chore(deps-dev): bump graphql-request from 6.1.0 to 7.3.3

[dependabot]

Bumps graphql-request from 6.1.0 to 7.3.3.

Release notes

Sourced from graphql-request's releases.

graphql-request@7.3.3

Bug Fixes

• Non-JSON Error Response Handling: Fixed regression in 7.3.2 where servers returning HTTP 4xx/5xx status codes with non-JSON response bodies (HTML, plain text) would throw an unhelpful error: "Invalid execution result: result is not object or array" (#1459, closes #1458)
  • Added safe JSON parsing fallback for responses without proper Content-Type headers
  • Returns descriptive error messages with response body preview for non-JSON responses
  • Handles common production scenarios: load balancer errors (502/503 HTML pages), CDN errors, WAF/firewall responses, misconfigured servers
  • Maintains backward compatibility for servers that omit Content-Type but return valid JSON
  • Added comprehensive test coverage for HTML, plain text, and missing Content-Type scenarios

What Changed

Version 7.3.2 introduced a bug where the ELSE branch in parseResultFromResponse would pass raw strings (HTML, plain text) to a parser expecting objects/arrays. This only surfaced when:

1. Server returns 4xx/5xx status code
2. Content-Type header is missing or non-JSON (e.g., text/html, text/plain)
3. Response body is not valid JSON

This is now fixed with graceful error handling and clear error messages.

graphql-request@7.3.2

Bug Fixes

• HTTP Error Handling: Fixed regression from v6 to v7 where HTTP 4xx/5xx responses would not include GraphQL errors from response body in ClientError (#1457, closes #1281)

  • Response body is now parsed before checking HTTP status
  • Users can access GraphQL errors via error.response.errors even with non-2xx status codes
  • Common use case: authentication errors (422), server errors (500)

• graphql-codegen Compatibility: Added support for TypedDocumentString from @graphql-codegen when using documentMode: 'string' (#1456, closes #1453)

  • Handles boxed String objects created by TypedDocumentString class
  • Normalizes document input to prevent crashes when passing to GraphQL operations

graphql-request@7.3.1

Bug Fixes

• Fixed broken example links on npmjs.com (#1332)
  • Updated package.json repository metadata to point to correct location: graffle-js/graffle
  • Updated homepage URL to include /tree/graphql-request path
  • Updated bugs URL to point to correct issues page
  • All example links on npm now correctly resolve to files in the graphql-request branch

Links

• npm package
• Full Changelog

Commits

• a9f94c1 chore: bump ver
• 97d9822 Fix: handle non-JSON error responses gracefully (#1459)
• cc99d03 chore: bump version to 7.3.2
• 7a1ee76 fix: parse GraphQL errors from response body on HTTP 4xx/5xx status codes (#1...
• 0f60a64 fix: support TypedDocumentString from graphql-codegen (#1456)
• 8ef0842 fix(graphql-request): update repository URLs to point to graffle-js/graffle (...
• a51de21 chore: bump version to 7.3.0
• b3c500f feat(graphql-request): default types any and support common js (#1396)
• 4df6036 chore: use absolute urls for examples in graphql-request branch (#1369)
• 55c0dfc chore: bump
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[mergeable]

Thanks for creating a pull request! A maintainer will review your changes shortly. Please don't be discouraged if it takes a while.