Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump graphene from 2.1.8 to 3.3 in /backend/requirements #1806

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 26, 2023

Bumps graphene from 2.1.8 to 3.3.

Release notes

Sourced from graphene's releases.

v3.3.0

This release brings two new features and several fixes and semantic upgrades due to new Python features. Thanks to everyone that contributed! 😊

Default value for InputObjectTypes

⚠️⚠️ACTION REQUIRED⚠️⚠️ In GraphQL, inputs can have fields which are optional. Currently, if those fields are not specified in the query, they are passed to the python inputs as None. This renders them indistinguishable from fields that are actually passed to the query with a value of null. While the alternative would be to check the definition via "key" in input, it is more accessible to mark these fields as explicitly UNDEFINED. This PR adds a new global override, which allows unspecified fields to be set to graphql.UNDEFINED. In the future, the default Value will be set to UNDEFINED, making this a soft migration and deprecation of the previous situation.

This is a soft migration. Long-Term, the Input Objects will ALWAYS contain the value UNDEFINED Make sure your code supports these cases in None checks. After the default has been set to UNDEFINED, you will still be able to switch back to None for the foreseeable future.

Strict connection types support in Relay

Custom Relay connection classes can now be made NonNull using the strict_types option on the connection meta.

Using this example

  class MyObjectConnection(Connection):
      class Meta:
          node = MyObject
          strict_types = True

will change from

type MyObjectConnection {
   edges: [MyObject]
}

to

type MyObjectConnection {
   edges: [MyObject!]!
}

Caveats

We want to make sure you're informed about using NonNull relay connections. While they are a great way to get rid of some null checks in typed frontends, it's important to be mindful of error handling with these connections. When working with NonNull connections, it's crucial to remember that if a requested field or edge is not available or the resolver throws an error, the error will bubble up to the next nullable parent field, which is oftentimes the root node. That way, you cannot handle partial results in case of partial errors anymore. In a nullable connection, only the nullable fields will be set to null and the error will not bubble up.

To address this, we recommend considering waiting for the future release of client-controlled nullability for cases where certain connections might be nullable. By opting for client-controlled nullability, you gain more control over error handling, enabling you to handle potential null values more gracefully and enhance the overall user experience. Read more about client controlled nullability here: graphql/graphql-spec#867

What's Changed

... (truncated)

Commits
  • f5aba2c release: 3.3.0
  • ea7ccc3 feat(relay): add option for strict connection types (#1504)
  • 6b8cd2d ci: drop python 3.6 (#1507)
  • 74db349 docs: add get_human function (#1380)
  • 99f0103 test: print schema with InputObjectType with DateTime field with default_valu...
  • 03cf2e1 chore: remove travis ci link
  • d77d0b0 chore: Use typing.TYPE_CHECKING instead of MYPY (#1503)
  • c636d98 fix: Corrected enum metaclass to fix pickle.dumps() (#1495)
  • 2da8e9d feat: Enable use of Undefined in InputObjectTypes (#1506)
  • 8ede21e chore: default enum description to "An enumeration." (#1502)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file django related to the django backend python Pull requests that update Python code labels Jul 26, 2023
@vercel
Copy link

vercel bot commented Jul 26, 2023

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
indok-web ✅ Ready (Inspect) Visit Preview 💬 Add feedback Apr 8, 2024 4:15pm

@sonarcloud
Copy link

sonarcloud bot commented Jul 26, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@MagnusHafstad
Copy link
Contributor

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/pip/backend/requirements/graphene-3.3 branch from 08e7d6e to a4d7794 Compare December 30, 2023 14:48
Copy link

sonarcloud bot commented Dec 30, 2023

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@MagnusHafstad
Copy link
Contributor

@dependabot rebase

Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 8, 2024

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@MagnusHafstad
Copy link
Contributor

@dependabot recreate

Bumps [graphene](https://github.com/graphql-python/graphene) from 2.1.8 to 3.3.
- [Release notes](https://github.com/graphql-python/graphene/releases)
- [Commits](graphql-python/graphene@v2.1.8...v3.3.0)

---
updated-dependencies:
- dependency-name: graphene
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/backend/requirements/graphene-3.3 branch from 7d5d2e2 to 1e9da95 Compare April 8, 2024 16:11
Copy link

sonarcloud bot commented Apr 8, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 21, 2024

Superseded by #2106.

@dependabot dependabot bot closed this Oct 21, 2024
@dependabot dependabot bot deleted the dependabot/pip/backend/requirements/graphene-3.3 branch October 21, 2024 08:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file django related to the django backend python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant