Skip to content

chore(deps): bump async-graphql from 8.0.0-rc.4 to 8.0.0-rc.5 in the all-dependencies group across 1 directory#715

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/all-dependencies-5925d943b8
Closed

chore(deps): bump async-graphql from 8.0.0-rc.4 to 8.0.0-rc.5 in the all-dependencies group across 1 directory#715
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/all-dependencies-5925d943b8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 30, 2026
edited by cursor Bot
Loading

Bumps the all-dependencies group with 1 update in the / directory: async-graphql.

Updates async-graphql from 8.0.0-rc.4 to 8.0.0-rc.5

Changelog

Sourced from async-graphql's changelog.

[8.0.0-rc.5] 2026-04-22

  • Fix MergedObject exceeding compiler recursion limit by using flat dispatch instead of nested async delegation in resolve_field/find_entity, which overflows when cross-crate types amplify monomorphization depth
  • Replace mdbook test with cargo test --doc via a book-tests crate to fix E0464 duplicate rlib errors in CI #1794
  • Add option to restrict potential DoS vector #1822
Commits

Note

Medium Risk
Upgrades a core GraphQL dependency, which can subtly change query execution behavior and performance characteristics across the API surface despite the small diff.

Overview
Updates the workspace async-graphql dependency from 8.0.0-rc.4 to 8.0.0-rc.5 and refreshes Cargo.lock to the new async-graphql* crate checksums/versions.

Reviewed by Cursor Bugbot for commit 3a9f2e1. Bugbot is set up for automated code reviews on this repo. Configure here.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Apr 30, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 30, 2026
edited
Loading

📊 Performance Report

Commit: 3a9f2e1
Updated: 2026-05-01 14:40:57 UTC

Cala Performance Benchmark Results (non-representative)

Criterion Benchmark Results (single-threaded)

Benchmark Time per Run Throughput % vs Baseline
post_simple_transaction 6.696ms 149 tx/s 0 (baseline)
post_and_recalculate_ec_account_set 18.666ms 53 tx/s -178.0%
post_and_batch_recalculate_ec_account_set 13.543ms 73 tx/s -102.0%
post_multi_layer_transaction 9.415ms 106 tx/s -40.0%
post_simple_transaction_with_effective_balances 9.718ms 102 tx/s -45.0%
post_simple_transaction_with_skipped_velocity 6.716ms 148 tx/s -0.0%
post_simple_transaction_with_velocity 8.289ms 120 tx/s -23.0%
post_simple_transaction_with_hit_velocity 4.132ms 241 tx/s +38.0%
post_simple_transaction_with_one_account_set 7.050ms 141 tx/s -5.0%
post_simple_transaction_with_five_account_sets 8.622ms 115 tx/s -28.0%
post_simple_transaction_with_ec_account_set 6.664ms 150 tx/s -0.0%

Load Testing Results (parallel-execution)

Scenario tx/s
1 parallel 81.63
2 parallel 127.81
5 parallel 154.59
10 parallel 150.96
20 parallel 149.55
2 contention 110.88
5 contention 130.64
2 acct_sets 105.52
5 acct_sets 119.23

Note: Performance results may vary based on system resources and database state.

Last updated by commit 3a9f2e1

@dependabot dependabot Bot changed the title chore(deps): bump async-graphql from 8.0.0-rc.4 to 8.0.0-rc.5 in the all-dependencies group chore(deps): bump async-graphql from 8.0.0-rc.4 to 8.0.0-rc.5 in the all-dependencies group across 1 directory Apr 30, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/all-dependencies-5925d943b8 branch from 6698172 to c2182fe Compare April 30, 2026 14:58
@dependabot
chore(deps): bump async-graphql
3a9f2e1 
Bumps the all-dependencies group with 1 update in the / directory: [async-graphql](https://github.com/async-graphql/async-graphql).


Updates `async-graphql` from 8.0.0-rc.4 to 8.0.0-rc.5
- [Changelog](https://github.com/async-graphql/async-graphql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/async-graphql/async-graphql/commits/8.0.0-rc.5)

---
updated-dependencies:
- dependency-name: async-graphql
  dependency-version: 8.0.0-rc.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/all-dependencies-5925d943b8 branch from c2182fe to 3a9f2e1 Compare May 1, 2026 14:22
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 1, 2026

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/cargo/all-dependencies-5925d943b8 branch May 1, 2026 20:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nicolasburtey