Bump graphql from 2.5.11 to 2.5.19

[dependabot]

Bumps graphql from 2.5.11 to 2.5.19.

Changelog

Sourced from graphql's changelog.

2.5.19 (5 Feb 2026)

• DetailedTrace: add ActiveRecord backend, generator #5525
• DetailedTrace: improve ActiveRecord backend, filter hashes before logging #5527

2.5.18 (22 Jan 2026)

• GraphQL::Dashboard: properly require action_controller before using it #5510
• GraphQL::Dashboard: don't use config.asset_host for Dashboard assets since they're handled by the dashboard itself #5511

2.5.17 (21 Jan 2026)

Bug fixes

• GraphQL::Dashboard: fix routes compatibility with Devise #5505
• GraphQL::Dashboard: fix HTML/erb lint issues #5497
• Parser: improve check for invalid number followed by name #5492 #5492
• GraphQL::Field: optimize boot memory by removing Field.from_options #5495
• field, argument: improve API documentation for DSL methods #5491

2.5.16 (10 Dec 2025)

Bug fixes

• fiber-storage: properly include dependency on Ruby < 3.2 #5484
• Fix typo in legacy_invalid_empty_selections_on_union_with_type warning #5481

2.5.15 (9 Dec 2025)

New features

• DetailedTrace: add separate spans for debug-only .inspect calls, support debug: false config #5477
• required: validator: Raise a developer error when all one_of: options are hidden, support allow_all_hidden: true to allow this case #5474
• GraphQL::Testing::MockActionCable: added to support testing ActionCableSubscriptions #5482
• legacy_invalid_empty_selections_on_union_with_type: new method added for better metadata about legacy behavior #5480

Bug fixes

• Fix typo in date encoding error #5447
• Fix schema printer bug #5468
• Ensure data exists for execution errors #5452
• Improve SDL directive argument coercion #5469
• Don't require fiber-storage on Ruby 3.2+ #5456
• Visibility: default to preload: true when Rails.env.staging? #5409

2.5.14 (8 Oct 2025)

Bug fixes

• Fix error when GraphQL-Batch is used (???) #5444

... (truncated)

Commits

• 6770b63 2.5.19
• 8bedf36 Merge pull request #5527 from rmosolgo/ar-backend-fixes
• b19946d Don't choose an empty app filter_parameters
• e8eb4bb Better defined check
• 1fd595c Use filter_param instead to handle all Hashes
• 610f627 Better support for different ActiveSupport versions, add test for config.filt...
• 26419d4 Merge pull request #5528 from duffuniverse/fix-source-code-link-in-queries-co...
• b09b030 Fix source code link in queries complexity and depth guide
• 84348b7 Update assertion
• 3272819 Also filter field results and objects
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)