Breaking Changes

Breaking changes are any changes that might require action from our integrators. We divide these changes into two categories:

  • Breaking: Changes that will break existing queries to the GraphQL API. For example, removing a field would be a breaking change.
  • Dangerous: Changes that won't break existing queries but could affect the runtime behavior of clients. Adding an enum value is an example of a dangerous change.

We strive to provide stable APIs for our integrators. When a new feature is still evolving, we release it behind a schema preview.

We'll announce upcoming breaking changes at least three months before making changes to the GraphQL schema, to give integrators time to make the necessary adjustments. Changes go into effect on the first day of a quarter (January 1st, April 1st, July 1st, or October 1st). For example, if we announce a change on January 15th, it will be made on July 1st.

Changes scheduled for 2019-01-01

  • Breaking A change will be made to Repository.protectedBranches.

    Description: protectedBranches will be removed. Use Repository.branchProtectionRules instead.

    Reason: The ProtectedBranch type is deprecated and will be removed soon.

Changes scheduled for 2019-04-01

  • Breaking A change will be made to Organization.members.

    Description: members will be removed. Use Organization.membersWithRole instead.

    Reason: The members field is deprecated and will be removed soon.

Changes scheduled for 2019-07-01

  • Breaking A change will be made to RepositoryVulnerabilityAlert.affectedRange.

    Description: affectedRange will be removed. Use securityVulnerability.vulnerableVersionRange instead.

    Reason: advisory specific fields are being removed from repositoryVulnerabilityAlert objects

  • Breaking A change will be made to RepositoryVulnerabilityAlert.externalIdentifier.

    Description: externalIdentifier will be removed. Use securityAdvisory.identifiers instead.

    Reason: advisory specific fields are being removed from repositoryVulnerabilityAlert objects

  • Breaking A change will be made to RepositoryVulnerabilityAlert.externalReference.

    Description: externalReference will be removed. Use securityAdvisory.references instead.

    Reason: advisory specific fields are being removed from repositoryVulnerabilityAlert objects

  • Breaking A change will be made to RepositoryVulnerabilityAlert.fixedIn.

    Description: fixedIn will be removed. Use securityVulnerability.firstPatchedVersion instead.

    Reason: advisory specific fields are being removed from repositoryVulnerabilityAlert objects

  • Breaking A change will be made to RepositoryVulnerabilityAlert.packageName.

    Description: packageName will be removed. Use securityVulnerability.package instead.

    Reason: advisory specific fields are being removed from repositoryVulnerabilityAlert objects

  • Breaking A change will be made to ReviewDismissedEvent.message.

    Description: message will be removed. Use dismissalMessage instead.

    Reason: message is being removed because it not nullable, whereas the underlying field is optional.

  • Breaking A change will be made to ReviewDismissedEvent.messageHtml.

    Description: messageHtml will be removed. Use dismissalMessageHTML instead.

    Reason: messageHtml is being removed because it not nullable, whereas the underlying field is optional.