Bump apollo-server from 2.5.1 to 2.6.1 in /backend

Created by: Tirokk

Authored by dependabot-preview[bot] Jun 3, 2019 Merged Jun 3, 2019

---

Bumps apollo-server from 2.5.1 to 2.6.1.

Changelog

Sourced from apollo-server's changelog.

v2.6.1

• Revert: Don't add cacheControl directive if one has already been defined. Presently, although the TypeScript don't suggest it, passing a String as typeDefs to ApolloServer is supported and this would be a breaking change for non-TypeScript users. [PR #2428](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2428)

v2.6.0

• apollo-server-core: Introduce new didEncounterErrors life-cycle hook which has access to unformatted errors property on the requestContext, which is the first positional paramater that this new request life-cycle receives. [PR #2719](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2719)
• apollo-server-core: Allow request pipeline life-cycle hooks (i.e. plugins) to modify the response's http.status code (an integer) in the event of an error. When combined with the new didEncounterErrors life-cycle hook (see above), this will allow modifying the HTTP status code in the event of an error. [PR #2714](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2714)
• apollo-server-lambda: Set callbackWaitsForEmptyEventLoop to false for OPTIONS requests to return as soon as the callback is triggered instead of waiting for the event loop to empty. [PR #2638](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2638)
• apollo-server: Support onHealthCheck in the ApolloServer constructor in the same way as cors is supported. This contrasts with the -express, -hapi, etc. variations which accept this parameter via their applyMiddleware methods and will remain as-is. [PR #2672](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2672)
• core: Expose SHA-512 hex hash digest of the Engine API key to plugins, when available, as engine.apiKeyHash. [PR #2685](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2685) [PR #2736](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2736)
• apollo-datasource-rest: If another Content-type is already set on the response, don't overwrite it with application/json, allowing the user's initial Content-type to prevail. [PR #2520](https://github-redirect.dependabot.com/apollographql/apollo-server/issues/2035)
• Don't add cacheControl directive if one has already been defined. [PR #2428](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2428)
• apollo-cache-control: Do not respond with Cache-control headers if the HTTP response contains errors. [PR #2715](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2715)
• apollo-server-core: Skip loading util.promifisy polyfill in Node.js engines >= 8.0 [PR #2278](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2278)
• apollo-server-core: Lazy load subscriptions-transport-ws in core [PR #2278](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/2278)
• apollo-server-cache-redis: BREAKING FOR USERS OF apollo-server-cache-redis (This is a package that must be updated separately but shares the same CHANGELOG.md with Apollo Server itself.) A new major version of this package has been published and updated to support Redis Standalone, Cluster and Sentinel modes. This is a breaking change since it is now based on ioredis instead of node_redis. Although this update is compatible with the most common uses of apollo-server-cache-redis, please check the options supported by ioredis while updating to this version. The constructor options are passed directly from RedisCache to the new Redis adapter. The pre-1.0 versions should continue to work with Apollo Server without modification. [PR #1770](https://github-redirect.dependabot.com/apollographql/apollo-server/pull/1770)

Commits

• 77b0441 Publish
• 08d73ed Preparation for final 2.6.1 release.
• acaac3c Publish
• 6adec0a Add CHANGELOG.md for breaking change inadvertently introduced in 2.6.0.
• c742335 Revert "Avoid duplicate cacheControl directives via isDirectiveDefined (#...
• dcab646 Publish
• f6319d2 Empty commit for final release.
• cfdac53 Publish
• 10c727b Promote to RC.
• fdcd0d2 Publish
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.