chore: update rust crate async-graphql to v7.0.10 [security]

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
async-graphql	dependencies	patch	7.0.0 → 7.0.10

GitHub Vulnerability Alerts

CVE-2024-47614

Impact

• Service Disruption: The server may become unresponsive or extremely slow, potentially leading to downtime.
• Resource Exhaustion: Excessive use of server resources, such as CPU and memory, could negatively impact other services running on the same infrastructure.
• User Experience Degradation: Users may experience delays or failures when accessing the service, which could lead to frustration and loss of trust in the service.

Patches

1. Upgrade to v7.0.10
2. Use SchemaBuilder.limit_directives to limit the maximum number of directives for a single field.

---

Release Notes

async-graphql/async-graphql (async-graphql)

v7.0.10

• add SchemeBuilder.limit_directives method to set the maximum number of directives on a single field.
• remove needless ?Sized #​1593
• fix: generate each variant description correctly. #​1589
• Make From<T> for [Error] set source #​1561
• feat(graphiql): add support for WS connection params #​1597

v7.0.9

• add on_ping callback to WebSocket

v7.0.8

• chore: Make Extensions nullable #​1563
• expose rejection in async_graphql_axum #​1571
• Updated crate time to 3.36, as it fixes a compilation error in rust 1.80 #​1572
• Impl Debug for dynamic::FieldValue & Improve error messages for its methods #​1582
• Support scraping #[doc = ...] attributes when generating descriptions #​1581
• add Websocket::keepalive_timeout method to sets a timeout for receiving an acknowledgement of the keep-alive ping.

v7.0.7

Compare Source

• Support raw values from serde_json #​1554
• The custom directive ARGUMENT_DEFINITION is not being output at the appropriate location in SDL #​1559
• Support for JSON extended representations of BSON ObjectId and Uuid #​1542
• feat: get directives from SelectionField #​1548
• Support Directives on Subscriptions #​1500
• fix subscription err typo #​1556

v7.0.6

Compare Source

• add license files to each project #​1523
• Improve alignment of directive behavior with GraphQL spec #​1524
• dynamic schema: pass default vals to ResolverContext #​1527
• Add altair source #​1530
• feat: Add support for using Interface and OneofObject on the same struct #​1534

v7.0.5

Compare Source

• Fix compiler and clippy warnings #​1501
• Added support for deploying to wasm targets with axum - (without subscriptions) #​1517
• Bump opentelemetry (0.21.0 -> 0.22.0) #​1513
• Update lru dependency #​1504
• Support TypeDirective for ArgumentDefinition, Enum, EnumValue, InputFieldDefinition, InputObject, Interface #​1509
• Add display attribute for Enum macro #​1518

v7.0.3

Compare Source

• Sort schema fields & enums if required #​1475
• Change the type_name of EmptySubscription fix #​1435 #​1475
• add Request::set_parsed_query method #​1483
• Upgrade strum to 0.26 #​1485
• Fix validation of non-nullable variables with default values #​1491
• add NextExecute::run_with_data method to attach context data before execution
• feat: add registry method in dynamic::Registry #​1492
• Allow non-scalars to be used as directive arguments #​1493
• fix: add description to __schema introspection result #​1489

v7.0.2

Compare Source

• Fix #[derive(OneofObject)] rejecting enums where the type comes from a macro substitution #​1473
• Optimize object proc-macro codegen #​1470
• Use impl Future instead of async-trait in most traits. #​1468
• Upgrade base64 to 0.21 #​1466
• Standardize space between Args, Lists and Binary items #​1392
• feat: support bigdecimal 0.4.x #​1358

v7.0.1

• Revert heck migration (breaks current schemas)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

✅ Deploy Preview for cynic-querygen-web canceled.

Name	Link
🔨 Latest commit	bcf7e98
🔍 Latest deploy log	https://app.netlify.com/sites/cynic-querygen-web/deploys/6773fdc371580200087d76a3

[netlify]

✅ Deploy Preview for cynic-querygen-web canceled.

Name	Link
🔨 Latest commit	078ecf8
🔍 Latest deploy log	https://app.netlify.com/projects/cynic-querygen-web/deploys/68989345ed73f30008dcb8bf

[netlify]

✅ Deploy Preview for cynic-querygen-web canceled.

Name	Link
🔨 Latest commit	ec487b1
🔍 Latest deploy log	https://app.netlify.com/projects/cynic-querygen-web/deploys/699ed8dbf5780e0007f4b16f