Version Packages (#7917)

This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @apollo/[email protected] ### Minor Changes - [#7916](#7916) [`4686454`](4686454) Thanks [@andrewmcgivery](https://github.com/andrewmcgivery)! - Add `hideSchemaDetailsFromClientErrors` option to ApolloServer to allow hiding 'did you mean' suggestions from validation errors. Even with introspection disabled, it is possible to "fuzzy test" a graph manually or with automated tools to try to determine the shape of your schema. This is accomplished by taking advantage of the default behavior where a misspelt field in an operation will be met with a validation error that includes a helpful "did you mean" as part of the error text. For example, with this option set to `true`, an error would read `Cannot query field "help" on type "Query".` whereas with this option set to `false` it would read `Cannot query field "help" on type "Query". Did you mean "hello"?`. We recommend enabling this option in production to avoid leaking information about your schema to malicious actors. To enable, set this option to `true` in your `ApolloServer` options: ```javascript const server = new ApolloServer({ typeDefs, resolvers, hideSchemaDetailsFromClientErrors: true, }); ``` ## @apollo/[email protected] ### Patch Changes - Updated dependencies \[[`4686454`](4686454)]: - @apollo/[email protected] Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
apollographql · Aug 8, 2024 · 289846b · 289846b
1 parent 4686454
commit 289846b
Show file tree

Hide file tree

Showing 6 changed files with 37 additions and 29 deletions.
diff --git a/.changeset/pretty-buckets-develop.md b/.changeset/pretty-buckets-develop.md
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/integration-testsuite/CHANGELOG.md b/packages/integration-testsuite/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @apollo/server-integration-testsuite
 
+## 4.11.0
+
+### Patch Changes
+
+- Updated dependencies [[`4686454`](https://github.com/apollographql/apollo-server/commit/46864546e131d0079785575f621d69862e635663)]:
+ - @apollo/server@4.11.0
+
 ## 4.10.5
 
 ### Patch Changes

diff --git a/packages/integration-testsuite/package.json b/packages/integration-testsuite/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@apollo/server-integration-testsuite",
- "version": "4.10.5",
+ "version": "4.11.0",
  "description": "Test suite for Apollo Server integrations",
  "main": "dist/index.js",
  "types": "dist/index.d.ts",
@@ -28,7 +28,7 @@
  "dependencies": {
  "@apollo/cache-control-types": "^1.0.3",
  "@apollo/client": "^3.6.9",
- "@apollo/server": "4.10.5",
+ "@apollo/server": "4.11.0",
  "@apollo/usage-reporting-protobuf": "^4.1.1",
  "@apollo/utils.createhash": "^2.0.0",
  "@apollo/utils.keyvaluecache": "^2.1.0",

diff --git a/packages/server/CHANGELOG.md b/packages/server/CHANGELOG.md
@@ -1,5 +1,28 @@
 # @apollo/server
 
+## 4.11.0
+
+### Minor Changes
+
+- [#7916](https://github.com/apollographql/apollo-server/pull/7916) [`4686454`](https://github.com/apollographql/apollo-server/commit/46864546e131d0079785575f621d69862e635663) Thanks [@andrewmcgivery](https://github.com/andrewmcgivery)! - Add `hideSchemaDetailsFromClientErrors` option to ApolloServer to allow hiding 'did you mean' suggestions from validation errors.
+
+ Even with introspection disabled, it is possible to "fuzzy test" a graph manually or with automated tools to try to determine the shape of your schema. This is accomplished by taking advantage of the default behavior where a misspelt field in an operation
+ will be met with a validation error that includes a helpful "did you mean" as part of the error text.
+
+ For example, with this option set to `true`, an error would read `Cannot query field "help" on type "Query".` whereas with this option set to `false` it would read `Cannot query field "help" on type "Query". Did you mean "hello"?`.
+
+ We recommend enabling this option in production to avoid leaking information about your schema to malicious actors.
+
+ To enable, set this option to `true` in your `ApolloServer` options:
+
+ ```javascript
+ const server = new ApolloServer({
+ typeDefs,
+ resolvers,
+ hideSchemaDetailsFromClientErrors: true,
+ });
+ ```
+
 ## 4.10.5
 
 ### Patch Changes

diff --git a/packages/server/package.json b/packages/server/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@apollo/server",
- "version": "4.10.5",
+ "version": "4.11.0",
  "description": "Core engine for Apollo GraphQL server",
  "type": "module",
  "main": "dist/cjs/index.js",