^1.1.2",
@@ -1457,7 +1356,6 @@
         "@protobufjs/path": "^1.1.2",
         "@protobufjs/pool": "^1.1.0",
         "@protobufjs/utf8": "^1.1.0",
-        "@types/long": "^4.0.1",
         "@types/node": ">=13.7.0",
         "long": "^5.0.0"
       },
@@ -1466,14 +1364,14 @@
       }
     },
     "node_modules/protobufjs/node_modules/@types/node": {
-      "version": "18.7.5",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-18.7.5.tgz",
-      "integrity": "sha512-NcKK6Ts+9LqdHJaW6HQmgr7dT/i3GOHG+pt6BiWv++5SnjtRd4NXeiuN2kA153SjhXPR/AhHIPHPbrsbpUVOww=="
+      "version": "20.2.5",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.2.5.tgz",
+      "integrity": "sha512-JJulVEQXmiY9Px5axXHeYGLSjhkZEnD+MDPDGbCbIAbMslkKwmygtZFy1X6s/075Yo94sf8GuSlFfPzysQrWZQ=="
     },
     "node_modules/protobufjs/node_modules/long": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/long/-/long-5.2.0.tgz",
-      "integrity": "sha512-9RTUNjK60eJbx3uz+TEGF7fUr29ZDxR5QzXcyDpeSfeH28S9ycINflOgOlppit5U+4kNTe83KQnMEerw7GmE8w=="
+      "version": "5.2.3",
+      "resolved": "https://registry.npmjs.org/long/-/long-5.2.3.tgz",
+      "integrity": "sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q=="
     },
     "node_modules/proxy-addr": {
       "version": "2.0.7",
@@ -1488,9 +1386,9 @@
       }
     },
     "node_modules/qs": {
-      "version": "6.10.3",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.3.tgz",
-      "integrity": "sha512-wr7M2E0OFRfIfJZjKGieI8lBKb7fRCH4Fv5KNPEs7gJ8jadvotdsS08PzOKR7opXhZ/Xkjtt3WF9g38drmyRqQ==",
+      "version": "6.11.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz",
+      "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==",
       "dependencies": {
         "side-channel": "^1.0.4"
       },
@@ -1531,20 +1429,6 @@
         "node": ">= 4"
       }
     },
-    "node_modules/rimraf": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
-      "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
-      "dependencies": {
-        "glob": "^7.1.3"
-      },
-      "bin": {
-        "rimraf": "bin.js"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/isaacs"
-      }
-    },
     "node_modules/safe-buffer": {
       "version": "5.2.1",
       "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -1570,11 +1454,17 @@
       "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
     },
     "node_modules/semver": {
-      "version": "5.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
+      "version": "7.5.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.1.tgz",
+      "integrity": "sha512-Wvss5ivl8TMRZXXESstBA4uR5iXgEN/VC5/sOcuXdVLzcdkz4HWetIoRfG5gb5X+ij/G9rw9YoGn3QoQ8OCSpw==",
+      "dependencies": {
+        "lru-cache": "^6.0.0"
+      },
       "bin": {
-        "semver": "bin/semver"
+        "semver": "bin/semver.js"
+      },
+      "engines": {
+        "node": ">=10"
       }
     },
     "node_modules/send": {
@@ -1676,22 +1566,6 @@
         "node": ">= 0.8"
       }
     },
-    "node_modules/tar": {
-      "version": "6.1.11",
-      "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.11.tgz",
-      "integrity": "sha512-an/KZQzQUkZCkuoAA64hM92X0Urb6VpRhAFllDzz44U2mcD5scmT3zBc4VgVpkugF580+DQn8eAFSyoQt0tznA==",
-      "dependencies": {
-        "chownr": "^2.0.0",
-        "fs-minipass": "^2.0.0",
-        "minipass": "^3.0.0",
-        "minizlib": "^2.1.1",
-        "mkdirp": "^1.0.3",
-        "yallist": "^4.0.0"
-      },
-      "engines": {
-        "node": ">= 10"
-      }
-    },
     "node_modules/through": {
       "version": "2.3.8",
       "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz",
@@ -1802,11 +1676,6 @@
         "webidl-conversions": "^3.0.0"
       }
     },
-    "node_modules/wrappy": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
-      "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="
-    },
     "node_modules/xss": {
       "version": "1.0.13",
       "resolved": "https://registry.npmjs.org/xss/-/xss-1.0.13.tgz",
@@ -1965,56 +1834,63 @@
       }
     },
     "@datadog/native-appsec": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/@datadog/native-appsec/-/native-appsec-1.2.1.tgz",
-      "integrity": "sha512-jF+k7xhBmJIYYLtjvhCey08RBbItTG7O2zcSCDGFffhvCvo3ZOoou+IKtAm9z+U7hOoeOmD+Xg+h29xj/BB9MA==",
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/@datadog/native-appsec/-/native-appsec-3.2.0.tgz",
+      "integrity": "sha512-biAa7EFfuavjSWgSQaCit9CqGzr6Af5nhzfNNGJ38Y/Y387hDvLivAR374kK1z6XoxGZEOa+XPbVogmV/2Bcjw==",
       "requires": {
-        "detect-libc": "^1.0.3",
-        "minimist": "^1.2.6",
-        "tar": "^6.1.11"
+        "node-gyp-build": "^3.9.0"
+      }
+    },
+    "@datadog/native-iast-rewriter": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/@datadog/native-iast-rewriter/-/native-iast-rewriter-2.0.1.tgz",
+      "integrity": "sha512-Mm+FG3XxEbPrAfJQPOMHts7iZZXRvg9gnGeeFRGkyirmRcQcOpZO4wFe/8K61DUVa5pXpgAJQ2ZkBGYF1O9STg==",
+      "requires": {
+        "node-gyp-build": "^4.5.0"
+      },
+      "dependencies": {
+        "node-gyp-build": {
+          "version": "4.6.0",
+          "resolved": "https://registry.npmjs.org/node-gyp-build/-/node-gyp-build-4.6.0.tgz",
+          "integrity": "sha512-NTZVKn9IylLwUzaKjkas1e4u2DLNcV4rdYagA4PWdPwW87Bi7z+BznyKSRwS/761tV/lzCGXplWsiaMjLqP2zQ=="
+        }
+      }
+    },
+    "@datadog/native-iast-taint-tracking": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/@datadog/native-iast-taint-tracking/-/native-iast-taint-tracking-1.4.1.tgz",
+      "integrity": "sha512-wWJebnK5fADXGGwmoHi9ElMsvR/M4IZpRxBxzAfKU2WI1GRkCvSxQBhbIFUTQEuO7l6ZOpASWQ9yUXK3cx8n+w==",
+      "requires": {
+        "node-gyp-build": "^3.9.0"
       }
     },
     "@datadog/native-metrics": {
-      "version": "1.4.2",
-      "resolved": "https://registry.npmjs.org/@datadog/native-metrics/-/native-metrics-1.4.2.tgz",
-      "integrity": "sha512-ExSIZCEo3pXTNQRuyQllIa+0pc2bVDOntlx0JMnu7+GjeEjJxGyVLw8tTx5EQUmHSLt0Jm7aeMW63C8DJnO27A==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@datadog/native-metrics/-/native-metrics-2.0.0.tgz",
+      "integrity": "sha512-YklGVwUtmKGYqFf1MNZuOHvTYdKuR4+Af1XkWcMD8BwOAjxmd9Z+97328rCOY8TFUJzlGUPaXzB8j2qgG/BMwA==",
       "requires": {
-        "nan": "^2.15.0",
+        "node-addon-api": "^6.1.0",
         "node-gyp-build": "^3.9.0"
       }
     },
     "@datadog/pprof": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/@datadog/pprof/-/pprof-1.0.2.tgz",
-      "integrity": "sha512-AMTK55W3Aa2QX2X8mN9SQfDGw3HvwIK9Or8pXQFss+kjtH5pCkO9oqE5838MeXgRh9BR8HWrjAQE3Ji7FRCK2g==",
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/@datadog/pprof/-/pprof-2.2.1.tgz",
+      "integrity": "sha512-kPxN9ADjajUEU1zRtVqLT/q5AP8Ge7S1R1UkpUlKOzNgBznFXmNzhTtQqGhB8ew6LPssfIQTDVd/rBIcJvuMOw==",
       "requires": {
         "delay": "^5.0.0",
-        "findit2": "^2.2.3",
-        "nan": "^2.16.0",
         "node-gyp-build": "^3.9.0",
         "p-limit": "^3.1.0",
         "pify": "^5.0.0",
-        "protobufjs": "^7.0.0",
-        "rimraf": "^3.0.2",
-        "semver": "^7.3.5",
+        "pprof-format": "^2.0.6",
         "source-map": "^0.7.3",
         "split": "^1.0.1"
-      },
-      "dependencies": {
-        "semver": {
-          "version": "7.3.7",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.7.tgz",
-          "integrity": "sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==",
-          "requires": {
-            "lru-cache": "^6.0.0"
-          }
-        }
       }
     },
     "@datadog/sketches-js": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/@datadog/sketches-js/-/sketches-js-2.0.0.tgz",
-      "integrity": "sha512-cR9r5sGYU64HLUe7vRvWuZO8qFrCPWanB/a2nrPPW5E7JVwt5j9QCEjhtPZo6LoImfVr3SajcbmyGwZfFLsHjw=="
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/@datadog/sketches-js/-/sketches-js-2.1.0.tgz",
+      "integrity": "sha512-smLocSfrt3s53H/XSVP3/1kP42oqvrkjUPtyaFd1F79ux24oE31BKt+q0c6lsa6hOYrFzsIwyc5GXAI5JmfOew=="
     },
     "@graphql-tools/merge": {
       "version": "8.3.0",
@@ -2145,9 +2021,9 @@
       "integrity": "sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw=="
     },
     "@types/express": {
-      "version": "4.17.13",
-      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.13.tgz",
-      "integrity": "sha512-6bSZTPaTIACxn48l50SR+axgrqm6qXFIxrdAKaG6PaJk3+zuUr35hBlgT7vOmJcum+OEaIBLtHV/qloEAFITeA==",
+      "version": "4.17.14",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.14.tgz",
+      "integrity": "sha512-TEbt+vaPFQ+xpxFLFssxUDXj5cWCxZJjIcB7Yg0k0GMHGtgtQgpvx/MUQUeAkNbA9AAGrwkAsoeItdTgS7FMyg==",
       "requires": {
         "@types/body-parser": "*",
         "@types/express-serve-static-core": "^4.17.18",
@@ -2156,9 +2032,9 @@
       }
     },
     "@types/express-serve-static-core": {
-      "version": "4.17.29",
-      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.29.tgz",
-      "integrity": "sha512-uMd++6dMKS32EOuw1Uli3e3BPgdLIXmezcfHv7N4c1s3gkhikBplORPpMq3fuWkxncZN1reb16d5n8yhQ80x7Q==",
+      "version": "4.17.31",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.31.tgz",
+      "integrity": "sha512-DxMhY+NAsTwMMFHBTtJFNp5qiHKJ7TeqOo23zVEM9alT1Ml27Q3xcTH0xwxn7Q0BbMcVEJOs/7aQtUWupUQN3Q==",
       "requires": {
         "@types/node": "*",
         "@types/qs": "*",
@@ -2226,9 +2102,9 @@
       }
     },
     "apollo-server-core": {
-      "version": "3.11.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.11.0.tgz",
-      "integrity": "sha512-5iRlkbilXpQeY66/F2/t2oNO0YSqb+kFb5lyMUIqK9VLuBfI/hILQDa5H71ar7hhexKwoDzIDfSJRg5ASNmnQw==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.12.0.tgz",
+      "integrity": "sha512-hq7iH6Cgldgmnjs9FVSZeKWRpi0/ZR+iJ1arzeD2VXGxxgk1mAm/cz1Tx0TYgegZI+FvvrRl0UhKEx7sLnIxIg==",
       "requires": {
         "@apollo/utils.keyvaluecache": "^1.0.1",
         "@apollo/utils.logger": "^1.0.0",
@@ -2239,11 +2115,11 @@
         "@graphql-tools/schema": "^8.0.0",
         "@josephg/resolvable": "^1.0.0",
         "apollo-datasource": "^3.3.2",
-        "apollo-reporting-protobuf": "^3.3.3",
+        "apollo-reporting-protobuf": "^3.4.0",
         "apollo-server-env": "^4.2.1",
         "apollo-server-errors": "^3.3.1",
-        "apollo-server-plugin-base": "^3.7.0",
-        "apollo-server-types": "^3.7.0",
+        "apollo-server-plugin-base": "^3.7.2",
+        "apollo-server-types": "^3.8.0",
         "async-retry": "^1.2.1",
         "fast-json-stable-stringify": "^2.1.0",
         "graphql-tag": "^2.11.0",
@@ -2270,18 +2146,18 @@
       "requires": {}
     },
     "apollo-server-express": {
-      "version": "3.10.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.10.0.tgz",
-      "integrity": "sha512-ww3tZq9I/x3Oxtux8xlHAZcSB0NNQ17lRlY6yCLk1F+jCzdcjuj0x8XNg0GdTrMowt5v43o786bU9VYKD5OVnA==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.12.0.tgz",
+      "integrity": "sha512-m8FaGPUfDOEGSm7QRWRmUUGjG/vqvpQoorkId9/FXkC57fz/A59kEdrzkMt9538Xgsa5AV+X4MEWLJhTvlW3LQ==",
       "requires": {
         "@types/accepts": "^1.3.5",
         "@types/body-parser": "1.19.2",
         "@types/cors": "2.8.12",
-        "@types/express": "4.17.13",
-        "@types/express-serve-static-core": "4.17.29",
+        "@types/express": "4.17.14",
+        "@types/express-serve-static-core": "4.17.31",
         "accepts": "^1.3.5",
-        "apollo-server-core": "^3.10.0",
-        "apollo-server-types": "^3.6.2",
+        "apollo-server-core": "^3.12.0",
+        "apollo-server-types": "^3.8.0",
         "body-parser": "^1.19.0",
         "cors": "^2.8.5",
         "parseurl": "^1.3.3"
@@ -2319,15 +2195,10 @@
         "retry": "0.13.1"
       }
     },
-    "balanced-match": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz",
-      "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw=="
-    },
     "body-parser": {
-      "version": "1.20.0",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.0.tgz",
-      "integrity": "sha512-DfJ+q6EPcGKZD1QWUjSpqp+Q7bDQTsQIF4zfUAtZ6qk+H/3/QRhg9CEp39ss+/T2vw0+HaidC0ecJj/DRLIaKg==",
+      "version": "1.20.1",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+      "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
       "requires": {
         "bytes": "3.1.2",
         "content-type": "~1.0.4",
@@ -2337,21 +2208,12 @@
         "http-errors": "2.0.0",
         "iconv-lite": "0.4.24",
         "on-finished": "2.4.1",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "raw-body": "2.5.1",
         "type-is": "~1.6.18",
         "unpipe": "1.0.0"
       }
     },
-    "brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "requires": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
     "bytes": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz",
@@ -2366,21 +2228,11 @@
         "get-intrinsic": "^1.0.2"
       }
     },
-    "chownr": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz",
-      "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ=="
-    },
     "commander": {
       "version": "2.20.3",
       "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz",
       "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ=="
     },
-    "concat-map": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
-      "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg=="
-    },
     "content-disposition": {
       "version": "0.5.4",
       "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz",
@@ -2424,32 +2276,49 @@
       "integrity": "sha512-FAaLDaplstoRsDR8XGYH51znUN0UY7nMc6Z9/fvE8EXGwvJE9hu7W2vHwx1+bd6gCYnln9nLbzxFTrcO9YQDZw=="
     },
     "dd-trace": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/dd-trace/-/dd-trace-3.0.0.tgz",
-      "integrity": "sha512-WIph8PS1U/1D+SahEPSAbt6sAdH9lbEzNmhmOBAhkxYdHbuuFlxqgq6YpGHB8BviRqs4oCsYmR1Sr4HkBuglNg==",
-      "requires": {
-        "@datadog/native-appsec": "^1.2.1",
-        "@datadog/native-metrics": "^1.4.2",
-        "@datadog/pprof": "^1.0.2",
-        "@datadog/sketches-js": "^2.0.0",
+      "version": "3.21.0",
+      "resolved": "https://registry.npmjs.org/dd-trace/-/dd-trace-3.21.0.tgz",
+      "integrity": "sha512-c86ZIVihUlIWx5XvzQ8xikgNwT7+w+2PllY7NRYRrxbN6ZjIqdg7tTkoUYMaIo1bvpNBGtW2mRV7JN6b76PlhA==",
+      "requires": {
+        "@datadog/native-appsec": "^3.1.0",
+        "@datadog/native-iast-rewriter": "2.0.1",
+        "@datadog/native-iast-taint-tracking": "^1.4.1",
+        "@datadog/native-metrics": "^2.0.0",
+        "@datadog/pprof": "^2.2.1",
+        "@datadog/sketches-js": "^2.1.0",
         "crypto-randomuuid": "^1.0.0",
         "diagnostics_channel": "^1.1.0",
         "ignore": "^5.2.0",
-        "import-in-the-middle": "^1.3.0",
+        "import-in-the-middle": "^1.3.5",
+        "ipaddr.js": "^2.0.1",
+        "istanbul-lib-coverage": "3.2.0",
         "koalas": "^1.0.2",
         "limiter": "^1.1.4",
         "lodash.kebabcase": "^4.1.1",
         "lodash.pick": "^4.4.0",
         "lodash.sortby": "^4.7.0",
         "lodash.uniq": "^4.5.0",
+        "lru-cache": "^7.14.0",
         "methods": "^1.1.2",
         "module-details-from-path": "^1.0.3",
+        "node-abort-controller": "^3.0.1",
         "opentracing": ">=0.12.1",
         "path-to-regexp": "^0.1.2",
+        "protobufjs": "^7.1.2",
         "retry": "^0.10.1",
-        "semver": "^5.5.0"
+        "semver": "^7.3.8"
       },
       "dependencies": {
+        "ipaddr.js": {
+          "version": "2.1.0",
+          "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-2.1.0.tgz",
+          "integrity": "sha512-LlbxQ7xKzfBusov6UMi4MFpEg0m+mAm9xyNGEduwXMEDuf4WfzB/RZwMVYEd7IKGvh4IUkEXYxtAVu9T3OelJQ=="
+        },
+        "lru-cache": {
+          "version": "7.18.3",
+          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.18.3.tgz",
+          "integrity": "sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA=="
+        },
         "retry": {
           "version": "0.10.1",
           "resolved": "https://registry.npmjs.org/retry/-/retry-0.10.1.tgz",
@@ -2480,11 +2349,6 @@
       "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz",
       "integrity": "sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg=="
     },
-    "detect-libc": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz",
-      "integrity": "sha512-pGjwhsmsp4kL2RTz08wcOlGN83otlqHeD/Z5T8GXZB+/YcpQ/dgo+lbU8ZsGxV0HIvqqxo9l7mqYwyYMD9bKDg=="
-    },
     "diagnostics_channel": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/diagnostics_channel/-/diagnostics_channel-1.1.0.tgz",
@@ -2511,13 +2375,13 @@
       "integrity": "sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg=="
     },
     "express": {
-      "version": "4.18.1",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.1.tgz",
-      "integrity": "sha512-zZBcOX9TfehHQhtupq57OF8lFZ3UZi08Y97dwFCkD8p9d/d2Y3M+ykKcwaMDEL+4qyUolgBDX6AblpR3fL212Q==",
+      "version": "4.18.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz",
+      "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==",
       "requires": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
-        "body-parser": "1.20.0",
+        "body-parser": "1.20.1",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
         "cookie": "0.5.0",
@@ -2536,7 +2400,7 @@
         "parseurl": "~1.3.3",
         "path-to-regexp": "0.1.7",
         "proxy-addr": "~2.0.7",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "range-parser": "~1.2.1",
         "safe-buffer": "5.2.1",
         "send": "0.18.0",
@@ -2567,11 +2431,6 @@
         "unpipe": "~1.0.0"
       }
     },
-    "findit2": {
-      "version": "2.2.3",
-      "resolved": "https://registry.npmjs.org/findit2/-/findit2-2.2.3.tgz",
-      "integrity": "sha512-lg/Moejf4qXovVutL0Lz4IsaPoNYMuxt4PA0nGqFxnJ1CTTGGlEO2wKgoDpwknhvZ8k4Q2F+eesgkLbG2Mxfog=="
-    },
     "forwarded": {
       "version": "0.2.0",
       "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz",
@@ -2582,51 +2441,26 @@
       "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz",
       "integrity": "sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q=="
     },
-    "fs-minipass": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz",
-      "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==",
-      "requires": {
-        "minipass": "^3.0.0"
-      }
-    },
-    "fs.realpath": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
-      "integrity": "sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw=="
-    },
     "function-bind": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
       "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
     },
     "get-intrinsic": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.1.2.tgz",
-      "integrity": "sha512-Jfm3OyCxHh9DJyc28qGk+JmfkpO41A4XkneDSujN9MDXrm4oDKdHvndhZ2dN94+ERNfkYJWDclW6k2L/ZGHjXA==",
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz",
+      "integrity": "sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==",
       "requires": {
         "function-bind": "^1.1.1",
         "has": "^1.0.3",
+        "has-proto": "^1.0.1",
         "has-symbols": "^1.0.3"
       }
     },
-    "glob": {
-      "version": "7.2.3",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
-      "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
-      "requires": {
-        "fs.realpath": "^1.0.0",
-        "inflight": "^1.0.4",
-        "inherits": "2",
-        "minimatch": "^3.1.1",
-        "once": "^1.3.0",
-        "path-is-absolute": "^1.0.0"
-      }
-    },
     "graphql": {
-      "version": "16.5.0",
-      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.5.0.tgz",
-      "integrity": "sha512-qbHgh8Ix+j/qY+a/ZcJnFQ+j8ezakqPiHwPiZhV/3PgGlgf96QMBB5/f2rkiC9sgLoy/xvT6TSiaf2nTHJh5iA=="
+      "version": "16.6.0",
+      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.6.0.tgz",
+      "integrity": "sha512-KPIBPDlW7NxrbT/eh4qPXz5FiFdL5UbaA0XUNz2Rp3Z3hqBSkbj0GVjwFDztsWVauZUWsbKHgMg++sk8UX0bkw=="
     },
     "graphql-tag": {
       "version": "2.12.6",
@@ -2644,6 +2478,11 @@
         "function-bind": "^1.1.1"
       }
     },
+    "has-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
+      "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg=="
+    },
     "has-symbols": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
@@ -2675,22 +2514,13 @@
       "integrity": "sha512-CmxgYGiEPCLhfLnpPp1MoRmifwEIOgjcHXxOBjv7mY96c+eWScsOP9c112ZyLdWHi0FxHjI+4uVhKYp/gcdRmQ=="
     },
     "import-in-the-middle": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/import-in-the-middle/-/import-in-the-middle-1.3.0.tgz",
-      "integrity": "sha512-esDCEWyzzg0bGShz1N5ybRrPIJFvKaJ7TfTaIFP1XovxFo98In2GiDpOR/Cn/8J1cfRO8i/RrQToQ9j0WL2b0Q==",
+      "version": "1.3.5",
+      "resolved": "https://registry.npmjs.org/import-in-the-middle/-/import-in-the-middle-1.3.5.tgz",
+      "integrity": "sha512-yzHlBqi1EBFrkieAnSt8eTgO5oLSl+YJ7qaOpUH/PMqQOMZoQ/RmDlwnTLQrwYto+gHYjRG+i/IbsB1eDx32NQ==",
       "requires": {
         "module-details-from-path": "^1.0.3"
       }
     },
-    "inflight": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
-      "integrity": "sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==",
-      "requires": {
-        "once": "^1.3.0",
-        "wrappy": "1"
-      }
-    },
     "inherits": {
       "version": "2.0.4",
       "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
@@ -2701,6 +2531,11 @@
       "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
       "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g=="
     },
+    "istanbul-lib-coverage": {
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/istanbul-lib-coverage/-/istanbul-lib-coverage-3.2.0.tgz",
+      "integrity": "sha512-eOeJ5BHCmHYvQK7xt9GkdHuzuCGS1Y6g9Gvnx3Ym33fz/HpLRYxiS0wHNr+m/MBC8B647Xt608vCDEvhl9c6Mw=="
+    },
     "koalas": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/koalas/-/koalas-1.0.2.tgz",
@@ -2787,41 +2622,6 @@
         "mime-db": "1.52.0"
       }
     },
-    "minimatch": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
-      "requires": {
-        "brace-expansion": "^1.1.7"
-      }
-    },
-    "minimist": {
-      "version": "1.2.6",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.6.tgz",
-      "integrity": "sha512-Jsjnk4bw3YJqYzbdyBiNsPWHPfO++UGG749Cxs6peCu5Xg4nrena6OVxOYxrQTqww0Jmwt+Ref8rggumkTLz9Q=="
-    },
-    "minipass": {
-      "version": "3.3.4",
-      "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.4.tgz",
-      "integrity": "sha512-I9WPbWHCGu8W+6k1ZiGpPu0GkoKBeorkfKNuAFBNS1HNFJvke82sxvI5bzcCNpWPorkOO5QQ+zomzzwRxejXiw==",
-      "requires": {
-        "yallist": "^4.0.0"
-      }
-    },
-    "minizlib": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz",
-      "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==",
-      "requires": {
-        "minipass": "^3.0.0",
-        "yallist": "^4.0.0"
-      }
-    },
-    "mkdirp": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz",
-      "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw=="
-    },
     "module-details-from-path": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/module-details-from-path/-/module-details-from-path-1.0.3.tgz",
@@ -2832,11 +2632,6 @@
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
       "integrity": "sha512-Tpp60P6IUJDTuOq/5Z8cdskzJujfwqfOTkrwIwj7IRISpnkJnT6SyJ4PCPnGMoFjC9ddhal5KVIYtAt97ix05A=="
     },
-    "nan": {
-      "version": "2.16.0",
-      "resolved": "https://registry.npmjs.org/nan/-/nan-2.16.0.tgz",
-      "integrity": "sha512-UdAqHyFngu7TfQKsCBgAA6pWDkT8MAO7d0jyOecVhN5354xbLqdn8mV9Tat9gepAupm0bt2DbeaSC8vS52MuFA=="
-    },
     "negotiator": {
       "version": "0.6.3",
       "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz",
@@ -2847,6 +2642,11 @@
       "resolved": "https://registry.npmjs.org/node-abort-controller/-/node-abort-controller-3.1.1.tgz",
       "integrity": "sha512-AGK2yQKIjRuqnc6VkX2Xj5d+QW8xZ87pa1UK6yA6ouUyuxfHuMP6umE5QK7UmTeOAymo+Zx1Fxiuw9rVx8taHQ=="
     },
+    "node-addon-api": {
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-6.1.0.tgz",
+      "integrity": "sha512-+eawOlIgy680F0kBzPUNFhMZGtJ1YmqM6l4+Crf4IkImjYrO/mqPwRMh352g23uIaQKFItcQ64I7KMaJxHgAVA=="
+    },
     "node-fetch": {
       "version": "2.6.7",
       "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.7.tgz",
@@ -2866,9 +2666,9 @@
       "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg=="
     },
     "object-inspect": {
-      "version": "1.12.2",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.2.tgz",
-      "integrity": "sha512-z+cPxW0QGUp0mcqcsgQyLVRDoXFQbXOwBaqyF7VIgI4TWNQsDHrBpUQslRmIfAoYWdYzs6UlKJtB2XJpTaNSpQ=="
+      "version": "1.12.3",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g=="
     },
     "on-finished": {
       "version": "2.4.1",
@@ -2878,14 +2678,6 @@
         "ee-first": "1.1.1"
       }
     },
-    "once": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
-      "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==",
-      "requires": {
-        "wrappy": "1"
-      }
-    },
     "opentracing": {
       "version": "0.14.7",
       "resolved": "https://registry.npmjs.org/opentracing/-/opentracing-0.14.7.tgz",
@@ -2904,11 +2696,6 @@
       "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
       "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="
     },
-    "path-is-absolute": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
-      "integrity": "sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg=="
-    },
     "path-to-regexp": {
       "version": "0.1.7",
       "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
@@ -2919,10 +2706,15 @@
       "resolved": "https://registry.npmjs.org/pify/-/pify-5.0.0.tgz",
       "integrity": "sha512-eW/gHNMlxdSP6dmG6uJip6FXN0EQBwm2clYYd8Wul42Cwu/DK8HEftzsapcNdYe2MfLiIwZqsDk2RDEsTE79hA=="
     },
+    "pprof-format": {
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/pprof-format/-/pprof-format-2.0.7.tgz",
+      "integrity": "sha512-1qWaGAzwMpaXJP9opRa23nPnt2Egi7RMNoNBptEE/XwHbcn4fC2b/4U4bKc5arkGkIh2ZabpF2bEb+c5GNHEKA=="
+    },
     "protobufjs": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.0.0.tgz",
-      "integrity": "sha512-ffNIEm+quOcYtQvHdW406v1NQmZSuqVklxsXk076BtuFnlYZfigLU+JOMrTD8TUOyqHYbRI/fSVNvgd25YeN3w==",
+      "version": "7.2.3",
+      "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.2.3.tgz",
+      "integrity": "sha512-TtpvOqwB5Gdz/PQmOjgsrGH1nHjAQVCN7JG4A6r1sXRWESL5rNMAiRcBQlCAdKxZcAbstExQePYG8xof/JVRgg==",
       "requires": {
         "@protobufjs/aspromise": "^1.1.2",
         "@protobufjs/base64": "^1.1.2",
@@ -2934,20 +2726,19 @@
         "@protobufjs/path": "^1.1.2",
         "@protobufjs/pool": "^1.1.0",
         "@protobufjs/utf8": "^1.1.0",
-        "@types/long": "^4.0.1",
         "@types/node": ">=13.7.0",
         "long": "^5.0.0"
       },
       "dependencies": {
         "@types/node": {
-          "version": "18.7.5",
-          "resolved": "https://registry.npmjs.org/@types/node/-/node-18.7.5.tgz",
-          "integrity": "sha512-NcKK6Ts+9LqdHJaW6HQmgr7dT/i3GOHG+pt6BiWv++5SnjtRd4NXeiuN2kA153SjhXPR/AhHIPHPbrsbpUVOww=="
+          "version": "20.2.5",
+          "resolved": "https://registry.npmjs.org/@types/node/-/node-20.2.5.tgz",
+          "integrity": "sha512-JJulVEQXmiY9Px5axXHeYGLSjhkZEnD+MDPDGbCbIAbMslkKwmygtZFy1X6s/075Yo94sf8GuSlFfPzysQrWZQ=="
         },
         "long": {
-          "version": "5.2.0",
-          "resolved": "https://registry.npmjs.org/long/-/long-5.2.0.tgz",
-          "integrity": "sha512-9RTUNjK60eJbx3uz+TEGF7fUr29ZDxR5QzXcyDpeSfeH28S9ycINflOgOlppit5U+4kNTe83KQnMEerw7GmE8w=="
+          "version": "5.2.3",
+          "resolved": "https://registry.npmjs.org/long/-/long-5.2.3.tgz",
+          "integrity": "sha512-lcHwpNoggQTObv5apGNCTdJrO69eHOZMi4BNC+rTLER8iHAqGrUVeLh/irVIM7zTw2bOXA8T6uNPeujwOLg/2Q=="
         }
       }
     },
@@ -2961,9 +2752,9 @@
       }
     },
     "qs": {
-      "version": "6.10.3",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.3.tgz",
-      "integrity": "sha512-wr7M2E0OFRfIfJZjKGieI8lBKb7fRCH4Fv5KNPEs7gJ8jadvotdsS08PzOKR7opXhZ/Xkjtt3WF9g38drmyRqQ==",
+      "version": "6.11.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz",
+      "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==",
       "requires": {
         "side-channel": "^1.0.4"
       }
@@ -2989,14 +2780,6 @@
       "resolved": "https://registry.npmjs.org/retry/-/retry-0.13.1.tgz",
       "integrity": "sha512-XQBQ3I8W1Cge0Seh+6gjj03LbmRFWuoszgK9ooCpwYIrhhoO80pfq4cUkU5DkknwfOfFteRwlZ56PYOGYyFWdg=="
     },
-    "rimraf": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
-      "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
-      "requires": {
-        "glob": "^7.1.3"
-      }
-    },
     "safe-buffer": {
       "version": "5.2.1",
       "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
@@ -3008,9 +2791,12 @@
       "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
     },
     "semver": {
-      "version": "5.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ=="
+      "version": "7.5.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.1.tgz",
+      "integrity": "sha512-Wvss5ivl8TMRZXXESstBA4uR5iXgEN/VC5/sOcuXdVLzcdkz4HWetIoRfG5gb5X+ij/G9rw9YoGn3QoQ8OCSpw==",
+      "requires": {
+        "lru-cache": "^6.0.0"
+      }
     },
     "send": {
       "version": "0.18.0",
@@ -3092,19 +2878,6 @@
       "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
       "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ=="
     },
-    "tar": {
-      "version": "6.1.11",
-      "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.11.tgz",
-      "integrity": "sha512-an/KZQzQUkZCkuoAA64hM92X0Urb6VpRhAFllDzz44U2mcD5scmT3zBc4VgVpkugF580+DQn8eAFSyoQt0tznA==",
-      "requires": {
-        "chownr": "^2.0.0",
-        "fs-minipass": "^2.0.0",
-        "minipass": "^3.0.0",
-        "minizlib": "^2.1.1",
-        "mkdirp": "^1.0.3",
-        "yallist": "^4.0.0"
-      }
-    },
     "through": {
       "version": "2.3.8",
       "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz",
@@ -3184,11 +2957,6 @@
         "webidl-conversions": "^3.0.0"
       }
     },
-    "wrappy": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
-      "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ=="
-    },
     "xss": {
       "version": "1.0.13",
       "resolved": "https://registry.npmjs.org/xss/-/xss-1.0.13.tgz",
diff --git a/dockerfiles/tracing/jaeger-subgraph/package-lock.json b/dockerfiles/tracing/jaeger-subgraph/package-lock.json
index 097d3590e27..83f36bd4fe7 100644
--- a/dockerfiles/tracing/jaeger-subgraph/package-lock.json
+++ b/dockerfiles/tracing/jaeger-subgraph/package-lock.json
@@ -344,9 +344,9 @@
       "integrity": "sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw=="
     },
     "node_modules/@types/express": {
-      "version": "4.17.13",
-      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.13.tgz",
-      "integrity": "sha512-6bSZTPaTIACxn48l50SR+axgrqm6qXFIxrdAKaG6PaJk3+zuUr35hBlgT7vOmJcum+OEaIBLtHV/qloEAFITeA==",
+      "version": "4.17.14",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.14.tgz",
+      "integrity": "sha512-TEbt+vaPFQ+xpxFLFssxUDXj5cWCxZJjIcB7Yg0k0GMHGtgtQgpvx/MUQUeAkNbA9AAGrwkAsoeItdTgS7FMyg==",
       "dependencies": {
         "@types/body-parser": "*",
         "@types/express-serve-static-core": "^4.17.18",
@@ -355,9 +355,9 @@
       }
     },
     "node_modules/@types/express-serve-static-core": {
-      "version": "4.17.29",
-      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.29.tgz",
-      "integrity": "sha512-uMd++6dMKS32EOuw1Uli3e3BPgdLIXmezcfHv7N4c1s3gkhikBplORPpMq3fuWkxncZN1reb16d5n8yhQ80x7Q==",
+      "version": "4.17.31",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.31.tgz",
+      "integrity": "sha512-DxMhY+NAsTwMMFHBTtJFNp5qiHKJ7TeqOo23zVEM9alT1Ml27Q3xcTH0xwxn7Q0BbMcVEJOs/7aQtUWupUQN3Q==",
       "dependencies": {
         "@types/node": "*",
         "@types/qs": "*",
@@ -440,9 +440,9 @@
       }
     },
     "node_modules/apollo-server-core": {
-      "version": "3.11.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.11.0.tgz",
-      "integrity": "sha512-5iRlkbilXpQeY66/F2/t2oNO0YSqb+kFb5lyMUIqK9VLuBfI/hILQDa5H71ar7hhexKwoDzIDfSJRg5ASNmnQw==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.12.0.tgz",
+      "integrity": "sha512-hq7iH6Cgldgmnjs9FVSZeKWRpi0/ZR+iJ1arzeD2VXGxxgk1mAm/cz1Tx0TYgegZI+FvvrRl0UhKEx7sLnIxIg==",
       "deprecated": "The `apollo-server-core` package is part of Apollo Server v2 and v3, which are now deprecated (end-of-life October 22nd 2023). This package's functionality is now found in the `@apollo/server` package. See https://www.apollographql.com/docs/apollo-server/previous-versions/ for more details.",
       "dependencies": {
         "@apollo/utils.keyvaluecache": "^1.0.1",
@@ -454,11 +454,11 @@
         "@graphql-tools/schema": "^8.0.0",
         "@josephg/resolvable": "^1.0.0",
         "apollo-datasource": "^3.3.2",
-        "apollo-reporting-protobuf": "^3.3.3",
+        "apollo-reporting-protobuf": "^3.4.0",
         "apollo-server-env": "^4.2.1",
         "apollo-server-errors": "^3.3.1",
-        "apollo-server-plugin-base": "^3.7.0",
-        "apollo-server-types": "^3.7.0",
+        "apollo-server-plugin-base": "^3.7.2",
+        "apollo-server-types": "^3.8.0",
         "async-retry": "^1.2.1",
         "fast-json-stable-stringify": "^2.1.0",
         "graphql-tag": "^2.11.0",
@@ -507,18 +507,19 @@
       }
     },
     "node_modules/apollo-server-express": {
-      "version": "3.10.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.10.0.tgz",
-      "integrity": "sha512-ww3tZq9I/x3Oxtux8xlHAZcSB0NNQ17lRlY6yCLk1F+jCzdcjuj0x8XNg0GdTrMowt5v43o786bU9VYKD5OVnA==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.12.0.tgz",
+      "integrity": "sha512-m8FaGPUfDOEGSm7QRWRmUUGjG/vqvpQoorkId9/FXkC57fz/A59kEdrzkMt9538Xgsa5AV+X4MEWLJhTvlW3LQ==",
+      "deprecated": "The `apollo-server-express` package is part of Apollo Server v2 and v3, which are now deprecated (end-of-life October 22nd 2023). This package's functionality is now found in the `@apollo/server` package. See https://www.apollographql.com/docs/apollo-server/previous-versions/ for more details.",
       "dependencies": {
         "@types/accepts": "^1.3.5",
         "@types/body-parser": "1.19.2",
         "@types/cors": "2.8.12",
-        "@types/express": "4.17.13",
-        "@types/express-serve-static-core": "4.17.29",
+        "@types/express": "4.17.14",
+        "@types/express-serve-static-core": "4.17.31",
         "accepts": "^1.3.5",
-        "apollo-server-core": "^3.10.0",
-        "apollo-server-types": "^3.6.2",
+        "apollo-server-core": "^3.12.0",
+        "apollo-server-types": "^3.8.0",
         "body-parser": "^1.19.0",
         "cors": "^2.8.5",
         "parseurl": "^1.3.3"
@@ -578,9 +579,9 @@
       }
     },
     "node_modules/body-parser": {
-      "version": "1.20.0",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.0.tgz",
-      "integrity": "sha512-DfJ+q6EPcGKZD1QWUjSpqp+Q7bDQTsQIF4zfUAtZ6qk+H/3/QRhg9CEp39ss+/T2vw0+HaidC0ecJj/DRLIaKg==",
+      "version": "1.20.1",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+      "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
       "dependencies": {
         "bytes": "3.1.2",
         "content-type": "~1.0.4",
@@ -590,7 +591,7 @@
         "http-errors": "2.0.0",
         "iconv-lite": "0.4.24",
         "on-finished": "2.4.1",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "raw-body": "2.5.1",
         "type-is": "~1.6.18",
         "unpipe": "1.0.0"
@@ -749,13 +750,13 @@
       }
     },
     "node_modules/express": {
-      "version": "4.18.1",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.1.tgz",
-      "integrity": "sha512-zZBcOX9TfehHQhtupq57OF8lFZ3UZi08Y97dwFCkD8p9d/d2Y3M+ykKcwaMDEL+4qyUolgBDX6AblpR3fL212Q==",
+      "version": "4.18.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz",
+      "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==",
       "dependencies": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
-        "body-parser": "1.20.0",
+        "body-parser": "1.20.1",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
         "cookie": "0.5.0",
@@ -774,7 +775,7 @@
         "parseurl": "~1.3.3",
         "path-to-regexp": "0.1.7",
         "proxy-addr": "~2.0.7",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "range-parser": "~1.2.1",
         "safe-buffer": "5.2.1",
         "send": "0.18.0",
@@ -833,12 +834,13 @@
       "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
     },
     "node_modules/get-intrinsic": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.1.2.tgz",
-      "integrity": "sha512-Jfm3OyCxHh9DJyc28qGk+JmfkpO41A4XkneDSujN9MDXrm4oDKdHvndhZ2dN94+ERNfkYJWDclW6k2L/ZGHjXA==",
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz",
+      "integrity": "sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==",
       "dependencies": {
         "function-bind": "^1.1.1",
         "has": "^1.0.3",
+        "has-proto": "^1.0.1",
         "has-symbols": "^1.0.3"
       },
       "funding": {
@@ -846,9 +848,9 @@
       }
     },
     "node_modules/graphql": {
-      "version": "16.5.0",
-      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.5.0.tgz",
-      "integrity": "sha512-qbHgh8Ix+j/qY+a/ZcJnFQ+j8ezakqPiHwPiZhV/3PgGlgf96QMBB5/f2rkiC9sgLoy/xvT6TSiaf2nTHJh5iA==",
+      "version": "16.6.0",
+      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.6.0.tgz",
+      "integrity": "sha512-KPIBPDlW7NxrbT/eh4qPXz5FiFdL5UbaA0XUNz2Rp3Z3hqBSkbj0GVjwFDztsWVauZUWsbKHgMg++sk8UX0bkw==",
       "engines": {
         "node": "^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0"
       }
@@ -878,6 +880,17 @@
         "node": ">= 0.4.0"
       }
     },
+    "node_modules/has-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
+      "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg==",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/has-symbols": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
@@ -1105,9 +1118,9 @@
       }
     },
     "node_modules/object-inspect": {
-      "version": "1.12.2",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.2.tgz",
-      "integrity": "sha512-z+cPxW0QGUp0mcqcsgQyLVRDoXFQbXOwBaqyF7VIgI4TWNQsDHrBpUQslRmIfAoYWdYzs6UlKJtB2XJpTaNSpQ==",
+      "version": "1.12.3",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==",
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
@@ -1165,9 +1178,9 @@
       }
     },
     "node_modules/qs": {
-      "version": "6.10.3",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.3.tgz",
-      "integrity": "sha512-wr7M2E0OFRfIfJZjKGieI8lBKb7fRCH4Fv5KNPEs7gJ8jadvotdsS08PzOKR7opXhZ/Xkjtt3WF9g38drmyRqQ==",
+      "version": "6.11.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz",
+      "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==",
       "dependencies": {
         "side-channel": "^1.0.4"
       },
@@ -1734,9 +1747,9 @@
       "integrity": "sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw=="
     },
     "@types/express": {
-      "version": "4.17.13",
-      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.13.tgz",
-      "integrity": "sha512-6bSZTPaTIACxn48l50SR+axgrqm6qXFIxrdAKaG6PaJk3+zuUr35hBlgT7vOmJcum+OEaIBLtHV/qloEAFITeA==",
+      "version": "4.17.14",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.14.tgz",
+      "integrity": "sha512-TEbt+vaPFQ+xpxFLFssxUDXj5cWCxZJjIcB7Yg0k0GMHGtgtQgpvx/MUQUeAkNbA9AAGrwkAsoeItdTgS7FMyg==",
       "requires": {
         "@types/body-parser": "*",
         "@types/express-serve-static-core": "^4.17.18",
@@ -1745,9 +1758,9 @@
       }
     },
     "@types/express-serve-static-core": {
-      "version": "4.17.29",
-      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.29.tgz",
-      "integrity": "sha512-uMd++6dMKS32EOuw1Uli3e3BPgdLIXmezcfHv7N4c1s3gkhikBplORPpMq3fuWkxncZN1reb16d5n8yhQ80x7Q==",
+      "version": "4.17.31",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.31.tgz",
+      "integrity": "sha512-DxMhY+NAsTwMMFHBTtJFNp5qiHKJ7TeqOo23zVEM9alT1Ml27Q3xcTH0xwxn7Q0BbMcVEJOs/7aQtUWupUQN3Q==",
       "requires": {
         "@types/node": "*",
         "@types/qs": "*",
@@ -1820,9 +1833,9 @@
       }
     },
     "apollo-server-core": {
-      "version": "3.11.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.11.0.tgz",
-      "integrity": "sha512-5iRlkbilXpQeY66/F2/t2oNO0YSqb+kFb5lyMUIqK9VLuBfI/hILQDa5H71ar7hhexKwoDzIDfSJRg5ASNmnQw==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.12.0.tgz",
+      "integrity": "sha512-hq7iH6Cgldgmnjs9FVSZeKWRpi0/ZR+iJ1arzeD2VXGxxgk1mAm/cz1Tx0TYgegZI+FvvrRl0UhKEx7sLnIxIg==",
       "requires": {
         "@apollo/utils.keyvaluecache": "^1.0.1",
         "@apollo/utils.logger": "^1.0.0",
@@ -1833,11 +1846,11 @@
         "@graphql-tools/schema": "^8.0.0",
         "@josephg/resolvable": "^1.0.0",
         "apollo-datasource": "^3.3.2",
-        "apollo-reporting-protobuf": "^3.3.3",
+        "apollo-reporting-protobuf": "^3.4.0",
         "apollo-server-env": "^4.2.1",
         "apollo-server-errors": "^3.3.1",
-        "apollo-server-plugin-base": "^3.7.0",
-        "apollo-server-types": "^3.7.0",
+        "apollo-server-plugin-base": "^3.7.2",
+        "apollo-server-types": "^3.8.0",
         "async-retry": "^1.2.1",
         "fast-json-stable-stringify": "^2.1.0",
         "graphql-tag": "^2.11.0",
@@ -1871,18 +1884,18 @@
       "requires": {}
     },
     "apollo-server-express": {
-      "version": "3.10.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.10.0.tgz",
-      "integrity": "sha512-ww3tZq9I/x3Oxtux8xlHAZcSB0NNQ17lRlY6yCLk1F+jCzdcjuj0x8XNg0GdTrMowt5v43o786bU9VYKD5OVnA==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.12.0.tgz",
+      "integrity": "sha512-m8FaGPUfDOEGSm7QRWRmUUGjG/vqvpQoorkId9/FXkC57fz/A59kEdrzkMt9538Xgsa5AV+X4MEWLJhTvlW3LQ==",
       "requires": {
         "@types/accepts": "^1.3.5",
         "@types/body-parser": "1.19.2",
         "@types/cors": "2.8.12",
-        "@types/express": "4.17.13",
-        "@types/express-serve-static-core": "4.17.29",
+        "@types/express": "4.17.14",
+        "@types/express-serve-static-core": "4.17.31",
         "accepts": "^1.3.5",
-        "apollo-server-core": "^3.10.0",
-        "apollo-server-types": "^3.6.2",
+        "apollo-server-core": "^3.12.0",
+        "apollo-server-types": "^3.8.0",
         "body-parser": "^1.19.0",
         "cors": "^2.8.5",
         "parseurl": "^1.3.3"
@@ -1921,9 +1934,9 @@
       }
     },
     "body-parser": {
-      "version": "1.20.0",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.0.tgz",
-      "integrity": "sha512-DfJ+q6EPcGKZD1QWUjSpqp+Q7bDQTsQIF4zfUAtZ6qk+H/3/QRhg9CEp39ss+/T2vw0+HaidC0ecJj/DRLIaKg==",
+      "version": "1.20.1",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+      "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
       "requires": {
         "bytes": "3.1.2",
         "content-type": "~1.0.4",
@@ -1933,7 +1946,7 @@
         "http-errors": "2.0.0",
         "iconv-lite": "0.4.24",
         "on-finished": "2.4.1",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "raw-body": "2.5.1",
         "type-is": "~1.6.18",
         "unpipe": "1.0.0"
@@ -2054,13 +2067,13 @@
       "integrity": "sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg=="
     },
     "express": {
-      "version": "4.18.1",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.1.tgz",
-      "integrity": "sha512-zZBcOX9TfehHQhtupq57OF8lFZ3UZi08Y97dwFCkD8p9d/d2Y3M+ykKcwaMDEL+4qyUolgBDX6AblpR3fL212Q==",
+      "version": "4.18.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz",
+      "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==",
       "requires": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
-        "body-parser": "1.20.0",
+        "body-parser": "1.20.1",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
         "cookie": "0.5.0",
@@ -2079,7 +2092,7 @@
         "parseurl": "~1.3.3",
         "path-to-regexp": "0.1.7",
         "proxy-addr": "~2.0.7",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "range-parser": "~1.2.1",
         "safe-buffer": "5.2.1",
         "send": "0.18.0",
@@ -2126,19 +2139,20 @@
       "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
     },
     "get-intrinsic": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.1.2.tgz",
-      "integrity": "sha512-Jfm3OyCxHh9DJyc28qGk+JmfkpO41A4XkneDSujN9MDXrm4oDKdHvndhZ2dN94+ERNfkYJWDclW6k2L/ZGHjXA==",
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz",
+      "integrity": "sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==",
       "requires": {
         "function-bind": "^1.1.1",
         "has": "^1.0.3",
+        "has-proto": "^1.0.1",
         "has-symbols": "^1.0.3"
       }
     },
     "graphql": {
-      "version": "16.5.0",
-      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.5.0.tgz",
-      "integrity": "sha512-qbHgh8Ix+j/qY+a/ZcJnFQ+j8ezakqPiHwPiZhV/3PgGlgf96QMBB5/f2rkiC9sgLoy/xvT6TSiaf2nTHJh5iA=="
+      "version": "16.6.0",
+      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.6.0.tgz",
+      "integrity": "sha512-KPIBPDlW7NxrbT/eh4qPXz5FiFdL5UbaA0XUNz2Rp3Z3hqBSkbj0GVjwFDztsWVauZUWsbKHgMg++sk8UX0bkw=="
     },
     "graphql-tag": {
       "version": "2.12.6",
@@ -2156,6 +2170,11 @@
         "function-bind": "^1.1.1"
       }
     },
+    "has-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
+      "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg=="
+    },
     "has-symbols": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
@@ -2314,9 +2333,9 @@
       "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg=="
     },
     "object-inspect": {
-      "version": "1.12.2",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.2.tgz",
-      "integrity": "sha512-z+cPxW0QGUp0mcqcsgQyLVRDoXFQbXOwBaqyF7VIgI4TWNQsDHrBpUQslRmIfAoYWdYzs6UlKJtB2XJpTaNSpQ=="
+      "version": "1.12.3",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g=="
     },
     "on-finished": {
       "version": "2.4.1",
@@ -2356,9 +2375,9 @@
       }
     },
     "qs": {
-      "version": "6.10.3",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.3.tgz",
-      "integrity": "sha512-wr7M2E0OFRfIfJZjKGieI8lBKb7fRCH4Fv5KNPEs7gJ8jadvotdsS08PzOKR7opXhZ/Xkjtt3WF9g38drmyRqQ==",
+      "version": "6.11.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz",
+      "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==",
       "requires": {
         "side-channel": "^1.0.4"
       }
diff --git a/dockerfiles/tracing/zipkin-subgraph/package-lock.json b/dockerfiles/tracing/zipkin-subgraph/package-lock.json
index 8157d1a9afd..1b58a4da752 100644
--- a/dockerfiles/tracing/zipkin-subgraph/package-lock.json
+++ b/dockerfiles/tracing/zipkin-subgraph/package-lock.json
@@ -345,9 +345,9 @@
       "integrity": "sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw=="
     },
     "node_modules/@types/express": {
-      "version": "4.17.13",
-      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.13.tgz",
-      "integrity": "sha512-6bSZTPaTIACxn48l50SR+axgrqm6qXFIxrdAKaG6PaJk3+zuUr35hBlgT7vOmJcum+OEaIBLtHV/qloEAFITeA==",
+      "version": "4.17.14",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.14.tgz",
+      "integrity": "sha512-TEbt+vaPFQ+xpxFLFssxUDXj5cWCxZJjIcB7Yg0k0GMHGtgtQgpvx/MUQUeAkNbA9AAGrwkAsoeItdTgS7FMyg==",
       "dependencies": {
         "@types/body-parser": "*",
         "@types/express-serve-static-core": "^4.17.18",
@@ -356,9 +356,9 @@
       }
     },
     "node_modules/@types/express-serve-static-core": {
-      "version": "4.17.29",
-      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.29.tgz",
-      "integrity": "sha512-uMd++6dMKS32EOuw1Uli3e3BPgdLIXmezcfHv7N4c1s3gkhikBplORPpMq3fuWkxncZN1reb16d5n8yhQ80x7Q==",
+      "version": "4.17.31",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.31.tgz",
+      "integrity": "sha512-DxMhY+NAsTwMMFHBTtJFNp5qiHKJ7TeqOo23zVEM9alT1Ml27Q3xcTH0xwxn7Q0BbMcVEJOs/7aQtUWupUQN3Q==",
       "dependencies": {
         "@types/node": "*",
         "@types/qs": "*",
@@ -441,9 +441,9 @@
       }
     },
     "node_modules/apollo-server-core": {
-      "version": "3.11.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.11.0.tgz",
-      "integrity": "sha512-5iRlkbilXpQeY66/F2/t2oNO0YSqb+kFb5lyMUIqK9VLuBfI/hILQDa5H71ar7hhexKwoDzIDfSJRg5ASNmnQw==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.12.0.tgz",
+      "integrity": "sha512-hq7iH6Cgldgmnjs9FVSZeKWRpi0/ZR+iJ1arzeD2VXGxxgk1mAm/cz1Tx0TYgegZI+FvvrRl0UhKEx7sLnIxIg==",
       "deprecated": "The `apollo-server-core` package is part of Apollo Server v2 and v3, which are now deprecated (end-of-life October 22nd 2023). This package's functionality is now found in the `@apollo/server` package. See https://www.apollographql.com/docs/apollo-server/previous-versions/ for more details.",
       "dependencies": {
         "@apollo/utils.keyvaluecache": "^1.0.1",
@@ -455,11 +455,11 @@
         "@graphql-tools/schema": "^8.0.0",
         "@josephg/resolvable": "^1.0.0",
         "apollo-datasource": "^3.3.2",
-        "apollo-reporting-protobuf": "^3.3.3",
+        "apollo-reporting-protobuf": "^3.4.0",
         "apollo-server-env": "^4.2.1",
         "apollo-server-errors": "^3.3.1",
-        "apollo-server-plugin-base": "^3.7.0",
-        "apollo-server-types": "^3.7.0",
+        "apollo-server-plugin-base": "^3.7.2",
+        "apollo-server-types": "^3.8.0",
         "async-retry": "^1.2.1",
         "fast-json-stable-stringify": "^2.1.0",
         "graphql-tag": "^2.11.0",
@@ -508,18 +508,19 @@
       }
     },
     "node_modules/apollo-server-express": {
-      "version": "3.10.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.10.0.tgz",
-      "integrity": "sha512-ww3tZq9I/x3Oxtux8xlHAZcSB0NNQ17lRlY6yCLk1F+jCzdcjuj0x8XNg0GdTrMowt5v43o786bU9VYKD5OVnA==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.12.0.tgz",
+      "integrity": "sha512-m8FaGPUfDOEGSm7QRWRmUUGjG/vqvpQoorkId9/FXkC57fz/A59kEdrzkMt9538Xgsa5AV+X4MEWLJhTvlW3LQ==",
+      "deprecated": "The `apollo-server-express` package is part of Apollo Server v2 and v3, which are now deprecated (end-of-life October 22nd 2023). This package's functionality is now found in the `@apollo/server` package. See https://www.apollographql.com/docs/apollo-server/previous-versions/ for more details.",
       "dependencies": {
         "@types/accepts": "^1.3.5",
         "@types/body-parser": "1.19.2",
         "@types/cors": "2.8.12",
-        "@types/express": "4.17.13",
-        "@types/express-serve-static-core": "4.17.29",
+        "@types/express": "4.17.14",
+        "@types/express-serve-static-core": "4.17.31",
         "accepts": "^1.3.5",
-        "apollo-server-core": "^3.10.0",
-        "apollo-server-types": "^3.6.2",
+        "apollo-server-core": "^3.12.0",
+        "apollo-server-types": "^3.8.0",
         "body-parser": "^1.19.0",
         "cors": "^2.8.5",
         "parseurl": "^1.3.3"
@@ -599,9 +600,9 @@
       "peer": true
     },
     "node_modules/body-parser": {
-      "version": "1.20.0",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.0.tgz",
-      "integrity": "sha512-DfJ+q6EPcGKZD1QWUjSpqp+Q7bDQTsQIF4zfUAtZ6qk+H/3/QRhg9CEp39ss+/T2vw0+HaidC0ecJj/DRLIaKg==",
+      "version": "1.20.1",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+      "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
       "dependencies": {
         "bytes": "3.1.2",
         "content-type": "~1.0.4",
@@ -611,7 +612,7 @@
         "http-errors": "2.0.0",
         "iconv-lite": "0.4.24",
         "on-finished": "2.4.1",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "raw-body": "2.5.1",
         "type-is": "~1.6.18",
         "unpipe": "1.0.0"
@@ -770,13 +771,13 @@
       }
     },
     "node_modules/express": {
-      "version": "4.18.1",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.1.tgz",
-      "integrity": "sha512-zZBcOX9TfehHQhtupq57OF8lFZ3UZi08Y97dwFCkD8p9d/d2Y3M+ykKcwaMDEL+4qyUolgBDX6AblpR3fL212Q==",
+      "version": "4.18.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz",
+      "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==",
       "dependencies": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
-        "body-parser": "1.20.0",
+        "body-parser": "1.20.1",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
         "cookie": "0.5.0",
@@ -795,7 +796,7 @@
         "parseurl": "~1.3.3",
         "path-to-regexp": "0.1.7",
         "proxy-addr": "~2.0.7",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "range-parser": "~1.2.1",
         "safe-buffer": "5.2.1",
         "send": "0.18.0",
@@ -854,12 +855,13 @@
       "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
     },
     "node_modules/get-intrinsic": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.1.2.tgz",
-      "integrity": "sha512-Jfm3OyCxHh9DJyc28qGk+JmfkpO41A4XkneDSujN9MDXrm4oDKdHvndhZ2dN94+ERNfkYJWDclW6k2L/ZGHjXA==",
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz",
+      "integrity": "sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==",
       "dependencies": {
         "function-bind": "^1.1.1",
         "has": "^1.0.3",
+        "has-proto": "^1.0.1",
         "has-symbols": "^1.0.3"
       },
       "funding": {
@@ -867,9 +869,9 @@
       }
     },
     "node_modules/graphql": {
-      "version": "16.5.0",
-      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.5.0.tgz",
-      "integrity": "sha512-qbHgh8Ix+j/qY+a/ZcJnFQ+j8ezakqPiHwPiZhV/3PgGlgf96QMBB5/f2rkiC9sgLoy/xvT6TSiaf2nTHJh5iA==",
+      "version": "16.6.0",
+      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.6.0.tgz",
+      "integrity": "sha512-KPIBPDlW7NxrbT/eh4qPXz5FiFdL5UbaA0XUNz2Rp3Z3hqBSkbj0GVjwFDztsWVauZUWsbKHgMg++sk8UX0bkw==",
       "engines": {
         "node": "^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0"
       }
@@ -899,6 +901,17 @@
         "node": ">= 0.4.0"
       }
     },
+    "node_modules/has-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
+      "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg==",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
     "node_modules/has-symbols": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
@@ -1132,9 +1145,9 @@
       }
     },
     "node_modules/object-inspect": {
-      "version": "1.12.2",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.2.tgz",
-      "integrity": "sha512-z+cPxW0QGUp0mcqcsgQyLVRDoXFQbXOwBaqyF7VIgI4TWNQsDHrBpUQslRmIfAoYWdYzs6UlKJtB2XJpTaNSpQ==",
+      "version": "1.12.3",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g==",
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
@@ -1192,9 +1205,9 @@
       }
     },
     "node_modules/qs": {
-      "version": "6.10.3",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.3.tgz",
-      "integrity": "sha512-wr7M2E0OFRfIfJZjKGieI8lBKb7fRCH4Fv5KNPEs7gJ8jadvotdsS08PzOKR7opXhZ/Xkjtt3WF9g38drmyRqQ==",
+      "version": "6.11.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz",
+      "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==",
       "dependencies": {
         "side-channel": "^1.0.4"
       },
@@ -1793,9 +1806,9 @@
       "integrity": "sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw=="
     },
     "@types/express": {
-      "version": "4.17.13",
-      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.13.tgz",
-      "integrity": "sha512-6bSZTPaTIACxn48l50SR+axgrqm6qXFIxrdAKaG6PaJk3+zuUr35hBlgT7vOmJcum+OEaIBLtHV/qloEAFITeA==",
+      "version": "4.17.14",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.14.tgz",
+      "integrity": "sha512-TEbt+vaPFQ+xpxFLFssxUDXj5cWCxZJjIcB7Yg0k0GMHGtgtQgpvx/MUQUeAkNbA9AAGrwkAsoeItdTgS7FMyg==",
       "requires": {
         "@types/body-parser": "*",
         "@types/express-serve-static-core": "^4.17.18",
@@ -1804,9 +1817,9 @@
       }
     },
     "@types/express-serve-static-core": {
-      "version": "4.17.29",
-      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.29.tgz",
-      "integrity": "sha512-uMd++6dMKS32EOuw1Uli3e3BPgdLIXmezcfHv7N4c1s3gkhikBplORPpMq3fuWkxncZN1reb16d5n8yhQ80x7Q==",
+      "version": "4.17.31",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.31.tgz",
+      "integrity": "sha512-DxMhY+NAsTwMMFHBTtJFNp5qiHKJ7TeqOo23zVEM9alT1Ml27Q3xcTH0xwxn7Q0BbMcVEJOs/7aQtUWupUQN3Q==",
       "requires": {
         "@types/node": "*",
         "@types/qs": "*",
@@ -1879,9 +1892,9 @@
       }
     },
     "apollo-server-core": {
-      "version": "3.11.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.11.0.tgz",
-      "integrity": "sha512-5iRlkbilXpQeY66/F2/t2oNO0YSqb+kFb5lyMUIqK9VLuBfI/hILQDa5H71ar7hhexKwoDzIDfSJRg5ASNmnQw==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-core/-/apollo-server-core-3.12.0.tgz",
+      "integrity": "sha512-hq7iH6Cgldgmnjs9FVSZeKWRpi0/ZR+iJ1arzeD2VXGxxgk1mAm/cz1Tx0TYgegZI+FvvrRl0UhKEx7sLnIxIg==",
       "requires": {
         "@apollo/utils.keyvaluecache": "^1.0.1",
         "@apollo/utils.logger": "^1.0.0",
@@ -1892,11 +1905,11 @@
         "@graphql-tools/schema": "^8.0.0",
         "@josephg/resolvable": "^1.0.0",
         "apollo-datasource": "^3.3.2",
-        "apollo-reporting-protobuf": "^3.3.3",
+        "apollo-reporting-protobuf": "^3.4.0",
         "apollo-server-env": "^4.2.1",
         "apollo-server-errors": "^3.3.1",
-        "apollo-server-plugin-base": "^3.7.0",
-        "apollo-server-types": "^3.7.0",
+        "apollo-server-plugin-base": "^3.7.2",
+        "apollo-server-types": "^3.8.0",
         "async-retry": "^1.2.1",
         "fast-json-stable-stringify": "^2.1.0",
         "graphql-tag": "^2.11.0",
@@ -1930,18 +1943,18 @@
       "requires": {}
     },
     "apollo-server-express": {
-      "version": "3.10.0",
-      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.10.0.tgz",
-      "integrity": "sha512-ww3tZq9I/x3Oxtux8xlHAZcSB0NNQ17lRlY6yCLk1F+jCzdcjuj0x8XNg0GdTrMowt5v43o786bU9VYKD5OVnA==",
+      "version": "3.12.0",
+      "resolved": "https://registry.npmjs.org/apollo-server-express/-/apollo-server-express-3.12.0.tgz",
+      "integrity": "sha512-m8FaGPUfDOEGSm7QRWRmUUGjG/vqvpQoorkId9/FXkC57fz/A59kEdrzkMt9538Xgsa5AV+X4MEWLJhTvlW3LQ==",
       "requires": {
         "@types/accepts": "^1.3.5",
         "@types/body-parser": "1.19.2",
         "@types/cors": "2.8.12",
-        "@types/express": "4.17.13",
-        "@types/express-serve-static-core": "4.17.29",
+        "@types/express": "4.17.14",
+        "@types/express-serve-static-core": "4.17.31",
         "accepts": "^1.3.5",
-        "apollo-server-core": "^3.10.0",
-        "apollo-server-types": "^3.6.2",
+        "apollo-server-core": "^3.12.0",
+        "apollo-server-types": "^3.8.0",
         "body-parser": "^1.19.0",
         "cors": "^2.8.5",
         "parseurl": "^1.3.3"
@@ -1986,9 +1999,9 @@
       "peer": true
     },
     "body-parser": {
-      "version": "1.20.0",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.0.tgz",
-      "integrity": "sha512-DfJ+q6EPcGKZD1QWUjSpqp+Q7bDQTsQIF4zfUAtZ6qk+H/3/QRhg9CEp39ss+/T2vw0+HaidC0ecJj/DRLIaKg==",
+      "version": "1.20.1",
+      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.1.tgz",
+      "integrity": "sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==",
       "requires": {
         "bytes": "3.1.2",
         "content-type": "~1.0.4",
@@ -1998,7 +2011,7 @@
         "http-errors": "2.0.0",
         "iconv-lite": "0.4.24",
         "on-finished": "2.4.1",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "raw-body": "2.5.1",
         "type-is": "~1.6.18",
         "unpipe": "1.0.0"
@@ -2119,13 +2132,13 @@
       "integrity": "sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg=="
     },
     "express": {
-      "version": "4.18.1",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.1.tgz",
-      "integrity": "sha512-zZBcOX9TfehHQhtupq57OF8lFZ3UZi08Y97dwFCkD8p9d/d2Y3M+ykKcwaMDEL+4qyUolgBDX6AblpR3fL212Q==",
+      "version": "4.18.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.18.2.tgz",
+      "integrity": "sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==",
       "requires": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
-        "body-parser": "1.20.0",
+        "body-parser": "1.20.1",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
         "cookie": "0.5.0",
@@ -2144,7 +2157,7 @@
         "parseurl": "~1.3.3",
         "path-to-regexp": "0.1.7",
         "proxy-addr": "~2.0.7",
-        "qs": "6.10.3",
+        "qs": "6.11.0",
         "range-parser": "~1.2.1",
         "safe-buffer": "5.2.1",
         "send": "0.18.0",
@@ -2191,19 +2204,20 @@
       "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
     },
     "get-intrinsic": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.1.2.tgz",
-      "integrity": "sha512-Jfm3OyCxHh9DJyc28qGk+JmfkpO41A4XkneDSujN9MDXrm4oDKdHvndhZ2dN94+ERNfkYJWDclW6k2L/ZGHjXA==",
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.1.tgz",
+      "integrity": "sha512-2DcsyfABl+gVHEfCOaTrWgyt+tb6MSEGmKq+kI5HwLbIYgjgmMcV8KQ41uaKz1xxUcn9tJtgFbQUEVcEbd0FYw==",
       "requires": {
         "function-bind": "^1.1.1",
         "has": "^1.0.3",
+        "has-proto": "^1.0.1",
         "has-symbols": "^1.0.3"
       }
     },
     "graphql": {
-      "version": "16.5.0",
-      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.5.0.tgz",
-      "integrity": "sha512-qbHgh8Ix+j/qY+a/ZcJnFQ+j8ezakqPiHwPiZhV/3PgGlgf96QMBB5/f2rkiC9sgLoy/xvT6TSiaf2nTHJh5iA=="
+      "version": "16.6.0",
+      "resolved": "https://registry.npmjs.org/graphql/-/graphql-16.6.0.tgz",
+      "integrity": "sha512-KPIBPDlW7NxrbT/eh4qPXz5FiFdL5UbaA0XUNz2Rp3Z3hqBSkbj0GVjwFDztsWVauZUWsbKHgMg++sk8UX0bkw=="
     },
     "graphql-tag": {
       "version": "2.12.6",
@@ -2221,6 +2235,11 @@
         "function-bind": "^1.1.1"
       }
     },
+    "has-proto": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
+      "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg=="
+    },
     "has-symbols": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
@@ -2385,9 +2404,9 @@
       "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg=="
     },
     "object-inspect": {
-      "version": "1.12.2",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.2.tgz",
-      "integrity": "sha512-z+cPxW0QGUp0mcqcsgQyLVRDoXFQbXOwBaqyF7VIgI4TWNQsDHrBpUQslRmIfAoYWdYzs6UlKJtB2XJpTaNSpQ=="
+      "version": "1.12.3",
+      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.12.3.tgz",
+      "integrity": "sha512-geUvdk7c+eizMNUDkRpW1wJwgfOiOeHbxBR/hLXK1aT6zmVSO0jsQcs7fj6MGw89jC/cjGfLcNOrtMYtGqm81g=="
     },
     "on-finished": {
       "version": "2.4.1",
@@ -2427,9 +2446,9 @@
       }
     },
     "qs": {
-      "version": "6.10.3",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.10.3.tgz",
-      "integrity": "sha512-wr7M2E0OFRfIfJZjKGieI8lBKb7fRCH4Fv5KNPEs7gJ8jadvotdsS08PzOKR7opXhZ/Xkjtt3WF9g38drmyRqQ==",
+      "version": "6.11.0",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz",
+      "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==",
       "requires": {
         "side-channel": "^1.0.4"
       }
diff --git a/xtask/Cargo.lock b/xtask/Cargo.lock
index f291d2381f3..096a137719c 100644
--- a/xtask/Cargo.lock
+++ b/xtask/Cargo.lock
@@ -1460,9 +1460,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
 
 [[package]]
 name = "tokio"
-version = "1.28.1"
+version = "1.28.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0aa32867d44e6f2ce3385e89dceb990188b8bb0fb25b0cf576647a6f98ac5105"
+checksum = "94d7b1cfd2aa4011f2de74c2c4c63665e27a71006b0a192dcd2710272e73dfa2"
 dependencies = [
  "autocfg",
  "bytes",
diff --git a/xtask/Cargo.toml b/xtask/Cargo.toml
index 8b63bc35d54..2e46c3fd4f4 100644
--- a/xtask/Cargo.toml
+++ b/xtask/Cargo.toml
@@ -12,7 +12,7 @@ publish = false
 anyhow = "1"
 base64 = "0.20"
 camino = "1"
-clap = { version = "4.1.10", features = ["derive"] }
+clap = { version = "4.3.0", features = ["derive"] }
 cargo_metadata = "0.15"
 # Only use the `clock` features of `chrono` to avoid the `time` dependency
 # impacted by CVE-2020-26235.  https://github.com/chronotope/chrono/issues/602
@@ -27,23 +27,23 @@ libc = "0.2"
 memorable-wordlist = "0.1.7"
 nu-ansi-term = "0.47"
 once_cell = "1"
-regex="1.7.1"
+regex="1.8.3"
 reqwest = { version = "0.11", default-features = false, features = [
     "blocking",
     "rustls-tls",
     "rustls-tls-native-roots",
 ] }
-serde = { version = "1.0.152", features = ["derive"] }
+serde = { version = "1.0.163", features = ["derive"] }
 serde_json = "1"
 serde_json_traversal = "0.2"
 tar = "0.4"
 tempfile = "3"
 tap = "1.0.1"
 tinytemplate = "1.2.1"
-tokio = "1.25.0"
+tokio = "1.28.2"
 which = "4"
 zip = { version = "0.6", default-features = false }
-walkdir = "2.3.2"
+walkdir = "2.3.3"
 
 [dev-dependencies]
-insta = { version = "1.26.0", features = ["json", "redactions", "yaml"] }
+insta = { version = "1.29.0", features = ["json", "redactions", "yaml"] }

From 5943e5e3015e47d77bffcf2d38d4b2dbca54206c Mon Sep 17 00:00:00 2001
From: Gary Pennington 
Date: Wed, 31 May 2023 17:03:49 +0100
Subject: [PATCH 38/39] chore: Some minor improvements to the
 RELEASE_CHECKLIST.md (#3195)

I noted a few gotchas along the way, so these improvements might be
helpful.

---------

Co-authored-by: Jesse Rosenberger 
---
 RELEASE_CHECKLIST.md | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/RELEASE_CHECKLIST.md b/RELEASE_CHECKLIST.md
index 0d6a359a651..4c585698fc1 100644
--- a/RELEASE_CHECKLIST.md
+++ b/RELEASE_CHECKLIST.md
@@ -64,7 +64,7 @@ A release can be cut from any branch, but we assume you'll be doing it from `dev
 
    ```
    APOLLO_ROUTER_RELEASE_VERSION=#.#.#
-   APOLLO_ROUTER_RELEASE_GIT_ORIGIN=public
+   APOLLO_ROUTER_RELEASE_GIT_ORIGIN=origin
    APOLLO_ROUTER_RELEASE_GITHUB_REPO=apollographql/router
    ```
 
@@ -107,7 +107,7 @@ A release can be cut from any branch, but we assume you'll be doing it from `dev
      - Run our compliance checks and update the `licenses.html` file as appropriate.
      - Ensure we're not using any incompatible licenses in the release.
 
-10. **MANUALLY CHECK AND UPDATE** the `federation-version-support.mdx` with the latest version info. Use https://github.com/apollographql/version_matrix to generate the version matrix.
+10. **MANUALLY CHECK AND UPDATE** the `federation-version-support.mdx` to make sure it shows the version of Federation which is included in the `router-bridge` that ships with this version of Router.  This can be obtained by looking at the version of `router-bridge` in `apollo-router/Cargo.toml` and taking the number after the `+` (e.g., `router-bridge@0.2.0+v2.4.3` means Federation v2.4.3).
 
 11. Now, review and stage he changes produced by the previous step.  This is most safely done using the `--patch` (or `-p`) flag to `git add` (`-u` ignores untracked files).
 
@@ -200,7 +200,7 @@ A release can be cut from any branch, but we assume you'll be doing it from `dev
 20. After the PR has auto-merged, change your local branch back to the _non-_prep branch, pull any changes you (or others) may have added on GitHub :
 
     ```
-    git checkout "${APOLLO_ROUTER_RELEASE_VERSION}"
+    git checkout "${APOLLO_ROUTER_RELEASE_VERSION}" && \
     git pull "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}"
     ```
 
@@ -241,17 +241,18 @@ A release can be cut from any branch, but we assume you'll be doing it from `dev
     This process will kick off the bulk of the release process on CircleCI, including building each architecture on its own infrastructure and notarizing the macOS binary.
 
     ```
-    git checkout main
-    git pull "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}"
-    git tag -a "v${APOLLO_ROUTER_RELEASE_VERSION}" -m "${APOLLO_ROUTER_RELEASE_VERSION}" && git push "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" "v${APOLLO_ROUTER_RELEASE_VERSION}"
+    git checkout main && \
+    git pull "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" && \
+    git tag -a "v${APOLLO_ROUTER_RELEASE_VERSION}" -m "${APOLLO_ROUTER_RELEASE_VERSION}" && \
+    git push "${APOLLO_ROUTER_RELEASE_GIT_ORIGIN}" "v${APOLLO_ROUTER_RELEASE_VERSION}"
     ```
 
-24. Open a PR that reconciles `dev`:
+24. Open a PR that reconciles `dev` (Make sure to merge this reconciliation PR back to dev, do not squash or rebase):
 
     ```
     gh --repo "${APOLLO_ROUTER_RELEASE_GITHUB_REPO}" pr create --title "Reconcile \`dev\` after merge to \`main\` for v${APOLLO_ROUTER_RELEASE_VERSION}" -B dev -H main --body "Follow-up to the v${APOLLO_ROUTER_RELEASE_VERSION} being officially released, bringing version bumps and changelog updates into the \`dev\` branch."
     ```
-    
+
 25. 👀 Follow along with the process by [going to CircleCI for the repository](https://app.circleci.com/pipelines/github/apollographql/router) and clicking on `release` for the Git tag that appears at the top of the list.  **Wait for `publish_github_release` to finish on this job before continuing.**
 
 26. After the CI job has finished for the tag, re-run the `perl` command from Step 15, which will regenerate the `this_release.md` with changes that happened in the release review.
@@ -272,16 +273,15 @@ A release can be cut from any branch, but we assume you'll be doing it from `dev
     cargo publish -p apollo-router
     ```
 
-30. (Optional) To have a "social banner" for this release, run [this `htmlq` command](https://crates.io/crates/htmlq) (`cargo install htmlq`; its `jq` for HTML), open the link it produces, copy the image to your clipboard:
+30. (Optional) To have a "social banner" for this release, run [this `htmlq` command](https://crates.io/crates/htmlq) (`cargo install htmlq`, or on MacOS `brew install htmlq`; its `jq` for HTML), open the link it produces, copy the image to your clipboard:
 
     ```
     curl -s "https://github.com/apollographql/router/releases/tag/v${APOLLO_ROUTER_RELEASE_VERSION}" | htmlq 'meta[property="og:image"]' --attribute content
     ```
 
-### Review
+### prep PR Review
 
-Most review comments will be about the changelog. Once the PR is finalized and
-approved:
+Most review comments for the prep PR will be about the changelog. Once the prep PR is finalized and approved:
 
 1.  Always use `Squash and Merge` GitHub button.
 

From df80a34b36f0a7303f14bbe7311f8498bbaccabc Mon Sep 17 00:00:00 2001
From: Simon Sapin 
Date: Wed, 31 May 2023 18:06:34 +0200
Subject: [PATCH 39/39] Avoid string copies when parsing HTTP request body as
 JSON (#3142)

The request body is first accumulated into one `bytes::Bytes`. Strings
in variables and extensions are also backed by `Bytes` and will now
reference the origin body instead of copying it.



**Checklist**

Complete the checklist (and note appropriate exceptions) before a final
PR is raised.

- [x] Changes are compatible[^1]
- [ ] Documentation[^2] completed
- [x] Performance impact assessed and acceptable
- Tests added and passing[^3]
    - [ ] Unit Tests
    - [ ] Integration Tests
    - [ ] Manual Tests

**Exceptions**

No behavior changes, existing tests pass.

**Notes**

[^1]. It may be appropriate to bring upcoming changes to the attention
of other (impacted) groups. Please endeavour to do this before seeking
PR approval. The mechanism for doing this will vary considerably, so use
your judgement as to how and when to do this.
[^2]. Configuration is an important part of many changes. Where
applicable please try to document configuration examples.
[^3]. Tick whichever testing boxes are applicable. If you are adding
Manual Tests:
- please document the manual testing (extensively) in the Exceptions.
- please raise a separate issue to automate the test and label it (or
ask for it to be labeled) as `manual test`
---
 Cargo.toml                                   |   2 +-
 apollo-router/benches/huge_requests.rs       |   5 +-
 apollo-router/src/request.rs                 | 120 +++++++++++++++++++
 apollo-router/src/services/router_service.rs |   3 +-
 4 files changed, 126 insertions(+), 4 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 3fe0e63b799..3df068499c7 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -41,8 +41,8 @@ incremental = false
 inherits = "release"
 debug = 1
 
+[patch.crates-io]
 # TODO: to delete
-# [patch.crates-io]
 # opentelemetry = { git = "https://github.com/open-telemetry/opentelemetry-rust.git", rev = "e5ef3552efab2bdbf2f838023c37461cd799ab2c"}
 # opentelemetry-http = { git = "https://github.com/open-telemetry/opentelemetry-rust.git", rev = "e5ef3552efab2bdbf2f838023c37461cd799ab2c"}
 # opentelemetry-jaeger = { git = "https://github.com/open-telemetry/opentelemetry-rust.git", rev = "e5ef3552efab2bdbf2f838023c37461cd799ab2c"}
diff --git a/apollo-router/benches/huge_requests.rs b/apollo-router/benches/huge_requests.rs
index 3b0ca51d910..78f47c3bb41 100644
--- a/apollo-router/benches/huge_requests.rs
+++ b/apollo-router/benches/huge_requests.rs
@@ -127,7 +127,10 @@ async fn graphql_client(string_variable_bytes: usize) -> Duration {
     let latency = start_time.elapsed();
     let mut response = result.unwrap();
     let body = hyper::body::to_bytes(response.body_mut()).await.unwrap();
-    assert_eq!(&*body, br#"{"data":{"upload":true}}"#);
+    assert_eq!(
+        String::from_utf8_lossy(&body),
+        r#"{"data":{"upload":true}}"#
+    );
     if VERBOSE {
         println!("{}", String::from_utf8_lossy(&body));
     }
diff --git a/apollo-router/src/request.rs b/apollo-router/src/request.rs
index f8eaa3eab64..cbd3c3d75c5 100644
--- a/apollo-router/src/request.rs
+++ b/apollo-router/src/request.rs
@@ -1,4 +1,6 @@
+use bytes::Bytes;
 use derivative::Derivative;
+use serde::de::DeserializeSeed;
 use serde::de::Error;
 use serde::Deserialize;
 use serde::Serialize;
@@ -10,6 +12,8 @@ use crate::json_ext::Object;
 
 /// A GraphQL `Request` used to represent both supergraph and subgraph requests.
 #[derive(Clone, Derivative, Serialize, Deserialize, Default)]
+// Note: if adding #[serde(deny_unknown_fields)],
+// also remove `Fields::Other` in `DeserializeSeed` impl.
 #[serde(rename_all = "camelCase")]
 #[derivative(Debug, PartialEq, Eq, Hash)]
 #[non_exhaustive]
@@ -78,6 +82,26 @@ where
     >::deserialize(deserializer).map(|x| x.unwrap_or_default())
 }
 
+fn as_object(value: Value, null_is_default: bool) -> Result {
+    use serde::de::Unexpected;
+
+    let exp = if null_is_default {
+        "a map or null"
+    } else {
+        "a map"
+    };
+    match value {
+        Value::Object(object) => Ok(object),
+        // Similar to `deserialize_null_default`:
+        Value::Null if null_is_default => Ok(Object::default()),
+        Value::Null => Err(E::invalid_type(Unexpected::Unit, &exp)),
+        Value::Bool(value) => Err(E::invalid_type(Unexpected::Bool(value), &exp)),
+        Value::Number(_) => Err(E::invalid_type(Unexpected::Other("a number"), &exp)),
+        Value::String(value) => Err(E::invalid_type(Unexpected::Str(value.as_str()), &exp)),
+        Value::Array(_) => Err(E::invalid_type(Unexpected::Seq, &exp)),
+    }
+}
+
 #[buildstructor::buildstructor]
 impl Request {
     #[builder(visibility = "pub")]
@@ -129,6 +153,13 @@ impl Request {
         }
     }
 
+    /// Deserialize as JSON from `&Bytes`, avoiding string copies where possible
+    pub fn deserialize_from_bytes(data: &Bytes) -> Result {
+        let seed = RequestFromBytesSeed(data);
+        let mut de = serde_json::Deserializer::from_slice(data);
+        seed.deserialize(&mut de)
+    }
+
     /// Convert encoded URL query string parameters (also known as "search
     /// params") into a GraphQL [`Request`].
     ///
@@ -182,6 +213,95 @@ fn get_from_urldecoded<'a, T: Deserialize<'a>>(
     }
 }
 
+struct RequestFromBytesSeed<'data>(&'data Bytes);
+
+impl<'data, 'de> DeserializeSeed<'de> for RequestFromBytesSeed<'data> {
+    type Value = Request;
+
+    fn deserialize(self, deserializer: D) -> Result
+    where
+        D: serde::Deserializer<'de>,
+    {
+        #[derive(serde::Deserialize)]
+        #[serde(field_identifier, rename_all = "camelCase")]
+        enum Field {
+            Query,
+            OperationName,
+            Variables,
+            Extensions,
+            #[serde(other)]
+            Other,
+        }
+
+        const FIELDS: &[&str] = &["query", "operationName", "variables", "extensions"];
+
+        struct RequestVisitor<'data>(&'data Bytes);
+
+        impl<'data, 'de> serde::de::Visitor<'de> for RequestVisitor<'data> {
+            type Value = Request;
+
+            fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
+                formatter.write_str("a GraphQL request")
+            }
+
+            fn visit_map(self, mut map: V) -> Result
+            where
+                V: serde::de::MapAccess<'de>,
+            {
+                let mut query = None;
+                let mut operation_name = None;
+                let mut variables = None;
+                let mut extensions = None;
+                while let Some(key) = map.next_key()? {
+                    match key {
+                        Field::Query => {
+                            if query.is_some() {
+                                return Err(Error::duplicate_field("query"));
+                            }
+                            query = Some(map.next_value()?);
+                        }
+                        Field::OperationName => {
+                            if operation_name.is_some() {
+                                return Err(Error::duplicate_field("operationName"));
+                            }
+                            operation_name = Some(map.next_value()?);
+                        }
+                        Field::Variables => {
+                            if variables.is_some() {
+                                return Err(Error::duplicate_field("variables"));
+                            }
+                            let seed = serde_json_bytes::value::BytesSeed::new(self.0);
+                            let value = map.next_value_seed(seed)?;
+                            let null_is_default = true;
+                            variables = Some(as_object(value, null_is_default)?);
+                        }
+                        Field::Extensions => {
+                            if extensions.is_some() {
+                                return Err(Error::duplicate_field("extensions"));
+                            }
+                            let seed = serde_json_bytes::value::BytesSeed::new(self.0);
+                            let value = map.next_value_seed(seed)?;
+                            let null_is_default = false;
+                            extensions = Some(as_object(value, null_is_default)?);
+                        }
+                        Field::Other => {
+                            let _: serde::de::IgnoredAny = map.next_value()?;
+                        }
+                    }
+                }
+                Ok(Request {
+                    query: query.unwrap_or_default(),
+                    operation_name: operation_name.unwrap_or_default(),
+                    variables: variables.unwrap_or_default(),
+                    extensions: extensions.unwrap_or_default(),
+                })
+            }
+        }
+
+        deserializer.deserialize_struct("Request", FIELDS, RequestVisitor(self.0))
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use serde_json::json;
diff --git a/apollo-router/src/services/router_service.rs b/apollo-router/src/services/router_service.rs
index b79310e413e..308b8ee7048 100644
--- a/apollo-router/src/services/router_service.rs
+++ b/apollo-router/src/services/router_service.rs
@@ -7,7 +7,6 @@ use std::task::Poll;
 
 use axum::body::StreamBody;
 use axum::response::*;
-use bytes::Buf;
 use bytes::Bytes;
 use futures::future::ready;
 use futures::future::BoxFuture;
@@ -207,7 +206,7 @@ where
                         )
                     })
                     .and_then(|bytes| {
-                        serde_json::from_reader(bytes.reader()).map_err(|err| {
+                        graphql::Request::deserialize_from_bytes(&bytes).map_err(|err| {
                             (
                                 "failed to deserialize the request body into JSON",
                                 format!("failed to deserialize the request body into JSON: {err}"),