Upcoming Release Changes (#7994)

2026-04-21 06:37:15 +00:00 · 2026-04-17 10:16:47 +03:00 · 2026-04-17 10:16:47 +03:00 · 64e7fed1d4
commit 64e7fed1d4
parent a71b45bf76
22 changed files with 117 additions and 91 deletions
--- a/.changeset/all-pumas-shine.md
+++ b/.changeset/all-pumas-shine.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Address vulnerability [GHSA-72c6-fx6q-fr5w](https://github.com/advisories/GHSA-72c6-fx6q-fr5w).
--- a/.changeset/breezy-signs-fly.md
+++ b/.changeset/breezy-signs-fly.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Address vulnerability [GHSA-247c-9743-5963](https://github.com/advisories/GHSA-247c-9743-5963).
--- a/.changeset/bright-buses-say.md
+++ b/.changeset/bright-buses-say.md
@ -1,6 +0,0 @@
---
-'hive': patch
---
-
-Update [`nodemailer`](https://github.com/nodemailer/nodemailer) to address vulnerability
-[GHSA-vvjj-xcjg-gr5g](https://github.com/advisories/GHSA-vvjj-xcjg-gr5g).
--- a/.changeset/chilly-ducks-check.md
+++ b/.changeset/chilly-ducks-check.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Address vulnerability [GHSA-v9ww-2j6r-98q6](https://github.com/advisories/GHSA-v9ww-2j6r-98q6).
--- a/.changeset/curly-pumas-carry.md
+++ b/.changeset/curly-pumas-carry.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-address vulnerability [GHSA-r4q5-vmmm-2653](https://github.com/advisories/GHSA-r4q5-vmmm-2653)
--- a/.changeset/deep-lies-happen.md
+++ b/.changeset/deep-lies-happen.md
@ -1,13 +0,0 @@
---
-'hive': patch
---
-
-Fix schema contract composition applying `@inaccessible` on the federation types `ContextArgument` and `FieldValue` on the supergraph SDL.
-
-This mitigates the following error in apollo-router upon processing the supergraph:
-
-```
-could not create router: Api error(s): The supergraph schema failed to produce a valid API schema: The following errors occurred:
-  - Core feature type `join__ContextArgument` cannot use @inaccessible.
-  - Core feature type `join__FieldValue` cannot use @inaccessible.
-```
--- a/.changeset/dull-mails-deny.md
+++ b/.changeset/dull-mails-deny.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Address vulnerability [GHSA-xq3m-2v4x-88gg](https://github.com/advisories/GHSA-xq3m-2v4x-88gg).
--- a/.changeset/evil-results-rhyme.md
+++ b/.changeset/evil-results-rhyme.md
@ -1,7 +0,0 @@
---
-'@graphql-hive/laboratory': patch
-'@graphql-hive/render-laboratory': patch
---
-
-Implemented functionality that allows to have multiple queries in same operation while working only
-with focused one (run button, query builder)
--- a/.changeset/famous-paws-sell.md
+++ b/.changeset/famous-paws-sell.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Add schema linting support for type extensions
--- a/.changeset/few-rules-accept.md
+++ b/.changeset/few-rules-accept.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Address vulnerability [CVE-2026-6414](https://github.com/advisories/GHSA-x428-ghpx-8j92).
--- a/.changeset/pretty-peaches-stick.md
+++ b/.changeset/pretty-peaches-stick.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Address vulnerability [GHSA-39q2-94rc-95cp](https://github.com/advisories/GHSA-39q2-94rc-95cp).
--- a/.changeset/rare-ads-grin.md
+++ b/.changeset/rare-ads-grin.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Address vulnerability [GHSA-fvcv-3m26-pcqx](https://github.com/advisories/GHSA-fvcv-3m26-pcqx).
--- a/.changeset/slow-eyes-fly.md
+++ b/.changeset/slow-eyes-fly.md
@ -1,5 +0,0 @@
---
-'hive': patch
---
-
-Address vulnerability [CVE-2026-6410](https://github.com/advisories/GHSA-pr96-94w5-mx2h).
--- a/.changeset/stale-cooks-talk.md
+++ b/.changeset/stale-cooks-talk.md
@ -1,6 +0,0 @@
---
-'hive': patch
---
-
-Update [`opentelemetry-go`](https://github.com/open-telemetry/opentelemetry-go) to address vulnerability
-[CVE-2026-39883](https://github.com/advisories/GHSA-hfvc-g4fc-pqhx).
--- a/.changeset/true-foxes-happen.md
+++ b/.changeset/true-foxes-happen.md
@ -1,6 +0,0 @@
---
-'@graphql-hive/laboratory': patch
-'@graphql-hive/render-laboratory': patch
---
-
-Hive Laboratory renders Hive Router query plan if included in response extensions
--- a/.gitignore
+++ b/.gitignore
@ -142,3 +142,4 @@ docker/docker-compose.override.yml
 test-results/

 target
+Cargo.lock
--- a/deployment/CHANGELOG.md
+++ b/deployment/CHANGELOG.md
@ -1,5 +1,83 @@
 # hive

+## 11.0.3
+
+### Patch Changes
+
+- [#7993](https://github.com/graphql-hive/console/pull/7993)
+  [`730771f`](https://github.com/graphql-hive/console/commit/730771fb503fd91974c1494944cd5426cf74a552)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Address vulnerability
+  [GHSA-72c6-fx6q-fr5w](https://github.com/advisories/GHSA-72c6-fx6q-fr5w).
+
+- [#7988](https://github.com/graphql-hive/console/pull/7988)
+  [`d7e7025`](https://github.com/graphql-hive/console/commit/d7e7025624ba66459515778c0724a58397a5f1b4)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Address vulnerability
+  [GHSA-247c-9743-5963](https://github.com/advisories/GHSA-247c-9743-5963).
+
+- [#7961](https://github.com/graphql-hive/console/pull/7961)
+  [`40fd27d`](https://github.com/graphql-hive/console/commit/40fd27d9c060df5417c18c750b02af65451e5323)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Update
+  [`nodemailer`](https://github.com/nodemailer/nodemailer) to address vulnerability
+  [GHSA-vvjj-xcjg-gr5g](https://github.com/advisories/GHSA-vvjj-xcjg-gr5g).
+
+- [#7993](https://github.com/graphql-hive/console/pull/7993)
+  [`730771f`](https://github.com/graphql-hive/console/commit/730771fb503fd91974c1494944cd5426cf74a552)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Address vulnerability
+  [GHSA-v9ww-2j6r-98q6](https://github.com/advisories/GHSA-v9ww-2j6r-98q6).
+
+- [#7976](https://github.com/graphql-hive/console/pull/7976)
+  [`ed9ab34`](https://github.com/graphql-hive/console/commit/ed9ab34c705be4b7946dfcbede91926f00f1ed4a)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - address vulnerability
+  [GHSA-r4q5-vmmm-2653](https://github.com/advisories/GHSA-r4q5-vmmm-2653)
+
+- [#7967](https://github.com/graphql-hive/console/pull/7967)
+  [`9708f71`](https://github.com/graphql-hive/console/commit/9708f71aa3e6dcd613f3877a0777c1e72710b200)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Fix schema contract composition applying
+  `@inaccessible` on the federation types `ContextArgument` and `FieldValue` on the supergraph SDL.
+
+  This mitigates the following error in apollo-router upon processing the supergraph:
+
+  ```
+  could not create router: Api error(s): The supergraph schema failed to produce a valid API schema: The following errors occurred:
+    - Core feature type `join__ContextArgument` cannot use @inaccessible.
+    - Core feature type `join__FieldValue` cannot use @inaccessible.
+  ```
+
+- [#7993](https://github.com/graphql-hive/console/pull/7993)
+  [`730771f`](https://github.com/graphql-hive/console/commit/730771fb503fd91974c1494944cd5426cf74a552)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Address vulnerability
+  [GHSA-xq3m-2v4x-88gg](https://github.com/advisories/GHSA-xq3m-2v4x-88gg).
+
+- [#7978](https://github.com/graphql-hive/console/pull/7978)
+  [`9c6989c`](https://github.com/graphql-hive/console/commit/9c6989cd929df3b071cba2c5652cc18988127897)
+  Thanks [@jdolle](https://github.com/jdolle)! - Add schema linting support for type extensions
+
+- [#7993](https://github.com/graphql-hive/console/pull/7993)
+  [`730771f`](https://github.com/graphql-hive/console/commit/730771fb503fd91974c1494944cd5426cf74a552)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Address vulnerability
+  [CVE-2026-6414](https://github.com/advisories/GHSA-x428-ghpx-8j92).
+
+- [#7988](https://github.com/graphql-hive/console/pull/7988)
+  [`d7e7025`](https://github.com/graphql-hive/console/commit/d7e7025624ba66459515778c0724a58397a5f1b4)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Address vulnerability
+  [GHSA-39q2-94rc-95cp](https://github.com/advisories/GHSA-39q2-94rc-95cp).
+
+- [#7980](https://github.com/graphql-hive/console/pull/7980)
+  [`c46b2f2`](https://github.com/graphql-hive/console/commit/c46b2f221936ca60e49bce3a2fea25bb40378266)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Address vulnerability
+  [GHSA-fvcv-3m26-pcqx](https://github.com/advisories/GHSA-fvcv-3m26-pcqx).
+
+- [#7993](https://github.com/graphql-hive/console/pull/7993)
+  [`730771f`](https://github.com/graphql-hive/console/commit/730771fb503fd91974c1494944cd5426cf74a552)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Address vulnerability
+  [CVE-2026-6410](https://github.com/advisories/GHSA-pr96-94w5-mx2h).
+
+- [#7961](https://github.com/graphql-hive/console/pull/7961)
+  [`40fd27d`](https://github.com/graphql-hive/console/commit/40fd27d9c060df5417c18c750b02af65451e5323)
+  Thanks [@n1ru4l](https://github.com/n1ru4l)! - Update
+  [`opentelemetry-go`](https://github.com/open-telemetry/opentelemetry-go) to address vulnerability
+  [CVE-2026-39883](https://github.com/advisories/GHSA-hfvc-g4fc-pqhx).
+
 ## 11.0.2

 ### Patch Changes
--- a/deployment/package.json
+++ b/deployment/package.json
@ -1,6 +1,6 @@
 {
  "name": "hive",
-  "version": "11.0.2",
+  "version": "11.0.3",
  "private": true,
  "scripts": {
    "generate": "tsx generate.ts",
--- a/packages/libraries/laboratory/CHANGELOG.md
+++ b/packages/libraries/laboratory/CHANGELOG.md
@ -1,5 +1,20 @@
 # @graphql-hive/laboratory

+## 0.1.4
+
+### Patch Changes
+
+- [#7963](https://github.com/graphql-hive/console/pull/7963)
+  [`4a8bd4f`](https://github.com/graphql-hive/console/commit/4a8bd4fd1b4fbb34076e97d06ed1341432de451d)
+  Thanks [@mskorokhodov](https://github.com/mskorokhodov)! - Implemented functionality that allows
+  to have multiple queries in same operation while working only with focused one (run button, query
+  builder)
+
+- [#7892](https://github.com/graphql-hive/console/pull/7892)
+  [`fab4b03`](https://github.com/graphql-hive/console/commit/fab4b03ace2ff20759bbcd33465d00a5cbbc4c97)
+  Thanks [@mskorokhodov](https://github.com/mskorokhodov)! - Hive Laboratory renders Hive Router
+  query plan if included in response extensions
+
 ## 0.1.3

 ### Patch Changes
--- a/packages/libraries/laboratory/package.json
+++ b/packages/libraries/laboratory/package.json
@ -1,6 +1,6 @@
 {
  "name": "@graphql-hive/laboratory",
-  "version": "0.1.3",
+  "version": "0.1.4",
  "type": "module",
  "license": "MIT",
  "main": "./dist/hive-laboratory.cjs.js",
--- a/packages/libraries/render-laboratory/CHANGELOG.md
+++ b/packages/libraries/render-laboratory/CHANGELOG.md
@ -1,5 +1,25 @@
 # @graphql-yoga/render-graphiql

+## 0.1.4
+
+### Patch Changes
+
+- [#7963](https://github.com/graphql-hive/console/pull/7963)
+  [`4a8bd4f`](https://github.com/graphql-hive/console/commit/4a8bd4fd1b4fbb34076e97d06ed1341432de451d)
+  Thanks [@mskorokhodov](https://github.com/mskorokhodov)! - Implemented functionality that allows
+  to have multiple queries in same operation while working only with focused one (run button, query
+  builder)
+
+- [#7892](https://github.com/graphql-hive/console/pull/7892)
+  [`fab4b03`](https://github.com/graphql-hive/console/commit/fab4b03ace2ff20759bbcd33465d00a5cbbc4c97)
+  Thanks [@mskorokhodov](https://github.com/mskorokhodov)! - Hive Laboratory renders Hive Router
+  query plan if included in response extensions
+
+- Updated dependencies
+  [[`4a8bd4f`](https://github.com/graphql-hive/console/commit/4a8bd4fd1b4fbb34076e97d06ed1341432de451d),
+  [`fab4b03`](https://github.com/graphql-hive/console/commit/fab4b03ace2ff20759bbcd33465d00a5cbbc4c97)]:
+  - @graphql-hive/laboratory@0.1.4
+
 ## 0.1.3

 ### Patch Changes
--- a/packages/libraries/render-laboratory/package.json
+++ b/packages/libraries/render-laboratory/package.json
@ -1,6 +1,6 @@
 {
  "name": "@graphql-hive/render-laboratory",
-  "version": "0.1.3",
+  "version": "0.1.4",
  "type": "module",
  "description": "",
  "repository": {