Sourced from com.graphql-java:graphql-java's releases.

24.1

This is bugfix release for 24.

Main change is #3994: If you have defer enabled (an experimental feature) and use data loaders for mutations your requests would hang, because the data loaders are not dispatched correctly.

Additionally this release contains #3995.

Cheers

What's Changed

• bugfix: fix mutations data loading dispatching when defer is enabled by @​andimarek in graphql-java/graphql-java#3994
• Deterministic source location backport 24 by @​andimarek in graphql-java/graphql-java#3995

Full Changelog: https://github.com/graphql-java/graphql-java/compare/v24.0...v24.1

24.0 is a breaking change

This release is an unexpected breaking change release. It was made to help propagate a fix in the DataLoader library

In DataLoader version 4.0.0 we introduced immutability into the DataLoaderOptions class, which was a good thing.

However it left the old mutative setXXX methods in place and made them immutable. This was a mistake. This leads to bugs at runtime for example

DataLoaderOptions options = DataLoaderOptions.newOptions();
if (maxBatchSize != BatchLoader.UNSET_BATCH_SIZE) {
  options.setMaxBatchSize(maxBatchSize);
}
return options.setCacheMap(cache);

The above code would continue to compile but the setMaxBatchSize() would never take affected at runtime with the immutable support.

So to help address this bug a DataLoader version 5.0.0 was released and it has removed the setXXX methods and requires the Builder methods to be used to ensure that code that relied on the old mutative methods now break at compile time and not at runtime.

In turn we have released this new version of graphql-java - we have designated it a breaking change because of this transitive DataLoader breaking change

We consider v23.x poisoned and we don't recommend you use it because of the latent bug above.

But the release notes of 23 are still relevant when you upgrade from 22: https://github.com/graphql-java/graphql-java/releases/tag/v23.0

Small performance fixes

There are also a set of small performance oriented fixes that have gone out in this release.

What's Changed

• 24.x Cherry pick JSpecify OSGI config by @​dondonz in graphql-java/graphql-java#3960
• 24.x Backport of avoid wrapping materialised value by @​dondonz in graphql-java/graphql-java#3962

... (truncated)

• fcb48ba Merge pull request #3995 from graphql-java/deterministic-source-location-back...
• e72fddc update gradle wrapper validation
• a66c594 tidy
• 9ba39f3 deterministically serialize SourceLocation
• 1db8cf4 Merge pull request #3994 from graphql-java/mutation-with-defer-enabled-v24
• 37aa318 fix mutations data loading dispatching when defer is enabled
• cab5b9f Merge pull request #3974 from graphql-java/Cherry-pick-3929-dont-allocate-non...
• 861050a Merge pull request #3973 from graphql-java/Cherry-pick-3930-remove-optional-s...
• f8858ea Merge pull request #3972 from graphql-java/Cherry-pick-3931-imperative-filter...
• fbb0fd1 Cherry pick PR 3929 reduce nonnullablefieldvalidator allocations
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)