Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump gql from 3.5.3 to 4.0.0

Merged
Number: #319
Type: Pull Request
State: Merged
Author: dependabot[bot] dependabot[bot]
Association: Contributor
Comments: 0
Created: August 18, 2025 at 02:08 PM UTC
(10 months ago)
Updated: September 05, 2025 at 06:08 PM UTC
(9 months ago)
Merged: September 05, 2025 at 06:08 PM UTC
(9 months ago)
by ic-dev21
Time to Close: 18 days
Labels:
dependencies python
Description:

Bumps gql from 3.5.3 to 4.0.0.

Release notes

Sourced from gql's releases.

v4.0.0

Breaking Changes

  • Change transports prototype using GraphQLRequest (#551)
  • Using GraphQLRequest instead of DocumentNode for gql, execute, subscribe methods (#556): This is a big change:
    • the gql and dsl_gql methods will now return a GraphQLRequest instead of a Document Node a GraphQLRequest is an object containing the document and optional variable_values and operation_name
    • ALL the execute and subscribe methods now receive a GraphQLRequest as main argument instead of a DocumentNode, variable_values and operation_name arguments
    • The old method of sending variable_values as an argument of execute or subscribe still works but is deprecated See https://gql.readthedocs.io/en/latest/usage/variables.html for the new syntax.
  • Fix subscription task cancel exception swallow (#548): Previously if a task was cancelled while a subscription task was active, the asyncio.CancelledError Exception would be swallowed by our code. This is not the case anymore so you should now trap that Exception yourself.
  • Clean up the file upload interface with FileVar class (#549): The file upload functionality has been modified to require FileVar instances for uploaded files (the old method still works but is deprecated). See https://gql.readthedocs.io/en/latest/usage/file_upload.html
  • Set logging level to DEBUG for all transports (#552)
  • introspection now requests deprecated input fields by default (#553)
  • Trapping dependencies Exceptions into TransportConnectionFailed (#558): Now gql will trap Exceptions raised by dependencies when executing a request and will encapsulate that Exception into the TransportConnectionFailed Exception
  • Set ssl=True by default for AIOHTTPTransport (#538) (issue #529)
  • New TransportConnectionClosed Exception replacing ConnectionClosed Exception (#536)
  • websocket attribute removed from transport, now using _connected instead (#536)
  • Upgrade lastest websockets and Exceptions overhaul (#543)

Features

Batching requests is now fully supported, on sync or async transports, with automatic batching:

  • Implementation of execute_batch for async transports (#550)
  • Implementation of automatic batching for async (#554)

See https://gql.readthedocs.io/en/latest/advanced/batching_requests.html

Fixes

  • Fix httpx test deprecated warning (#542)
  • Refactor websockets transports (#536) :

Refactor WebSockets Transport with Dependency Injection Architecture

This major architectural improvement implements dependency injection patterns across the WebSockets transport layer, creating a more modular, testable, and extensible system:

  • Created abstract AdapterConnection interface in common/adapters/connection.py
  • Implemented concrete WebSocketsAdapter to wrap the websockets library
  • Moved websockets_base.py to common/base.py maintaining better structure which is independant of the websockets library used

... (truncated)

Commits
  • 059caba Bump version number to 4.0.0
  • 7695620 Restrict graphql-core to <3.3 instead of <3.2.7 on stable branch
  • 16c76bf Merge branch 'master' into stable
  • dba4953 Documentation improvements (#561)
  • a90f923 Bump version number to 4.0.0b0
  • 4af703e Trapping dependencies Exceptions into TransportConnectionFailed (#558)
  • 4fa1553 Refactor transports (#557)
  • b3789ef Using GraphQLRequest instead of DocumentNode for gql, execute, subscribe meth...
  • b221c0e Remove MIT license classifier (#555)
  • 7fcb5b6 Implementation of automatic batching for async (#554)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Pull Request Statistics
Commits:
1
Files Changed:
2
Additions:
+17
Deletions:
-15
Package Dependencies
Package:
gql
Ecosystem:
pip
Version Change:
3.5.3 → 4.0.0
Update Type:
Major
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 7027499
UUID: 2753457055
Node ID: PR_kwDOGgQb5M6kHmuf
Host: GitHub
Repository: dvd-dev/python-hilo
Merge State: Unknown