Skip to content
This repository was archived by the owner on May 5, 2025. It is now read-only.

[Snyk] Upgrade @apollo/client from 3.13.4 to 3.13.7 #257

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade @apollo/client from 3.13.4 to 3.13.7 #257

wants to merge 1 commit into from

Conversation

xorinzor
Copy link
Member

@xorinzor xorinzor commented May 2, 2025

snyk-top-banner

Snyk has created this PR to upgrade @apollo/client from 3.13.4 to 3.13.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 3 versions ahead of your current version.

  • The recommended version was released 22 days ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 524 No Known Exploit
medium severity Server-side Request Forgery (SSRF)
SNYK-JS-AXIOS-9403194		 524 No Known Exploit
Release notes
Package name: @apollo/client
  • 3.13.7 - 2025-04-10

    Patch Changes

    • #12540 0098932 Thanks @ phryneas! - Refactor: Move notification scheduling logic from QueryInfo to ObservableQuery

    • #12540 0098932 Thanks @ phryneas! - Refactored cache emit logic for ObservableQuery. This should be an invisible change.

  • 3.13.6 - 2025-04-04

    Patch Changes

    • #12285 cdc55ff Thanks @ phryneas! - keep ObservableQuery created by useQuery non-active before it is first subscribed
  • 3.13.5 - 2025-03-20

    Patch Changes

    • #12461 12c8d06 Thanks @ jerelmiller! - Fix an issue where a cache-first query would return the result for previous variables when a cache update is issued after simultaneously changing variables and skipping the query.
  • 3.13.4 - 2025-03-10
from @apollo/client GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade @apollo/client from 3.13.4 to 3.13.7
4ceed51 
Snyk has created this PR to upgrade @apollo/client from 3.13.4 to 3.13.7.

See this package in npm:
@apollo/client

See this project in Snyk:
https://app.snyk.io/org/shoutz0r-shared/project/71a76727-a61b-4cc8-aecd-bfff7773f421?utm_source=github&utm_medium=referral&page=upgrade-pr
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented May 2, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@xorinzor @snyk-bot