This is a special release with only one commit: updating the version of Guava to 32.0.0 to address CVE-2023-2976.
graphql-java shades in selected classes of Guava. Although this library does not use any of the code described in the CVE, we received reports in #3239 that the Guava POM inside the jar was incorrectly triggering security scanners. We'd prefer to keep those security scanners happy and upgrade the Guava version.
What's Changed
Full Changelog: v20.3...v20.4