Skip to content

build(deps): bump graphql from 16.13.2 to 16.14.0 in the graphql group across 1 directory#2815

Merged
sjinks merged 1 commit into
trunkfrom
dependabot/npm_and_yarn/graphql-7afc4ec0f3
May 11, 2026
Merged

build(deps): bump graphql from 16.13.2 to 16.14.0 in the graphql group across 1 directory#2815
sjinks merged 1 commit into
trunkfrom
dependabot/npm_and_yarn/graphql-7afc4ec0f3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 7, 2026
edited
Loading

Bumps the graphql group with 1 update in the / directory: graphql.

Updates graphql from 16.13.2 to 16.14.0

Release notes

Sourced from graphql's releases.

v16.14.0 (2026-05-03)

New Feature 🚀

  • #4317 Allow configuration of the ofType introspection depth (@​Nols1000)
  • #4521 Add experimental support for directives on directive definitions (@​BoD)

Bug Fix 🐞

Docs 📝

Committers: 4

Commits

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 7, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/graphql 16.14.0 🟢 7.8
Details
CheckScoreReason
Code-Review🟢 5Found 15/29 approved changesets -- score normalized to 5
Maintained🟢 1016 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies🟢 4dependency not pinned by hash detected -- score normalized to 4
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy🟢 10security policy file detected
SAST🟢 10SAST tool is run on all commits

Scanned Files

  • package.json

@dependabot dependabot Bot changed the title build(deps): bump graphql from 16.13.2 to 16.14.0 in the graphql group build(deps): bump graphql from 16.13.2 to 16.14.0 in the graphql group across 1 directory May 7, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/graphql-7afc4ec0f3 branch from 956f600 to 7d6bfe8 Compare May 7, 2026 18:39
@dependabot
build(deps): bump graphql in the graphql group across 1 directory
21efe52 
Bumps the graphql group with 1 update in the / directory: [graphql](https://github.com/graphql/graphql-js).


Updates `graphql` from 16.13.2 to 16.14.0
- [Release notes](https://github.com/graphql/graphql-js/releases)
- [Commits](graphql/graphql-js@v16.13.2...v16.14.0)

---
updated-dependencies:
- dependency-name: graphql
  dependency-version: 16.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: graphql
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/graphql-7afc4ec0f3 branch from 7d6bfe8 to 21efe52 Compare May 8, 2026 12:21
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 8, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sjinks sjinks self-assigned this May 11, 2026
@sjinks sjinks merged commit b573f2b into trunk May 11, 2026
19 checks passed
@sjinks sjinks deleted the dependabot/npm_and_yarn/graphql-7afc4ec0f3 branch May 11, 2026 01:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sjinks sjinks sjinks approved these changes

Assignees

@sjinks sjinks

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sjinks