Bump graphql from 2.2.7 to 2.2.9

[dependabot]

Bumps graphql from 2.2.7 to 2.2.9.

Changelog

Sourced from graphql's changelog.

2.2.9 (15 Feb 2024)

New features

• Complexity: Treat custom Connection fields as metadata (like totalCount), not as if they were evaluated for each item in the list #4842
• Subscriptions: Serialize ActiveRecord::Relations given to .trigger #4840

Bug fixes

• Complexity: apply configured complexity ... to connection fields #4841
• Authorization: properly handle Resolver arguments that return false for #authorized? #4839

2.2.8 (7 Feb 2024)

New features

• Responses have "errors" before "data", as recommended by the GraphQL spec #4823

Bug fixes

• Sentry: fix integration with other trace modules #4830
• Sentry: fix when child span is nil (test environments) #4828
• Remove needless Base64 backport #4820
• Fix module arrangement to support RDoc #4819

Commits

• 9750037 2.2.9
• 0344807 Merge pull request #4682 from fwolfst/patch-2
• 249a40a Update guides/authorization/authorization.md
• d5e1045 Merge pull request #4842 from rmosolgo/connection-metadata-complexity-fix
• 8e2b8d6 Treat all connection subfields except nodes and edges as metadata
• c077afc Merge pull request #4841 from rmosolgo/connection-resolver-complexity-fix
• 5c0b46c Merge pull request #4840 from rmosolgo/serialize-active-record-relations
• 88c9304 Apply configured complexity to connection fields
• 4587bfa Fix rails test setup
• 30d9b2d Merge pull request #4839 from rmosolgo/fix-argument-authorization
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarcloud]

Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (f8c2197) 100.00% compared to head (2552aaa) 100.00%.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #120   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           22        22           
  Lines          211       211           
=========================================
  Hits           211       211           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[dependabot]

Superseded by #121.