Bump graphql from 2.4.11 to 2.4.15

[dependabot]

Bumps graphql from 2.4.11 to 2.4.15.

Changelog

Sourced from graphql's changelog.

2.4.15 (19 Mar 2025)

New features

• Schema.from_definition: support custom base type classes #5282
• Schema.from_definition: support type extensions #5281

Bug fixes

• Handle GraphQL::ExecutionError from resolve_type #5274
• Backtrace: handle inline fragments # 5274
• run_graphql_field: fix when .authorized? calls Dataloader #5289
• InputObject: run validators even when custom def prepare is present #5285
• Multiplex: don't attempt to execute zero queries #5278

2.4.14 (13 Mar 2025)

Bug fixes

• New Relic tracing: fix dataloaded, skipped scalars #5277

2.4.13 (12 Mar 2025)

• Security: Fix CVE-2025-27407

2.4.12 (11 Mar 2025)

Breaking changes

• Remove InvalidNullError#value which is always nil #5256

New features

• validate_timeout is 3 seconds by default #5258

Bug fixes

• New Relic: reimplement skipping scalars by default #5271
• Resolver: revert inheriting overridden graphql_name #5260
• Analysis: manually implement timeout to handle I/O better #5263
• Parser: properly handle extra token at the end of the query string #5267
• Validation: fix conflicting aliases inside fragment #5268

Commits

• 6120645 2.4.15
• d286f92 Merge pull request #5289 from rmosolgo/test-helpers-authorize-dataloader
• 67dba63 Fix object shape test
• 420d35b Fix run_graphql_field when .authorized? uses Dataloader
• fcbfa86 Merge pull request #5274 from xuanduc987/push-c23315765c0e7ae94f164f369e5d0729
• 528fa5e Merge pull request #5285 from rmosolgo/one-of-prepare-fix
• 765dfb0 Merge branch 'master' into one-of-prepare-fix
• 0baf584 Use a gemfile for pronto action
• b5f104c Merge branch 'master' into one-of-prepare-fix
• b6985fd Add ruby-version to pronto action
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[netlify]

✅ Deploy Preview for up-for-grabs-test-bench ready!

Name	Link
🔨 Latest commit	263a7e4
🔍 Latest deploy log	https://app.netlify.com/sites/up-for-grabs-test-bench/deploys/67e0c0b0510d36000800dd1a
😎 Deploy Preview	https://deploy-preview-5131--up-for-grabs-test-bench.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[shiftbot]

👋 I'm a robot checking the state of this pull request to save the human reviewers time. I don't see any changes under _data/projects/ so I don't have any feedback here.

As you make changes to this pull request, I'll re-run these checks.

[dependabot]

Superseded by #5150.