build(deps): bump apollo-server from 2.11.0 to 2.13.1 in /backend

Created by: Tirokk

Authored by dependabot-preview[bot] May 12, 2020 Closed May 28, 2020

---

Bumps apollo-server from 2.11.0 to 2.13.1.

Changelog

Sourced from apollo-server's changelog.

CHANGELOG

The version headers in this history reflect the versions of Apollo Server itself. Versions of other packages (e.g. which are not actual HTTP integrations; packages not prefixed with apollo-server) may use different versions. For more details, check the publish commit for that version in the Git history, or check the individual CHANGELOGs for specific packages which are maintained separately:

• CHANGELOG for @apollo/gateway
• CHANGELOG for @apollo/federation

vNEXT

The changes noted within this vNEXT section have not been released yet. New PRs and commits which introduce changes should include an entry in this vNEXT section as part of their development. When a release is being prepared, a new header will be (manually) created below and the appropriate changes within that release will be moved into the new section.

• Nothing yet! Stay tuned!

v2.13.0

See complete versioning details.

• Allow passing a WebSocket.Server to ApolloServer.installSubscriptionHandlers. [PR #2314](apollographql/apollo-server#2314)
• apollo-server-lambda: Support file uploads on AWS Lambda [Issue #1419](apollographql/apollo-server#1419) [Issue #1703](apollographql/apollo-server#1703) [PR #3926](apollographql/apollo-server#3926)
• apollo-engine-reporting: Fix inadvertant conditional formatting which prevented automated persisted query (APQ) hits and misses from being reported to Apollo Graph Manager. [PR #3986](apollographql/apollo-server#3986)
• apollo-engine-reporting: Deprecate the ENGINE_API_KEY environment variable in favor of its new name, APOLLO_KEY. Continued use of ENGINE_API_KEY will result in deprecation warnings and support for it will be removed in a future major version. #3923
• apollo-engine-reporting: Deprecated the APOLLO_SCHEMA_TAG environment variable in favor of its new name, APOLLO_GRAPH_VARIANT. Similarly, within the engine configuration object, the schemaTag property has been renamed graphVariant. The functionality remains otherwise unchanged, but their new names mirror the name used within Apollo Graph Manager. Continued use of the now-deprecated names will result in deprecation warnings and support will be dropped completely in the next "major" update. To avoid misconfiguration, a runtime error will be thrown if both new and deprecated names are set. [PR #3855](apollographql/apollo-server#3855)
• apollo-engine-reporting-protobuf: (This is a breaking change only if you directly depend on apollo-engine-reporting-protobuf.) Drop legacy fields that were never used by apollo-engine-reporting. Added new fields StatsContext to allow apollo-server to send summary stats instead of full traces, and renamed FullTracesReport to Report and Traces to TracesAndStats since reports now can include stats as well as traces.

v2.12.0

See complete versioning details.

• apollo-server-core: Support providing a custom logger implementation (e.g. winston, bunyan, etc.) to capture server console messages. Though there has historically been limited output from Apollo Server, some messages are important to capture in the larger context of production logging facilities or can benefit from using more advanced structure, like JSON-based logging. This also introduces a logger property to the GraphQLRequestContext that is exposed to plugins, making it possible for plugins to leverage the same server-level logger, and allowing implementors to create request-specific log contexts, if desired. When not provided, these will still output to console. [PR #3894](apollographql/apollo-server#3894)
• apollo-server-core: When operating in gateway mode using the gateway property of the Apollo Server constructor options, the failure to initialize a schema during initial start-up, e.g. connectivity problems, will no longer result in the federated executor from being assigned when the schema eventually becomes available. This precludes a state where the gateway may never become available to serve federated requests, even when failure conditions are no longer present. [PR #3811](apollographql/apollo-server#3811)
• apollo-server-core: Prevent a condition which prefixed an error message on each request when the initial gateway initialization resulted in a Promise-rejection which was memoized and re-prepended with Invalid options provided to ApolloServer: on each request. [PR #3811](apollographql/apollo-server#3811)
• apollo-server-express: Disable the automatic inclusion of the x-powered-by: express header. [PR #3821](apollographql/apollo-server#3821)
• apollo-engine-reporting: Avoid creating new arrays when building trace trees. [PR #3479](apollographql/apollo-server#3479)
• apollo-server-core: Bump graphql peerDependencies range to include ^15.0.0. [PR #3944](apollographql/apollo-server#3944)

Commits

• 05df079 Release
• 8b6517c Release
• c859219 [AS-252] gateway: normalize root operation types in reporting (#4100)
• 2d0cf8c test: Fix error expectation which is resolver implementation dependent.
• e6bb91c chore(deps): update dependency @types/ioredis to v4.16.1 (#4090)
• 626c4b6 Release
• e0858d8 fix(gateway): Correctly handle unions with nested conditions that have no `po...
• 6535fcf chore(deps): update dependency @apollographql/apollo-tools to v0.4.8 (#4075)
• e544af1 docs: Embed Space Camp talk in "Federation overview" (#4070)
• 39f8871 Remove inadvertent lerna "conventional commit" CHANGELOG changes.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)