Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add ParseQueryWithLimit #304

Merged
merged 1 commit into from
Jun 12, 2024
Merged

Add ParseQueryWithLimit #304

merged 1 commit into from
Jun 12, 2024

Conversation

StevenACoffman
Copy link
Collaborator

Signed-off-by: Steve Coffman steve@khanacademy.org

@StevenACoffman
Add ParseQueryWithLimit
4162d0d 
Signed-off-by: Steve Coffman <steve@khanacademy.org>
@StevenACoffman StevenACoffman merged commit 36a3658 into master Jun 12, 2024
4 checks passed
@StevenACoffman StevenACoffman deleted the parsequerywithlimit branch June 12, 2024 20:42
@coveralls
Copy link

Coverage Status

coverage: 88.48% (-0.1%) from 88.605%
when pulling 4162d0d on parsequerywithlimit
into d457fc0 on master.

@StevenACoffman StevenACoffman mentioned this pull request Jun 12, 2024
Closed
github-merge-queue bot referenced this pull request in infratographer/x Aug 8, 2024
@renovate
fix(deps): update module github.com/vektah/gqlparser/v2 to v2.5.14 [s…
b59d830 
…ecurity] (#238)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/vektah/gqlparser/v2](https://github.com/vektah/gqlparser)
| `v2.5.11` -> `v2.5.14` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fvektah%2fgqlparser%2fv2/v2.5.14?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fvektah%2fgqlparser%2fv2/v2.5.14?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fvektah%2fgqlparser%2fv2/v2.5.11/v2.5.14?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fvektah%2fgqlparser%2fv2/v2.5.11/v2.5.14?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

#### [CVE-2023-49559](https://nvd.nist.gov/vuln/detail/CVE-2023-49559)

An issue in vektah gqlparser open-source-library v.2.5.10 allows a
remote attacker to cause a denial of service via a crafted script to the
parserDirectives function.

---

### Release Notes

<details>
<summary>vektah/gqlparser (github.com/vektah/gqlparser/v2)</summary>

###
[`v2.5.14`](https://github.com/vektah/gqlparser/releases/tag/v2.5.14)

[Compare
Source](https://github.com/vektah/gqlparser/compare/v2.5.13...v2.5.14)

#### What's Changed

- Add ParseQueryWithLimit by
[@&#8203;StevenACoffman](https://github.com/StevenACoffman) in
[https://github.com/vektah/gqlparser/pull/304](https://github.com/vektah/gqlparser/pull/304)

**Full Changelog**:
vektah/gqlparser@v2.5.13...v2.5.14

###
[`v2.5.13`](https://github.com/vektah/gqlparser/releases/tag/v2.5.13)

[Compare
Source](https://github.com/vektah/gqlparser/compare/v2.5.12...v2.5.13)

#### What's Changed

- Bump the actions-deps group in /validator/imported with 6 updates by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/vektah/gqlparser/pull/298](https://github.com/vektah/gqlparser/pull/298)
- Bump prettier from 3.2.5 to 3.3.0 in /validator/imported in the
actions-deps group by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/vektah/gqlparser/pull/299](https://github.com/vektah/gqlparser/pull/299)
- Bump the actions-deps group in /validator/imported with 7 updates by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/vektah/gqlparser/pull/301](https://github.com/vektah/gqlparser/pull/301)
- Bump braces from 3.0.2 to 3.0.3 in /validator/imported by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/vektah/gqlparser/pull/302](https://github.com/vektah/gqlparser/pull/302)
- Token limit fix CVE-2023-49559 by
[@&#8203;uvzz](https://github.com/uvzz) in
[https://github.com/vektah/gqlparser/pull/291](https://github.com/vektah/gqlparser/pull/291)

#### New Contributors

- [@&#8203;uvzz](https://github.com/uvzz) made their first
contribution in
[https://github.com/vektah/gqlparser/pull/291](https://github.com/vektah/gqlparser/pull/291)

**Full Changelog**:
vektah/gqlparser@v2.5.12...v2.5.13

###
[`v2.5.12`](https://github.com/vektah/gqlparser/releases/tag/v2.5.12)

[Compare
Source](https://github.com/vektah/gqlparser/compare/v2.5.11...v2.5.12)

##### What's Changed

- Disallow empty parens
([#&#8203;292](https://github.com/vektah/gqlparser/issues/292)). by
[@&#8203;yuchenshi](https://github.com/yuchenshi) in
[https://github.com/vektah/gqlparser/pull/293](https://github.com/vektah/gqlparser/pull/293)
- WithBuiltin FormatterOption added by
[@&#8203;atzedus](https://github.com/atzedus) in
[https://github.com/vektah/gqlparser/pull/294](https://github.com/vektah/gqlparser/pull/294)
- Redo github actions by
[@&#8203;StevenACoffman](https://github.com/StevenACoffman) in
[https://github.com/vektah/gqlparser/pull/295](https://github.com/vektah/gqlparser/pull/295)
- Bump github.com/stretchr/testify from 1.4.0 to 1.9.0 in the
actions-deps group by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/vektah/gqlparser/pull/296](https://github.com/vektah/gqlparser/pull/296)
- Bump the actions-deps group in /validator/imported with 8 updates by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/vektah/gqlparser/pull/297](https://github.com/vektah/gqlparser/pull/297)

##### New Contributors

- [@&#8203;yuchenshi](https://github.com/yuchenshi) made their first
contribution in
[https://github.com/vektah/gqlparser/pull/293](https://github.com/vektah/gqlparser/pull/293)

**Full Changelog**:
vektah/gqlparser@v2.5.11...v2.5.12

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job log](https://developer.mend.io/github/infratographer/x).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xOC4xNyIsInVwZGF0ZWRJblZlciI6IjM4LjE4LjE3IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@StevenACoffman @coveralls