Update graphql requirement from >= 1.10, < 1.13 to >= 1.10, < 2.1

[dependabot]

Updates the requirements on graphql to permit the latest version.

Changelog

Sourced from graphql's changelog.

1.13.9 (9 February 2022)

Breaking changes

• Authorization: #3903 In graphql-ruby v1.12.17-1.13.8, when input objects used prepare: -> { ... } , the returned values were not authorized at all. However, this release goes back to the behavior from 1.12.16 and before, where a returned Hash is validated just like an input object that didn't have a prepare: hook. To get the previous behavior, you can implement def self.authorized? in the input object you want to skip authorization in:

  class Types::BaseInputObject < GraphQL::Schema::InputObject
    def self.authorized?(obj, value, ctx)
      if value.is_a?(self)
        super
      else
        true # graphql-ruby skipped auth in this case for v1.12.17-v1.13.8
      end
    end
  end

Bug fixes

• Support re-setting query.validate = ... after a query is initialized #3881
• Handle validation errors in connection complexity calculations #3906
• Input Objects: try to authorize values when prepare: returns a Hash (this was default < v1.12.16) #3903
• SDL: fix when a type has two directives

1.13.8 (1 February 2022)

Bug fixes

• Introspection query: hide newly-supported fields behind arguments, maintain backwards-compatible INTROSPECTION_QUERY #3877

1.13.7 (28 January 2022)

New Features

• Arguments: replace_null_with_default: true replaces incoming nulls with the configured default_value: #3871
• Arguments: support dig: [key1, key2, ...] for nested hash key access #3856
• Generators: support more Postgresql field types #3577
• Generators: support downcased generator argument types #3577
• Generators: add an input type generator #3577
• Generators: support namespaces in generators #3577

Bug Fixes

• Field: better error for nil owner #3870
• ISO8601DateTime: don't accept inputs with partial time parts #3862
• SDL: fix for base connection classes that implement interfaces #3859
• Cops: find required: true on f.argument calls (with explicit receiver) #3858
• Analysis: handle undefined or hidden fields with nil in visitor.field_definition #3857

... (truncated)

Commits

• 044e85b 1.13.9
• c6e9d67 Merge pull request #3906 from rmosolgo/1.13-connection-complexity-validate-fix
• cfe62c3 Fix lint error
• fc0a11b Merge pull request #3903 from rmosolgo/1.13-authorize-hashes
• 7954444 Handle validation errors on connection complexity
• f63733a Input objects: authorize anything that responds to .key?
• a9d38d5 Merge pull request #3885 from rmosolgo/1.13-fix-merge-directives
• c342f91 SDL: Fix having two directives on the same type
• a4cfb6a 1.13.8
• 59f2cd3 Merge pull request #3877 from rmosolgo/make-introspection-query-backwards-com...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It might be closed if no further activity occurs. Thank you for your contributions.

[dependabot]

Superseded by #211.