Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revert cloneDeep-ing request headers #10215

Merged
merged 3 commits into from
Nov 8, 2022

Conversation

MrDoomBringer
Copy link
Contributor

@MrDoomBringer MrDoomBringer commented Oct 20, 2022

Fixes #10202
Fixes #10166
(Potentially) Fixes #10132

Release 3.7-alpha.4 implemented cloneDeep (commit) to clone options (including options.context.headers!) when fetching queries, however it didn't support JS Symbols - meaning the serverRequest (an IncomingMessage) field of options.context wasn't getting cloned properly. This caused some trouble with dynamic headers, as seen in the above issues.

This PR reverts that commit as it's looking like the current state (frequent issues with dynamic headers) is worse than what we had before. Will be finding another way to preserve options in the meantime.

Checklist:

  • If this PR is a new feature, please reference an issue where a consensus about the design was reached (not necessary for small changes)
  • Make sure all of the significant new logic is covered by tests

@benjamn
Copy link
Member

benjamn commented Oct 20, 2022

@MrDoomBringer Can you add some tests so we don't break this again in the future?

@benjamn
Copy link
Member

benjamn commented Oct 20, 2022

On second thought, what if b4ffcb6 was a mistake/regression? Could we revert those changes (or find another way) instead of trying to make cloneDeep(options) work? Not all objects can be safely cloned, and options.context is a mystery wrapped in an enigma that could contain anything.

@MrDoomBringer MrDoomBringer changed the title Fix some dynamic header issues by supporting Symbols in cloneDeep Revert attempt to cloneDeep request headers Oct 27, 2022
@MrDoomBringer MrDoomBringer changed the title Revert attempt to cloneDeep request headers Fix some dynamic header issues by supporting Symbols in cloneDeep Oct 31, 2022
@MrDoomBringer MrDoomBringer changed the title Fix some dynamic header issues by supporting Symbols in cloneDeep Revert attempt to cloneDeep request headers Nov 1, 2022
@MrDoomBringer MrDoomBringer changed the title Revert attempt to cloneDeep request headers Revert cloneDeep-ing request headers Nov 1, 2022
@MrDoomBringer MrDoomBringer self-assigned this Nov 1, 2022
@MrDoomBringer MrDoomBringer merged commit 94faea9 into apollographql:main Nov 8, 2022
cbush pushed a commit to mongodb/docs-realm that referenced this pull request Feb 13, 2023
<h3>Snyk has created this PR to upgrade @apollo/client from 3.5.10 to
3.7.3.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **48 versions** ahead of your current
version.
- The recommended version was released **2 months ago**, on 2022-12-15.

The recommended version fixes:

Severity | Issue | PriorityScore (*) | Exploit Maturity |

:-------------------------:|:-------------------------|-------------------------|:-------------------------
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Remote Code Execution
(RCE)<br/>
[SNYK-JS-EJS-2803307](https://snyk.io/vuln/SNYK-JS-EJS-2803307) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Denial of Service
(DoS)<br/>
[SNYK-JS-DECODEURICOMPONENT-3149970](https://snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970)
| **375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-ASYNC-2441827](https://snyk.io/vuln/SNYK-JS-ASYNC-2441827) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-TERSER-2806366](https://snyk.io/vuln/SNYK-JS-TERSER-2806366) |
**375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Denial of Service
(DoS)<br/>
[SNYK-JS-NWSAPI-2841516](https://snyk.io/vuln/SNYK-JS-NWSAPI-2841516) |
**375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Prototype
Pollution<br/>
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Prototype
Pollution<br/>
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@apollo/client</b></summary>
    <ul>
      <li>
<b>3.7.3</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.3">2022-12-15</a></br><h3>Patch
Changes</h3>
<ul>
<li>
<p><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10334"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10334/hovercard">#10334</a>
<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7d923939dd7e6db7d69f04f598c666104b076e78"><code>7d923939d</code></a>
Thanks <a href="https://snyk.io/redirect/github/jerelmiller">@
jerelmiller</a>! - Better handle deferred queries that have cached or
partial cached data for them</p>
</li>
<li>
<p><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10368"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10368/hovercard">#10368</a>
<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/46b58e9762abbffaee5c9abda8e309bea6d7a785"><code>46b58e976</code></a>
Thanks <a href="https://snyk.io/redirect/github/alessbell">@
alessbell</a>! - Fix: unblocks support for defer in mutations</p>
<p>If the <code>@ defer</code> directive is present in the document
passed to <code>mutate</code>, the Promise will resolve with the final
merged data after the last multipart chunk has arrived in the
response.</p>
</li>
</ul>
      </li>
      <li>
<b>3.7.2</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.2">2022-12-06</a></br><h2>Improvements
(from <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/blob/main/CHANGELOG.md"><code>CHANGELOG.md</code></a>)</h2>
<ul>
<li>
<p>Only show dev tools suggestion in the console when
<code>connectToDevTools</code> is <code>true</code>.<br>
<a href="https://snyk.io/redirect/github/chris110408">@ chris110408</a>
in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard">#10258</a></p>
</li>
<li>
<p>Pass <code>TCache</code> generic to <code>MutationHookOptions</code>
for better type support in <code>useMutation</code>.<br>
<a href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard">#10223</a></p>
</li>
<li>
<p>Add <code>name</code> property to <code>ApolloError</code> to ensure
better type safety and help error reporting tools better identify the
error.<br>
<a href="https://snyk.io/redirect/github/aaronadamsCA">@
aaronadamsCA</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard">#9323</a></p>
</li>
<li>
<p>Export a <code>ModifierDetails</code> type for the
<code>details</code> parameter of a <code>Modifier</code> function.<br>
<a href="https://snyk.io/redirect/github/KeithGillette">@
KeithGillette</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard">#7133</a></p>
</li>
<li>
<p>Revert use of <code>cloneDeep</code> to clone options when fetching
queries.<br>
<a href="https://snyk.io/redirect/github/MrDoomBringer">@
MrDoomBringer</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10215"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10215/hovercard">#10215</a></p>
</li>
</ul>
<h2>What's Changed (auto-generated by GitHub)</h2>
<ul>
<li>Add connect to dev tools check by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/chris110408/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/chris110408">@ chris110408</a> in
<a aria-label="Pull request #10258" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1433824820"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258">#10258</a></li>
<li>Update the CHANGELOG by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/jerelmiller/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/jerelmiller">@ jerelmiller</a> in
<a aria-label="Pull request #10260" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1433855997"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10260"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10260/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10260">#10260</a></li>
<li>Revert cloneDeep-ing request headers by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/MrDoomBringer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/MrDoomBringer">@ MrDoomBringer</a>
in <a aria-label="Pull request #10215" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1416787337"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10215"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10215/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10215">#10215</a></li>
<li>chore(tests): warn on ts-jest diagnostics error outside of CI test
runs by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/alessbell/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/alessbell">@ alessbell</a> in <a
aria-label="Pull request #10268" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1440751358"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10268"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10268/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10268">#10268</a></li>
<li>updates roadmap nov 2022 by <a class="user-mention notranslate"
data-hovercard-type="user" data-hovercard-url="/users/jpvajda/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/jpvajda">@ jpvajda</a> in <a
aria-label="Pull request #10269" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1440838554"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10269"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10269/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10269">#10269</a></li>
<li>docs: displays the error correctly by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/ctesniere/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/ctesniere">@ ctesniere</a> in <a
aria-label="Pull request #10275" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1444506371"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a></li>
<li>Update the CHANGELOG with changes from <a aria-label="Pull request
#10275" class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1444506371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a>
by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10276" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1445656915"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10276"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10276/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10276">#10276</a></li>
<li>Fix 'broken' links by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/StephenBarlow/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/StephenBarlow">@ StephenBarlow</a>
in <a aria-label="Pull request #10288" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1450617736"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10288"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10288/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10288">#10288</a></li>
<li>Additional documentation for managing local state by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10282" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1448345087"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10282"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10282/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10282">#10282</a></li>
<li>chore(docs): remove graphql-anywhere from apollo-link-rest doc by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/alessbell/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/alessbell">@ alessbell</a> in <a
aria-label="Pull request #10232" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1424523033"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10232"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10232/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10232">#10232</a></li>
<li>doc(static-typing): rewrite with GraphQL Code Generator setup by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/charlypoly/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/charlypoly">@ charlypoly</a> in <a
aria-label="Pull request #10173" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1404287170"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10173"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10173/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10173">#10173</a></li>
<li>Further update the TypeGen article for style by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/rkoron007/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/rkoron007">@ rkoron007</a> in <a
aria-label="Pull request #10294" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1454068707"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10294"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10294/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10294">#10294</a></li>
<li>Pass TCache generic to MutationHookOptions by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/igrlk/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> in <a
aria-label="Pull request #10223" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1419515761"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223">#10223</a></li>
<li>Add name property to ApolloError by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/aaronadamsCA/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/aaronadamsCA">@ aaronadamsCA</a>
in <a aria-label="Pull request #9323" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1106740822"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323">#9323</a></li>
<li>Add array examples to reactive variable documentation by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/larrymyers/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/larrymyers">@ larrymyers</a> in <a
aria-label="Pull request #10235" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1424932503"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a></li>
<li>Update CHANGELOG with changes from <a aria-label="Pull request
#10235" class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1424932503" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a>
by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10302" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1458514445"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10302"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10302/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10302">#10302</a></li>
<li>docs: Update subscribeToMore example to use React hooks by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/trevorblades/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/trevorblades">@ trevorblades</a>
in <a aria-label="Pull request #10309" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1460280026"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10309"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10309/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10309">#10309</a></li>
<li>export separate <code>ModifierUtility</code> type by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/KeithGillette/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/KeithGillette">@ KeithGillette</a>
in <a aria-label="Pull request #7133" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="716972371"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133">#7133</a></li>
<li>Changelog and docs for preserveHeaderCase by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/MrDoomBringer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/MrDoomBringer">@ MrDoomBringer</a>
in <a aria-label="Pull request #10111" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1378274068"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10111"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10111/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10111">#10111</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/chris110408/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/chris110408">@ chris110408</a>
made their first contribution in <a aria-label="Pull request #10258"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1433824820" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258">#10258</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/ctesniere/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/ctesniere">@ ctesniere</a> made
their first contribution in <a aria-label="Pull request #10275"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1444506371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/charlypoly/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/charlypoly">@ charlypoly</a> made
their first contribution in <a aria-label="Pull request #10173"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1404287170" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10173"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10173/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10173">#10173</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/igrlk/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> made their
first contribution in <a aria-label="Pull request #10223"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1419515761" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223">#10223</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/aaronadamsCA/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/aaronadamsCA">@ aaronadamsCA</a>
made their first contribution in <a aria-label="Pull request #9323"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1106740822" data-permission-text="Title is private"
data-url="apollographql/apollo-client#9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323">#9323</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/larrymyers/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/larrymyers">@ larrymyers</a> made
their first contribution in <a aria-label="Pull request #10235"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1424932503" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/KeithGillette/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/KeithGillette">@ KeithGillette</a>
made their first contribution in <a aria-label="Pull request #7133"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="716972371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133">#7133</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/apollographql/apollo-client/compare/v3.7.1...v3.7.2"><tt>v3.7.1...v3.7.2</tt></a></p>
      </li>
      <li>
<b>3.7.1</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.1">2022-10-20</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.1">
Read more </a>
      </li>
      <li>
<b>3.7.0</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.0">2022-09-30</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.0">
Read more </a>
      </li>
      <li>
        <b>3.7.0-rc.0</b> - 2022-09-21
      </li>
      <li>
        <b>3.7.0-beta.8</b> - 2022-09-21
      </li>
      <li>
        <b>3.7.0-beta.7</b> - 2022-09-08
      </li>
      <li>
        <b>3.7.0-beta.6</b> - 2022-06-27
      </li>
      <li>
        <b>3.7.0-beta.5</b> - 2022-06-10
      </li>
      <li>
        <b>3.7.0-beta.4</b> - 2022-06-10
      </li>
      <li>
        <b>3.7.0-beta.3</b> - 2022-06-07
      </li>
      <li>
        <b>3.7.0-beta.2</b> - 2022-06-07
      </li>
      <li>
        <b>3.7.0-beta.1</b> - 2022-05-26
      </li>
      <li>
        <b>3.7.0-beta.0</b> - 2022-05-25
      </li>
      <li>
        <b>3.7.0-alpha.6</b> - 2022-05-19
      </li>
      <li>
        <b>3.7.0-alpha.5</b> - 2022-05-16
      </li>
      <li>
        <b>3.7.0-alpha.4</b> - 2022-05-13
      </li>
      <li>
        <b>3.7.0-alpha.3</b> - 2022-05-09
      </li>
      <li>
        <b>3.7.0-alpha.2</b> - 2022-05-03
      </li>
      <li>
        <b>3.7.0-alpha.1</b> - 2022-05-03
      </li>
      <li>
        <b>3.7.0-alpha.0</b> - 2022-04-27
      </li>
      <li>
<b>3.6.10</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.10">2022-09-29</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.10">
Read more </a>
      </li>
      <li>
<b>3.6.9</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.9">2022-06-21</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.9">
Read more </a>
      </li>
      <li>
        <b>3.6.8</b> - 2022-06-10
      </li>
      <li>
        <b>3.6.7</b> - 2022-06-10
      </li>
      <li>
        <b>3.6.6</b> - 2022-05-26
      </li>
      <li>
        <b>3.6.5</b> - 2022-05-23
      </li>
      <li>
        <b>3.6.4</b> - 2022-05-16
      </li>
      <li>
        <b>3.6.3</b> - 2022-05-05
      </li>
      <li>
        <b>3.6.2</b> - 2022-05-03
      </li>
      <li>
        <b>3.6.1</b> - 2022-04-28
      </li>
      <li>
        <b>3.6.0</b> - 2022-04-26
      </li>
      <li>
        <b>3.6.0-rc.1</b> - 2022-04-19
      </li>
      <li>
        <b>3.6.0-rc.0</b> - 2022-04-18
      </li>
      <li>
        <b>3.6.0-beta.13</b> - 2022-04-14
      </li>
      <li>
        <b>3.6.0-beta.12</b> - 2022-04-11
      </li>
      <li>
        <b>3.6.0-beta.11</b> - 2022-04-05
      </li>
      <li>
        <b>3.6.0-beta.10</b> - 2022-03-29
      </li>
      <li>
        <b>3.6.0-beta.9</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.8</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.7</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.6</b> - 2022-02-15
      </li>
      <li>
        <b>3.6.0-beta.5</b> - 2022-02-04
      </li>
      <li>
        <b>3.6.0-beta.4</b> - 2022-02-03
      </li>
      <li>
        <b>3.6.0-beta.3</b> - 2021-11-23
      </li>
      <li>
        <b>3.6.0-beta.2</b> - 2021-11-22
      </li>
      <li>
        <b>3.6.0-beta.1</b> - 2021-11-16
      </li>
      <li>
        <b>3.6.0-beta.0</b> - 2021-11-16
      </li>
      <li>
        <b>3.5.10</b> - 2022-02-24
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases">@apollo/client
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>@apollo/client</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/2f79f03f1239b0496ddda938bf74a1b0ef97966e">2f79f03</a>
Version Packages (#10341)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/b823f6c679f28fae1f5c1fb3f9e7545a2cb5c987">b823f6c</a>
Fix Changesets release workflow from default branch (#10370)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/46b58e9762abbffaee5c9abda8e309bea6d7a785">46b58e9</a>
Fixes support for defer in mutations (#10368)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/52d5af26129bcec6bd51b45511b8349695219c47">52d5af2</a>
docs/updating-subscription-library-anchor-link (#10320)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/1398e42854590c685a63862534990e26d5013d16">1398e42</a>
chore(deps): update actions/setup-node action to v3 (#10352)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/6739721ea04a66d94be6ca2ae956e95997925201">6739721</a>
chore(deps): update mad9000/actions-find-and-replace-string action to v3
(#10354)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/b3e4574942afffd03cc8a383b9834bbb723720bf">b3e4574</a>
Update static-typing.md (#10358)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/f4f00b6d01b33f08dad9992609e30ddf4011e701">f4f00b6</a>
chore(deps): update dependency mocha to v10.2.0</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/0daf29fc02dba3e4ba53f36a8b412abcdbe79329">0daf29f</a>
chore(deps): update dependency @ types/node to v18.11.13</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/ac7696ee7478cab6566c93430400a1ea19b2c7ad">ac7696e</a>
chore(deps): update dependency recast to v0.22.0</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/543d687fe7b38726576821d7e671945549f6e49b">543d687</a>
chore(deps): update dependency @ types/node to v18.11.12</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/14857a5b076a1a385a807620d4a3934fff51c0ea">14857a5</a>
chore(deps): update dependency @ types/jest to v29.2.4</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7819c51ff6a0837e94cc0be6739a70fadf36eada">7819c51</a>
chore(deps): update dependency @ graphql-tools/schema to v9.0.12</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/c02a17b30f96fe33649c1fad716cd9482d353868">c02a17b</a>
chore(changesets): run changeset-version in prerelease workflow</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/6cf377f29b906e1eabfd2993107a0041db78ca4b">6cf377f</a>
Changesets updates (#10342)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7d923939dd7e6db7d69f04f598c666104b076e78">7d92393</a>
Better handle cached data with deferred queries (#10334)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/f982a8d3b0571cf841c7068bd374c8ee44d21492">f982a8d</a>
Introduce Changesets (#10337)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7bff5ac3d9d4f441ff1cc70b6fd6ae60b1b7cfb2">7bff5ac</a>
Roadmap updates (#10336)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/21c7d26220ce82a9856cd203bf1aa5ff1327b192">21c7d26</a>
Exclude &quot;cursor&quot; argument to prevent separate cache instance
(#10144)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/9f8fae1055880c8ec173e631e6009e5308376f34">9f8fae1</a>
chore(deps): update dependency jest-junit to v15 (#10301)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/a55770437f110ae85cd1d8d1fb47a8e6de022c09">a557704</a>
chore(deps): update dependency @ types/node to v18 (#9840)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/ce866132e2be18a989f8e0a78648e5a6d5abc25e">ce86613</a>
Bump @ apollo/client npm version to 3.7.2.</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/365fcea4ad1a9c3682f91fc315c80e828edf3c41">365fcea</a>
chore: update CHANGELOG in preparation for 3.7.2 (#10335)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/39d83c9dae30f32a0b2634a50763a87d369ff7df">39d83c9</a>
chore(deps): update dependency @ types/react to v18.0.26</li>
    </ul>

<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/compare/6ca525a6e2e520ea67cfbfd8df0ac48988b4abe4...2f79f03f1239b0496ddda938bf74a1b0ef97966e">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIxNWZmNzVhNC03MTRhLTQ4ZTQtOGZlYS1kNTE2ZmVkMzBhNjkiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjE1ZmY3NWE0LTcxNGEtNDhlNC04ZmVhLWQ1MTZmZWQzMGE2OSJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872/settings/integration?pkg&#x3D;@apollo/client&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"15ff75a4-714a-48e4-8fea-d516fed30a69","prPublicId":"15ff75a4-714a-48e4-8fea-d516fed30a69","dependencies":[{"name":"@apollo/client","from":"3.5.10","to":"3.7.3"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"9043c51f-3f0d-45c6-8455-b658274f2872","env":"prod","prType":"upgrade","vulns":["SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-EJS-2803307","SNYK-JS-DECODEURICOMPONENT-3149970","SNYK-JS-ASYNC-2441827","SNYK-JS-TERSER-2806366","SNYK-JS-NWSAPI-2841516","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-JSON5-3182856","SNYK-JS-JSON5-3182856"],"issuesToFix":[{"issueId":"SNYK-JS-LOADERUTILS-3043105","severity":"high","title":"Prototype
Pollution","exploitMaturity":"no-known-exploit","priorityScore":375,"priorityScoreFactors":[{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-LOADERUTILS-3043105","severity":"high","title":"Prototype
Pollution","exploitMaturity":"no-known-exploit","priorityScore":375,"priorityScoreFactors":[{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-EJS-2803307","severity":"high","title":"Remote
Code Execution
(RCE)","exploitMaturity":"proof-of-concept","priorityScore":512,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"8.1","score":405}]},{"issueId":"SNYK-JS-DECODEURICOMPONENT-3149970","severity":"high","title":"Denial
of Service
(DoS)","exploitMaturity":"proof-of-concept","priorityScore":482,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-ASYNC-2441827","severity":"high","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":482,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-TERSER-2806366","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-NWSAPI-2841516","severity":"medium","title":"Denial
of Service
(DoS)","exploitMaturity":"no-known-exploit","priorityScore":310,"priorityScoreFactors":[{"type":"cvssScore","label":"6.2","score":310}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3042992","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3042992","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-JSON5-3182856","severity":"medium","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":427,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"6.4","score":320}]},{"issueId":"SNYK-JS-JSON5-3182856","severity":"medium","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":427,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"6.4","score":320}]}],"upgrade":["SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-EJS-2803307","SNYK-JS-DECODEURICOMPONENT-3149970","SNYK-JS-ASYNC-2441827","SNYK-JS-TERSER-2806366","SNYK-JS-NWSAPI-2841516","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-JSON5-3182856","SNYK-JS-JSON5-3182856"],"upgradeInfo":{"versionsDiff":48,"publishedDate":"2022-12-15T18:42:41.897Z"},"templateVariants":["priorityScore"],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[375,375,512,482,482,265,310,265,265,265,265,427,427]})
--->

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
mongodben pushed a commit to mongodben/docs-realm that referenced this pull request Feb 14, 2023
<h3>Snyk has created this PR to upgrade @apollo/client from 3.5.10 to
3.7.3.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **48 versions** ahead of your current
version.
- The recommended version was released **2 months ago**, on 2022-12-15.

The recommended version fixes:

Severity | Issue | PriorityScore (*) | Exploit Maturity |

:-------------------------:|:-------------------------|-------------------------|:-------------------------
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Remote Code Execution
(RCE)<br/>
[SNYK-JS-EJS-2803307](https://snyk.io/vuln/SNYK-JS-EJS-2803307) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Denial of Service
(DoS)<br/>
[SNYK-JS-DECODEURICOMPONENT-3149970](https://snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970)
| **375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-ASYNC-2441827](https://snyk.io/vuln/SNYK-JS-ASYNC-2441827) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-TERSER-2806366](https://snyk.io/vuln/SNYK-JS-TERSER-2806366) |
**375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Denial of Service
(DoS)<br/>
[SNYK-JS-NWSAPI-2841516](https://snyk.io/vuln/SNYK-JS-NWSAPI-2841516) |
**375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Prototype
Pollution<br/>
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Prototype
Pollution<br/>
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@apollo/client</b></summary>
    <ul>
      <li>
<b>3.7.3</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.3">2022-12-15</a></br><h3>Patch
Changes</h3>
<ul>
<li>
<p><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10334"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10334/hovercard">#10334</a>
<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7d923939dd7e6db7d69f04f598c666104b076e78"><code>7d923939d</code></a>
Thanks <a href="https://snyk.io/redirect/github/jerelmiller">@
jerelmiller</a>! - Better handle deferred queries that have cached or
partial cached data for them</p>
</li>
<li>
<p><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10368"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10368/hovercard">#10368</a>
<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/46b58e9762abbffaee5c9abda8e309bea6d7a785"><code>46b58e976</code></a>
Thanks <a href="https://snyk.io/redirect/github/alessbell">@
alessbell</a>! - Fix: unblocks support for defer in mutations</p>
<p>If the <code>@ defer</code> directive is present in the document
passed to <code>mutate</code>, the Promise will resolve with the final
merged data after the last multipart chunk has arrived in the
response.</p>
</li>
</ul>
      </li>
      <li>
<b>3.7.2</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.2">2022-12-06</a></br><h2>Improvements
(from <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/blob/main/CHANGELOG.md"><code>CHANGELOG.md</code></a>)</h2>
<ul>
<li>
<p>Only show dev tools suggestion in the console when
<code>connectToDevTools</code> is <code>true</code>.<br>
<a href="https://snyk.io/redirect/github/chris110408">@ chris110408</a>
in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard">#10258</a></p>
</li>
<li>
<p>Pass <code>TCache</code> generic to <code>MutationHookOptions</code>
for better type support in <code>useMutation</code>.<br>
<a href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard">#10223</a></p>
</li>
<li>
<p>Add <code>name</code> property to <code>ApolloError</code> to ensure
better type safety and help error reporting tools better identify the
error.<br>
<a href="https://snyk.io/redirect/github/aaronadamsCA">@
aaronadamsCA</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard">#9323</a></p>
</li>
<li>
<p>Export a <code>ModifierDetails</code> type for the
<code>details</code> parameter of a <code>Modifier</code> function.<br>
<a href="https://snyk.io/redirect/github/KeithGillette">@
KeithGillette</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard">#7133</a></p>
</li>
<li>
<p>Revert use of <code>cloneDeep</code> to clone options when fetching
queries.<br>
<a href="https://snyk.io/redirect/github/MrDoomBringer">@
MrDoomBringer</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10215"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10215/hovercard">#10215</a></p>
</li>
</ul>
<h2>What's Changed (auto-generated by GitHub)</h2>
<ul>
<li>Add connect to dev tools check by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/chris110408/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/chris110408">@ chris110408</a> in
<a aria-label="Pull request #10258" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1433824820"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258">#10258</a></li>
<li>Update the CHANGELOG by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/jerelmiller/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/jerelmiller">@ jerelmiller</a> in
<a aria-label="Pull request #10260" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1433855997"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10260"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10260/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10260">#10260</a></li>
<li>Revert cloneDeep-ing request headers by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/MrDoomBringer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/MrDoomBringer">@ MrDoomBringer</a>
in <a aria-label="Pull request #10215" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1416787337"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10215"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10215/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10215">#10215</a></li>
<li>chore(tests): warn on ts-jest diagnostics error outside of CI test
runs by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/alessbell/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/alessbell">@ alessbell</a> in <a
aria-label="Pull request #10268" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1440751358"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10268"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10268/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10268">#10268</a></li>
<li>updates roadmap nov 2022 by <a class="user-mention notranslate"
data-hovercard-type="user" data-hovercard-url="/users/jpvajda/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/jpvajda">@ jpvajda</a> in <a
aria-label="Pull request #10269" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1440838554"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10269"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10269/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10269">#10269</a></li>
<li>docs: displays the error correctly by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/ctesniere/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/ctesniere">@ ctesniere</a> in <a
aria-label="Pull request #10275" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1444506371"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a></li>
<li>Update the CHANGELOG with changes from <a aria-label="Pull request
#10275" class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1444506371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a>
by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10276" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1445656915"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10276"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10276/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10276">#10276</a></li>
<li>Fix 'broken' links by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/StephenBarlow/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/StephenBarlow">@ StephenBarlow</a>
in <a aria-label="Pull request #10288" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1450617736"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10288"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10288/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10288">#10288</a></li>
<li>Additional documentation for managing local state by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10282" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1448345087"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10282"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10282/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10282">#10282</a></li>
<li>chore(docs): remove graphql-anywhere from apollo-link-rest doc by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/alessbell/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/alessbell">@ alessbell</a> in <a
aria-label="Pull request #10232" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1424523033"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10232"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10232/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10232">#10232</a></li>
<li>doc(static-typing): rewrite with GraphQL Code Generator setup by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/charlypoly/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/charlypoly">@ charlypoly</a> in <a
aria-label="Pull request #10173" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1404287170"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10173"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10173/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10173">#10173</a></li>
<li>Further update the TypeGen article for style by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/rkoron007/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/rkoron007">@ rkoron007</a> in <a
aria-label="Pull request #10294" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1454068707"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10294"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10294/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10294">#10294</a></li>
<li>Pass TCache generic to MutationHookOptions by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/igrlk/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> in <a
aria-label="Pull request #10223" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1419515761"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223">#10223</a></li>
<li>Add name property to ApolloError by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/aaronadamsCA/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/aaronadamsCA">@ aaronadamsCA</a>
in <a aria-label="Pull request #9323" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1106740822"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323">#9323</a></li>
<li>Add array examples to reactive variable documentation by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/larrymyers/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/larrymyers">@ larrymyers</a> in <a
aria-label="Pull request #10235" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1424932503"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a></li>
<li>Update CHANGELOG with changes from <a aria-label="Pull request
#10235" class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1424932503" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a>
by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10302" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1458514445"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10302"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10302/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10302">#10302</a></li>
<li>docs: Update subscribeToMore example to use React hooks by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/trevorblades/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/trevorblades">@ trevorblades</a>
in <a aria-label="Pull request #10309" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1460280026"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10309"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10309/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10309">#10309</a></li>
<li>export separate <code>ModifierUtility</code> type by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/KeithGillette/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/KeithGillette">@ KeithGillette</a>
in <a aria-label="Pull request #7133" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="716972371"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133">#7133</a></li>
<li>Changelog and docs for preserveHeaderCase by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/MrDoomBringer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/MrDoomBringer">@ MrDoomBringer</a>
in <a aria-label="Pull request #10111" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1378274068"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10111"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10111/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10111">#10111</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/chris110408/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/chris110408">@ chris110408</a>
made their first contribution in <a aria-label="Pull request #10258"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1433824820" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258">#10258</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/ctesniere/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/ctesniere">@ ctesniere</a> made
their first contribution in <a aria-label="Pull request #10275"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1444506371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/charlypoly/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/charlypoly">@ charlypoly</a> made
their first contribution in <a aria-label="Pull request #10173"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1404287170" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10173"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10173/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10173">#10173</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/igrlk/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> made their
first contribution in <a aria-label="Pull request #10223"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1419515761" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223">#10223</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/aaronadamsCA/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/aaronadamsCA">@ aaronadamsCA</a>
made their first contribution in <a aria-label="Pull request #9323"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1106740822" data-permission-text="Title is private"
data-url="apollographql/apollo-client#9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323">#9323</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/larrymyers/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/larrymyers">@ larrymyers</a> made
their first contribution in <a aria-label="Pull request #10235"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1424932503" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/KeithGillette/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/KeithGillette">@ KeithGillette</a>
made their first contribution in <a aria-label="Pull request #7133"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="716972371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133">#7133</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/apollographql/apollo-client/compare/v3.7.1...v3.7.2"><tt>v3.7.1...v3.7.2</tt></a></p>
      </li>
      <li>
<b>3.7.1</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.1">2022-10-20</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.1">
Read more </a>
      </li>
      <li>
<b>3.7.0</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.0">2022-09-30</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.0">
Read more </a>
      </li>
      <li>
        <b>3.7.0-rc.0</b> - 2022-09-21
      </li>
      <li>
        <b>3.7.0-beta.8</b> - 2022-09-21
      </li>
      <li>
        <b>3.7.0-beta.7</b> - 2022-09-08
      </li>
      <li>
        <b>3.7.0-beta.6</b> - 2022-06-27
      </li>
      <li>
        <b>3.7.0-beta.5</b> - 2022-06-10
      </li>
      <li>
        <b>3.7.0-beta.4</b> - 2022-06-10
      </li>
      <li>
        <b>3.7.0-beta.3</b> - 2022-06-07
      </li>
      <li>
        <b>3.7.0-beta.2</b> - 2022-06-07
      </li>
      <li>
        <b>3.7.0-beta.1</b> - 2022-05-26
      </li>
      <li>
        <b>3.7.0-beta.0</b> - 2022-05-25
      </li>
      <li>
        <b>3.7.0-alpha.6</b> - 2022-05-19
      </li>
      <li>
        <b>3.7.0-alpha.5</b> - 2022-05-16
      </li>
      <li>
        <b>3.7.0-alpha.4</b> - 2022-05-13
      </li>
      <li>
        <b>3.7.0-alpha.3</b> - 2022-05-09
      </li>
      <li>
        <b>3.7.0-alpha.2</b> - 2022-05-03
      </li>
      <li>
        <b>3.7.0-alpha.1</b> - 2022-05-03
      </li>
      <li>
        <b>3.7.0-alpha.0</b> - 2022-04-27
      </li>
      <li>
<b>3.6.10</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.10">2022-09-29</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.10">
Read more </a>
      </li>
      <li>
<b>3.6.9</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.9">2022-06-21</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.9">
Read more </a>
      </li>
      <li>
        <b>3.6.8</b> - 2022-06-10
      </li>
      <li>
        <b>3.6.7</b> - 2022-06-10
      </li>
      <li>
        <b>3.6.6</b> - 2022-05-26
      </li>
      <li>
        <b>3.6.5</b> - 2022-05-23
      </li>
      <li>
        <b>3.6.4</b> - 2022-05-16
      </li>
      <li>
        <b>3.6.3</b> - 2022-05-05
      </li>
      <li>
        <b>3.6.2</b> - 2022-05-03
      </li>
      <li>
        <b>3.6.1</b> - 2022-04-28
      </li>
      <li>
        <b>3.6.0</b> - 2022-04-26
      </li>
      <li>
        <b>3.6.0-rc.1</b> - 2022-04-19
      </li>
      <li>
        <b>3.6.0-rc.0</b> - 2022-04-18
      </li>
      <li>
        <b>3.6.0-beta.13</b> - 2022-04-14
      </li>
      <li>
        <b>3.6.0-beta.12</b> - 2022-04-11
      </li>
      <li>
        <b>3.6.0-beta.11</b> - 2022-04-05
      </li>
      <li>
        <b>3.6.0-beta.10</b> - 2022-03-29
      </li>
      <li>
        <b>3.6.0-beta.9</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.8</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.7</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.6</b> - 2022-02-15
      </li>
      <li>
        <b>3.6.0-beta.5</b> - 2022-02-04
      </li>
      <li>
        <b>3.6.0-beta.4</b> - 2022-02-03
      </li>
      <li>
        <b>3.6.0-beta.3</b> - 2021-11-23
      </li>
      <li>
        <b>3.6.0-beta.2</b> - 2021-11-22
      </li>
      <li>
        <b>3.6.0-beta.1</b> - 2021-11-16
      </li>
      <li>
        <b>3.6.0-beta.0</b> - 2021-11-16
      </li>
      <li>
        <b>3.5.10</b> - 2022-02-24
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases">@apollo/client
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>@apollo/client</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/2f79f03f1239b0496ddda938bf74a1b0ef97966e">2f79f03</a>
Version Packages (#10341)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/b823f6c679f28fae1f5c1fb3f9e7545a2cb5c987">b823f6c</a>
Fix Changesets release workflow from default branch (#10370)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/46b58e9762abbffaee5c9abda8e309bea6d7a785">46b58e9</a>
Fixes support for defer in mutations (#10368)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/52d5af26129bcec6bd51b45511b8349695219c47">52d5af2</a>
docs/updating-subscription-library-anchor-link (#10320)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/1398e42854590c685a63862534990e26d5013d16">1398e42</a>
chore(deps): update actions/setup-node action to v3 (#10352)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/6739721ea04a66d94be6ca2ae956e95997925201">6739721</a>
chore(deps): update mad9000/actions-find-and-replace-string action to v3
(#10354)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/b3e4574942afffd03cc8a383b9834bbb723720bf">b3e4574</a>
Update static-typing.md (#10358)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/f4f00b6d01b33f08dad9992609e30ddf4011e701">f4f00b6</a>
chore(deps): update dependency mocha to v10.2.0</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/0daf29fc02dba3e4ba53f36a8b412abcdbe79329">0daf29f</a>
chore(deps): update dependency @ types/node to v18.11.13</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/ac7696ee7478cab6566c93430400a1ea19b2c7ad">ac7696e</a>
chore(deps): update dependency recast to v0.22.0</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/543d687fe7b38726576821d7e671945549f6e49b">543d687</a>
chore(deps): update dependency @ types/node to v18.11.12</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/14857a5b076a1a385a807620d4a3934fff51c0ea">14857a5</a>
chore(deps): update dependency @ types/jest to v29.2.4</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7819c51ff6a0837e94cc0be6739a70fadf36eada">7819c51</a>
chore(deps): update dependency @ graphql-tools/schema to v9.0.12</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/c02a17b30f96fe33649c1fad716cd9482d353868">c02a17b</a>
chore(changesets): run changeset-version in prerelease workflow</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/6cf377f29b906e1eabfd2993107a0041db78ca4b">6cf377f</a>
Changesets updates (#10342)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7d923939dd7e6db7d69f04f598c666104b076e78">7d92393</a>
Better handle cached data with deferred queries (#10334)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/f982a8d3b0571cf841c7068bd374c8ee44d21492">f982a8d</a>
Introduce Changesets (#10337)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7bff5ac3d9d4f441ff1cc70b6fd6ae60b1b7cfb2">7bff5ac</a>
Roadmap updates (#10336)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/21c7d26220ce82a9856cd203bf1aa5ff1327b192">21c7d26</a>
Exclude &quot;cursor&quot; argument to prevent separate cache instance
(#10144)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/9f8fae1055880c8ec173e631e6009e5308376f34">9f8fae1</a>
chore(deps): update dependency jest-junit to v15 (#10301)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/a55770437f110ae85cd1d8d1fb47a8e6de022c09">a557704</a>
chore(deps): update dependency @ types/node to v18 (#9840)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/ce866132e2be18a989f8e0a78648e5a6d5abc25e">ce86613</a>
Bump @ apollo/client npm version to 3.7.2.</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/365fcea4ad1a9c3682f91fc315c80e828edf3c41">365fcea</a>
chore: update CHANGELOG in preparation for 3.7.2 (#10335)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/39d83c9dae30f32a0b2634a50763a87d369ff7df">39d83c9</a>
chore(deps): update dependency @ types/react to v18.0.26</li>
    </ul>

<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/compare/6ca525a6e2e520ea67cfbfd8df0ac48988b4abe4...2f79f03f1239b0496ddda938bf74a1b0ef97966e">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIxNWZmNzVhNC03MTRhLTQ4ZTQtOGZlYS1kNTE2ZmVkMzBhNjkiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjE1ZmY3NWE0LTcxNGEtNDhlNC04ZmVhLWQ1MTZmZWQzMGE2OSJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872/settings/integration?pkg&#x3D;@apollo/client&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"15ff75a4-714a-48e4-8fea-d516fed30a69","prPublicId":"15ff75a4-714a-48e4-8fea-d516fed30a69","dependencies":[{"name":"@apollo/client","from":"3.5.10","to":"3.7.3"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"9043c51f-3f0d-45c6-8455-b658274f2872","env":"prod","prType":"upgrade","vulns":["SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-EJS-2803307","SNYK-JS-DECODEURICOMPONENT-3149970","SNYK-JS-ASYNC-2441827","SNYK-JS-TERSER-2806366","SNYK-JS-NWSAPI-2841516","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-JSON5-3182856","SNYK-JS-JSON5-3182856"],"issuesToFix":[{"issueId":"SNYK-JS-LOADERUTILS-3043105","severity":"high","title":"Prototype
Pollution","exploitMaturity":"no-known-exploit","priorityScore":375,"priorityScoreFactors":[{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-LOADERUTILS-3043105","severity":"high","title":"Prototype
Pollution","exploitMaturity":"no-known-exploit","priorityScore":375,"priorityScoreFactors":[{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-EJS-2803307","severity":"high","title":"Remote
Code Execution
(RCE)","exploitMaturity":"proof-of-concept","priorityScore":512,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"8.1","score":405}]},{"issueId":"SNYK-JS-DECODEURICOMPONENT-3149970","severity":"high","title":"Denial
of Service
(DoS)","exploitMaturity":"proof-of-concept","priorityScore":482,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-ASYNC-2441827","severity":"high","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":482,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-TERSER-2806366","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-NWSAPI-2841516","severity":"medium","title":"Denial
of Service
(DoS)","exploitMaturity":"no-known-exploit","priorityScore":310,"priorityScoreFactors":[{"type":"cvssScore","label":"6.2","score":310}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3042992","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3042992","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-JSON5-3182856","severity":"medium","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":427,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"6.4","score":320}]},{"issueId":"SNYK-JS-JSON5-3182856","severity":"medium","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":427,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"6.4","score":320}]}],"upgrade":["SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-EJS-2803307","SNYK-JS-DECODEURICOMPONENT-3149970","SNYK-JS-ASYNC-2441827","SNYK-JS-TERSER-2806366","SNYK-JS-NWSAPI-2841516","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-JSON5-3182856","SNYK-JS-JSON5-3182856"],"upgradeInfo":{"versionsDiff":48,"publishedDate":"2022-12-15T18:42:41.897Z"},"templateVariants":["priorityScore"],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[375,375,512,482,482,265,310,265,265,265,265,427,427]})
--->

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
mongodben pushed a commit to mongodben/docs-realm that referenced this pull request Feb 14, 2023
<h3>Snyk has created this PR to upgrade @apollo/client from 3.5.10 to
3.7.3.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **48 versions** ahead of your current
version.
- The recommended version was released **2 months ago**, on 2022-12-15.

The recommended version fixes:

Severity | Issue | PriorityScore (*) | Exploit Maturity |

:-------------------------:|:-------------------------|-------------------------|:-------------------------
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-LOADERUTILS-3043105](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Remote Code Execution
(RCE)<br/>
[SNYK-JS-EJS-2803307](https://snyk.io/vuln/SNYK-JS-EJS-2803307) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Denial of Service
(DoS)<br/>
[SNYK-JS-DECODEURICOMPONENT-3149970](https://snyk.io/vuln/SNYK-JS-DECODEURICOMPONENT-3149970)
| **375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png"
width="20" height="20" title="high severity"/> | Prototype
Pollution<br/>
[SNYK-JS-ASYNC-2441827](https://snyk.io/vuln/SNYK-JS-ASYNC-2441827) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-TERSER-2806366](https://snyk.io/vuln/SNYK-JS-TERSER-2806366) |
**375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Denial of Service
(DoS)<br/>
[SNYK-JS-NWSAPI-2841516](https://snyk.io/vuln/SNYK-JS-NWSAPI-2841516) |
**375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3105943](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3105943)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Regular Expression
Denial of Service (ReDoS)<br/>
[SNYK-JS-LOADERUTILS-3042992](https://snyk.io/vuln/SNYK-JS-LOADERUTILS-3042992)
| **375/1000** <br/> **Why?** CVSS 7.5 | No Known Exploit
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Prototype
Pollution<br/>
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept
<img
src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png"
width="20" height="20" title="medium severity"/> | Prototype
Pollution<br/>
[SNYK-JS-JSON5-3182856](https://snyk.io/vuln/SNYK-JS-JSON5-3182856) |
**375/1000** <br/> **Why?** CVSS 7.5 | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@apollo/client</b></summary>
    <ul>
      <li>
<b>3.7.3</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.3">2022-12-15</a></br><h3>Patch
Changes</h3>
<ul>
<li>
<p><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10334"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10334/hovercard">#10334</a>
<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7d923939dd7e6db7d69f04f598c666104b076e78"><code>7d923939d</code></a>
Thanks <a href="https://snyk.io/redirect/github/jerelmiller">@
jerelmiller</a>! - Better handle deferred queries that have cached or
partial cached data for them</p>
</li>
<li>
<p><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10368"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10368/hovercard">#10368</a>
<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/46b58e9762abbffaee5c9abda8e309bea6d7a785"><code>46b58e976</code></a>
Thanks <a href="https://snyk.io/redirect/github/alessbell">@
alessbell</a>! - Fix: unblocks support for defer in mutations</p>
<p>If the <code>@ defer</code> directive is present in the document
passed to <code>mutate</code>, the Promise will resolve with the final
merged data after the last multipart chunk has arrived in the
response.</p>
</li>
</ul>
      </li>
      <li>
<b>3.7.2</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.2">2022-12-06</a></br><h2>Improvements
(from <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/blob/main/CHANGELOG.md"><code>CHANGELOG.md</code></a>)</h2>
<ul>
<li>
<p>Only show dev tools suggestion in the console when
<code>connectToDevTools</code> is <code>true</code>.<br>
<a href="https://snyk.io/redirect/github/chris110408">@ chris110408</a>
in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard">#10258</a></p>
</li>
<li>
<p>Pass <code>TCache</code> generic to <code>MutationHookOptions</code>
for better type support in <code>useMutation</code>.<br>
<a href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard">#10223</a></p>
</li>
<li>
<p>Add <code>name</code> property to <code>ApolloError</code> to ensure
better type safety and help error reporting tools better identify the
error.<br>
<a href="https://snyk.io/redirect/github/aaronadamsCA">@
aaronadamsCA</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard">#9323</a></p>
</li>
<li>
<p>Export a <code>ModifierDetails</code> type for the
<code>details</code> parameter of a <code>Modifier</code> function.<br>
<a href="https://snyk.io/redirect/github/KeithGillette">@
KeithGillette</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard">#7133</a></p>
</li>
<li>
<p>Revert use of <code>cloneDeep</code> to clone options when fetching
queries.<br>
<a href="https://snyk.io/redirect/github/MrDoomBringer">@
MrDoomBringer</a> in <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10215"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10215/hovercard">#10215</a></p>
</li>
</ul>
<h2>What's Changed (auto-generated by GitHub)</h2>
<ul>
<li>Add connect to dev tools check by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/chris110408/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/chris110408">@ chris110408</a> in
<a aria-label="Pull request #10258" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1433824820"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258">#10258</a></li>
<li>Update the CHANGELOG by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/jerelmiller/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/jerelmiller">@ jerelmiller</a> in
<a aria-label="Pull request #10260" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1433855997"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10260"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10260/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10260">#10260</a></li>
<li>Revert cloneDeep-ing request headers by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/MrDoomBringer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/MrDoomBringer">@ MrDoomBringer</a>
in <a aria-label="Pull request #10215" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1416787337"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10215"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10215/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10215">#10215</a></li>
<li>chore(tests): warn on ts-jest diagnostics error outside of CI test
runs by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/alessbell/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/alessbell">@ alessbell</a> in <a
aria-label="Pull request #10268" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1440751358"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10268"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10268/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10268">#10268</a></li>
<li>updates roadmap nov 2022 by <a class="user-mention notranslate"
data-hovercard-type="user" data-hovercard-url="/users/jpvajda/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/jpvajda">@ jpvajda</a> in <a
aria-label="Pull request #10269" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1440838554"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10269"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10269/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10269">#10269</a></li>
<li>docs: displays the error correctly by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/ctesniere/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/ctesniere">@ ctesniere</a> in <a
aria-label="Pull request #10275" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1444506371"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a></li>
<li>Update the CHANGELOG with changes from <a aria-label="Pull request
#10275" class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1444506371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a>
by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10276" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1445656915"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10276"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10276/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10276">#10276</a></li>
<li>Fix 'broken' links by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/StephenBarlow/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/StephenBarlow">@ StephenBarlow</a>
in <a aria-label="Pull request #10288" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1450617736"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10288"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10288/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10288">#10288</a></li>
<li>Additional documentation for managing local state by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10282" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1448345087"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10282"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10282/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10282">#10282</a></li>
<li>chore(docs): remove graphql-anywhere from apollo-link-rest doc by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/alessbell/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/alessbell">@ alessbell</a> in <a
aria-label="Pull request #10232" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1424523033"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10232"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10232/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10232">#10232</a></li>
<li>doc(static-typing): rewrite with GraphQL Code Generator setup by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/charlypoly/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/charlypoly">@ charlypoly</a> in <a
aria-label="Pull request #10173" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1404287170"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10173"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10173/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10173">#10173</a></li>
<li>Further update the TypeGen article for style by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/rkoron007/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/rkoron007">@ rkoron007</a> in <a
aria-label="Pull request #10294" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1454068707"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10294"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10294/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10294">#10294</a></li>
<li>Pass TCache generic to MutationHookOptions by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/igrlk/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> in <a
aria-label="Pull request #10223" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1419515761"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223">#10223</a></li>
<li>Add name property to ApolloError by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/aaronadamsCA/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/aaronadamsCA">@ aaronadamsCA</a>
in <a aria-label="Pull request #9323" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1106740822"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323">#9323</a></li>
<li>Add array examples to reactive variable documentation by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/larrymyers/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/larrymyers">@ larrymyers</a> in <a
aria-label="Pull request #10235" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1424932503"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a></li>
<li>Update CHANGELOG with changes from <a aria-label="Pull request
#10235" class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1424932503" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a>
by <a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bignimbus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bignimbus">@ bignimbus</a> in <a
aria-label="Pull request #10302" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1458514445"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10302"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10302/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10302">#10302</a></li>
<li>docs: Update subscribeToMore example to use React hooks by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/trevorblades/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/trevorblades">@ trevorblades</a>
in <a aria-label="Pull request #10309" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1460280026"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10309"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10309/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10309">#10309</a></li>
<li>export separate <code>ModifierUtility</code> type by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/KeithGillette/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/KeithGillette">@ KeithGillette</a>
in <a aria-label="Pull request #7133" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="716972371"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133">#7133</a></li>
<li>Changelog and docs for preserveHeaderCase by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/MrDoomBringer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/MrDoomBringer">@ MrDoomBringer</a>
in <a aria-label="Pull request #10111" class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1378274068"
data-permission-text="Title is private"
data-url="apollographql/apollo-client#10111"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10111/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10111">#10111</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/chris110408/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/chris110408">@ chris110408</a>
made their first contribution in <a aria-label="Pull request #10258"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1433824820" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10258"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10258/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10258">#10258</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/ctesniere/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/ctesniere">@ ctesniere</a> made
their first contribution in <a aria-label="Pull request #10275"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1444506371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10275"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10275/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10275">#10275</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/charlypoly/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/charlypoly">@ charlypoly</a> made
their first contribution in <a aria-label="Pull request #10173"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1404287170" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10173"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10173/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10173">#10173</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/igrlk/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/igrlk">@ igrlk</a> made their
first contribution in <a aria-label="Pull request #10223"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1419515761" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10223"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10223/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10223">#10223</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/aaronadamsCA/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/aaronadamsCA">@ aaronadamsCA</a>
made their first contribution in <a aria-label="Pull request #9323"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1106740822" data-permission-text="Title is private"
data-url="apollographql/apollo-client#9323"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/9323/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/9323">#9323</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/larrymyers/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/larrymyers">@ larrymyers</a> made
their first contribution in <a aria-label="Pull request #10235"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1424932503" data-permission-text="Title is private"
data-url="apollographql/apollo-client#10235"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/10235/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/10235">#10235</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/KeithGillette/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/KeithGillette">@ KeithGillette</a>
made their first contribution in <a aria-label="Pull request #7133"
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="716972371" data-permission-text="Title is private"
data-url="apollographql/apollo-client#7133"
data-hovercard-type="pull_request"
data-hovercard-url="/apollographql/apollo-client/pull/7133/hovercard"
href="https://snyk.io/redirect/github/apollographql/apollo-client/pull/7133">#7133</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/apollographql/apollo-client/compare/v3.7.1...v3.7.2"><tt>v3.7.1...v3.7.2</tt></a></p>
      </li>
      <li>
<b>3.7.1</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.1">2022-10-20</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.1">
Read more </a>
      </li>
      <li>
<b>3.7.0</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.0">2022-09-30</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.7.0">
Read more </a>
      </li>
      <li>
        <b>3.7.0-rc.0</b> - 2022-09-21
      </li>
      <li>
        <b>3.7.0-beta.8</b> - 2022-09-21
      </li>
      <li>
        <b>3.7.0-beta.7</b> - 2022-09-08
      </li>
      <li>
        <b>3.7.0-beta.6</b> - 2022-06-27
      </li>
      <li>
        <b>3.7.0-beta.5</b> - 2022-06-10
      </li>
      <li>
        <b>3.7.0-beta.4</b> - 2022-06-10
      </li>
      <li>
        <b>3.7.0-beta.3</b> - 2022-06-07
      </li>
      <li>
        <b>3.7.0-beta.2</b> - 2022-06-07
      </li>
      <li>
        <b>3.7.0-beta.1</b> - 2022-05-26
      </li>
      <li>
        <b>3.7.0-beta.0</b> - 2022-05-25
      </li>
      <li>
        <b>3.7.0-alpha.6</b> - 2022-05-19
      </li>
      <li>
        <b>3.7.0-alpha.5</b> - 2022-05-16
      </li>
      <li>
        <b>3.7.0-alpha.4</b> - 2022-05-13
      </li>
      <li>
        <b>3.7.0-alpha.3</b> - 2022-05-09
      </li>
      <li>
        <b>3.7.0-alpha.2</b> - 2022-05-03
      </li>
      <li>
        <b>3.7.0-alpha.1</b> - 2022-05-03
      </li>
      <li>
        <b>3.7.0-alpha.0</b> - 2022-04-27
      </li>
      <li>
<b>3.6.10</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.10">2022-09-29</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.10">
Read more </a>
      </li>
      <li>
<b>3.6.9</b> - <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.9">2022-06-21</a></br><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases/tag/v3.6.9">
Read more </a>
      </li>
      <li>
        <b>3.6.8</b> - 2022-06-10
      </li>
      <li>
        <b>3.6.7</b> - 2022-06-10
      </li>
      <li>
        <b>3.6.6</b> - 2022-05-26
      </li>
      <li>
        <b>3.6.5</b> - 2022-05-23
      </li>
      <li>
        <b>3.6.4</b> - 2022-05-16
      </li>
      <li>
        <b>3.6.3</b> - 2022-05-05
      </li>
      <li>
        <b>3.6.2</b> - 2022-05-03
      </li>
      <li>
        <b>3.6.1</b> - 2022-04-28
      </li>
      <li>
        <b>3.6.0</b> - 2022-04-26
      </li>
      <li>
        <b>3.6.0-rc.1</b> - 2022-04-19
      </li>
      <li>
        <b>3.6.0-rc.0</b> - 2022-04-18
      </li>
      <li>
        <b>3.6.0-beta.13</b> - 2022-04-14
      </li>
      <li>
        <b>3.6.0-beta.12</b> - 2022-04-11
      </li>
      <li>
        <b>3.6.0-beta.11</b> - 2022-04-05
      </li>
      <li>
        <b>3.6.0-beta.10</b> - 2022-03-29
      </li>
      <li>
        <b>3.6.0-beta.9</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.8</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.7</b> - 2022-03-10
      </li>
      <li>
        <b>3.6.0-beta.6</b> - 2022-02-15
      </li>
      <li>
        <b>3.6.0-beta.5</b> - 2022-02-04
      </li>
      <li>
        <b>3.6.0-beta.4</b> - 2022-02-03
      </li>
      <li>
        <b>3.6.0-beta.3</b> - 2021-11-23
      </li>
      <li>
        <b>3.6.0-beta.2</b> - 2021-11-22
      </li>
      <li>
        <b>3.6.0-beta.1</b> - 2021-11-16
      </li>
      <li>
        <b>3.6.0-beta.0</b> - 2021-11-16
      </li>
      <li>
        <b>3.5.10</b> - 2022-02-24
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/apollographql/apollo-client/releases">@apollo/client
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>@apollo/client</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/2f79f03f1239b0496ddda938bf74a1b0ef97966e">2f79f03</a>
Version Packages (#10341)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/b823f6c679f28fae1f5c1fb3f9e7545a2cb5c987">b823f6c</a>
Fix Changesets release workflow from default branch (#10370)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/46b58e9762abbffaee5c9abda8e309bea6d7a785">46b58e9</a>
Fixes support for defer in mutations (#10368)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/52d5af26129bcec6bd51b45511b8349695219c47">52d5af2</a>
docs/updating-subscription-library-anchor-link (#10320)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/1398e42854590c685a63862534990e26d5013d16">1398e42</a>
chore(deps): update actions/setup-node action to v3 (#10352)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/6739721ea04a66d94be6ca2ae956e95997925201">6739721</a>
chore(deps): update mad9000/actions-find-and-replace-string action to v3
(#10354)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/b3e4574942afffd03cc8a383b9834bbb723720bf">b3e4574</a>
Update static-typing.md (#10358)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/f4f00b6d01b33f08dad9992609e30ddf4011e701">f4f00b6</a>
chore(deps): update dependency mocha to v10.2.0</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/0daf29fc02dba3e4ba53f36a8b412abcdbe79329">0daf29f</a>
chore(deps): update dependency @ types/node to v18.11.13</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/ac7696ee7478cab6566c93430400a1ea19b2c7ad">ac7696e</a>
chore(deps): update dependency recast to v0.22.0</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/543d687fe7b38726576821d7e671945549f6e49b">543d687</a>
chore(deps): update dependency @ types/node to v18.11.12</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/14857a5b076a1a385a807620d4a3934fff51c0ea">14857a5</a>
chore(deps): update dependency @ types/jest to v29.2.4</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7819c51ff6a0837e94cc0be6739a70fadf36eada">7819c51</a>
chore(deps): update dependency @ graphql-tools/schema to v9.0.12</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/c02a17b30f96fe33649c1fad716cd9482d353868">c02a17b</a>
chore(changesets): run changeset-version in prerelease workflow</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/6cf377f29b906e1eabfd2993107a0041db78ca4b">6cf377f</a>
Changesets updates (#10342)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7d923939dd7e6db7d69f04f598c666104b076e78">7d92393</a>
Better handle cached data with deferred queries (#10334)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/f982a8d3b0571cf841c7068bd374c8ee44d21492">f982a8d</a>
Introduce Changesets (#10337)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/7bff5ac3d9d4f441ff1cc70b6fd6ae60b1b7cfb2">7bff5ac</a>
Roadmap updates (#10336)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/21c7d26220ce82a9856cd203bf1aa5ff1327b192">21c7d26</a>
Exclude &quot;cursor&quot; argument to prevent separate cache instance
(#10144)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/9f8fae1055880c8ec173e631e6009e5308376f34">9f8fae1</a>
chore(deps): update dependency jest-junit to v15 (#10301)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/a55770437f110ae85cd1d8d1fb47a8e6de022c09">a557704</a>
chore(deps): update dependency @ types/node to v18 (#9840)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/ce866132e2be18a989f8e0a78648e5a6d5abc25e">ce86613</a>
Bump @ apollo/client npm version to 3.7.2.</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/365fcea4ad1a9c3682f91fc315c80e828edf3c41">365fcea</a>
chore: update CHANGELOG in preparation for 3.7.2 (#10335)</li>
<li><a
href="https://snyk.io/redirect/github/apollographql/apollo-client/commit/39d83c9dae30f32a0b2634a50763a87d369ff7df">39d83c9</a>
chore(deps): update dependency @ types/react to v18.0.26</li>
    </ul>

<a
href="https://snyk.io/redirect/github/apollographql/apollo-client/compare/6ca525a6e2e520ea67cfbfd8df0ac48988b4abe4...2f79f03f1239b0496ddda938bf74a1b0ef97966e">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIxNWZmNzVhNC03MTRhLTQ4ZTQtOGZlYS1kNTE2ZmVkMzBhNjkiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjE1ZmY3NWE0LTcxNGEtNDhlNC04ZmVhLWQ1MTZmZWQzMGE2OSJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872/settings/integration?pkg&#x3D;@apollo/client&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"15ff75a4-714a-48e4-8fea-d516fed30a69","prPublicId":"15ff75a4-714a-48e4-8fea-d516fed30a69","dependencies":[{"name":"@apollo/client","from":"3.5.10","to":"3.7.3"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/9043c51f-3f0d-45c6-8455-b658274f2872?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"9043c51f-3f0d-45c6-8455-b658274f2872","env":"prod","prType":"upgrade","vulns":["SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-EJS-2803307","SNYK-JS-DECODEURICOMPONENT-3149970","SNYK-JS-ASYNC-2441827","SNYK-JS-TERSER-2806366","SNYK-JS-NWSAPI-2841516","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-JSON5-3182856","SNYK-JS-JSON5-3182856"],"issuesToFix":[{"issueId":"SNYK-JS-LOADERUTILS-3043105","severity":"high","title":"Prototype
Pollution","exploitMaturity":"no-known-exploit","priorityScore":375,"priorityScoreFactors":[{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-LOADERUTILS-3043105","severity":"high","title":"Prototype
Pollution","exploitMaturity":"no-known-exploit","priorityScore":375,"priorityScoreFactors":[{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-EJS-2803307","severity":"high","title":"Remote
Code Execution
(RCE)","exploitMaturity":"proof-of-concept","priorityScore":512,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"8.1","score":405}]},{"issueId":"SNYK-JS-DECODEURICOMPONENT-3149970","severity":"high","title":"Denial
of Service
(DoS)","exploitMaturity":"proof-of-concept","priorityScore":482,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-ASYNC-2441827","severity":"high","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":482,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"7.5","score":375}]},{"issueId":"SNYK-JS-TERSER-2806366","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-NWSAPI-2841516","severity":"medium","title":"Denial
of Service
(DoS)","exploitMaturity":"no-known-exploit","priorityScore":310,"priorityScoreFactors":[{"type":"cvssScore","label":"6.2","score":310}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3042992","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3105943","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-LOADERUTILS-3042992","severity":"medium","title":"Regular
Expression Denial of Service
(ReDoS)","exploitMaturity":"no-known-exploit","priorityScore":265,"priorityScoreFactors":[{"type":"cvssScore","label":"5.3","score":265}]},{"issueId":"SNYK-JS-JSON5-3182856","severity":"medium","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":427,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"6.4","score":320}]},{"issueId":"SNYK-JS-JSON5-3182856","severity":"medium","title":"Prototype
Pollution","exploitMaturity":"proof-of-concept","priorityScore":427,"priorityScoreFactors":[{"type":"exploit","label":"Proof
of
Concept","score":107},{"type":"cvssScore","label":"6.4","score":320}]}],"upgrade":["SNYK-JS-LOADERUTILS-3043105","SNYK-JS-LOADERUTILS-3043105","SNYK-JS-EJS-2803307","SNYK-JS-DECODEURICOMPONENT-3149970","SNYK-JS-ASYNC-2441827","SNYK-JS-TERSER-2806366","SNYK-JS-NWSAPI-2841516","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-LOADERUTILS-3105943","SNYK-JS-LOADERUTILS-3042992","SNYK-JS-JSON5-3182856","SNYK-JS-JSON5-3182856"],"upgradeInfo":{"versionsDiff":48,"publishedDate":"2022-12-15T18:42:41.897Z"},"templateVariants":["priorityScore"],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[375,375,512,482,482,265,310,265,265,265,265,427,427]})
--->

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 14, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
2 participants