release: on branch next (preview)

.changeset/pre.json

@@ -11,6 +11,7 @@
     "@apollo/subgraph": "2.10.0"
   },
   "changesets": [
+    "five-suits-drum",
     "lucky-pillows-rhyme"
   ]
 }

composition-js/CHANGELOG.md

@@ -1,5 +1,13 @@
 # CHANGELOG for `@apollo/composition`
 
+## 2.11.0-preview.1
+
+### Patch Changes
+
+- Updated dependencies [[`1462c91879d41884c0a7e60551d8dd0d67c832d3`](https://github.com/apollographql/federation/commit/1462c91879d41884c0a7e60551d8dd0d67c832d3)]:
+  - @apollo/query-graphs@2.11.0-preview.1
+  - @apollo/federation-internals@2.11.0-preview.1
+
 ## 2.11.0-preview.0
 
 ### Minor Changes

composition-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@apollo/composition",
-  "version": "2.11.0-preview.0",
+  "version": "2.11.0-preview.1",
   "description": "Apollo Federation composition utilities",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -27,8 +27,8 @@
     "access": "public"
   },
   "dependencies": {
-    "@apollo/federation-internals": "2.11.0-preview.0",
-    "@apollo/query-graphs": "2.11.0-preview.0"
+    "@apollo/federation-internals": "2.11.0-preview.1",
+    "@apollo/query-graphs": "2.11.0-preview.1"
   },
   "peerDependencies": {
     "graphql": "^16.5.0"

federation-integration-testsuite-js/CHANGELOG.md

@@ -1,5 +1,7 @@
 # CHANGELOG for `federation-integration-testsuite-js`
 
+## 2.11.0-preview.1
+
 ## 2.11.0-preview.0
 
 ### Minor Changes

federation-integration-testsuite-js/package.json

@@ -1,7 +1,7 @@
 {
   "name": "apollo-federation-integration-testsuite",
   "private": true,
-  "version": "2.11.0-preview.0",
+  "version": "2.11.0-preview.1",
   "description": "Apollo Federation Integrations / Test Fixtures",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

gateway-js/CHANGELOG.md

@@ -1,5 +1,18 @@
 # CHANGELOG for `@apollo/gateway`
 
+## 2.11.0-preview.1
+
+### Patch Changes
+
+- Corrects a set of denial-of-service (DOS) vulnerabilities that made it possible for an attacker to render gateway inoperable with certain simple query patterns due to uncontrolled resource consumption. All prior-released versions and configurations are vulnerable. ([#3238](https://github.com/apollographql/federation/pull/3238))
+
+  See the associated GitHub Advisories [GHSA-q2f9-x4p4-7xmh](https://github.com/apollographql/federation/security/advisories/GHSA-q2f9-x4p4-7xmh) and [GHSA-p2q6-pwh5-m6jr](https://github.com/apollographql/federation/security/advisories/GHSA-p2q6-pwh5-m6jr) for more information.
+
+- Updated dependencies [[`1462c91879d41884c0a7e60551d8dd0d67c832d3`](https://github.com/apollographql/federation/commit/1462c91879d41884c0a7e60551d8dd0d67c832d3)]:
+  - @apollo/query-planner@2.11.0-preview.1
+  - @apollo/federation-internals@2.11.0-preview.1
+  - @apollo/composition@2.11.0-preview.1
+
 ## 2.11.0-preview.0
 
 ### Minor Changes

gateway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@apollo/gateway",
-  "version": "2.11.0-preview.0",
+  "version": "2.11.0-preview.1",
   "description": "Apollo Gateway",
   "author": "Apollo <packages@apollographql.com>",
   "main": "dist/index.js",
@@ -25,9 +25,9 @@
     "access": "public"
   },
   "dependencies": {
-    "@apollo/composition": "2.11.0-preview.0",
-    "@apollo/federation-internals": "2.11.0-preview.0",
-    "@apollo/query-planner": "2.11.0-preview.0",
+    "@apollo/composition": "2.11.0-preview.1",
+    "@apollo/federation-internals": "2.11.0-preview.1",
+    "@apollo/query-planner": "2.11.0-preview.1",
     "@apollo/server-gateway-interface": "^1.1.0",
     "@apollo/usage-reporting-protobuf": "^4.1.0",
     "@apollo/utils.createhash": "^2.0.0",

internals-js/CHANGELOG.md

@@ -1,5 +1,13 @@
 # CHANGELOG for `@apollo/federation-internals`
 
+## 2.11.0-preview.1
+
+### Patch Changes
+
+- Corrects a set of denial-of-service (DOS) vulnerabilities that made it possible for an attacker to render gateway inoperable with certain simple query patterns due to uncontrolled resource consumption. All prior-released versions and configurations are vulnerable. ([#3238](https://github.com/apollographql/federation/pull/3238))
+
+  See the associated GitHub Advisories [GHSA-q2f9-x4p4-7xmh](https://github.com/apollographql/federation/security/advisories/GHSA-q2f9-x4p4-7xmh) and [GHSA-p2q6-pwh5-m6jr](https://github.com/apollographql/federation/security/advisories/GHSA-p2q6-pwh5-m6jr) for more information.
+
 ## 2.11.0-preview.0
 
 ### Minor Changes

internals-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@apollo/federation-internals",
-  "version": "2.11.0-preview.0",
+  "version": "2.11.0-preview.1",
   "description": "Apollo Federation internal utilities",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

query-graphs-js/CHANGELOG.md

@@ -1,5 +1,16 @@
 # CHANGELOG for `@apollo/query-graphs`
 
+## 2.11.0-preview.1
+
+### Patch Changes
+
+- Corrects a set of denial-of-service (DOS) vulnerabilities that made it possible for an attacker to render gateway inoperable with certain simple query patterns due to uncontrolled resource consumption. All prior-released versions and configurations are vulnerable. ([#3238](https://github.com/apollographql/federation/pull/3238))
+
+  See the associated GitHub Advisories [GHSA-q2f9-x4p4-7xmh](https://github.com/apollographql/federation/security/advisories/GHSA-q2f9-x4p4-7xmh) and [GHSA-p2q6-pwh5-m6jr](https://github.com/apollographql/federation/security/advisories/GHSA-p2q6-pwh5-m6jr) for more information.
+
+- Updated dependencies [[`1462c91879d41884c0a7e60551d8dd0d67c832d3`](https://github.com/apollographql/federation/commit/1462c91879d41884c0a7e60551d8dd0d67c832d3)]:
+  - @apollo/federation-internals@2.11.0-preview.1
+
 ## 2.11.0-preview.0
 
 ### Minor Changes

query-graphs-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@apollo/query-graphs",
-  "version": "2.11.0-preview.0",
+  "version": "2.11.0-preview.1",
   "description": "Apollo Federation library to work with 'query graphs'",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -23,7 +23,7 @@
     "node": ">=14.15.0"
   },
   "dependencies": {
-    "@apollo/federation-internals": "2.11.0-preview.0",
+    "@apollo/federation-internals": "2.11.0-preview.1",
     "deep-equal": "^2.0.5",
     "ts-graphviz": "^1.5.4",
     "uuid": "^9.0.0"

query-planner-js/CHANGELOG.md

@@ -1,5 +1,17 @@
 # CHANGELOG for `@apollo/query-planner`
 
+## 2.11.0-preview.1
+
+### Patch Changes
+
+- Corrects a set of denial-of-service (DOS) vulnerabilities that made it possible for an attacker to render gateway inoperable with certain simple query patterns due to uncontrolled resource consumption. All prior-released versions and configurations are vulnerable. ([#3238](https://github.com/apollographql/federation/pull/3238))
+
+  See the associated GitHub Advisories [GHSA-q2f9-x4p4-7xmh](https://github.com/apollographql/federation/security/advisories/GHSA-q2f9-x4p4-7xmh) and [GHSA-p2q6-pwh5-m6jr](https://github.com/apollographql/federation/security/advisories/GHSA-p2q6-pwh5-m6jr) for more information.
+
+- Updated dependencies [[`1462c91879d41884c0a7e60551d8dd0d67c832d3`](https://github.com/apollographql/federation/commit/1462c91879d41884c0a7e60551d8dd0d67c832d3)]:
+  - @apollo/query-graphs@2.11.0-preview.1
+  - @apollo/federation-internals@2.11.0-preview.1
+
 ## 2.11.0-preview.0
 
 ### Minor Changes

query-planner-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@apollo/query-planner",
-  "version": "2.11.0-preview.0",
+  "version": "2.11.0-preview.1",
   "description": "Apollo Query Planner",
   "author": "Apollo <packages@apollographql.com>",
   "main": "dist/index.js",
@@ -25,8 +25,8 @@
     "access": "public"
   },
   "dependencies": {
-    "@apollo/federation-internals": "2.11.0-preview.0",
-    "@apollo/query-graphs": "2.11.0-preview.0",
+    "@apollo/federation-internals": "2.11.0-preview.1",
+    "@apollo/query-graphs": "2.11.0-preview.1",
     "@apollo/utils.keyvaluecache": "^2.1.0",
     "chalk": "^4.1.0",
     "deep-equal": "^2.0.5",

subgraph-js/CHANGELOG.md

@@ -1,5 +1,12 @@
 # CHANGELOG for `@apollo/subgraph`
 
+## 2.11.0-preview.1
+
+### Patch Changes
+
+- Updated dependencies [[`1462c91879d41884c0a7e60551d8dd0d67c832d3`](https://github.com/apollographql/federation/commit/1462c91879d41884c0a7e60551d8dd0d67c832d3)]:
+  - @apollo/federation-internals@2.11.0-preview.1
+
 ## 2.11.0-preview.0
 
 ### Minor Changes

subgraph-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@apollo/subgraph",
-  "version": "2.11.0-preview.0",
+  "version": "2.11.0-preview.1",
   "description": "Apollo Subgraph Utilities",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -25,7 +25,7 @@
   },
   "dependencies": {
     "@apollo/cache-control-types": "^1.0.2",
-    "@apollo/federation-internals": "2.11.0-preview.0"
+    "@apollo/federation-internals": "2.11.0-preview.1"
   },
   "peerDependencies": {
     "graphql": "^16.5.0"