
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
@apollo/server
Advanced tools
@apollo/server is a powerful and flexible GraphQL server library that allows you to build and run a GraphQL API in Node.js. It provides tools for schema definition, query execution, and integration with various data sources and middleware.
Schema Definition
Defines a simple GraphQL schema with a single query and sets up an Apollo Server instance to serve it.
const { ApolloServer, gql } = require('@apollo/server');
const typeDefs = gql`
type Query {
hello: String
}
`;
const resolvers = {
Query: {
hello: () => 'Hello world!',
},
};
const server = new ApolloServer({ typeDefs, resolvers });
server.listen().then(({ url }) => {
console.log(`🚀 Server ready at ${url}`);
});
Middleware Integration
Integrates Apollo Server with an Express.js application, allowing you to use GraphQL as middleware.
const { ApolloServer } = require('@apollo/server');
const express = require('express');
const { expressMiddleware } = require('@apollo/server/express');
const typeDefs = gql`
type Query {
hello: String
}
`;
const resolvers = {
Query: {
hello: () => 'Hello world!',
},
};
const server = new ApolloServer({ typeDefs, resolvers });
const app = express();
server.start().then(() => {
app.use('/graphql', expressMiddleware(server));
app.listen({ port: 4000 }, () => {
console.log('Server is running on http://localhost:4000/graphql');
});
});
Data Source Integration
Shows how to integrate a REST API as a data source in Apollo Server, allowing you to fetch data from external APIs.
const { ApolloServer, gql } = require('@apollo/server');
const { RESTDataSource } = require('apollo-datasource-rest');
class MyAPI extends RESTDataSource {
constructor() {
super();
this.baseURL = 'https://api.example.com/';
}
async getExampleData() {
return this.get('example-endpoint');
}
}
const typeDefs = gql`
type Query {
exampleData: String
}
`;
const resolvers = {
Query: {
exampleData: async (_source, _args, { dataSources }) => {
return dataSources.myAPI.getExampleData();
},
},
};
const server = new ApolloServer({
typeDefs,
resolvers,
dataSources: () => ({
myAPI: new MyAPI(),
}),
});
server.listen().then(({ url }) => {
console.log(`🚀 Server ready at ${url}`);
});
express-graphql is a GraphQL HTTP server middleware for Express. It is simpler and more lightweight compared to @apollo/server, making it a good choice for smaller applications or those that do not require the full feature set of Apollo Server.
graphql-yoga is a fully-featured GraphQL server that is easy to set up and use. It is built on top of Express and Apollo Server, providing a more opinionated and streamlined experience. It is suitable for developers who want a quick and easy way to get started with GraphQL.
mercurius is a GraphQL adapter for Fastify, a fast and low-overhead web framework for Node.js. It offers high performance and integrates seamlessly with Fastify, making it a great choice for applications that prioritize speed and efficiency.
@apollo/server
This
@apollo/server
package is new with Apollo Server 4. Previous major versions of Apollo Server used a set of package names starting withapollo-server
, such asapollo-server
,apollo-server-express
,apollo-server-core
, etc.
Announcement: Join 1000+ engineers at GraphQL Summit 2025 by Apollo for talks, workshops, and office hours. Oct 6-8, 2025 in San Francisco. Get your pass here ->
Apollo Server is an open-source, spec-compliant GraphQL server that's compatible with any GraphQL client, including Apollo Client. It's the best way to build a production-ready, self-documenting GraphQL API that can use data from any source.
You can use Apollo Server as:
Apollo Server provides a simple API for integrating with any Node.js web framework or serverless environment. The @apollo/server
package itself ships with a minimally-configurable, standalone web server which handles CORS and body parsing out of the box. Integrations with other environments are community-maintained.
Apollo Server provides:
Full documentation for Apollo Server is available on our documentation site. This README shows the basics of getting a server running (both standalone and with Express), but most features are only documented on our docs site.
You can also check out the getting started guide in the Apollo Server docs for more details, including examples in both TypeScript and JavaScript.
Apollo Server's standalone server lets you get a GraphQL server up and running quickly without needing to set up an HTTP server yourself. It allows all the same configuration of GraphQL logic as the Express integration, but does not provide the ability to make fine-grained tweaks to the HTTP-specific behavior of your server.
First, install Apollo Server and the JavaScript implementation of the core GraphQL algorithms:
npm install @apollo/server graphql
Then, write the following to server.mjs
. (By using the .mjs
extension, Node lets you use the await
keyword at the top level.)
import { ApolloServer } from '@apollo/server';
import { startStandaloneServer } from '@apollo/server/standalone';
// The GraphQL schema
const typeDefs = `#graphql
type Query {
hello: String
}
`;
// A map of functions which return data for the schema.
const resolvers = {
Query: {
hello: () => 'world',
},
};
const server = new ApolloServer({
typeDefs,
resolvers,
});
const { url } = await startStandaloneServer(server);
console.log(`🚀 Server ready at ${url}`);
Now run your server with:
node server.mjs
Open the URL it prints in a web browser. It will show Apollo Sandbox, a web-based tool for running GraphQL operations. Try running the operation query { hello }
!
Apollo Server's Express middleware lets you run your GraphQL server as part of an app built with Express, the most popular web framework for Node.
First, install Apollo Server, its Express middleware, the JavaScript implementation of the core GraphQL algorithms, Express, and the standard Express middleware package for CORS headers:
npm install @apollo/server @as-integrations/express5 graphql express cors
If using Typescript you may also need to install additional type declaration packages as development dependencies to avoid common errors when importing the above packages (i.e. Could not find a declaration file for module 'cors
'):
npm install --save-dev @types/cors @types/express
Then, write the following to server.mjs
. (By using the .mjs
extension, Node lets you use the await
keyword at the top level.)
import { ApolloServer } from '@apollo/server';
import { expressMiddleware } from '@as-integrations/express5';
import { ApolloServerPluginDrainHttpServer } from '@apollo/server/plugin/drainHttpServer'
import express from 'express';
import http from 'http';
import cors from 'cors';
// The GraphQL schema
const typeDefs = `#graphql
type Query {
hello: String
}
`;
// A map of functions which return data for the schema.
const resolvers = {
Query: {
hello: () => 'world',
},
};
const app = express();
const httpServer = http.createServer(app);
// Set up Apollo Server
const server = new ApolloServer({
typeDefs,
resolvers,
plugins: [ApolloServerPluginDrainHttpServer({ httpServer })],
});
await server.start();
app.use(
cors(),
express.json(),
expressMiddleware(server),
);
await new Promise((resolve) => httpServer.listen({ port: 4000 }, resolve));
console.log(`🚀 Server ready at http://localhost:4000`);
Now run your server with:
node server.mjs
Open the URL it prints in a web browser. It will show Apollo Sandbox, a web-based tool for running GraphQL operations. Try running the operation query { hello }
!
FAQs
Core engine for Apollo GraphQL server
The npm package @apollo/server receives a total of 979,464 weekly downloads. As such, @apollo/server popularity was classified as popular.
We found that @apollo/server demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
Security News
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.