Hi @haughty viper. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
#Plans for Maintenance on the Nuxt Apollo Module/ Work around in the mean time
last latchBOT
topaz summitBOT
langsort has been warned
last latchBOT
I appreciate your detailed question, but I have to be transparent: the provided knowledge sources do not contain any information about the Nuxt Apollo module (@nuxtjs/apollo), its maintenance plans, or official recommendations for integrating Apollo Client in Nuxt 3/4 projects.
I cannot responsibly answer your specific questions about:
- Official plans for a Nuxt 3/4-compatible release of
@nuxtjs/apollo - The recommended workaround for Apollo Client integration in Nuxt 4
- Whether using
@apollo/client+@vue/apollo-composabledirectly is the recommended approach
What I can say based on the knowledge sources
Regarding your general concern about npm audit vulnerabilities in transitive dependencies, the Nuxt team's position (based on similar issues) is worth noting:
- Many
npm auditwarnings stem from build-time dependencies, not runtime ones. Build-time vulnerabilities are generally considered far less severe than runtime ones. [Dependency warnings] - The Nuxt team has previously closed similar vulnerability reports noting they are "not a Nuxt vulnerability" and often "not even a vulnerability given how the package in question is used." [Vulnerability warning]
- A common workaround for transitive dependency vulnerabilities is to use the
overrides(npm) orresolutions(yarn/pnpm) field inpackage.jsonto force a patched version of the vulnerable sub-dependency. [Axios vulnerability]
Recommended next steps
For accurate, up-to-date information on the Apollo module's status and roadmap, I'd suggest:
- Checking the nuxt-modules/apollo GitHub repository directly
- Opening or searching for issues there regarding Nuxt 3/4 compatibility and release plans