Version Packages

Author: neo4j-team-graphql

.changeset/plenty-pants-fold.md

@@ -10,7 +10,7 @@
     "dependencies": {
         "@apollo/server": "^4.7.0",
         "@graphql-tools/wrap": "^10.0.0",
-        "@neo4j/graphql": "^6.3.1",
+        "@neo4j/graphql": "^6.4.0",
         "graphql": "16.10.0",
         "graphql-tag": "^2.12.6",
         "neo4j-driver": "^5.8.0"

.changeset/ten-walls-grin.md

@@ -1,5 +1,79 @@
 # @neo4j/graphql
 
+## 6.4.0
+
+### Minor Changes
+
+- [#6029](https://github.com/neo4j/graphql/pull/6029) [`f792a02`](https://github.com/neo4j/graphql/commit/f792a0259ad489b95e6241c20be6d27525712f3b) Thanks [@darrellwarde](https://github.com/darrellwarde)! - Add a new field directive `@sortable` which can be used to configure whether results can be sorted by field values or not.
+
+### Patch Changes
+
+- [#6046](https://github.com/neo4j/graphql/pull/6046) [`dcf4c76`](https://github.com/neo4j/graphql/commit/dcf4c761b21e8dbce8436e4000eae53f9780923c) Thanks [@angrykoala](https://github.com/angrykoala)! - Add `unsafeEscapeOptions` to `Neo4jGraphQL` features with the following flags:
+
+    - `disableRelationshipTypeEscaping` (default to `false`)
+    - `disableNodeLabelEscaping` (defaults to `false`)
+
+    These flags remove the automatic escaping of node labels and relationship types in the generated Cypher.
+
+    For example, given the following schema:
+
+    ```graphql
+    type Actor {
+        name: String!
+    }
+
+    type Movie {
+        title: String!
+        actors: [Actor!]! @relationship(type: "ACTED IN", direction: OUT)
+    }
+    ```
+
+    A GraphQL query going through the `actors` relationship:
+
+    ```graphql
+    query {
+        movies {
+            title
+            actors {
+                name
+            }
+        }
+    }
+    ```
+
+    Will normally generate the following Cypher for the relationship:
+
+    ```cypher
+    MATCH (this:Movie)-[this0:`ACTED IN`]->(this1:Actor)
+    ```
+
+    The label `ACTED IN` is escaped by placing it inside backticks (`\``), as some characters in it are susceptible of code injection.
+
+    If the option `disableRelationshipTypeEscaping` is set in `Neo4jGraphQL`, this safety mechanism will be disabled:
+
+    ```js
+    new Neo4jGraphQL({
+        typeDefs,
+        features: {
+            unsafeEscapeOptions: {
+                disableRelationshipTypeEscaping: true,
+            },
+        },
+    });
+    ```
+
+    Generating the following (incorrect) Cypher instead:
+
+    ```cypher
+    MATCH (this:Movie)-[this0:ACTED IN]->(this1:Actor)
+    ```
+
+    This can be useful in very custom scenarios where the Cypher needs to be tweaked or if the labels and types have already been escaped.
+
+    > Warning: This is a safety mechanism to avoid Cypher injection. Changing these options may lead to code injection and an unsafe server.
+
+- [#6042](https://github.com/neo4j/graphql/pull/6042) [`9ff8a10`](https://github.com/neo4j/graphql/commit/9ff8a1010d1e87d494adc3969f0f8110351ee584) Thanks [@MacondoExpress](https://github.com/MacondoExpress)! - Fixed bug that causes connection fields for interfaces to not be able to be filtered using the typename filters.
+
 ## 6.3.1
 
 ### Patch Changes

.changeset/wicked-shrimps-draw.md

@@ -1,6 +1,6 @@
 {
     "name": "@neo4j/graphql",
-    "version": "6.3.1",
+    "version": "6.4.0",
     "description": "A GraphQL to Cypher query execution layer for Neo4j and JavaScript GraphQL implementations",
     "keywords": [
         "neo4j",

packages/apollo-federation-subgraph-compatibility/package.json

@@ -2151,7 +2151,7 @@ __metadata:
   languageName: node
   linkType: soft
 
-"@neo4j/graphql@npm:^6.2.2, @neo4j/graphql@npm:^6.3.1, @neo4j/graphql@workspace:packages/graphql":
+"@neo4j/graphql@npm:^6.2.2, @neo4j/graphql@npm:^6.4.0, @neo4j/graphql@workspace:packages/graphql":
   version: 0.0.0-use.local
   resolution: "@neo4j/graphql@workspace:packages/graphql"
   dependencies:
@@ -3911,7 +3911,7 @@ __metadata:
     "@apollo/federation-subgraph-compatibility": "npm:2.2.0"
     "@apollo/server": "npm:^4.7.0"
     "@graphql-tools/wrap": "npm:^10.0.0"
-    "@neo4j/graphql": "npm:^6.3.1"
+    "@neo4j/graphql": "npm:^6.4.0"
     fork-ts-checker-webpack-plugin: "npm:9.0.2"
     graphql: "npm:16.10.0"
     graphql-tag: "npm:^2.12.6"