Bump com.graphql-java:graphql-java from 20.0 to 20.2

[dependabot]

Bumps com.graphql-java:graphql-java from 20.0 to 20.2.

Release notes

Sourced from com.graphql-java:graphql-java's releases.

20.2

This is a security bugfix release containing #3148, which adds a limit to the number of characters used in an operation.

There are no breaking changes in this release.

What's Changed

• Diffing fixes 2 by @​gnawf in graphql-java/graphql-java#3146
• Fix argument added to new type by @​gnawf in graphql-java/graphql-java#3150
• Show test failures in builds by @​bbakerman in graphql-java/graphql-java#3151
• Fix applied argument deleted on field by @​gnawf in graphql-java/graphql-java#3154
• Have a limit on how many characters are presented to the Parser by @​bbakerman in graphql-java/graphql-java#3148

Full Changelog: graphql-java/graphql-java@v20.1...v20.2

20.1

This is a feature and bugfix release. There are no breaking changes in this release. This release continues to use Java 8.

Thanks to everyone in the community for helping us with this release. Thanks for your PRs, issues, and discussions!

Security fix

This release includes a security fix #3112 which adds a limit to the depth of grammar rules, to prevent stack overflow.

Highlights

#3095 improves resiliency to class loader problems with LambdaMetafactory.

#3049 adds an extensions builder and merger.

Release policy

We have formalised our release schedule to give the community a better idea of when to expect releases, what will be contained within them, and when important fixes will be backported. See the full details at https://www.graphql-java.com/blog/release-policy

What's Changed

• docs: update badges for v20 release by @​setchy in graphql-java/graphql-java#3047
• Update FieldValidationInstrumentation.java by @​kfwerf in graphql-java/graphql-java#3066
• Update vulnerability reporting instructions by @​dondonz in graphql-java/graphql-java#3070
• Fix extend schema directives ANTLR rule by @​dondonz in graphql-java/graphql-java#3071
• Allow users to disable MultiSourceReader trackData through ParserOptions by @​AntaresS in graphql-java/graphql-java#3062
• Add missing getter and fix name consistency by @​gnawf in graphql-java/graphql-java#3073
• use toolchain to specify the java version by @​andimarek in graphql-java/graphql-java#3075
• Fix isNameChanged by @​gnawf in graphql-java/graphql-java#3076
• Update instrumentation example in documentation by @​dondonz in graphql-java/graphql-java#3078
• Reuse ExecutionStrategyInstrumentationContext.NOOP in DataLoaderDispatcherInstrumentation by @​dfa1 in graphql-java/graphql-java#3068
• Add missing this keyword for readability by @​cookieMr in graphql-java/graphql-java#3067
• defaulting the deprecated methods in Coercing by @​bbakerman in graphql-java/graphql-java#3063
• Add missing detail by @​gnawf in graphql-java/graphql-java#3079
• Updating the JavaDoc http links by @​bbakerman in graphql-java/graphql-java#3083
• An Extensions Builder by @​bbakerman in graphql-java/graphql-java#3049
• Use ImmutableList.builderWithExpectedSize in ImmutableKit.mapAndDropNulls too by @​dfa1 in graphql-java/graphql-java#3081
• Resolve TypeReferences in schema applied directives by @​kaqqao in graphql-java/graphql-java#3054
• Remove sun.misc.* from MANIFEST.MF by @​dondonz in graphql-java/graphql-java#3091
• Replace javax nullable annotations with JetBrains equivalent by @​dondonz in graphql-java/graphql-java#3093

... (truncated)

Commits

• fabc3e0 Merge pull request #3148 from graphql-java/limit-characters-to-parse
• 85765bf Merge pull request #3154 from gnawf/fix-applied-argument-deleted-on-field
• 836b54b Fix applied argument deleted on field
• 6a4744d Merge pull request #3151 from graphql-java/show_test_failures_in_builds
• 0a8ef53 This has a listener to show what tests failed - better types
• 3d1a208 This has a listener to show what tests failed - @​ignored
• d89882f This has a listener to show what tests failed
• 042f3a2 Merge pull request #3150 from gnawf/fix-argument-added
• df57642 Fix argument added to new type
• ceb63c7 Have a limit on how many characters are presented to the Parser- tweaked test...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dondonz]

Duplicate of #95

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.