Bump webonyx/graphql-php from 0.13.9 to 15.32.2 in /api in the composer group across 1 directory

[dependabot]

Bumps the composer group with 1 update in the /api directory: webonyx/graphql-php.

Updates webonyx/graphql-php from 0.13.9 to 15.32.2

Release notes

Sourced from webonyx/graphql-php's releases.

v15.32.2

Fixed

• Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validation through inline fragments GHSA-fc86-6rv6-2jpm

v15.32.1

Fix "Cannot traverse an already closed generator" in Schema::getTypeMap() webonyx/graphql-php#1903

v15.32.0

Added

• Implement AmpFutureAdapter for integration with AMPHP v3 webonyx/graphql-php#1900

v15.31.5

Fixed

• Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validation GHSA-68jq-c3rv-pcrr

v15.31.4

Changed

• Prioritize count error over null error in @oneOf coercion webonyx/graphql-php#1891

v15.31.3

Fixed

• Apply per-schema built-in scalar overrides without assertValid() webonyx/graphql-php#1886

v15.31.2

Changed

• Exclusively support types for per-schema built-in scalar overrides, not typeLoader webonyx/graphql-php#1884

Fixed

• Fix parseLiteral not called on per-schema built-in scalar overrides for inline arguments webonyx/graphql-php#1880

v15.31.1

Fixed

• Fix variable validation and input coercion for per-schema scalar overrides webonyx/graphql-php#1876

v15.31.0

Added

• Support per-schema scalar overrides via types config or typeLoader, without global side effects webonyx/graphql-php#1869
• Add Type::builtInScalars() and Type::BUILT_IN_SCALAR_NAMES aligning with GraphQL spec terminology webonyx/graphql-php#1869
• Add Directive::builtInDirectives() and Directive::isBuiltInDirective() aligning with GraphQL spec terminology webonyx/graphql-php#1869

Deprecated

... (truncated)

Changelog

Sourced from webonyx/graphql-php's changelog.

v15.32.2

Fixed

• Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validation through inline fragments GHSA-fc86-6rv6-2jpm

v15.32.1

Fixed

• Fix "Cannot traverse an already closed generator" in Schema::getTypeMap() webonyx/graphql-php#1903

v15.32.0

Added

• Implement AmpFutureAdapter for integration with AMPHP v3 webonyx/graphql-php#1900

v15.31.5

Fixed

• Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validation GHSA-68jq-c3rv-pcrr

v15.31.4

Changed

• Prioritize count error over null error in @oneOf coercion webonyx/graphql-php#1891

v15.31.3

Fixed

• Apply per-schema built-in scalar overrides without assertValid() webonyx/graphql-php#1886

v15.31.2

Changed

• Exclusively support types for per-schema built-in scalar overrides, not typeLoader webonyx/graphql-php#1884

Fixed

• Fix parseLiteral not called on per-schema built-in scalar overrides for inline arguments webonyx/graphql-php#1880

v15.31.1

Fixed

... (truncated)

Upgrade guide

Sourced from webonyx/graphql-php's upgrade guide.

v14.x.x > v15.x.x

BREAKING: Removed error extension field category

The formatting of errors that implement the ClientAware interface no longer contains the key category. This includes both built-in and user-defined errors.

throw new \GraphQL\Error\Error('msg');

Formatting before the change:

'errors' => [
    [
        'message' => 'msg',
        'extensions' => [
            'category' => 'graphql',
        ],
    ],
]

After the change:

'errors' => [
    [
        'message' => 'msg',
    ],
]

The method ClientAware::getCategory() was removed, you may also remove it from your implementations:

use GraphQL\Error\ClientAware;
class MyException extends \Exception implements ClientAware
{
public function isClientSafe(): bool
{
return true;
}

public function getCategory(): string
{

  return 'my-category';


}
</tr></table>

... (truncated)

Commits

• 8d0f1c5 Release v15.32.2
• 996adcf Add comparison budget to OverlappingFieldsCanBeMerged
• ff116ea Document security scope to reduce low-quality advisory submissions
• 2711a1e Use v4 tag format for ramsey/composer-install action
• 3874d60 Update ramsey/composer-install action to v4
• 2340e43 Update dependency phpstan/phpstan to v2.1.51 (#1904)
• 8405df9 Update dependency phpstan/phpstan to v2.1.50 (#1899)
• e8f77f8 Release v15.32.1
• 58a765d Fix "Cannot traverse an already closed generator" in Schema::getTypeMap()
• e7ff849 Release v15.32.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Superseded by #15.