Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

chore(deps-dev): bump graphql-request from 6.1.0 to 7.3.4

Open
Number: #496
Type: Pull Request
State: Open
Author: dependabot[bot] dependabot[bot]
Association: Unknown
Comments: 2
Created: November 18, 2025 at 03:04 AM UTC
(7 days ago)
Updated: November 18, 2025 at 03:05 AM UTC
(7 days ago)
Labels:
type: dependencies
Description:

Bumps graphql-request from 6.1.0 to 7.3.4.

Release notes

Sourced from graphql-request's releases.

graphql-request@7.3.4

Bug Fixes

  • Fixed #1281: GraphQL errors and data are now accessible from 4xx/5xx HTTP responses
  • Fixed #1461: ClientError is properly returned for non-2xx responses with malformed bodies
  • Fixed #1462: ClientError is properly returned for non-2xx responses with unsupported content types

Changes

  • Non-2xx HTTP responses now parse the response body first to extract GraphQL errors/data when available
  • Non-2xx responses with valid GraphQL bodies return ClientError with errors and data accessible
  • Non-2xx responses with invalid bodies still return ClientError (not generic Error) for backwards compatibility
  • This release reverts PRs #1457 and #1459 which introduced regressions, then reapplies a minimal fix for #1281

Breaking Changes

None - this release maintains backwards compatibility while adding support for accessing GraphQL errors from 4xx/5xx responses.

graphql-request@7.3.3

Bug Fixes

  • Non-JSON Error Response Handling: Fixed regression in 7.3.2 where servers returning HTTP 4xx/5xx status codes with non-JSON response bodies (HTML, plain text) would throw an unhelpful error: "Invalid execution result: result is not object or array" (#1459, closes #1458)
    • Added safe JSON parsing fallback for responses without proper Content-Type headers
    • Returns descriptive error messages with response body preview for non-JSON responses
    • Handles common production scenarios: load balancer errors (502/503 HTML pages), CDN errors, WAF/firewall responses, misconfigured servers
    • Maintains backward compatibility for servers that omit Content-Type but return valid JSON
    • Added comprehensive test coverage for HTML, plain text, and missing Content-Type scenarios

What Changed

Version 7.3.2 introduced a bug where the ELSE branch in parseResultFromResponse would pass raw strings (HTML, plain text) to a parser expecting objects/arrays. This only surfaced when:

  1. Server returns 4xx/5xx status code
  2. Content-Type header is missing or non-JSON (e.g., text/html, text/plain)
  3. Response body is not valid JSON

This is now fixed with graceful error handling and clear error messages.

graphql-request@7.3.2

Bug Fixes

  • HTTP Error Handling: Fixed regression from v6 to v7 where HTTP 4xx/5xx responses would not include GraphQL errors from response body in ClientError (#1457, closes #1281)

    • Response body is now parsed before checking HTTP status
    • Users can access GraphQL errors via error.response.errors even with non-2xx status codes
    • Common use case: authentication errors (422), server errors (500)

  • graphql-codegen Compatibility: Added support for TypedDocumentString from @graphql-codegen when using documentMode: 'string' (#1456, closes #1453)

    • Handles boxed String objects created by TypedDocumentString class
    • Normalizes document input to prevent crashes when passing to GraphQL operations

graphql-request@7.3.1

... (truncated)

Commits
  • 2b4cd54 chore: bump version to 7.3.4
  • 657b126 Fix: parse GraphQL errors from 4xx/5xx responses (#1281) (#1465)
  • 280e294 Revert PRs #1457 and #1459 - will reimplement properly (#1463)
  • a9f94c1 chore: bump ver
  • 97d9822 Fix: handle non-JSON error responses gracefully (#1459)
  • cc99d03 chore: bump version to 7.3.2
  • 7a1ee76 fix: parse GraphQL errors from response body on HTTP 4xx/5xx status codes (#1...
  • 0f60a64 fix: support TypedDocumentString from graphql-codegen (#1456)
  • 8ef0842 fix(graphql-request): update repository URLs to point to graffle-js/graffle (...
  • a51de21 chore: bump version to 7.3.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Package Dependencies
Package:
graphql-request
Ecosystem:
npm
Version Change:
6.1.0 → 7.3.4
Update Type:
Major
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 11134943
UUID: 3635890286
Node ID: PR_kwDOG5lbN86z_h65
Host: GitHub
Repository: OpenFunction/functions-framework-nodejs