Skip to content

Bump com.graphql-java:graphql-java from 22.3 to 24.0 #155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump com.graphql-java:graphql-java from 22.3 to 24.0 #155

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 19, 2025

Bumps com.graphql-java:graphql-java from 22.3 to 24.0.

Release notes

Sourced from com.graphql-java:graphql-java's releases.

24.0 is a breaking change

This release is an unexpected breaking change release. It was made to help propagate a fix in the DataLoader library

In DataLoader version 4.0.0 we introduced immutability into the DataLoaderOptions class, which was a good thing.

However it left the old mutative setXXX methods in place and made them immutable. This was a mistake. This leads to bugs at runtime for example

DataLoaderOptions options = DataLoaderOptions.newOptions();
if (maxBatchSize != BatchLoader.UNSET_BATCH_SIZE) {
  options.setMaxBatchSize(maxBatchSize);
}
return options.setCacheMap(cache);

The above code would continue to compile but the setMaxBatchSize() would never take affected at runtime with the immutable support.

So to help address this bug a DataLoader version 5.0.0 was released and it has removed the setXXX methods and requires the Builder methods to be used to ensure that code that relied on the old mutative methods now break at compile time and not at runtime.

In turn we have released this new version of graphql-java - we have designated it a breaking change because of this transitive DataLoader breaking change

We consider v23.x poisoned and we don't recommend you use it because of the latent bug above.

But the release notes of 23 are still relevant when you upgrade from 22: https://github.com/graphql-java/graphql-java/releases/tag/v23.0

Small performance fixes

There are also a set of small performance oriented fixes that have gone out in this release.

What's Changed

Full Changelog: graphql-java/graphql-java@v23.1...v24.0

23.1

Do Not Use

... (truncated)

Commits
  • cab5b9f Merge pull request #3974 from graphql-java/Cherry-pick-3929-dont-allocate-non...
  • 861050a Merge pull request #3973 from graphql-java/Cherry-pick-3930-remove-optional-s...
  • f8858ea Merge pull request #3972 from graphql-java/Cherry-pick-3931-imperative-filter...
  • fbb0fd1 Cherry pick PR 3929 reduce nonnullablefieldvalidator allocations
  • 697298e Cherry pick 3930 remove optional streams
  • 306c66a Merge pull request #3971 from graphql-java/Cherry-pick-3932-remove-streams-fr...
  • 53a5215 Merge pull request #3970 from graphql-java/Cherry-pick-3934-execution-step-in...
  • fb68283 Cherry pick 3931 imperative filters
  • e20dad9 Merge pull request #3969 from graphql-java/Cherry-pick-3935-skip-builder-on-esp
  • 5676eb9 Merge pull request #3968 from graphql-java/Cherry-pick-3942-fix-singleton-to-...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump com.graphql-java:graphql-java from 22.3 to 24.0
0f00d92 
Bumps [com.graphql-java:graphql-java](https://github.com/graphql-java/graphql-java) from 22.3 to 24.0.
- [Release notes](https://github.com/graphql-java/graphql-java/releases)
- [Commits](graphql-java/graphql-java@v22.3...v24.0)

---
updated-dependencies:
- dependency-name: com.graphql-java:graphql-java
  dependency-version: '24.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels May 19, 2025
@dependabot dependabot bot mentioned this pull request May 19, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants