Update dependency @apollo/gateway to v2.8.5 [SECURITY] #441
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/npm-apollo-gateway-vulnerability
branch
from
8df2333 to
f80132e
Compare
Overview for:
|
| Gateway | RPS ⬇️ | Requests | Duration | Notes |
|---|---|---|---|---|
| cosmo | 171 | 5228 total, 0 failed | avg: 516ms, p95: 664ms | ✅ |
| apollo-router | 168 | 5146 total, 0 failed | avg: 508ms, p95: 732ms | ✅ |
| wundergraph | 153 | 4681 total, 0 failed | avg: 517ms, p95: 954ms | ✅ |
| mesh-supergraph-bun | 80 | 2462 total, 0 failed | avg: 1206ms, p95: 2098ms | ✅ |
| apollo-server | 46 | 1477 total, 0 failed | avg: 2077ms, p95: 2807ms | ✅ |
| mercurius | 29 | 893 total, 0 failed | avg: 3397ms, p95: 4676ms | ✅ |
| mesh-supergraph | 27 | 869 total, 0 failed | avg: 3607ms, p95: 5589ms | ✅ |
Summary for: `cosmo`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 15684 ✗ 0
data_received..................: 459 MB 15 MB/s
data_sent......................: 6.2 MB 204 kB/s
http_req_blocked...............: avg=58.99µs min=1.47µs med=3.13µs max=113.03ms p(90)=4.91µs p(95)=6.11µs
http_req_connecting............: avg=11.53µs min=0s med=0s max=3.85ms p(90)=0s p(95)=0s
http_req_duration..............: avg=516.35ms min=58.29ms med=518.26ms max=1.31s p(90)=618.86ms p(95)=664.24ms
{ expected_response:true }...: avg=516.35ms min=58.29ms med=518.26ms max=1.31s p(90)=618.86ms p(95)=664.24ms
http_req_failed................: 0.00% ✓ 0 ✗ 5228
http_req_receiving.............: avg=20.79ms min=40.44µs med=83.55µs max=793.72ms p(90)=47.7ms p(95)=126.12ms
http_req_sending...............: avg=1.31ms min=7.34µs med=14.66µs max=536.05ms p(90)=42.99µs p(95)=268.64µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=494.24ms min=58.18ms med=508.91ms max=766.71ms p(90)=590.22ms p(95)=614.13ms
http_reqs......................: 5228 171.926424/s
iteration_duration.............: avg=578.71ms min=80.66ms med=555.45ms max=1.59s p(90)=732.26ms p(95)=854.57ms
iterations.....................: 5228 171.926424/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `apollo-router`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 15438 ✗ 0
data_received..................: 451 MB 15 MB/s
data_sent......................: 6.1 MB 200 kB/s
http_req_blocked...............: avg=18.62µs min=1.38µs med=3.11µs max=31.96ms p(90)=4.95µs p(95)=6.1µs
http_req_connecting............: avg=7.32µs min=0s med=0s max=3.29ms p(90)=0s p(95)=0s
http_req_duration..............: avg=508.27ms min=46.9ms med=510.5ms max=1.9s p(90)=660.2ms p(95)=732.44ms
{ expected_response:true }...: avg=508.27ms min=46.9ms med=510.5ms max=1.9s p(90)=660.2ms p(95)=732.44ms
http_req_failed................: 0.00% ✓ 0 ✗ 5146
http_req_receiving.............: avg=26.79ms min=36.72µs med=76.92µs max=1.55s p(90)=57.78ms p(95)=150.11ms
http_req_sending...............: avg=2.35ms min=8.59µs med=14.64µs max=993.69ms p(90)=43.27µs p(95)=199.13µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=479.12ms min=46.84ms med=496.96ms max=939.27ms p(90)=621.33ms p(95)=656.94ms
http_reqs......................: 5146 168.612395/s
iteration_duration.............: avg=589.64ms min=60.23ms med=556.52ms max=3.05s p(90)=799.04ms p(95)=970.11ms
iterations.....................: 5146 168.612395/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `wundergraph`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 14043 ✗ 0
data_received..................: 411 MB 14 MB/s
data_sent......................: 5.6 MB 183 kB/s
http_req_blocked...............: avg=66.03µs min=1.14µs med=2.8µs max=100.19ms p(90)=4.49µs p(95)=6.01µs
http_req_connecting............: avg=32.17µs min=0s med=0s max=7.77ms p(90)=0s p(95)=0s
http_req_duration..............: avg=517.35ms min=16.11ms med=498.74ms max=2s p(90)=834.64ms p(95)=954.36ms
{ expected_response:true }...: avg=517.35ms min=16.11ms med=498.74ms max=2s p(90)=834.64ms p(95)=954.36ms
http_req_failed................: 0.00% ✓ 0 ✗ 4681
http_req_receiving.............: avg=50.76ms min=39.58µs med=89.34µs max=1.41s p(90)=179.18ms p(95)=355.67ms
http_req_sending...............: avg=3.65ms min=7.77µs med=13.48µs max=1.39s p(90)=40.8µs p(95)=530.97µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=462.93ms min=16.02ms med=453.06ms max=1.23s p(90)=755.19ms p(95)=865.2ms
http_reqs......................: 4681 153.965612/s
iteration_duration.............: avg=645.58ms min=35.33ms med=592.33ms max=2.7s p(90)=1.06s p(95)=1.25s
iterations.....................: 4681 153.965612/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mesh-supergraph-bun`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 7386 ✗ 0
data_received..................: 216 MB 7.0 MB/s
data_sent......................: 2.9 MB 95 kB/s
http_req_blocked...............: avg=85.15µs min=1.43µs med=3.12µs max=8.86ms p(90)=5.23µs p(95)=13.6µs
http_req_connecting............: avg=71.91µs min=0s med=0s max=4.75ms p(90)=0s p(95)=0s
http_req_duration..............: avg=1.2s min=482.62ms med=1.03s max=4.4s p(90)=1.93s p(95)=2.09s
{ expected_response:true }...: avg=1.2s min=482.62ms med=1.03s max=4.4s p(90)=1.93s p(95)=2.09s
http_req_failed................: 0.00% ✓ 0 ✗ 2462
http_req_receiving.............: avg=12.45ms min=38.25µs med=113.33µs max=1.12s p(90)=2.19ms p(95)=33.44ms
http_req_sending...............: avg=258.64µs min=8.33µs med=15.01µs max=101.09ms p(90)=41.75µs p(95)=202.86µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=1.19s min=482.19ms med=1.02s max=3.28s p(90)=1.91s p(95)=2.09s
http_reqs......................: 2462 80.153631/s
iteration_duration.............: avg=1.23s min=494.1ms med=1.05s max=4.41s p(90)=1.96s p(95)=2.14s
iterations.....................: 2462 80.153631/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `apollo-server`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 4431 ✗ 0
data_received..................: 130 MB 4.1 MB/s
data_sent......................: 1.8 MB 56 kB/s
http_req_blocked...............: avg=42.26µs min=1.6µs med=4.07µs max=3.42ms p(90)=5.85µs p(95)=166.01µs
http_req_connecting............: avg=28.35µs min=0s med=0s max=2.71ms p(90)=0s p(95)=122.06µs
http_req_duration..............: avg=2.07s min=690.73ms med=1.73s max=21.89s p(90)=2.1s p(95)=2.8s
{ expected_response:true }...: avg=2.07s min=690.73ms med=1.73s max=21.89s p(90)=2.1s p(95)=2.8s
http_req_failed................: 0.00% ✓ 0 ✗ 1477
http_req_receiving.............: avg=180.23µs min=54.04µs med=125.94µs max=29.25ms p(90)=192.97µs p(95)=271.41µs
http_req_sending...............: avg=33.27µs min=8.91µs med=21.68µs max=3.24ms p(90)=40.09µs p(95)=91.48µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=2.07s min=690.48ms med=1.73s max=21.89s p(90)=2.1s p(95)=2.8s
http_reqs......................: 1477 46.955716/s
iteration_duration.............: avg=2.08s min=701.03ms med=1.74s max=21.9s p(90)=2.12s p(95)=2.81s
iterations.....................: 1477 46.955716/s
vus............................: 42 min=42 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mercurius`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 2679 ✗ 0
data_received..................: 78 MB 2.5 MB/s
data_sent......................: 1.1 MB 34 kB/s
http_req_blocked...............: avg=281.46µs min=1.72µs med=3.88µs max=7.54ms p(90)=273.15µs p(95)=2.66ms
http_req_connecting............: avg=240.27µs min=0s med=0s max=5.24ms p(90)=143.47µs p(95)=2.33ms
http_req_duration..............: avg=3.39s min=785.73ms med=3.17s max=7.62s p(90)=4.36s p(95)=4.67s
{ expected_response:true }...: avg=3.39s min=785.73ms med=3.17s max=7.62s p(90)=4.36s p(95)=4.67s
http_req_failed................: 0.00% ✓ 0 ✗ 893
http_req_receiving.............: avg=215.34µs min=43.62µs med=115.61µs max=12.43ms p(90)=208.78µs p(95)=332.88µs
http_req_sending...............: avg=107.61µs min=8.93µs med=21.69µs max=1.48ms p(90)=64.74µs p(95)=977.7µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=3.39s min=785.65ms med=3.17s max=7.62s p(90)=4.36s p(95)=4.67s
http_reqs......................: 893 29.006165/s
iteration_duration.............: avg=3.4s min=804.71ms med=3.18s max=7.64s p(90)=4.36s p(95)=4.68s
iterations.....................: 893 29.006165/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mesh-supergraph`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 2607 ✗ 0
data_received..................: 76 MB 2.4 MB/s
data_sent......................: 1.0 MB 32 kB/s
http_req_blocked...............: avg=162.77µs min=1.76µs med=4.55µs max=6.82ms p(90)=145.36µs p(95)=1.09ms
http_req_connecting............: avg=139.91µs min=0s med=0s max=5.36ms p(90)=100.62µs p(95)=921.35µs
http_req_duration..............: avg=3.6s min=1.69s med=3.39s max=7.06s p(90)=4.97s p(95)=5.58s
{ expected_response:true }...: avg=3.6s min=1.69s med=3.39s max=7.06s p(90)=4.97s p(95)=5.58s
http_req_failed................: 0.00% ✓ 0 ✗ 869
http_req_receiving.............: avg=1.83ms min=39.44µs med=145.89µs max=77.34ms p(90)=2.65ms p(95)=4.55ms
http_req_sending...............: avg=109.89µs min=8.61µs med=25.32µs max=3.4ms p(90)=112.37µs p(95)=408.91µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=3.6s min=1.68s med=3.38s max=7.06s p(90)=4.97s p(95)=5.58s
http_reqs......................: 869 27.082478/s
iteration_duration.............: avg=3.62s min=1.69s med=3.4s max=7.07s p(90)=4.98s p(95)=5.61s
iterations.....................: 869 27.082478/s
vus............................: 23 min=23 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Overview for:
|
| Gateway | RPS ⬇️ | Requests | Duration | Notes |
|---|---|---|---|---|
| cosmo | 167 | 5102 total, 0 failed | avg: 504ms, p95: 748ms | ✅ |
| apollo-router | 166 | 5077 total, 0 failed | avg: 523ms, p95: 694ms | ✅ |
| wundergraph | 151 | 4623 total, 0 failed | avg: 544ms, p95: 954ms | ✅ |
| mesh-supergraph-bun | 76 | 2339 total, 0 failed | avg: 1272ms, p95: 2168ms | ✅ |
| apollo-server | 48 | 1538 total, 0 failed | avg: 1997ms, p95: 2448ms | ✅ |
| mesh-supergraph | 29 | 936 total, 0 failed | avg: 3291ms, p95: 5165ms | ✅ |
| mercurius | 28 | 867 total, 0 failed | avg: 3491ms, p95: 4774ms | ✅ |
Summary for: `cosmo`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 15306 ✗ 0
data_received..................: 448 MB 15 MB/s
data_sent......................: 6.1 MB 199 kB/s
http_req_blocked...............: avg=92.49µs min=1.26µs med=3.22µs max=7.12ms p(90)=5.44µs p(95)=7.31µs
http_req_connecting............: avg=30.71µs min=0s med=0s max=3.28ms p(90)=0s p(95)=0s
http_req_duration..............: avg=503.97ms min=17.69ms med=509.75ms max=1.83s p(90)=646.13ms p(95)=748.28ms
{ expected_response:true }...: avg=503.97ms min=17.69ms med=509.75ms max=1.83s p(90)=646.13ms p(95)=748.28ms
http_req_failed................: 0.00% ✓ 0 ✗ 5102
http_req_receiving.............: avg=45.19ms min=40.31µs med=90.95µs max=1.76s p(90)=147.96ms p(95)=364.82ms
http_req_sending...............: avg=2.04ms min=8.57µs med=14.69µs max=910.62ms p(90)=44.41µs p(95)=359.08µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=456.73ms min=17.6ms med=489.38ms max=800.82ms p(90)=586.11ms p(95)=612.91ms
http_reqs......................: 5102 167.204732/s
iteration_duration.............: avg=594.66ms min=31.75ms med=555.72ms max=2.38s p(90)=864.87ms p(95)=1.05s
iterations.....................: 5102 167.204732/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `apollo-router`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 15231 ✗ 0
data_received..................: 445 MB 15 MB/s
data_sent......................: 6.0 MB 198 kB/s
http_req_blocked...............: avg=49.19µs min=1.38µs med=2.95µs max=74.36ms p(90)=4.46µs p(95)=5.66µs
http_req_connecting............: avg=15.79µs min=0s med=0s max=4.9ms p(90)=0s p(95)=0s
http_req_duration..............: avg=522.78ms min=34.12ms med=525.01ms max=1.31s p(90)=650.08ms p(95)=694.35ms
{ expected_response:true }...: avg=522.78ms min=34.12ms med=525.01ms max=1.31s p(90)=650.08ms p(95)=694.35ms
http_req_failed................: 0.00% ✓ 0 ✗ 5077
http_req_receiving.............: avg=12.04ms min=38.05µs med=71.79µs max=723.31ms p(90)=19.96ms p(95)=73.79ms
http_req_sending...............: avg=1.47ms min=8.48µs med=13.98µs max=374.45ms p(90)=55.68µs p(95)=703.09µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=509.26ms min=34.06ms med=515.02ms max=882.2ms p(90)=630.96ms p(95)=667.54ms
http_reqs......................: 5077 166.631809/s
iteration_duration.............: avg=595.55ms min=143.56ms med=574.44ms max=1.78s p(90)=768.52ms p(95)=891.94ms
iterations.....................: 5077 166.631809/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `wundergraph`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 13869 ✗ 0
data_received..................: 406 MB 13 MB/s
data_sent......................: 5.5 MB 180 kB/s
http_req_blocked...............: avg=69.44µs min=1.22µs med=3µs max=221.79ms p(90)=4.97µs p(95)=6.61µs
http_req_connecting............: avg=15.07µs min=0s med=0s max=2.24ms p(90)=0s p(95)=0s
http_req_duration..............: avg=544.1ms min=29.28ms med=517.32ms max=2.16s p(90)=853.24ms p(95)=953.96ms
{ expected_response:true }...: avg=544.1ms min=29.28ms med=517.32ms max=2.16s p(90)=853.24ms p(95)=953.96ms
http_req_failed................: 0.00% ✓ 0 ✗ 4623
http_req_receiving.............: avg=45.95ms min=38.79µs med=92.38µs max=1.38s p(90)=133.95ms p(95)=334.1ms
http_req_sending...............: avg=1.79ms min=8.16µs med=13.89µs max=1.2s p(90)=41.61µs p(95)=287.41µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=496.35ms min=20.06ms med=477.92ms max=1.12s p(90)=790.35ms p(95)=876.47ms
http_reqs......................: 4623 151.758419/s
iteration_duration.............: avg=655.27ms min=38.87ms med=599.26ms max=2.84s p(90)=1.04s p(95)=1.26s
iterations.....................: 4623 151.758419/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mesh-supergraph-bun`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 7017 ✗ 0
data_received..................: 205 MB 6.7 MB/s
data_sent......................: 2.8 MB 90 kB/s
http_req_blocked...............: avg=57.48µs min=1.62µs med=3.36µs max=4.14ms p(90)=5.5µs p(95)=19.09µs
http_req_connecting............: avg=48.1µs min=0s med=0s max=4.12ms p(90)=0s p(95)=0s
http_req_duration..............: avg=1.27s min=218.24ms med=1.12s max=3.75s p(90)=1.96s p(95)=2.16s
{ expected_response:true }...: avg=1.27s min=218.24ms med=1.12s max=3.75s p(90)=1.96s p(95)=2.16s
http_req_failed................: 0.00% ✓ 0 ✗ 2339
http_req_receiving.............: avg=13.58ms min=36.17µs med=116.28µs max=613.68ms p(90)=2.2ms p(95)=74.01ms
http_req_sending...............: avg=439.57µs min=8.66µs med=16.56µs max=271.57ms p(90)=40.82µs p(95)=259.85µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=1.25s min=217.89ms med=1.11s max=3.63s p(90)=1.95s p(95)=2.14s
http_reqs......................: 2339 76.084868/s
iteration_duration.............: avg=1.3s min=230.22ms med=1.14s max=3.76s p(90)=2s p(95)=2.18s
iterations.....................: 2339 76.084868/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `apollo-server`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 4614 ✗ 0
data_received..................: 135 MB 4.3 MB/s
data_sent......................: 1.8 MB 58 kB/s
http_req_blocked...............: avg=131.19µs min=1.5µs med=2.86µs max=6.12ms p(90)=5.21µs p(95)=572.68µs
http_req_connecting............: avg=111.81µs min=0s med=0s max=5.48ms p(90)=0s p(95)=453.85µs
http_req_duration..............: avg=1.99s min=754.08ms med=1.69s max=20.48s p(90)=2.01s p(95)=2.44s
{ expected_response:true }...: avg=1.99s min=754.08ms med=1.69s max=20.48s p(90)=2.01s p(95)=2.44s
http_req_failed................: 0.00% ✓ 0 ✗ 1538
http_req_receiving.............: avg=286.94µs min=48.01µs med=114.44µs max=123.77ms p(90)=201.1µs p(95)=302.84µs
http_req_sending...............: avg=78.18µs min=8.9µs med=15.99µs max=6.57ms p(90)=35.23µs p(95)=481.13µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=1.99s min=753.99ms med=1.69s max=20.48s p(90)=2.01s p(95)=2.44s
http_reqs......................: 1538 48.741685/s
iteration_duration.............: avg=2.01s min=759.6ms med=1.71s max=20.49s p(90)=2.02s p(95)=2.46s
iterations.....................: 1538 48.741685/s
vus............................: 53 min=53 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mesh-supergraph`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 2808 ✗ 0
data_received..................: 82 MB 2.6 MB/s
data_sent......................: 1.1 MB 35 kB/s
http_req_blocked...............: avg=185.82µs min=1.32µs med=3.35µs max=4.72ms p(90)=159.04µs p(95)=1.57ms
http_req_connecting............: avg=169.67µs min=0s med=0s max=4.3ms p(90)=91.63µs p(95)=1.47ms
http_req_duration..............: avg=3.29s min=1.29s med=3.09s max=7.15s p(90)=4.35s p(95)=5.16s
{ expected_response:true }...: avg=3.29s min=1.29s med=3.09s max=7.15s p(90)=4.35s p(95)=5.16s
http_req_failed................: 0.00% ✓ 0 ✗ 936
http_req_receiving.............: avg=2.03ms min=36.23µs med=123.3µs max=77.94ms p(90)=2.35ms p(95)=5.21ms
http_req_sending...............: avg=102.42µs min=8.26µs med=18.7µs max=8.22ms p(90)=81.89µs p(95)=682.3µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=3.28s min=1.29s med=3.09s max=7.15s p(90)=4.35s p(95)=5.16s
http_reqs......................: 936 29.718377/s
iteration_duration.............: avg=3.3s min=1.32s med=3.11s max=7.17s p(90)=4.37s p(95)=5.17s
iterations.....................: 936 29.718377/s
vus............................: 54 min=54 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mercurius`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 2601 ✗ 0
data_received..................: 76 MB 2.5 MB/s
data_sent......................: 1.0 MB 34 kB/s
http_req_blocked...............: avg=209.04µs min=1.81µs med=4.66µs max=5.68ms p(90)=123.46µs p(95)=1.51ms
http_req_connecting............: avg=197.18µs min=0s med=0s max=5.65ms p(90)=91.58µs p(95)=1.39ms
http_req_duration..............: avg=3.49s min=633.62ms med=3.29s max=7.72s p(90)=4.51s p(95)=4.77s
{ expected_response:true }...: avg=3.49s min=633.62ms med=3.29s max=7.72s p(90)=4.51s p(95)=4.77s
http_req_failed................: 0.00% ✓ 0 ✗ 867
http_req_receiving.............: avg=231.04µs min=45.26µs med=118.48µs max=27.7ms p(90)=198.26µs p(95)=263.33µs
http_req_sending...............: avg=51.42µs min=9.44µs med=26.25µs max=2.21ms p(90)=54.32µs p(95)=165.7µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=3.49s min=633.53ms med=3.29s max=7.72s p(90)=4.51s p(95)=4.77s
http_reqs......................: 867 28.303487/s
iteration_duration.............: avg=3.5s min=642.81ms med=3.3s max=7.73s p(90)=4.52s p(95)=4.78s
iterations.....................: 867 28.303487/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Overview for:
|
| Gateway | duration(p95)⬇️ | RPS | Requests | Durations | Notes |
|---|---|---|---|---|---|
| cosmo | 2080ms | 163 | 11417 total, 1 failed | avg: 766ms, p95: 2080ms, max: 4530ms, med: 611ms | ❌ 1 failed requests, 1 non-200 responses, 1 unexpected GraphQL errors, non-compatible response structure (1) |
| wundergraph | 2288ms | 155 | 10904 total, 0 failed | avg: 881ms, p95: 2288ms, max: 6994ms, med: 723ms | ✅ |
| apollo-router | 2491ms | 164 | 11492 total, 0 failed | avg: 854ms, p95: 2491ms, max: 8537ms, med: 631ms | ✅ |
| mesh-supergraph-bun | 6322ms | 100 | 7051 total, 0 failed | avg: 2656ms, p95: 6322ms, max: 10374ms, med: 2406ms | ✅ |
| mesh-supergraph | 6641ms | 69 | 4893 total, 0 failed | avg: 3879ms, p95: 6641ms, max: 8706ms, med: 3959ms | ✅ |
| apollo-server | 24525ms | 66 | 4909 total, 0 failed | avg: 4255ms, p95: 24525ms, max: 45379ms, med: 2237ms | ✅ |
Summary for: `cosmo`
K6 Output
✗ response code was 200
↳ 99% — ✓ 11416 / ✗ 1
✗ no graphql errors
↳ 99% — ✓ 11416 / ✗ 1
✗ valid response structure
↳ 99% — ✓ 11416 / ✗ 1
checks.........................: 99.99% ✓ 34248 ✗ 3
data_received..................: 1.0 GB 14 MB/s
data_sent......................: 14 MB 194 kB/s
http_req_blocked...............: avg=21.27ms min=1.75µs med=4.08µs max=3.46s p(90)=6.84µs p(95)=27.73µs
http_req_connecting............: avg=20.11ms min=0s med=0s max=2.79s p(90)=0s p(95)=0s
http_req_duration..............: avg=765.75ms min=7.67ms med=610.73ms max=4.53s p(90)=1.59s p(95)=2.08s
{ expected_response:true }...: avg=765.81ms min=7.67ms med=610.79ms max=4.53s p(90)=1.59s p(95)=2.08s
http_req_failed................: 0.00% ✓ 1 ✗ 11416
http_req_receiving.............: avg=229.88ms min=33.24µs med=110.86µs max=4.27s p(90)=901.01ms p(95)=1.24s
http_req_sending...............: avg=40.6ms min=8.73µs med=21.19µs max=2.71s p(90)=3.16ms p(95)=150.91ms
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=495.26ms min=7.55ms med=363.98ms max=2.96s p(90)=1.07s p(95)=1.25s
http_reqs......................: 11417 163.06151/s
iteration_duration.............: avg=1.6s min=14.35ms med=1.21s max=9.63s p(90)=3.64s p(95)=4.52s
iterations.....................: 11417 163.06151/s
vus............................: 1 min=1 max=500
vus_max........................: 500 min=500 max=500
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `wundergraph`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 32712 ✗ 0
data_received..................: 957 MB 14 MB/s
data_sent......................: 13 MB 185 kB/s
http_req_blocked...............: avg=26.78ms min=1.69µs med=3.62µs max=4.1s p(90)=6µs p(95)=99.05µs
http_req_connecting............: avg=25.92ms min=0s med=0s max=4.1s p(90)=0s p(95)=0s
http_req_duration..............: avg=880.84ms min=6.29ms med=722.81ms max=6.99s p(90)=1.74s p(95)=2.28s
{ expected_response:true }...: avg=880.84ms min=6.29ms med=722.81ms max=6.99s p(90)=1.74s p(95)=2.28s
http_req_failed................: 0.00% ✓ 0 ✗ 10904
http_req_receiving.............: avg=233.65ms min=35.13µs med=94.04µs max=5.03s p(90)=884.39ms p(95)=1.31s
http_req_sending...............: avg=39.76ms min=8.47µs med=17.4µs max=5.87s p(90)=1.09ms p(95)=141.82ms
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=607.41ms min=6.2ms med=508.84ms max=3.38s p(90)=1.21s p(95)=1.46s
http_reqs......................: 10904 155.741838/s
iteration_duration.............: avg=1.69s min=11.73ms med=1.33s max=10.29s p(90)=3.6s p(95)=4.45s
iterations.....................: 10904 155.741838/s
vus............................: 1 min=1 max=499
vus_max........................: 500 min=500 max=500
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `apollo-router`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 34476 ✗ 0
data_received..................: 1.0 GB 14 MB/s
data_sent......................: 14 MB 195 kB/s
http_req_blocked...............: avg=22.77ms min=1.5µs med=3.45µs max=5.77s p(90)=5.78µs p(95)=22.86µs
http_req_connecting............: avg=20.68ms min=0s med=0s max=4.66s p(90)=0s p(95)=0s
http_req_duration..............: avg=854.13ms min=6.37ms med=631.37ms max=8.53s p(90)=1.88s p(95)=2.49s
{ expected_response:true }...: avg=854.13ms min=6.37ms med=631.37ms max=8.53s p(90)=1.88s p(95)=2.49s
http_req_failed................: 0.00% ✓ 0 ✗ 11492
http_req_receiving.............: avg=294.71ms min=33.65µs med=88.31µs max=7.23s p(90)=1.15s p(95)=1.67s
http_req_sending...............: avg=35.52ms min=8.21µs med=17.69µs max=5.15s p(90)=449.16µs p(95)=72.55ms
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=523.88ms min=6.29ms med=425.59ms max=2.58s p(90)=1.05s p(95)=1.26s
http_reqs......................: 11492 164.164727/s
iteration_duration.............: avg=1.59s min=12.32ms med=1.11s max=11.23s p(90)=3.69s p(95)=4.7s
iterations.....................: 11492 164.164727/s
vus............................: 1 min=1 max=497
vus_max........................: 500 min=500 max=500
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mesh-supergraph-bun`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 21153 ✗ 0
data_received..................: 619 MB 8.8 MB/s
data_sent......................: 8.4 MB 120 kB/s
http_req_blocked...............: avg=1.79ms min=1.42µs med=3µs max=273.42ms p(90)=6.1µs p(95)=236.45µs
http_req_connecting............: avg=1.74ms min=0s med=0s max=273.34ms p(90)=0s p(95)=160.79µs
http_req_duration..............: avg=2.65s min=6.84ms med=2.4s max=10.37s p(90)=5.1s p(95)=6.32s
{ expected_response:true }...: avg=2.65s min=6.84ms med=2.4s max=10.37s p(90)=5.1s p(95)=6.32s
http_req_failed................: 0.00% ✓ 0 ✗ 7051
http_req_receiving.............: avg=25.26ms min=34.89µs med=76.74µs max=2.09s p(90)=8.59ms p(95)=147.07ms
http_req_sending...............: avg=2.57ms min=8.47µs med=14.11µs max=966.26ms p(90)=96.97µs p(95)=6.66ms
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=2.62s min=6.65ms med=2.38s max=10.37s p(90)=5.04s p(95)=6.3s
http_reqs......................: 7051 100.72245/s
iteration_duration.............: avg=2.72s min=13.26ms med=2.45s max=10.58s p(90)=5.18s p(95)=6.46s
iterations.....................: 7051 100.72245/s
vus............................: 1 min=1 max=499
vus_max........................: 500 min=500 max=500
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mesh-supergraph`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 14679 ✗ 0
data_received..................: 429 MB 6.1 MB/s
data_sent......................: 5.8 MB 83 kB/s
http_req_blocked...............: avg=293.14µs min=1.24µs med=3.53µs max=99.28ms p(90)=148.92µs p(95)=257.01µs
http_req_connecting............: avg=279.42µs min=0s med=0s max=99.21ms p(90)=85.56µs p(95)=182.71µs
http_req_duration..............: avg=3.87s min=11.46ms med=3.95s max=8.7s p(90)=6.23s p(95)=6.64s
{ expected_response:true }...: avg=3.87s min=11.46ms med=3.95s max=8.7s p(90)=6.23s p(95)=6.64s
http_req_failed................: 0.00% ✓ 0 ✗ 4893
http_req_receiving.............: avg=2.4ms min=38.95µs med=109.7µs max=324.5ms p(90)=2.33ms p(95)=5.25ms
http_req_sending...............: avg=313.58µs min=8.09µs med=18.56µs max=80.02ms p(90)=45.82µs p(95)=112.48µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=3.87s min=11.39ms med=3.95s max=8.7s p(90)=6.23s p(95)=6.61s
http_reqs......................: 4893 69.873833/s
iteration_duration.............: avg=3.91s min=18.12ms med=3.99s max=8.71s p(90)=6.27s p(95)=6.7s
iterations.....................: 4893 69.873833/s
vus............................: 1 min=1 max=499
vus_max........................: 500 min=500 max=500
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `apollo-server`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 14727 ✗ 0
data_received..................: 432 MB 5.9 MB/s
data_sent......................: 5.8 MB 79 kB/s
http_req_blocked...............: avg=111.9µs min=1.56µs med=3.78µs max=55.67ms p(90)=168.89µs p(95)=253.89µs
http_req_connecting............: avg=100.87µs min=0s med=0s max=55.58ms p(90)=110.93µs p(95)=178.41µs
http_req_duration..............: avg=4.25s min=67.63ms med=2.23s max=45.37s p(90)=3.56s p(95)=24.52s
{ expected_response:true }...: avg=4.25s min=67.63ms med=2.23s max=45.37s p(90)=3.56s p(95)=24.52s
http_req_failed................: 0.00% ✓ 0 ✗ 4909
http_req_receiving.............: avg=395.79µs min=48.74µs med=115.15µs max=148.14ms p(90)=197.7µs p(95)=285.46µs
http_req_sending...............: avg=76.86µs min=8.96µs med=20.39µs max=32.21ms p(90)=45.71µs p(95)=62.79µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=4.25s min=67.52ms med=2.23s max=45.37s p(90)=3.56s p(95)=24.52s
http_reqs......................: 4909 66.909721/s
iteration_duration.............: avg=4.26s min=79.48ms med=2.24s max=45.38s p(90)=3.6s p(95)=24.53s
iterations.....................: 4909 66.909721/s
vus............................: 30 min=30 max=500
vus_max........................: 500 min=500 max=500
Performance Overview
Subgraphs Overview
HTTP Overview
renovate
bot
force-pushed
the
renovate/npm-apollo-gateway-vulnerability
branch
from
f80132e to
9eee3ae
Compare
Overview for:
|
| Gateway | RPS ⬇️ | Requests | Duration | Notes |
|---|---|---|---|---|
| cosmo | 169 | 5155 total, 0 failed | avg: 346ms, p95: 941ms | ✅ |
| apollo-router | 166 | 5042 total, 0 failed | avg: 348ms, p95: 972ms | ✅ |
| wundergraph | 147 | 4462 total, 0 failed | avg: 379ms, p95: 1052ms | ✅ |
| mesh-supergraph-bun | 94 | 2917 total, 0 failed | avg: 1005ms, p95: 1629ms | ✅ |
| apollo-server | 68 | 2109 total, 0 failed | avg: 1438ms, p95: 1614ms | ✅ |
| mesh-supergraph | 57 | 1781 total, 0 failed | avg: 1684ms, p95: 2547ms | ✅ |
| mercurius | 43 | 1338 total, 0 failed | avg: 2254ms, p95: 3006ms | ✅ |
Summary for: `cosmo`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 15465 ✗ 0
data_received..................: 452 MB 15 MB/s
data_sent......................: 6.1 MB 201 kB/s
http_req_blocked...............: avg=275.94µs min=1.4µs med=2.78µs max=841.08ms p(90)=4.2µs p(95)=5.55µs
http_req_connecting............: avg=265.54µs min=0s med=0s max=829.45ms p(90)=0s p(95)=0s
http_req_duration..............: avg=345.95ms min=16.8ms med=246.59ms max=1.89s p(90)=772.6ms p(95)=940.62ms
{ expected_response:true }...: avg=345.95ms min=16.8ms med=246.59ms max=1.89s p(90)=772.6ms p(95)=940.62ms
http_req_failed................: 0.00% ✓ 0 ✗ 5155
http_req_receiving.............: avg=153.31ms min=39.46µs med=102.63µs max=1.74s p(90)=550.4ms p(95)=743.39ms
http_req_sending...............: avg=4.85ms min=8.79µs med=13.57µs max=1.04s p(90)=78.47µs p(95)=610.21µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=187.78ms min=13.86ms med=183.21ms max=646.93ms p(90)=303.64ms p(95)=344.66ms
http_reqs......................: 5155 169.705312/s
iteration_duration.............: avg=585.48ms min=26.49ms med=446.15ms max=3.38s p(90)=1.21s p(95)=1.44s
iterations.....................: 5155 169.705312/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `apollo-router`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 15126 ✗ 0
data_received..................: 442 MB 15 MB/s
data_sent......................: 6.0 MB 197 kB/s
http_req_blocked...............: avg=134.78µs min=1.64µs med=3.26µs max=438.26ms p(90)=4.97µs p(95)=6.3µs
http_req_connecting............: avg=28.25µs min=0s med=0s max=88.21ms p(90)=0s p(95)=0s
http_req_duration..............: avg=347.83ms min=9.73ms med=257.26ms max=2.97s p(90)=750.26ms p(95)=971.72ms
{ expected_response:true }...: avg=347.83ms min=9.73ms med=257.26ms max=2.97s p(90)=750.26ms p(95)=971.72ms
http_req_failed................: 0.00% ✓ 0 ✗ 5042
http_req_receiving.............: avg=142.39ms min=38.24µs med=90.17µs max=2.03s p(90)=554.48ms p(95)=767.78ms
http_req_sending...............: avg=5.83ms min=8.16µs med=15.35µs max=1.34s p(90)=90.37µs p(95)=1.2ms
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=199.6ms min=9.53ms med=191.49ms max=780.51ms p(90)=339.89ms p(95)=372.71ms
http_reqs......................: 5042 166.200144/s
iteration_duration.............: avg=598.34ms min=25.56ms med=492.74ms max=3.25s p(90)=1.23s p(95)=1.5s
iterations.....................: 5042 166.200144/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `wundergraph`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 13386 ✗ 0
data_received..................: 392 MB 13 MB/s
data_sent......................: 5.3 MB 175 kB/s
http_req_blocked...............: avg=222.09µs min=2µs med=4.16µs max=359.5ms p(90)=6.14µs p(95)=10.78µs
http_req_connecting............: avg=129.9µs min=0s med=0s max=317.28ms p(90)=0s p(95)=0s
http_req_duration..............: avg=378.88ms min=14.38ms med=264.57ms max=2.78s p(90)=866ms p(95)=1.05s
{ expected_response:true }...: avg=378.88ms min=14.38ms med=264.57ms max=2.78s p(90)=866ms p(95)=1.05s
http_req_failed................: 0.00% ✓ 0 ✗ 4462
http_req_receiving.............: avg=171.4ms min=41.51µs med=260.69µs max=2.52s p(90)=632.38ms p(95)=816.76ms
http_req_sending...............: avg=6.1ms min=9.72µs med=21.01µs max=1.37s p(90)=138.87µs p(95)=1.59ms
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=201.37ms min=14.27ms med=193.16ms max=673.05ms p(90)=346.46ms p(95)=406.56ms
http_reqs......................: 4462 147.272044/s
iteration_duration.............: avg=675.98ms min=26.37ms med=536.86ms max=3.96s p(90)=1.4s p(95)=1.78s
iterations.....................: 4462 147.272044/s
vus............................: 97 min=97 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mesh-supergraph-bun`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 8751 ✗ 0
data_received..................: 256 MB 8.3 MB/s
data_sent......................: 3.5 MB 112 kB/s
http_req_blocked...............: avg=37.24µs min=1.56µs med=3.22µs max=5.64ms p(90)=5.62µs p(95)=11.01µs
http_req_connecting............: avg=28.08µs min=0s med=0s max=4.38ms p(90)=0s p(95)=0s
http_req_duration..............: avg=1s min=135.9ms med=869.38ms max=2.44s p(90)=1.52s p(95)=1.62s
{ expected_response:true }...: avg=1s min=135.9ms med=869.38ms max=2.44s p(90)=1.52s p(95)=1.62s
http_req_failed................: 0.00% ✓ 0 ✗ 2917
http_req_receiving.............: avg=15.06ms min=37.32µs med=98.81µs max=534.84ms p(90)=18.22ms p(95)=115.25ms
http_req_sending...............: avg=957µs min=8.05µs med=15.06µs max=348.97ms p(90)=54.78µs p(95)=356.54µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=988.52ms min=135.4ms med=857.17ms max=2.32s p(90)=1.51s p(95)=1.61s
http_reqs......................: 2917 94.606708/s
iteration_duration.............: avg=1.04s min=151.71ms med=908.15ms max=2.45s p(90)=1.57s p(95)=1.68s
iterations.....................: 2917 94.606708/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `apollo-server`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 6327 ✗ 0
data_received..................: 185 MB 6.0 MB/s
data_sent......................: 2.5 MB 81 kB/s
http_req_blocked...............: avg=28.99µs min=1.48µs med=2.83µs max=3.62ms p(90)=4.64µs p(95)=19.2µs
http_req_connecting............: avg=22.1µs min=0s med=0s max=3.59ms p(90)=0s p(95)=0s
http_req_duration..............: avg=1.43s min=726.31ms med=1.31s max=13.86s p(90)=1.47s p(95)=1.61s
{ expected_response:true }...: avg=1.43s min=726.31ms med=1.31s max=13.86s p(90)=1.47s p(95)=1.61s
http_req_failed................: 0.00% ✓ 0 ✗ 2109
http_req_receiving.............: avg=177.46µs min=44.61µs med=117.37µs max=19.6ms p(90)=193.68µs p(95)=267.65µs
http_req_sending...............: avg=37.65µs min=8.69µs med=14.52µs max=7.59ms p(90)=30.9µs p(95)=56.54µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=1.43s min=726.18ms med=1.31s max=13.86s p(90)=1.47s p(95)=1.61s
http_reqs......................: 2109 68.023967/s
iteration_duration.............: avg=1.45s min=736.07ms med=1.32s max=13.87s p(90)=1.48s p(95)=1.63s
iterations.....................: 2109 68.023967/s
vus............................: 3 min=3 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mesh-supergraph`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 5343 ✗ 0
data_received..................: 156 MB 5.1 MB/s
data_sent......................: 2.1 MB 69 kB/s
http_req_blocked...............: avg=75.83µs min=1.85µs med=4.82µs max=12.65ms p(90)=6.55µs p(95)=148.86µs
http_req_connecting............: avg=61.18µs min=0s med=0s max=11.84ms p(90)=0s p(95)=95.62µs
http_req_duration..............: avg=1.68s min=751.43ms med=1.61s max=3.31s p(90)=2.11s p(95)=2.54s
{ expected_response:true }...: avg=1.68s min=751.43ms med=1.61s max=3.31s p(90)=2.11s p(95)=2.54s
http_req_failed................: 0.00% ✓ 0 ✗ 1781
http_req_receiving.............: avg=2.08ms min=46µs med=156.94µs max=162.58ms p(90)=3.27ms p(95)=5.89ms
http_req_sending...............: avg=171.63µs min=9.84µs med=27.67µs max=32.35ms p(90)=58.66µs p(95)=177.7µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=1.68s min=750.95ms med=1.61s max=3.31s p(90)=2.1s p(95)=2.54s
http_reqs......................: 1781 57.736584/s
iteration_duration.............: avg=1.71s min=775.12ms med=1.63s max=3.33s p(90)=2.14s p(95)=2.57s
iterations.....................: 1781 57.736584/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Summary for: `mercurius`
K6 Output
✓ response code was 200
✓ no graphql errors
✓ valid response structure
checks.........................: 100.00% ✓ 4014 ✗ 0
data_received..................: 117 MB 3.8 MB/s
data_sent......................: 1.6 MB 52 kB/s
http_req_blocked...............: avg=62.84µs min=1.81µs med=4.61µs max=4.26ms p(90)=7.24µs p(95)=358.79µs
http_req_connecting............: avg=49.27µs min=0s med=0s max=2.33ms p(90)=0s p(95)=302.86µs
http_req_duration..............: avg=2.25s min=641.87ms med=2.19s max=4.9s p(90)=2.69s p(95)=3s
{ expected_response:true }...: avg=2.25s min=641.87ms med=2.19s max=4.9s p(90)=2.69s p(95)=3s
http_req_failed................: 0.00% ✓ 0 ✗ 1338
http_req_receiving.............: avg=254.58µs min=44.45µs med=121.18µs max=22.67ms p(90)=211.87µs p(95)=343.23µs
http_req_sending...............: avg=59.2µs min=8.52µs med=26.23µs max=2.76ms p(90)=46.96µs p(95)=163.77µs
http_req_tls_handshaking.......: avg=0s min=0s med=0s max=0s p(90)=0s p(95)=0s
http_req_waiting...............: avg=2.25s min=641.79ms med=2.19s max=4.9s p(90)=2.69s p(95)=3s
http_reqs......................: 1338 43.746378/s
iteration_duration.............: avg=2.26s min=650.82ms med=2.2s max=4.91s p(90)=2.7s p(95)=3.01s
iterations.....................: 1338 43.746378/s
vus............................: 100 min=100 max=100
vus_max........................: 100 min=100 max=100
Performance Overview
Subgraphs Overview
HTTP Overview
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.7.2->2.8.5GitHub Vulnerability Alerts
CVE-2024-43414
Impact
Instances of @apollo/query-planner >=2.0.0 and <2.8.5 are impacted by a denial-of-service vulnerability. @apollo/gateway versions >=2.0.0 and < 2.8.5 and Apollo Router <1.52.1 are also impacted through their use of @apollo/query-planner.
If @apollo/query-planner is asked to plan a sufficiently complex query, it may loop infinitely and never complete. This results in unbounded memory consumption and either a crash or out-of-memory (OOM) termination.
This issue can be triggered if you have at least one non-
@keyfield that can be resolved by multiple subgraphs. To identify these shared fields, the schema for each subgraph must be reviewed. The mechanism to identify shared fields varies based on the version of Federation your subgraphs are using.You can check if your subgraphs are using Federation 1 or Federation 2 by reviewing their schemas. Federation 2 subgraph schemas will contain a
@linkdirective referencing the version of Federation being used while Federation 1 subgraphs will not. For example, in a Federation 2 subgraph, you will find a line like@link(url: "https://specs.apollo.dev/federation/v2.0"). If a similar@linkdirective is not present in your subgraph schema, it is using Federation 1. Note that a supergraph can contain a mix of Federation 1 and Federation 2 subgraphs.To review Federation 1 subgraphs for impact:
In Federation 1 subgraphs, fields are implicitly shareable across subgraphs. To review for impact, you will need to review for cases where multiple subgraphs can resolve the same field. For example:
To review Federation 2 subgraphs for impact:
In Federation 2 subgraphs, fields must be explicitly defined as shareable across subgraphs. This is done via the
@shareabledirective. For example:Impact Detail
This issue results from the Apollo query planner attempting to use a
Numberexceeding Javascript’sNumber.MAX_VALUEin some cases. In Javascript,Number.MAX_VALUEis (2^1024 - 2^971).When the query planner receives an inbound graphql request, it breaks the query into pieces and for each piece, generates a list of potential execution steps to solve the piece. These candidates represent the steps that the query planner will take to satisfy the pieces of the larger query. As part of normal operations, the query planner requires and calculates the number of possible query plans for the total query. That is, it needs the product of the number of query plan candidates for each piece of the query. Under normal circumstances, after generating all query plan candidates and calculating the number of all permutations, the query planner moves on to stack rank candidates and prune less-than-optimal options.
In particularly complex queries, especially those where fields can be solved through multiple subgraphs, this can cause the number of all query plan permutations to balloon. In worst-case scenarios, this can end up being a number larger than
Number.MAX_VALUE. In Javascript, ifNumber.MAX_VALUEis exceeded, Javascript represents the value as “infinity”. If the count of candidates is evaluated as infinity, the component of the query planner responsible for pruning less-than-optimal query plans does not actually prune candidates, causing the query planner to evaluate many orders of magnitude more query plan candidates than necessary.A given graph’s exposure to this issue varies based on its complexity. Consider the following Federation 2 subgraphs:
The query planner can solve requests for
Query.fieldin one of two ways - either by querying subgraph 1 or subgraph 2.The following query with 1024 aliased fields would trigger this issue because 2^1024 >
Number.MAX_VALUE:However, in a graph that provided 5 options to solve a given field, the bug could be encountered in a query that aliased the field approximately 440 times.
Patches
@apollo/query-planner 2.8.5
@apollo/gateway 2.8.5
Apollo Router 1.52.1
Workarounds
This issue can be avoided by ensuring there are no fields resolvable from multiple subgraphs. If all subgraphs are using Federation 2, you can confirm that you are not impacted by ensuring that none of your subgraph schemas use the
@shareabledirective. If you are using Federation 1 subgraphs, you will need to validate that there are no fields resolvable by multiple subgraphs.Note that a supergraph can contain a mix of Federation 1 and Federation 2 subgraphs.
If you do have fields resolvable by multiple subgraphs, changing this behavior in response to this issue may be risky to the operation of your supergraph. We recommend that you update to a patched version of either Apollo Router or Apollo Gateway.
Apollo customers with an enterprise entitlement using the Apollo Router can also mitigate much of the risk from this issue by implementing Apollo’s Persisted Queries (PQ) feature. With PQ enabled, the Apollo Router will only execute safelisted queries. While customers would need to ensure that queries that induce this issue are not added to the safelist, PQs would mitigate the risk of clients submitting ad hoc queries that exploit this issue.
References
Additional information on Query Plans
Release Notes
apollographql/federation (@apollo/gateway)
v2.8.5Compare Source
v2.8.4Compare Source
Patch Changes
4d9e0f6390c5114132d205ab73b6aa1b9ffa8cd8,5f4bb160d024678d6facd471c43c8ec61c86e701,672aca7cbeb0a6a38586357a4e154f2dd91caa0c]:v2.8.3Compare Source
Patch Changes
38debcf2f9af1a719bd1c8acbd9335efa8427ddb,50d648ccffb05591878de75dc5522914ed48698f,860aace9904e787f9bf05aad94be5b5920f10543,67b70c6e68b1cdbf8f03dacafd636e27ed9b7814,f753d55e9a49d11389ee4f8d7976533447e95ede,f5f6a799d6b3675eecb0eaec7a816d746cd136b2,42bd27af6a23bcfdd36951dbfa3fb9f7ba833f3a,f376447a820e3c0ae41d16d1fd3b681d2f1e8c14,3af790517d662f3bec9064c0bf243014c579e9cd]:v2.8.2Compare Source
Patch Changes
b2e5ab66f84688ec304cfcf2c6f749c86aded549]:v2.8.1Compare Source
Patch Changes
61f2b6b12ee83e7ecb6509f7131f9412a37e194b]:v2.8.0Compare Source
Minor Changes
Implement new directives to allow getting and setting context. This allows resolvers to reference and access data referenced by entities that exist in the GraphPath that was used to access the field. The following example demonstrates the ability to access the
propfield within the Child resolver. (#2988)Patch Changes
Various set context bugfixes (#3017)
Updated dependencies [
c4744da360235d8bb8270ea048f0e0fa5d03be1e,8a936d741a0c05835ff2533714cf330d18209179,daf36bd242ba4db0cfcf0e18c1eed235ff0dfaf2]:v2.7.8Compare Source
Patch Changes
Triggering a clean 2.7.8 release now that harmonizer build has been fixed. (#3010)
Updated dependencies [
2ad72802044310a528e8944f4538efe519424504]:v2.7.7Compare Source
Patch Changes
No logical changes since 2.7.5 or 2.7.6, but we fixed a bug in the release process, so we need to publish a new patch version (2.7.7). (#2999)
Updated dependencies [
bee0b0828b4fb6a1d3172ac330560e2ab6c046bb]:v2.7.6Compare Source
Patch Changes
856a82b1deca625b75145edd6328bed23abee33a]:v2.7.5Compare Source
Patch Changes
af4376f348d21ad4d8eca0e3d2a170600f391e4d]:v2.7.4Compare Source
Patch Changes
d80b7f0ca1456567a0866a32d2b2abf940598f77,c89d8287e88d12cfd34c1baf1f42db672731b8a7]:v2.7.3Compare Source
Patch Changes
ec04c50b4fb832bfd281ecf9c0c2dd7656431b96,3e2c845c74407a136b9e0066e44c1ad1467d3013,a494631918156f0431ceace74281c076cf1d5d51]:Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.