fix(deps): update examples

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@apollo/gateway (source)	2.11.6 → 2.14.0
@graphql-tools/schema (source)	10.0.23 → 10.0.33
@nestjs/apollo	13.2.4 → 13.4.0
@nestjs/cli	11.0.7 → 11.0.21
@nestjs/common (source)	11.1.3 → 11.1.21
@nestjs/graphql	13.2.4 → 13.4.0
@nestjs/platform-express (source)	11.1.3 → 11.1.21
@nestjs/testing (source)	11.1.3 → 11.1.21
@types/express (source)	5.0.3 → 5.0.6
@types/node (source)	24.0.3 → 24.12.4
@typescript-eslint/eslint-plugin (source)	8.34.1 → 8.59.3
@typescript-eslint/parser (source)	8.34.1 → 8.59.3
eslint (source)	9.29.0 → 9.39.4
express (source)	5.1.0 → 5.2.1
graphql	16.11.0 → 16.14.0
graphql-yoga (source)	5.13.5 → 5.21.0
jest (source)	30.0.2 → 30.4.2
nodemon (source)	3.1.10 → 3.1.14
prettier (source)	3.5.3 → 3.8.3
supertest	7.1.1 → 7.2.2
typescript (source)	5.8.3 → 5.9.3
yarn (source)	4.9.2 → 4.14.1

---

Release Notes

apollographql/federation (@​apollo/gateway)

v2.14.0

Compare Source

Minor Changes

• Add opt-out anonymous deployment environment telemetry. To opt-out, set APOLLO_TELEMETRY_DISABLED=1 in your environment. (#​3379)

Patch Changes

• Fixed print logic when calculating the max number of elements to include in the message. Previously we were not passing (#​3424)
  the current calculated length correctly leading to inclusion of additional elements in the error/hints message.
• Updated dependencies [21cf465d4c687daeed71635422718c3c7b7d2d0e, e1fd4ac10f72bb09027995f0811ec6e0021bcd49, 5b36fc6b5a494aa6983e0339713dc45a0bd031e3, a20279a0184d9dfbc01a806d849dc8ae22497298]:
  • @​apollo/composition@​2.14.0
  • @​apollo/federation-internals@​2.14.0
  • @​apollo/query-planner@​2.14.0

v2.13.3

Compare Source

Patch Changes

• Updated dependencies [b5c17ffa73e2de49bd63182a84a7d5837c0ab2d5]:
  • @​apollo/composition@​2.13.3
  • @​apollo/federation-internals@​2.13.3
  • @​apollo/query-planner@​2.13.3

v2.13.2

Compare Source

Patch Changes

• Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. (#​3396)

  See the associated GitHub Advisories GHSA-pfjj-6f4p-rvmh for more information.

• Updated dependencies [84e9226b606b176ede097410f5ba35ba03d140ed]:

  • @​apollo/query-planner@​2.13.2
  • @​apollo/federation-internals@​2.13.2
  • @​apollo/composition@​2.13.2

v2.13.1

Compare Source

Patch Changes

• Allow bumping make-fetch-happen dependency to v15. (#​3374)

  This change allows users to upgrade make-fetch-happen to v15, which in turn will allow updating the cacache dependency from v17 to v20, dropping the tar v6 dependency that is marked as vulnerable.

  The only breaking changes in make-fetch-happen from v11 to v15 are removals of support for old end-of-life Node.js versions.

  There is only one note from the 12.0.0 release of make-fetch-happen that might be of interest when considering the upgrade:

  this changes the underlying http agents to those provided by @​npmcli/agent. Backwards compatibility should be fully implemented but due to the scope of this change it was made a breaking change out of an abundance of caution.

  As a result, it should be possible for most users to upgrade from v11 to v15 without any issues.

  We still keep the dependency to v11 as an alternative for people that cannot upgrade to v15 for some reason. This will be removed in a future version of @apollo/gateway.

  Even for users that stay on v11, there should not be any immediate danger. While cacache had tar v6 as a dependency, it actually never used it. It seems that that dependency had become unused at some point but was never removed. So users on make-fetch-happen v11 are not actually affected by the vulnerability in tar v6.

  The dependency might hold the tar package required by other packages back, though. In case an update from v11 to v15 is not possible, users should consider to use the resolution override feature of their package manager to force the dependency from cacache to tar to either be removed or updated to a newer version. As cacache does not actually use tar, this should not cause any issues.

• Updated dependencies []:

  • @​apollo/composition@​2.13.1
  • @​apollo/federation-internals@​2.13.1
  • @​apollo/query-planner@​2.13.1

v2.13.0

Compare Source

Minor Changes

• Drop Node.js 14/16 support, require Node.js 18+ (#​3364)

Patch Changes

• Updated dependencies [f4d2f4a1f50a92be37ea7179eddb3681f36d9d15, 523b13b715e75033f0bdbc176416e59ac01de8f0, ecbe182423313b3a94c185dee6b659573435b141, 4c64006b1604471940e20aa1aa46a0f75a6396df, 873577a2b7ae8ce507e0ca4377aed049e1a15075]:
  • @​apollo/query-planner@​2.13.0
  • @​apollo/composition@​2.13.0
  • @​apollo/federation-internals@​2.13.0

v2.12.3

Compare Source

Patch Changes

• Fixed several code paths that access response objects to prevent JavaScript prototype pollution and unintended access to the prototype chain. (#​3397)

  See the associated GitHub Advisories GHSA-pfjj-6f4p-rvmh for more information.

• Updated dependencies [4393ceca349aca68981362f210cca023ed3fb97b]:

  • @​apollo/query-planner@​2.12.3
  • @​apollo/federation-internals@​2.12.3
  • @​apollo/composition@​2.12.3

v2.12.2

Compare Source

Patch Changes

• Updated dependencies [238d9d71e831e4f3e8d8e334ad6952cc19c073b1]:
  • @​apollo/federation-internals@​2.12.2
  • @​apollo/composition@​2.12.2
  • @​apollo/query-planner@​2.12.2

v2.12.1

Compare Source

Patch Changes

• Updated dependencies [b19431e4a92206703e29aba859a5fc7574b9ef8b, 09e596e6a0c753071ca822e84f525d73ada395cf, ac1ed2946c48e0fef4b413b192d8c5fbdb2370ae]:
  • @​apollo/composition@​2.12.1
  • @​apollo/federation-internals@​2.12.1
  • @​apollo/query-planner@​2.12.1

v2.12.0

Compare Source

Minor Changes

• Federation 2.12 and Connect 0.3 (#​3276)

Patch Changes

• Updated dependencies [3e2b0a8569a9fe46726182887ed0b4bfc0b52468, bb4614d338ae03bac51a5fc2439590f172c4e54d, 99f2da21de88f9ad9a32ee7ed64b2d4a92887b40, 468f27842608f4e390cfc88bc7e6b4b0945f95ff, 3fd5157b309f1d3439b2d87c67b0601fb246d04c, b734ea04d118db09cf6077fdd968c8f04a96327a, 4bda3a498eba36e187dfd9ae673eca12d3f3502c, e7e67579908d5cd2fa6fe558228dffe4808cd98d, f3ab499eaf62b1a1c0f08b838d2cbde5accb303a, faea2d1174d80593264f2227cfde9a2ba1a59b96, 0dbc7cc72ffacf324231e9ccb2de4189f6bf3289, 97b9d2edfcfeed99124f9e115f992cbef3804682, f6af504f1ba8283fd00af0d6e3c9c1a665d62736, bc07e979b9fd24c9b94740b170f11023fe99ba1e, a595235d3cf8f67611efd8395332b64d067b5f1f, 9cbdcb53f859c877a476e2725faa4cb205506f57]:
  • @​apollo/query-planner@​2.12.0
  • @​apollo/composition@​2.12.0
  • @​apollo/federation-internals@​2.12.0

ardatan/graphql-tools (@​graphql-tools/schema)

v10.0.33

Compare Source

Patch Changes

• Updated dependencies
  [a4b7dce]:
  • @​graphql-tools/utils@​11.1.0
  • @​graphql-tools/merge@​9.1.9

v10.0.32

Compare Source

Patch Changes

• Updated dependencies
  [ae36a0e]:
  • @​graphql-tools/utils@​11.0.1
  • @​graphql-tools/merge@​9.1.8

v10.0.31

Compare Source

Patch Changes

• Updated dependencies
  [6f3776c]:
  • @​graphql-tools/utils@​11.0.0
  • @​graphql-tools/merge@​9.1.7

v10.0.30

Compare Source

Patch Changes

• Updated dependencies
  [2118a80]:
  • @​graphql-tools/utils@​10.11.0
  • @​graphql-tools/merge@​9.1.6

v10.0.29

Compare Source

Patch Changes

• Updated dependencies
  [2fe123a]:
  • @​graphql-tools/utils@​10.10.3
  • @​graphql-tools/merge@​9.1.5

v10.0.28

Compare Source

Patch Changes

• Updated dependencies
  [dddc5f6]:
  • @​graphql-tools/utils@​10.10.2
  • @​graphql-tools/merge@​9.1.4

v10.0.27

Compare Source

Patch Changes

• Updated dependencies
  [fbb58b5]:
  • @​graphql-tools/utils@​10.10.1
  • @​graphql-tools/merge@​9.1.3

v10.0.26

Compare Source

Patch Changes

• Updated dependencies
  [fd105f4,
  fded91e,
  3b99a9b]:
  • @​graphql-tools/utils@​10.10.0
  • @​graphql-tools/merge@​9.1.2

v10.0.25

Compare Source

Patch Changes

• Updated dependencies
  [984d542,
  984d542,
  32d0457]:
  • @​graphql-tools/merge@​9.1.1
  • @​graphql-tools/utils@​10.9.1

v10.0.24

Compare Source

Patch Changes

• Updated dependencies
  [e5f98c2,
  3c21496,
  e5f98c2,
  22af985,
  53db005]:
  • @​graphql-tools/merge@​9.1.0
  • @​graphql-tools/utils@​10.9.0

nestjs/graphql (@​nestjs/apollo)

v13.4.0

Compare Source

13.4.0 (2026-04-30)

Features

• apollo, graphql, mercurius
  • #​3811 feat(graphql): Add registerIn option for module-scoped type filtering (@​joe-re)

Bug fixes

• graphql
  • #​3959 fix(@​nestjs/graphql): stop double-registering PickType inputs (@​yogeshwaran-c)
  • #​3960 fix(@​nestjs/graphql): de-duplicate per-target metadata in TargetMetadataCollection (@​yogeshwaran-c)
• apollo, graphql
  • #​3962 fix(@​nestjs/graphql): restore Timestamp scalar parsers in federation factory (@​yogeshwaran-c)

Enhancements

• graphql
  • #​3963 fix(@​nestjs/graphql): validate registerEnumType/createUnionType options eagerly (@​yogeshwaran-c)

Dependencies

• graphql
  • #​3954 fix(deps): update graphql-tools monorepo (@​renovate[bot])

Committers: 3

• Masato Noguchi (@​joe-re)
• Mateus Welter Goettems (@​mateuswgoettems)
• Yogeshwaran C (@​yogeshwaran-c)

v13.3.0

Compare Source

13.3.0 (2026-04-22)

Bug fixes

• graphql
  • #​3949 fix(@​nestjs/graphql): count args for parenless arrow functions (@​yogeshwaran-c)
  • #​3952 fix(@​nestjs/graphql): keep class directive when a field has the same SDL (@​yogeshwaran-c)
  • #​3946 fix(@​nestjs/graphql): emit enum key for Args defaultValue in generated SDL (@​yogeshwaran-c)
  • #​3934 fix(@​nestjs/graphql): treat single-key string enums as enums in plugin type detection (@​maruthang)
  • #​3939 fix(@​nestjs/graphql): preserve ResolveField options for all overloads (@​maruthang)
• apollo
  • #​3940 fix(apollo): preserve HTTP 200 for execution-level GraphQL errors (@​maruthang)

Enhancements

• graphql
  • #​3838 perf(graphql): bypass ExternalContextCreator for scalar ResolveField fast-path (@​ArielSafar)
  • #​3950 feat(@​nestjs/graphql): forward specifiedByURL and extensions on custom scalars (@​yogeshwaran-c)
  • #​3951 feat(@​nestjs/graphql): accept array of SDL strings in @​Directive (@​yogeshwaran-c)
  • #​3944 fix(@​nestjs/graphql): emit clearer error when nested object type is used in mapped input (@​yogeshwaran-c)
  • #​3943 feat(@​nestjs/graphql): add conditional exports for browser shim (@​yogeshwaran-c)
  • #​3942 feat(@​nestjs/graphql): default federation to v2.12 directives (@​yogeshwaran-c)
  • #​3936 fix(@​nestjs/graphql): allow CustomScalar methods to return null (@​maruthang)
• apollo, graphql
  • #​3948 feat(@​nestjs/graphql): support directives on enums and unions (@​yogeshwaran-c)

Dependencies

• graphql
  • #​3925 chore(deps): update dependency ts-morph to v28 (@​renovate[bot])
  • #​3918 fix(deps): update graphql-tools monorepo (@​renovate[bot])
• mercurius
  • #​3928 chore(deps): update dependency fastify to v5.8.5 (@​renovate[bot])
  • #​3858 chore(deps): update dependency @​mercuriusjs/gateway to v5.2.0 (@​renovate[bot])
  • #​3920 chore(deps): update dependency mercurius to v16.9.0 (@​renovate[bot])

Committers: 3

• Ariel Safar (@​ArielSafar)
• Maruthan G (@​maruthang)
• Yogeshwaran C (@​yogeshwaran-c)

v13.2.5

Compare Source

13.2.5 (2026-04-09)

Bug fixes

• graphql
  • #​3846 fix(@​nestjs/graphql): handle definitions factory typename option (@​NicolasGn)

Enhancements

• graphql
  • #​3889 feat(@​nestjs/graphql): add stopOnApplicationShutdown option for graceful shutdown (@​dgfh0450)

Dependencies

• graphql
  • #​3894 fix(deps): update dependency graphql-ws to v6.0.8 (@​renovate[bot])
  • #​3852 chore(deps): update dependency graphql to v16.13.2 (@​renovate[bot])
  • #​3888 fix(deps): update dependency ws to v8.20.0 (@​renovate[bot])
  • #​3901 fix(deps): update dependency @​nestjs/mapped-types to v2.1.1 (@​renovate[bot])
  • #​3904 fix(deps): update dependency lodash to v4.18.1 [security] (@​renovate[bot])
• apollo
  • #​3902 fix(deps): update dependency lodash.omit to v4.18.0 (@​renovate[bot])
  • #​3897 chore(deps): update dependency @​apollo/server to v5.5.0 [security] (@​renovate[bot])
  • #​3881 chore(deps): update dependency @​apollo/gateway to v2.10.5 [security] (@​renovate[bot])
• mercurius
  • #​3899 chore(deps): update dependency @​mercuriusjs/federation to v5.1.1 (@​renovate[bot])
  • #​3890 chore(deps): update dependency fastify to v5.8.4 (@​renovate[bot])
  • #​3868 chore(deps): update dependency mercurius to v16.8.0 (@​renovate[bot])

Committers: 2

• Nicolas Guégan (@​NicolasGn)
• YoonDH (@​dgfh0450)

nestjs/nest-cli (@​nestjs/cli)

v11.0.21

Compare Source

• fix: revert #​3315 due to #​3390 (255a559)

v11.0.20

Compare Source

• fix: revert #​3313 due to #​3391 and #​3390 (705bb7d)
• chore(deps): update swc monorepo (8496c76)
• fix(assets-manager): return promise from close watchers (2181947)
• fix(swc): fix inverted chokidar ignored filter in watch mode (a3890cb)
• fix: add type annotations to caught errors (c46ddd7)

v11.0.19

Compare Source

What's Changed

• fix(types): correct Asset type definition from string literal to string union by @​yogeshwaran-c in #​3323
• fix(generate): use selected project name for specFileSuffix lookup by @​yogeshwaran-c in #​3325
• fix(info): add missing space in os version display by @​yogeshwaran-c in #​3321
• fix(compiler): run tsconfig paths plugin before user plugins in tsc compiler by @​yogeshwaran-c in #​3326
• fix(start): skip signal forwarding in watch mode by @​maruthang in #​3338
• feat(compiler): resolve path aliases in declaration files by @​maruthang in #​3344
• fix(deps): update angular-cli monorepo to v19.2.24 by @​renovate[bot] in #​3337

Full Changelog: nestjs/nest-cli@11.0.18...11.0.19

v11.0.18

Compare Source

What's Changed

• fix(build): delete tsbuildinfo file with out dir (#​3312) by @​maruthang in #​3317
• fix(swc): prevent double initialization in watch mode by @​maruthang in #​3316
• fix(swc): respect root dir option for strip leading paths by @​maruthang in #​3318
• fix(cli): error on unexpected extra positional arguments by @​maruthang in #​3314
• fix(start): wait for async shutdown hooks before exiting by @​maruthang in #​3313
• fix(assets): use ready event for watcher closing by @​maruthang in #​3315
• fix: expand @​swc/cli peer range to include ^0.8.0 by @​wwenrr in #​3309
• chore(deps): update dependency @​nestjs/schematics to v11.0.10 by @​renovate[bot] in #​3300
• refactor(compiler): potential undefined access in getWebpackConfigPath by @​zendy199x in #​3296
• fix(deps): update angular-cli monorepo to v19.2.23 by @​renovate[bot] in #​3299

New Contributors

• @​maruthang made their first contribution in #​3317
• @​wwenrr made their first contribution in #​3309
• @​zendy199x made their first contribution in #​3296

Full Changelog: nestjs/nest-cli@11.0.17...11.0.18

v11.0.17

Compare Source

What's Changed

• fix(deps): update angular-cli monorepo to v19.2.23 by @​renovate[bot] in #​3274
• fix(deps): update dependency webpack to v5.105.4 by @​renovate[bot] in #​3273
• fix(deps): update dependency glob to v13.0.6 by @​renovate[bot] in #​3271

Full Changelog: nestjs/nest-cli@11.0.16...11.0.17

v11.0.16

Compare Source

• Merge pull request #​3246 from nestjs/revert-3183-renovate/inquirer-prompts-8.x (a93d919)
• Revert "fix(deps): update dependency @​inquirer/prompts to v8" (a335950)

v11.0.15

Compare Source

What's Changed

• chore(deps): update dependency @​swc/core to v1.15.8 by @​renovate[bot] in #​3230
• chore(deps): update dependency @​swc/cli to v0.7.10 by @​renovate[bot] in #​3242
• fix(utils): tree-kill use spawn sync to fix node 24 crash by @​LucM in #​3235
• fix(deps): update dependency webpack to v5.104.1 by @​renovate[bot] in #​3221
• chore(deps): update node.js to v24.13.0 by @​renovate[bot] in #​3214
• fix(deps): update dependency @​inquirer/prompts to v8 by @​renovate[bot] in #​3183

New Contributors

• @​LucM made their first contribution in #​3235

Full Changelog: nestjs/nest-cli@11.0.14...11.0.15

v11.0.14

Compare Source

What's Changed

• ci: switch npm ignore to allow list by @​bryopsida in #​3203

New Contributors

• @​bryopsida made their first contribution in #​3203

Full Changelog: nestjs/nest-cli@11.0.13...11.0.14

v11.0.13

Compare Source

v11.0.12

Compare Source

What's Changed

• fix: revert #​3128 by @​kamilmysliwiec in #​3192

Full Changelog: nestjs/nest-cli@11.0.11...11.0.12

v11.0.11

Compare Source

What's Changed

• fix(deps): update angular-cli monorepo to v19.2.19 by @​renovate[bot] in #​3148
• refactor(dependency): Remove tree-kill dependency by @​gcstarr in #​3157
• chore(deps): update dependency @​swc/core to v1.15.2 by @​renovate[bot] in #​3181
• fix(deps): update dependency glob to v12 by @​renovate[bot] in #​3186
• fix(deps): update dependency @​inquirer/prompts to v7.10.1 by @​renovate[bot] in #​3178
• fix(deps): update dependency ansis to v4.2.0 by @​renovate[bot] in #​3171

Full Changelog: nestjs/nest-cli@11.0.10...11.0.11

v11.0.10

Compare Source

What's Changed

• Revert "chore: disable shell by default" by @​kamilmysliwiec in #​3114
• Revert "fix(deps): update angular-cli monorepo to v20 (major)" by @​kamilmysliwiec in #​3115

Full Changelog: nestjs/nest-cli@11.0.9...11.0.10

v11.0.9

Compare Source

• fix(deps): update angular-cli monorepo to v20 (5bbd8f8)
• chore: disable shell by default (c31554d)
• fix(deps): update dependency @​inquirer/prompts to v7.8.0 (4897ce2)

v11.0.8

Compare Source

What's Changed

• chore(deps): update dependency @​swc/core to v1.13.2 by @​renovate[bot] in #​3100
• fix(deps): update dependency ansis to v4 by @​renovate[bot] in #​3026
• fix(deps): update angular-cli monorepo to v19.2.15 by @​renovate[bot] in #​3001
• fix(deps): update dependency webpack to v5.100.2 by @​renovate[bot] in #​3008
• fix(deps): update dependency glob to v11.0.3 - autoclosed by @​renovate[bot] in #​3002
• fix(deps): update dependency @​inquirer/prompts to v7.7.1 by @​renovate[bot] in #​3005

Full Changelog: nestjs/nest-cli@11.0.7...11.0.8

nestjs/nest (@​nestjs/common)

v11.1.21

Compare Source

v11.1.20

Compare Source

v11.1.19

Compare Source

v11.1.19 (2026-04-13)

Bug fixes

• microservices
  • #​16762 fix(microservices): use backing field for consumer CRASH event listener (@​burhanharoon)
  • [#​16764](https://redirect.github.com

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 718ad8a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.19%. Comparing base (79fc49b) to head (dff5231).
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #814   +/-   ##
=======================================
  Coverage   92.19%   92.19%           
=======================================
  Files          17       17           
  Lines         397      397           
  Branches      128      128           
=======================================
  Hits          366      366           
  Misses         31       31           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.