fix(deps): update module github.com/vektah/gqlparser/v2 to v2.5.14 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/vektah/gqlparser/v2	v2.5.1 -> v2.5.14

GitHub Vulnerability Alerts

CVE-2023-49559

An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function.

---

Release Notes

vektah/gqlparser (github.com/vektah/gqlparser/v2)

v2.5.14

Compare Source

What's Changed

• Add ParseQueryWithLimit by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/304

Full Changelog: vektah/gqlparser@v2.5.13...v2.5.14

v2.5.13

Compare Source

What's Changed

• Bump the actions-deps group in /validator/imported with 6 updates by @​dependabot in https://github.com/vektah/gqlparser/pull/298
• Bump prettier from 3.2.5 to 3.3.0 in /validator/imported in the actions-deps group by @​dependabot in https://github.com/vektah/gqlparser/pull/299
• Bump the actions-deps group in /validator/imported with 7 updates by @​dependabot in https://github.com/vektah/gqlparser/pull/301
• Bump braces from 3.0.2 to 3.0.3 in /validator/imported by @​dependabot in https://github.com/vektah/gqlparser/pull/302
• Token limit fix CVE-2023-49559 by @​uvzz in https://github.com/vektah/gqlparser/pull/291

New Contributors

• @​uvzz made their first contribution in https://github.com/vektah/gqlparser/pull/291

Full Changelog: vektah/gqlparser@v2.5.12...v2.5.13

v2.5.12

Compare Source

What's Changed

• Disallow empty parens (#​292). by @​yuchenshi in https://github.com/vektah/gqlparser/pull/293
• WithBuiltin FormatterOption added by @​atzedus in https://github.com/vektah/gqlparser/pull/294
• Redo github actions by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/295
• Bump github.com/stretchr/testify from 1.4.0 to 1.9.0 in the actions-deps group by @​dependabot in https://github.com/vektah/gqlparser/pull/296
• Bump the actions-deps group in /validator/imported with 8 updates by @​dependabot in https://github.com/vektah/gqlparser/pull/297

New Contributors

• @​yuchenshi made their first contribution in https://github.com/vektah/gqlparser/pull/293

Full Changelog: vektah/gqlparser@v2.5.11...v2.5.12

v2.5.11

Compare Source

What's Changed

• Bump get-func-name from 2.0.0 to 2.0.2 in /validator/imported by @​dependabot in https://github.com/vektah/gqlparser/pull/284
• Bump @​babel/traverse from 7.22.6 to 7.23.2 in /validator/imported by @​dependabot in https://github.com/vektah/gqlparser/pull/285
• Fix description formatting (possible " character) by @​blmhemu in https://github.com/vektah/gqlparser/pull/289
• gqlerror: implement List.Unwrap by @​emersion in https://github.com/vektah/gqlparser/pull/290

New Contributors

• @​blmhemu made their first contribution in https://github.com/vektah/gqlparser/pull/289
• @​emersion made their first contribution in https://github.com/vektah/gqlparser/pull/290

Full Changelog: vektah/gqlparser@v2.5.10...v2.5.11

v2.5.10

Compare Source

What's Changed

• fix for #​281 by @​Metamogul in https://github.com/vektah/gqlparser/pull/282
• Format the error file from #​282 by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/283

New Contributors

• @​Metamogul made their first contribution in https://github.com/vektah/gqlparser/pull/282

Full Changelog: vektah/gqlparser@v2.5.9...v2.5.10

v2.5.9

Compare Source

What's Changed

• Convenience to avoid wrapping nil by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/274
• Add WrapIfUnwrapped and other Lint fixes by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/275
• More lint by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/276
• More minor tweaks by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/277
• Make all fields of *gqlerror.Error public by @​fredzqm in https://github.com/vektah/gqlparser/pull/273
• Revert Path string change by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/278
• Adjust lexer to return gqlerror where it does not break tests by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/279

Full Changelog: vektah/gqlparser@v2.5.8...v2.5.9

v2.5.8

Compare Source

What's Changed

• Put comments behind an option in formatter by @​benjaminjkraft in https://github.com/vektah/gqlparser/pull/271

Full Changelog: vektah/gqlparser@v2.5.7...v2.5.8

v2.5.7

Compare Source

What's Changed

• [Snyk] Security upgrade @​babel/preset-env from 7.16.11 to 7.22.6 by @​lwc in https://github.com/vektah/gqlparser/pull/267
• Bump semver from 5.7.1 to 5.7.2 in /validator/imported by @​dependabot in https://github.com/vektah/gqlparser/pull/268
• Allow ommitting Directive arguments that are non-null if they have defaults by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/270

Full Changelog: vektah/gqlparser@v2.5.6...v2.5.7

v2.5.6

Compare Source

What's Changed

• feat: support end of definition comment and end of file comment by @​Warashi in https://github.com/vektah/gqlparser/pull/264
• feat(formatter): preserve spaces at the head of comments by @​Warashi in https://github.com/vektah/gqlparser/pull/265

Full Changelog: vektah/gqlparser@v2.5.5...v2.5.6

v2.5.5

Compare Source

What's Changed

• feat: format with comments by @​Warashi in https://github.com/vektah/gqlparser/pull/263

Full Changelog: vektah/gqlparser@v2.5.4...v2.5.5

v2.5.4

Compare Source

What's Changed

• feat(lexer): comment token support by @​Warashi in https://github.com/vektah/gqlparser/pull/261

New Contributors

• @​Warashi made their first contribution in https://github.com/vektah/gqlparser/pull/261

Full Changelog: vektah/gqlparser@v2.5.3...v2.5.4

v2.5.3

Compare Source

What's Changed

• Update modules by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/259

Full Changelog: vektah/gqlparser@v2.5.2...v2.5.3

v2.5.2

Compare Source

What's Changed

• Add github actions to lint by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/241
• GH Actions CI Additions + Linter fixups by @​philipaconrad in https://github.com/vektah/gqlparser/pull/242
• Prefer to wrap third party errors by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/243
• Remove a duplicate line in lexer_test.yml by @​ryicoh in https://github.com/vektah/gqlparser/pull/244
• Point to the right GraphQL spec by @​Khyme in https://github.com/vektah/gqlparser/pull/250
• Bump json5 from 2.2.0 to 2.2.3 in /validator/imported by @​dependabot in https://github.com/vektah/gqlparser/pull/251
• support @​defer directive by @​fiatjaf in https://github.com/vektah/gqlparser/pull/255
• Don't drop repeatable keyword when formatting directive by @​tadeokondrak in https://github.com/vektah/gqlparser/pull/256
• Validate directive arguments during schema parsing by @​fredzqm in https://github.com/vektah/gqlparser/pull/258
• Validate enum values directive are legit by @​fredzqm in https://github.com/vektah/gqlparser/pull/257

New Contributors

• @​ryicoh made their first contribution in https://github.com/vektah/gqlparser/pull/244
• @​Khyme made their first contribution in https://github.com/vektah/gqlparser/pull/250
• @​fiatjaf made their first contribution in https://github.com/vektah/gqlparser/pull/255
• @​tadeokondrak made their first contribution in https://github.com/vektah/gqlparser/pull/256
• @​fredzqm made their first contribution in https://github.com/vektah/gqlparser/pull/258

Full Changelog: vektah/gqlparser@v2.5.1...v2.5.2

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v2.5.14). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.