chore(deps): update module github.com/vektah/gqlparser/v2 to v2.5.14 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/vektah/gqlparser/v2	v2.5.11 -> v2.5.14

GitHub Vulnerability Alerts

CVE-2023-49559

An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function.

---

Release Notes

vektah/gqlparser (github.com/vektah/gqlparser/v2)

v2.5.14

Compare Source

What's Changed

• Add ParseQueryWithLimit by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/304

Full Changelog: vektah/gqlparser@v2.5.13...v2.5.14

v2.5.13

Compare Source

What's Changed

• Bump the actions-deps group in /validator/imported with 6 updates by @​dependabot in https://github.com/vektah/gqlparser/pull/298
• Bump prettier from 3.2.5 to 3.3.0 in /validator/imported in the actions-deps group by @​dependabot in https://github.com/vektah/gqlparser/pull/299
• Bump the actions-deps group in /validator/imported with 7 updates by @​dependabot in https://github.com/vektah/gqlparser/pull/301
• Bump braces from 3.0.2 to 3.0.3 in /validator/imported by @​dependabot in https://github.com/vektah/gqlparser/pull/302
• Token limit fix CVE-2023-49559 by @​uvzz in https://github.com/vektah/gqlparser/pull/291

New Contributors

• @​uvzz made their first contribution in https://github.com/vektah/gqlparser/pull/291

Full Changelog: vektah/gqlparser@v2.5.12...v2.5.13

v2.5.12

Compare Source

What's Changed

• Disallow empty parens (#​292). by @​yuchenshi in https://github.com/vektah/gqlparser/pull/293
• WithBuiltin FormatterOption added by @​atzedus in https://github.com/vektah/gqlparser/pull/294
• Redo github actions by @​StevenACoffman in https://github.com/vektah/gqlparser/pull/295
• Bump github.com/stretchr/testify from 1.4.0 to 1.9.0 in the actions-deps group by @​dependabot in https://github.com/vektah/gqlparser/pull/296
• Bump the actions-deps group in /validator/imported with 8 updates by @​dependabot in https://github.com/vektah/gqlparser/pull/297

New Contributors

• @​yuchenshi made their first contribution in https://github.com/vektah/gqlparser/pull/293

Full Changelog: vektah/gqlparser@v2.5.11...v2.5.12

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: scanner/nvd/go.sum

Command failed: install-tool golang 1.21.13

[drochow]

@MR2011 Why do we have dependabot and renovate running?

[drochow]

Closing this one as its addressed in separate PR from dependabot

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v2.5.14). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.