Apollo Federation

Patch Changes

• Updated dependencies [21cf465d4c687daeed71635422718c3c7b7d2d0e, 5b36fc6b5a494aa6983e0339713dc45a0bd031e3, a20279a0184d9dfbc01a806d849dc8ae22497298]:
  • @apollo/federation-internals@2.14.0

Minor Changes

• Relax @interfaceObject validation for Fed 1 subgraphs. (#3392)

  Previously, any use of @interfaceObject in a Fed 2 subgraph caused an INTERFACE_OBJECT_USAGE_ERROR if any Fed 1 subgraph was present in the composition, regardless of whether the types conflicted.

  The check is now per-type: an error is only raised when a Fed 2 subgraph uses @interfaceObject on type T and a Fed 1 subgraph has @key on an interface also named T. @key on an interface in a Fed 1 subgraph does not mean it can fulfill the __typename-resolution requirement that @interfaceObject depends on — but they are otherwise compatible with @interfaceObject usage on unrelated types.

• Add validations for @link usages to prevent name conflicts. (#3430)

  This change helps to avoid ambiguity for downstream @link-consuming code, which previously may have found different results for a spec schema element depending on search order. If your composition fails after this change, please rename conflicting elements via @link(import:) and conflicting specs/features via @link(as:).

  Note that if you were declaring @links for the https://specs.apollo.dev/tag or https://specs.apollo.dev/inaccessible specs in your subgraph schema, you will need to instead import @tag and @inaccessible from the https://specs.apollo.dev/federation spec. This previous pattern only succeeded due to a now-fixed bug and is fragile/may lead to undesirable behavior.

Patch Changes

• Fixed print logic when calculating the max number of elements to include in the message. Previously we were not passing (#3424) the current calculated length correctly leading to inclusion of additional elements in the error/hints message.

Minor Changes

• Add opt-out anonymous deployment environment telemetry. To opt-out, set APOLLO_TELEMETRY_DISABLED=1 in your environment. (#3379)

Patch Changes

• Fixed print logic when calculating the max number of elements to include in the message. Previously we were not passing (#3424) the current calculated length correctly leading to inclusion of additional elements in the error/hints message.
• Updated dependencies [21cf465d4c687daeed71635422718c3c7b7d2d0e, e1fd4ac10f72bb09027995f0811ec6e0021bcd49, 5b36fc6b5a494aa6983e0339713dc45a0bd031e3, a20279a0184d9dfbc01a806d849dc8ae22497298]:
  • @apollo/composition@2.14.0
  • @apollo/federation-internals@2.14.0
  • @apollo/query-planner@2.14.0

Patch Changes

• Updated dependencies [21cf465d4c687daeed71635422718c3c7b7d2d0e, 5b36fc6b5a494aa6983e0339713dc45a0bd031e3, a20279a0184d9dfbc01a806d849dc8ae22497298]:
  • @apollo/federation-internals@2.14.0

Patch Changes

• Updated dependencies [21cf465d4c687daeed71635422718c3c7b7d2d0e, 5b36fc6b5a494aa6983e0339713dc45a0bd031e3, a20279a0184d9dfbc01a806d849dc8ae22497298]:
  • @apollo/federation-internals@2.14.0
  • @apollo/query-graphs@2.14.0

Minor Changes

• Relax @composeDirective validation when definitions are absent in some subgraphs. (#3422)

  Previously, if some set of spec directives were being composed into the supergraph schema via @composeDirective, then subgraphs with the latest version of that spec would each have to declare all of those spec directive definitions. Not following this rule would often result in composition emitting a DIRECTIVE_COMPOSITION_ERROR error. This restriction has now been relaxed, and a definition needs to only be in at least one of those subgraphs with the latest version of that spec.

  As an example, the following @composeDirective usage could previously fail, but is now valid.

  # subgraph A — composes and defines @foo and @bar
  extend schema
    # ...
    @link(url: "https://myorg.dev/myspec/v1.0", import: ["@foo", "@bar"])
    @composeDirective(name: "@foo")
    @composeDirective(name: "@bar")
  # ...
  directive @foo on FIELD
  directive @bar on FIELD
  
  # subgraph B — composes and defines only @foo
  extend schema
    # ...
    @link(url: "https://myorg.dev/myspec/v1.0", import: ["@foo"])
    @composeDirective(name: "@foo")
  # ...
  directive @foo on FIELD

Patch Changes

• Fixed print logic when calculating the max number of elements to include in the message. Previously we were not passing (#3424) the current calculated length correctly leading to inclusion of additional elements in the error/hints message.
• Updated dependencies [21cf465d4c687daeed71635422718c3c7b7d2d0e, 5b36fc6b5a494aa6983e0339713dc45a0bd031e3, a20279a0184d9dfbc01a806d849dc8ae22497298]:
  • @apollo/federation-internals@2.14.0
  • @apollo/query-graphs@2.14.0

Patch Changes

• Updated dependencies [b5c17ffa73e2de49bd63182a84a7d5837c0ab2d5]:
  • @apollo/federation-internals@2.13.3

Patch Changes

• Mark connect/v0.4 as a preview version so composition does not inject it into the supergraph @link unless a subgraph explicitly uses it. Previously, upgrading to Federation v2.13 would unconditionally stamp connect/v0.4 into the supergraph, causing Router to require the connectors.preview_connect_v0_4 flag even when no subgraph used v0.4 features. (RH-1321) (#3413)

• Updated dependencies [b5c17ffa73e2de49bd63182a84a7d5837c0ab2d5]:

  • @apollo/federation-internals@2.13.3
  • @apollo/query-graphs@2.13.3

Patch Changes

• Updated dependencies [b5c17ffa73e2de49bd63182a84a7d5837c0ab2d5]:
  • @apollo/composition@2.13.3
  • @apollo/federation-internals@2.13.3
  • @apollo/query-planner@2.13.3

Patch Changes

• Updated dependencies [b5c17ffa73e2de49bd63182a84a7d5837c0ab2d5]:
  • @apollo/federation-internals@2.13.3

Patch Changes

• Updated dependencies [b5c17ffa73e2de49bd63182a84a7d5837c0ab2d5]:
  • @apollo/federation-internals@2.13.3
  • @apollo/query-graphs@2.13.3

Patch Changes

• Mark connect/v0.4 as a preview version so composition does not inject it into the supergraph @link unless a subgraph explicitly uses it. Previously, upgrading to Federation v2.13 would unconditionally stamp connect/v0.4 into the supergraph, causing Router to require the connectors.preview_connect_v0_4 flag even when no subgraph used v0.4 features. (RH-1321) (#3413)

Patch Changes

• Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. (#3400)

  See the associated GitHub Advisories GHSA-pfjj-6f4p-rvmh for more information.

• Updated dependencies [b51586d4a5c891f8832e78f8415d798282567831]:

  • @apollo/query-planner@2.9.6
  • @apollo/federation-internals@2.9.6
  • @apollo/composition@2.9.6

Patch Changes

• Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. (#3400)

  See the associated GitHub Advisories GHSA-pfjj-6f4p-rvmh for more information.

Patch Changes

• Updated dependencies [b51586d4a5c891f8832e78f8415d798282567831]:
  • @apollo/federation-internals@2.9.6

Patch Changes

• Updated dependencies [b51586d4a5c891f8832e78f8415d798282567831]:
  • @apollo/federation-internals@2.9.6
  • @apollo/query-graphs@2.9.6

Patch Changes

• Updated dependencies [b51586d4a5c891f8832e78f8415d798282567831]:
  • @apollo/federation-internals@2.9.6

Patch Changes

• Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. (#3399)

  See the associated GitHub Advisories GHSA-pfjj-6f4p-rvmh for more information.

Patch Changes

• Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. (#3400)

  See the associated GitHub Advisories GHSA-pfjj-6f4p-rvmh for more information.

• Updated dependencies [b51586d4a5c891f8832e78f8415d798282567831]:

  • @apollo/federation-internals@2.9.6
  • @apollo/query-graphs@2.9.6

Patch Changes

• Updated dependencies [1ce248dcb2c297cab185dde08347710f8ceda3e3]:
  • @apollo/federation-internals@2.10.5
  • @apollo/query-graphs@2.10.5