Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade @apollo/client from 3.4.6 to 3.10.1 #1

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

humanbot
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade @apollo/client from 3.4.6 to 3.10.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 172 versions ahead of your current version.

  • The recommended version was released 25 days ago, on 2024-04-24.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-AJV-584908
305/1000
Why? CVSS 6.1
No Known Exploit
Prototype Pollution
SNYK-JS-OBJECTPATH-1017036
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-OBJECTPATH-1585658
305/1000
Why? CVSS 6.1
No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TMPL-1583443
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-INI-1048974
305/1000
Why? CVSS 6.1
Proof of Concept
Server-side Request Forgery (SSRF)
SNYK-JS-IP-6240864
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-JSONSCHEMA-1920922
305/1000
Why? CVSS 6.1
No Known Exploit
Arbitrary Code Injection
SNYK-JS-SERIALIZEJAVASCRIPT-570062
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Poisoning
SNYK-JS-QS-3153490
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Poisoning
SNYK-JS-QS-3153490
305/1000
Why? CVSS 6.1
Proof of Concept
Command Injection
SNYK-JS-LODASH-1040724
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-LODASH-567746
305/1000
Why? CVSS 6.1
Proof of Concept
Improper Verification of Cryptographic Signature
SNYK-JS-BROWSERIFYSIGN-6037026
305/1000
Why? CVSS 6.1
No Known Exploit
Improper Input Validation
SNYK-JS-URLPARSE-2407770
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1246392
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-SSRI-1246392
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-NODEFORGE-598677
305/1000
Why? CVSS 6.1
Proof of Concept
Denial of Service (DoS)
SNYK-JS-DECODEURICOMPONENT-3149970
305/1000
Why? CVSS 6.1
Proof of Concept
Remote Memory Exposure
SNYK-JS-DNSPACKET-1293563
305/1000
Why? CVSS 6.1
No Known Exploit
Cryptographic Issues
SNYK-JS-ELLIPTIC-571484
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-ASYNC-2441827
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-MERGEDEEP-1070277
305/1000
Why? CVSS 6.1
No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ES5EXT-6095076
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-Y18N-1021887
305/1000
Why? CVSS 6.1
Proof of Concept
Open Redirect
SNYK-JS-EXPRESS-6474509
305/1000
Why? CVSS 6.1
No Known Exploit
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181
305/1000
Why? CVSS 6.1
Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-HOSTEDGITINFO-1088355
305/1000
Why? CVSS 6.1
Proof of Concept
Denial of Service (DoS)
SNYK-JS-NWSAPI-2841516
305/1000
Why? CVSS 6.1
No Known Exploit
Prototype Pollution
SNYK-JS-OBJECTPATH-1569453
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PATHPARSE-1077067
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1085627
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-ISSVG-1243891
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-JSON5-3182856
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-JSON5-3182856
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-PROMPTS-1729737
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905
305/1000
Why? CVSS 6.1
Proof of Concept
Improper Input Validation
SNYK-JS-URLPARSE-1078283
305/1000
Why? CVSS 6.1
No Known Exploit
Open Redirect
SNYK-JS-URLPARSE-1533425
305/1000
Why? CVSS 6.1
Proof of Concept
Access Restriction Bypass
SNYK-JS-URLPARSE-2401205
305/1000
Why? CVSS 6.1
Proof of Concept
Authorization Bypass
SNYK-JS-URLPARSE-2407759
305/1000
Why? CVSS 6.1
Proof of Concept
Authorization Bypass Through User-Controlled Key
SNYK-JS-URLPARSE-2412697
305/1000
Why? CVSS 6.1
Proof of Concept
Denial of Service (DoS)
SNYK-JS-SOCKJS-575261
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-TERSER-2806366
305/1000
Why? CVSS 6.1
No Known Exploit
Command Injection
SNYK-JS-NODENOTIFIER-1035794
305/1000
Why? CVSS 6.1
No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-COLORSTRING-1082939
305/1000
Why? CVSS 6.1
Proof of Concept
Cryptographic Issues
SNYK-JS-ELLIPTIC-1064899
305/1000
Why? CVSS 6.1
No Known Exploit
Information Exposure
SNYK-JS-EVENTSOURCE-2823375
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835
305/1000
Why? CVSS 6.1
Proof of Concept
Prototype Pollution
SNYK-JS-YARGSPARSER-560381
305/1000
Why? CVSS 6.1
Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346
305/1000
Why? CVSS 6.1
No Known Exploit
Prototype Pollution
SNYK-JS-MINIMIST-2429795
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POLISHED-1298071
305/1000
Why? CVSS 6.1
No Known Exploit
Incomplete List of Disallowed Inputs
SNYK-JS-BABELTRAVERSE-5962462
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WORDWRAP-3149973
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
npm:debug:20170905
305/1000
Why? CVSS 6.1
Proof of Concept
Regular Expression Denial of Service (ReDoS)
npm:debug:20170905
305/1000
Why? CVSS 6.1
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: @apollo/client
  • 3.10.1 - 2024-04-24

    Patch Changes

  • 3.10.0 - 2024-04-24

    Minor Changes

    Patch Changes

    • #11757 9825295 Thanks @ phryneas! - Adjust useReadQuery wrapper logic to work with transported objects.

    • #11771 e72cbba Thanks @ phryneas! - Wrap useQueryRefHandlers in wrapHook.

    • #11754 80d2ba5 Thanks @ alessbell! - Export WatchFragmentOptions and WatchFragmentResult from main entrypoint and fix bug where this wasn't bound to the watchFragment method on ApolloClient.

  • 3.10.0-rc.1 - 2024-04-15

    Minor Changes

    Patch Changes

    • #11757 9825295 Thanks @ phryneas! - Adjust useReadQuery wrapper logic to work with transported objects.

    • #11771 e72cbba Thanks @ phryneas! - Wrap useQueryRefHandlers in wrapHook.

    • #11754 80d2ba5 Thanks @ alessbell! - Export WatchFragmentOptions and WatchFragmentResult from main entrypoint and fix bug where this wasn't bound to the watchFragment method on ApolloClient.

  • 3.10.0-rc.0 - 2024-04-02

    Minor Changes

  • 3.10.0-alpha.1 - 2024-03-18
  • 3.9.11 - 2024-04-10

    Patch Changes

    • #11769 04132af Thanks @ jerelmiller! - Fix an issue where using skipToken or the skip option with useSuspenseQuery in React's strict mode would perform a network request.
  • 3.9.10 - 2024-04-01

    Patch Changes

    • #11738 b1a5eb8 Thanks @ jerelmiller! - Fix an issue where rerendering useBackgroundQuery after the queryRef had been disposed, either via the auto dispose timeout or by unmounting useReadQuery, would cause the queryRef to be recreated potentially resulting in another network request.

    • #11738 b1a5eb8 Thanks @ jerelmiller! - Allow queryRefs to be disposed of synchronously when a suspense hook unmounts. This prevents some situations where using a suspense hook with the same query/variables as the disposed queryRef accidentally used the disposed queryRef rather than creating a new instance.

    • #11670 cc5c03b Thanks @ phryneas! - Bail out of executeSubSelectedArray calls if the array has 0 elements.

  • 3.9.9 - 2024-03-22

    Patch Changes

    • #11696 466ef82 Thanks @ PiR1! - Immediately dispose of the queryRef if useBackgroundQuery unmounts before the auto dispose timeout kicks in.
  • 3.9.8 - 2024-03-20
  • 3.9.7 - 2024-03-13
  • 3.9.6 - 2024-03-06
  • 3.9.5 - 2024-02-15
  • 3.9.4 - 2024-02-07
  • 3.9.3 - 2024-02-06
  • 3.9.2 - 2024-02-01
  • 3.9.1 - 2024-01-31
  • 3.9.0 - 2024-01-30
  • 3.9.0-rc.1 - 2024-01-18
  • 3.9.0-rc.0 - 2024-01-17
  • 3.9.0-beta.1 - 2023-12-21
  • 3.9.0-beta.0 - 2023-12-18
  • 3.9.0-alpha.5 - 2023-12-05
  • 3.9.0-alpha.4 - 2023-11-08
  • 3.9.0-alpha.3 - 2023-11-02
  • 3.9.0-alpha.2 - 2023-10-11
  • 3.9.0-alpha.1 - 2023-09-21
  • 3.9.0-alpha.0 - 2023-09-19
  • 3.8.10 - 2024-01-18
  • 3.8.9 - 2024-01-09
  • 3.8.8 - 2023-11-29
  • 3.8.7 - 2023-11-02
  • 3.8.6 - 2023-10-16
  • 3.8.5 - 2023-10-05
  • 3.8.4 - 2023-09-19
  • 3.8.3 - 2023-09-05
  • 3.8.2 - 2023-09-01
  • 3.8.1 - 2023-08-10
  • 3.8.0 - 2023-08-07
  • 3.8.0-rc.2 - 2023-08-01
  • 3.8.0-rc.1 - 2023-07-17
  • 3.8.0-rc.0 - 2023-07-13
  • 3.8.0-beta.7 - 2023-07-10
  • 3.8.0-beta.6 - 2023-07-05
  • 3.8.0-beta.5 - 2023-06-28
  • 3.8.0-beta.4 - 2023-06-20
  • 3.8.0-beta.3 - 2023-06-15
  • 3.8.0-beta.2 - 2023-06-07
  • 3.8.0-beta.1 - 2023-05-31
  • 3.8.0-beta.0 - 2023-05-26
  • 3.8.0-alpha.15 - 2023-05-17
  • 3.8.0-alpha.14 - 2023-05-16
  • 3.8.0-alpha.13 - 2023-05-03
  • 3.8.0-alpha.12 - 2023-04-13
  • 3.8.0-alpha.11 - 2023-03-28
  • 3.8.0-alpha.10 - 2023-03-17
  • 3.8.0-alpha.9 - 2023-03-15
  • 3.8.0-alpha.8 - 2023-03-02
  • 3.8.0-alpha.7 - 2023-02-15
  • 3.8.0-alpha.6 - 2023-02-07
  • 3.8.0-alpha.5 - 2023-01-19
  • 3.8.0-alpha.4 - 2023-01-13
  • 3.8.0-alpha.3 - 2023-01-03
  • 3.8.0-alpha.2 - 2022-12-21
  • 3.8.0-alpha.1 - 2022-12-21
  • 3.8.0-alpha.0 - 2022-12-09
  • 3.7.17 - 2023-07-05
  • 3.7.16 - 2023-06-20
  • 3.7.15 - 2023-05-26
  • 3.7.14 - 2023-05-03
  • 3.7.13 - 2023-04-27
  • 3.7.12 - 2023-04-12
  • 3.7.11 - 2023-03-31
  • 3.7.10 - 2023-03-02
  • 3.7.9 - 2023-02-17
  • 3.7.8 - 2023-02-15
  • 3.7.7 - 2023-02-03
  • 3.7.6 - 2023-01-31
  • 3.7.5 - 2023-01-24
  • 3.7.4 - 2023-01-13
  • 3.7.3 - 2022-12-15
  • 3.7.2 - 2022-12-06
  • 3.7.1 - 2022-10-20
  • 3.7.0 - 2022-09-30
  • 3.7.0-rc.0 - 2022-09-21
  • 3.7.0-beta.8 - 2022-09-21
  • 3.7.0-beta.7 - 2022-09-08
  • 3.7.0-beta.6 - 2022-06-27
  • 3.7.0-beta.5 - 2022-06-10
  • 3.7.0-beta.4 - 2022-06-10
  • 3.7.0-beta.3 - 2022-06-07
  • 3.7.0-beta.2 - 2022-06-07
  • 3.7.0-beta.1 - 2022-05-26
  • 3.7.0-beta.0 - 2022-05-25
  • 3.7.0-alpha.6 - 2022-05-19
  • 3.7.0-alpha.5 - 2022-05-16
  • 3.7.0-alpha.4 - 2022-05-13
  • 3.7.0-alpha.3 - 2022-05-09
  • 3.7.0-alpha.2 - 2022-05-03
  • 3.7.0-alpha.1 - 2022-05-03
  • 3.7.0-alpha.0 - 2022-04-27
  • 3.6.10 - 2022-09-29
  • 3.6.9 - 2022-06-21
  • 3.6.8 - 2022-06-10
  • 3.6.7 - 2022-06-10
  • 3.6.6 - 2022-05-26
  • 3.6.5 - 2022-05-23
  • 3.6.4 - 2022-05-16
  • 3.6.3 - 2022-05-05
  • 3.6.2 - 2022-05-03
  • 3.6.1 - 2022-04-28
  • 3.6.0 - 2022-04-26
  • 3.6.0-rc.1 - 2022-04-19
  • 3.6.0-rc.0 - 2022-04-18
  • 3.6.0-beta.13 - 2022-04-14
  • 3.6.0-beta.12 - 2022-04-11
  • 3.6.0-beta.11 - 2022-04-05
  • 3.6.0-beta.10 - 2022-03-29
  • 3.6.0-beta.9 - 2022-03-10
  • 3.6.0-beta.8 - 2022-03-10
  • 3.6.0-beta.7 - 2022-03-10
  • 3.6.0-beta.6 - 2022-02-15
  • 3.6.0-beta.5 - 2022-02-04
  • 3.6.0-beta.4 - 2022-02-03
  • 3.6.0-beta.3 - 2021-11-23
  • 3.6.0-beta.2 - 2021-11-22
  • 3.6.0-beta.1 - 2021-11-16
  • 3.6.0-beta.0 - 2021-11-16
  • 3.5.10 - 2022-02-24
  • 3.5.9 - 2022-02-15
  • 3.5.8 - 2022-01-24
  • 3.5.7 - 2022-01-10
  • 3.5.6 - 2021-12-07
  • 3.5.5 - 2021-11-23
  • 3.5.4 - 2021-11-19
  • 3.5.3 - 2021-11-17
  • 3.5.2 - 2021-11-10
  • 3.5.1 - 2021-11-09
  • 3.5.0 - 2021-11-08
  • 3.5.0-rc.3 - 2021-11-03
  • 3.5.0-rc.2 - 2021-10-22
  • 3.5.0-rc.1 - 2021-10-04
  • 3.5.0-rc.0 - 2021-10-04
  • 3.5.0-beta.18 - 2021-10-01
  • 3.5.0-beta.17 - 2021-09-27
  • 3.5.0-beta.16 - 2021-09-20
  • 3.5.0-beta.15 - 2021-09-17
  • 3.5.0-beta.14 - 2021-09-17
  • 3.5.0-beta.13 - 2021-09-13
  • 3.5.0-beta.12 - 2021-09-10
  • 3.5.0-beta.11 - 2021-08-30
  • 3.5.0-beta.10 - 2021-08-30
  • 3.5.0-beta.9 - 2021-08-26
  • 3.5.0-beta.8 - 2021-08-24
  • 3.5.0-beta.7 - 2021-08-23
  • 3.5.0-beta.6 - 2021-08-18
  • 3.5.0-beta.5 - 2021-08-09
  • 3.5.0-beta.4 - 2021-08-04
  • 3.5.0-beta.3 - 2021-08-03
  • 3.5.0-beta.2 - 2021-08-02
  • 3.5.0-beta.1 - 2021-07-29
  • 3.5.0-beta.0 - 2021-07-28
  • 3.4.17 - 2021-11-08
  • 3.4.16 - 2021-10-04
  • 3.4.15 - 2021-09-27
  • 3.4.14 - 2021-09-27
  • 3.4.13 - 2021-09-20
  • 3.4.12 - 2021-09-17
  • 3.4.11 - 2021-09-10
  • 3.4.10 - 2021-08-27
  • 3.4.9 - 2021-08-24
  • 3.4.8 - 2021-08-16
  • 3.4.7 - 2021-08-09
  • 3.4.6 - 2021-08-09
from @apollo/client GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Snyk has created this PR to upgrade @apollo/client from 3.4.6 to 3.10.1.

See this package in npm:
@apollo/client

See this project in Snyk:
https://app.snyk.io/org/humanbot/project/32f307d5-9ba7-414b-b86b-fa9008d9c623?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

AutoCleanedWeakCache causes failure when running tests in fakeAsync zone
2 participants