Update ts-invariant to avoid CSP-violating Function fallback. (#7414)

apollographql/invariant-packages#53 This update may also help with issues like #7406, where a patch version update (from 0.5.0 to 0.5.1) is apparently not enough to force a dependency like ts-invariant with multiple conflicting version constraints (from @apollo/client and graphql-tools) to be updated, since version 0.5.0 is still semantically compatible with the desired minimum version 0.5.1, so ts-invariant remains outdated after updating @apollo/client, despite the new version being clearly mandated in @apollo/client/package.json. After updating the minor version of ts-invariant in package.json (to ^0.6.0), there should be no risk of @apollo/client incorrectly resolving the older ts-invariant@0.5.0 version, though there may end up being multiple copies of ts-invariant in node_modules with different versions, which is fine for this particular package.
apollographql · Dec 4, 2020 · c3edde4 · c3edde4
1 parent 508bc4b
commit c3edde4
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## Apollo Client 3.3.4
+
+## Improvements
+
+- Update `ts-invariant` to avoid potential [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)-violating `Function` fallback, thanks to [a clever new `globalThis` polyfill technique](https://mathiasbynens.be/notes/globalthis). <br/>
+  [@benjamn](https://github.com/benjamn) in [#7414](https://github.com/apollographql/apollo-client/pull/7414)
+
 ## Apollo Client 3.3.3
 
 ## Bug fixes

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -81,7 +81,7 @@
     "optimism": "^0.13.1",
     "prop-types": "^15.7.2",
     "symbol-observable": "^2.0.0",
-    "ts-invariant": "^0.5.1",
+    "ts-invariant": "^0.6.0",
     "tslib": "^1.10.0",
     "zen-observable": "^0.8.14"
   },