Skip to content

chore: bump webonyx/graphql-php from 15.31.5 to 15.32.3#882

Merged
jaredhendrickson13 merged 2 commits intomasterfrom
dependabot/composer/master/webonyx/graphql-php-15.32.3
May 4, 2026
Merged

chore: bump webonyx/graphql-php from 15.31.5 to 15.32.3#882
jaredhendrickson13 merged 2 commits intomasterfrom
dependabot/composer/master/webonyx/graphql-php-15.32.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026
edited
Loading

Bumps webonyx/graphql-php from 15.31.5 to 15.32.3.

Release notes

Sourced from webonyx/graphql-php's releases.

v15.32.3

Fixed

  • Denial of Service via stack overflow from deeply nested queries in the parser GHSA-r7cg-qjjm-xhqq

v15.32.2

Fixed

  • Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validation through inline fragments GHSA-fc86-6rv6-2jpm

v15.32.1

Fix "Cannot traverse an already closed generator" in Schema::getTypeMap() webonyx/graphql-php#1903

v15.32.0

Added

Changelog

Sourced from webonyx/graphql-php's changelog.

v15.32.3

Fixed

  • Denial of Service via stack overflow from deeply nested queries in the parser GHSA-r7cg-qjjm-xhqq

v15.32.2

Fixed

  • Denial of Service via quadratic complexity in OverlappingFieldsCanBeMerged validation through inline fragments GHSA-fc86-6rv6-2jpm

v15.32.1

Fixed

v15.32.0

Added

Commits
  • 993bf0b Release v15.32.3
  • 6c1d600 Address review findings
  • 7b7f208 Add recursion depth limit to prevent stack overflow
  • 8d0f1c5 Release v15.32.2
  • 996adcf Add comparison budget to OverlappingFieldsCanBeMerged
  • ff116ea Document security scope to reduce low-quality advisory submissions
  • 2711a1e Use v4 tag format for ramsey/composer-install action
  • 3874d60 Update ramsey/composer-install action to v4
  • 2340e43 Update dependency phpstan/phpstan to v2.1.51 (#1904)
  • 8405df9 Update dependency phpstan/phpstan to v2.1.50 (#1899)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file php Pull requests that update Php code labels May 1, 2026
@dependabot
chore: bump webonyx/graphql-php from 15.31.5 to 15.32.3
f9adf78 
Bumps [webonyx/graphql-php](https://github.com/webonyx/graphql-php) from 15.31.5 to 15.32.3.
- [Release notes](https://github.com/webonyx/graphql-php/releases)
- [Changelog](https://github.com/webonyx/graphql-php/blob/master/CHANGELOG.md)
- [Commits](webonyx/graphql-php@v15.31.5...v15.32.3)

---
updated-dependencies:
- dependency-name: webonyx/graphql-php
  dependency-version: 15.32.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/composer/master/webonyx/graphql-php-15.32.3 branch from 0568990 to f9adf78 Compare May 2, 2026 13:49
@jaredhendrickson13 jaredhendrickson13 enabled auto-merge (squash) May 4, 2026 18:14
@jaredhendrickson13 jaredhendrickson13 merged commit 39230cb into master May 4, 2026
14 checks passed
@dependabot dependabot Bot deleted the dependabot/composer/master/webonyx/graphql-php-15.32.3 branch May 4, 2026 19:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jaredhendrickson13 jaredhendrickson13 jaredhendrickson13 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file php Pull requests that update Php code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jaredhendrickson13