Skip to content

chore(deps): bump graphql from 2.5.21 to 2.5.26#5472

Merged
vincent-pochet merged 2 commits intomainfrom
dependabot/bundler/graphql-2.5.26
May 7, 2026
Merged

chore(deps): bump graphql from 2.5.21 to 2.5.26#5472
vincent-pochet merged 2 commits intomainfrom
dependabot/bundler/graphql-2.5.26

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 6, 2026

Bumps graphql from 2.5.21 to 2.5.26.

Changelog

Sourced from graphql's changelog.

Changelog

Versioning guidelines

Breaking changes

Deprecations

New features

Bug fixes

2.6.1

Bug fixes

  • Lexer: in the Ruby lexer, count comments against a schema's max_token_count configuration

2.6.0

Breaking changes

  • SDL: previously, GraphQL-Ruby didn't require object types and interfaces to explicitly name all transitively implemented interfaces. For example if Interface A implements Interface B, and Object O implements Interface A, GraphQL-Ruby didn't require the SDL to include implements ... & B, But it should have, according to the spec. This misbehavior has been corrected, but may cause some previously-accepted SDL strings to be rejected with errors. #5602

Bug fixes

  • SDL: require types to name all implemented interfaces #5602
  • Execution::Next: call Resolver #ready? methods #5611

2.5.25

Bug fixes

  • Field extensions: correctly return false through for fields with extensions that don't define after_resolve #5610

2.5.24

New features

2.5.23

New features

Bug fixes

... (truncated)

Commits
  • 200752f 2.5.26
  • 3dc2d44 Increment max tokens when encountering a comment
  • fc642c0 2.5.25
  • 5500506 Merge pull request #5610 from rmosolgo/fix-extension-returning-false
  • b35b106 properly return false from fields with extensions
  • 4dbb7a0 2.5.24
  • 7a3c843 Merge pull request #5607 from rmosolgo/exec-next-authorization-optimization
  • 2463bb3 reformat condition for better tracing
  • 7913a58 Use a single results array to simplify and speed up authorized fields
  • a96c899 Merge pull request #5606 from rmosolgo/exec-next-more-input-fixes
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump graphql from 2.5.21 to 2.5.26
7804ad6 
Bumps [graphql](https://github.com/rmosolgo/graphql-ruby) from 2.5.21 to 2.5.26.
- [Release notes](https://github.com/rmosolgo/graphql-ruby/releases)
- [Changelog](https://github.com/rmosolgo/graphql-ruby/blob/master/CHANGELOG.md)
- [Commits](rmosolgo/graphql-ruby@v2.5.21...v2.5.26)

---
updated-dependencies:
- dependency-name: graphql
  dependency-version: 2.5.26
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels May 6, 2026
@vincent-pochet vincent-pochet merged commit 2dba358 into main May 7, 2026
12 checks passed
@vincent-pochet vincent-pochet deleted the dependabot/bundler/graphql-2.5.26 branch May 7, 2026 07:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vincent-pochet vincent-pochet vincent-pochet approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@vincent-pochet