chore(deps-dev): bump @graphql-mesh/runtime from 0.99.8 to 0.99.11 in /modules/web

[dependabot]

Bumps @graphql-mesh/runtime from 0.99.8 to 0.99.11.

Changelog

Sourced from @​graphql-mesh/runtime's changelog.

0.99.11

Patch Changes

• #7145 7544594 Thanks @​Author, @​User! - New Federation Composition Approach for the new Mesh v1 alpha; (If you are using Mesh v0 legacy, ignore this changelog)

  Now Mesh Compose produces a superset of Federated Supergraph.

  • Drop any options and implementation related to the old fusiongraph
  • • The output is a valid supergraph that can be consumed by any Federation router. But if it is not Mesh Serve, the subgraph should still be served via Mesh Serve then consumed by that Federation router. If it is Mesh Serve, no additional server is needed because Mesh Serve already knows the additional directives etc of the transports
  • Compose the subgraphs using @theguild/federation-composition package
  • • So benefit from the validation rules of Federation in Mesh Compose
  • Ability to consume existing federated subgraphs
  • • Since the composition is now Federation, we can accept any federated subgraph
  • Implement Federation transform to transform any subgraph to a federated subgraph by adding Federation directives (v2 only) . This is on user's own because they add the directives manually. And for __resolveReference, we use @merge directive to mark a root field as an entity resolver for Federation
  • Use additional @source directive to consume transforms on the subgraph execution (field renames etc)
  • Use additional @resolveTo directive to consume additional stitched resolvers
  • Use additional @transport directive to choose and configure a specific transport for subgraphs
  • Handle unsupported additional directives with another set of additional directives on Query for example directives on unions, schema definitions, enum values etc and then @extraUnionDirective added with missing directives for unions then on the runtime these directives are added back to the union for the subgraph execution of the transports.

  Basically Mesh Compose uses Federation spec for composition, validation and runtime BUT the output is a superset with these additional directives imported via @composeDirective;

  • @merge (Taken from Stitching Directives) If a custom entity resolver is defined for a root field like below, the gateway will pick it up as an entity resolver;

  type Query {
     fooById(id: ID!): Foo @merge(keyField: 'id', keyArg: 'id', subgraph: Foo)
  }

  • @resolveTo (Taken from v0) This allows to delegate to a field in any subgraph just like Schema Extensions in old Schema Stitching approach;

... (truncated)

Commits

• 1b77adf chore(release): update monorepo packages versions (#7156)
• 7544594 [v1]: Fed composition (#7145)
• 0be7a52 chore(release): update monorepo packages versions (#7141)
• 6a99c52 chore(deps): update all non-major dependencies (#7140)
• c78d1eb chore(release): update monorepo packages versions (#7111)
• 88d6232 Refactor the runtime (#7054)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[k8s-ci-robot]

Keywords which can automatically close issues and at(@) or hashtag(#) mentions are not allowed in commit messages.

The list of commits with invalid commit messages:

• 05016fa chore(deps-dev): bump @graphql-mesh/runtime in /modules/web

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[k8s-ci-robot]

Keywords which can automatically close issues and at(@) mentions are not allowed in the title of a Pull Request.

You can edit the title by writing /retitle in a comment.

When GitHub merges a Pull Request, the title is included in the merge commit. To avoid invalid keywords in the merge commit, please edit the title of the PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[shu-mutou]

/lgtm

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dependabot[bot], shu-mutou

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [shu-mutou]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment