Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@apollo/server-plugin-landing-page-graphql-playground
Advanced tools
Apollo Server landing page plugin for GraphQL Playground
⚠️ Note: The use of GraphQL Playground in Apollo Server was supported in previous versions, but this is no longer the case as of December 31, 2022. This package is deprecated and exists for v4 migration purposes only. We do not intend to resolve security issues or other bugs with this package if they arise, so please migrate away from this to Apollo Server's default Explorer as soon as possible. ⚠️
This is a plugin for Apollo Server 4 that makes your GraphQL server serve the GraphQL Playground IDE as a landing page.
GraphQL Playground was the only landing page available for Apollo Server 2. The GraphQL Playground project is officially retired and we do not recommend its continued use. We recommend Apollo Server 4's default landing page, which serves the similar but actively maintained Apollo Sandbox, or a custom landing page.
To help developers migrating from Apollo Server 2, we do still provide a landing page plugin that allows you to use GraphQL Playground with Apollo Server. In Apollo Server 3, that plugin is distributed as part of the apollo-server-core
package. In Apollo Server 4, that plugin is distributed separately in this package.
To use GraphQL Playground with Apollo Server 4, first npm install @apollo/server-plugin-landing-page-graphql-playground
, and then:
import { ApolloServer } from '@apollo/server';
import { ApolloServerPluginLandingPageGraphQLPlayground } from '@apollo/server-plugin-landing-page-graphql-playground';
const server = new ApolloServer({
plugins: [ApolloServerPluginLandingPageGraphQLPlayground()],
// ... other options ...
});
Note that this will serve GraphQL Playground unconditionally. If you would prefer to only serve it when not in production, you can use process.env.NODE_ENV
to determine whether to include the plugin in the plugins
option yourself.
FAQs
Apollo Server landing page plugin for GraphQL Playground
The npm package @apollo/server-plugin-landing-page-graphql-playground receives a total of 242,866 weekly downloads. As such, @apollo/server-plugin-landing-page-graphql-playground popularity was classified as popular.
We found that @apollo/server-plugin-landing-page-graphql-playground demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.