Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@apollo-elements/create
Advanced tools
⚡️ App and Component Generator for Apollo Elements 🚀
🔎 Read the Full API Docs 🔎
To quickly get started with apollo-elements, generate a skeleton app with this command
npm init @apollo-elements
Which will prompt you to generate a full app, or a component thereof.
npm init @apollo-elements -- app
Generate an Apollo Elements Skeleton App
npm init @apollo-elements -- \
app \
--pkg-manager yarn \
--uri '/graphql' \
--install \
--start \
--yes
Flag | Description | type | default |
---|---|---|---|
--help | Show help | boolean | |
--version | Show version number | boolean | |
--pkg-manager | Preferred package manager | npm or yarn | npm |
--uri , -u | URI to your GraphQL endpoint | string | |
--yes , -y | Use default package.json fields (e.g. author, license) | boolean | |
--skip-codegen | Skip the codegen phase | string | false |
--install , -i | Automatically install dependencies | boolean | |
--start , -s | Launch the dev server after scaffolding | boolean |
The generated app comes with plenty of bells-and-whistles:
@web/dev-server
import MyQuery from './My.query.graphql'
import styles from './my-element.css'
These npm scripts help you get your work done in style:
npm start
yarn start
runs the code generator and the development server in watch mode
npm run build
yarn build
bundles the app into /build
. The build will bundle and minify your javascript, and minify your HTML. Just upload to your static file host and you're good.
npm run lint
yarn lint
Lint your app with an opinionated set of rules for JavaScript and TypeScript
npm test
yarn test
The generator currently doesn't offer strong opinions on testing your UI components, so npm test
currently exist with an error code. For unit testing business logic (i.e. typePolicies), we recommend @web/test-runner
npm init @apollo-elements -- component
Generate an Apollo Element
npm init @apollo-elements -- \
component \
--type mutation \
--name x-user-profile \
--subdir user \
--schema-path '#schema' \
--shared-css-path '#components/shared.css' \
--operation-params '$input: UpdateProfileInput!' \
--fields 'updateProfile(input: $input) { id }' \
--skip-codegen
--yes
Flag | Description | type | default |
---|---|---|---|
--help | Show help | boolean | |
--version | Show version number | boolean | |
--pkg-manager | Preferred package manager | npm or yarn | npm |
--type , -t | Element type | query , mutation , or subscription | query |
--name , -n | Custom element tag name | string | |
--subdir , -d | Optional subdir under src/components | string | |
--yes , -y | Optional subdir under src/components | boolean | false |
--skip-codegen | Skip the codegen phase | boolean | false |
--schema-path | Optional custom path to schema types file | string | |
--shared-css-path | Optional custom path to shared component styles file | string | |
--variables | Optional custom variables e.g. input: $UpdateUserInput | string | |
--fields | Optional custom fields e.g. id name picture { alt url } | string |
FAQs
Scaffold apps and components with GraphQL and Lit
The npm package @apollo-elements/create receives a total of 83 weekly downloads. As such, @apollo-elements/create popularity was classified as not popular.
We found that @apollo-elements/create demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.