Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@ardatan/graphql-scalars
Advanced tools
A collection of scalar types not included in base GraphQL.
A library of custom GraphQL scalar types for creating precise type-safe GraphQL schemas.
npm install --save @okgrow/graphql-scalars
or
yarn add @okgrow/graphql-scalars
To use these scalars you'll need to add them in two places, your schema and your resolvers map.
NOTE: The new RegularExpression
scalar will be used a little differently and is explained below.
In your schema:
scalar DateTime
scalar EmailAddress
scalar NegativeFloat
scalar NegativeInt
scalar NonNegativeFloat
scalar NonNegativeInt
scalar NonPositiveFloat
scalar NonPositiveInt
scalar PhoneNumber
scalar PositiveFloat
scalar PositiveInt
scalar PostalCode
scalar RegularExpression
scalar UnsignedFloat
scalar UnsignedInt
scalar URL
In your resolver map, first import them:
import {
DateTime,
NonPositiveInt,
PositiveInt,
NonNegativeInt,
NegativeInt,
NonPositiveFloat,
PositiveFloat,
NonNegativeFloat,
NegativeFloat,
EmailAddress,
URL,
PhoneNumber,
PostalCode,
} from '@okgrow/graphql-scalars';
Then make sure they're in the root resolver map like this:
const myResolverMap = {
DateTime,
NonPositiveInt,
PositiveInt,
NonNegativeInt,
NegativeInt,
NonPositiveFloat,
PositiveFloat,
NonNegativeFloat,
NegativeFloat,
EmailAddress,
URL,
PhoneNumber,
PostalCode,
Query: {
// more stuff here
},
Mutation: {
// more stuff here
},
};
NOTE: NonNegativeFloat
and NonNegativeInt
are also available under the aliases UnsignedFloat
and UnsignedInt
, respectively.
Alternatively, use the default import and ES6's spread operator syntax:
import OKGGraphQLScalars from '@okgrow/graphql-scalars';
Then make sure they're in the root resolver map like this:
const myResolverMap = {
...OKGGraphQLScalars,
Query: {
// more stuff here
},
Mutation: {
// more stuff here
},
};
That's it. Now you can use these scalar types in your schema definition like this:
type Person {
birthDate: DateTime
ageInYears: PositiveInt
heightInInches: PositiveFloat
minimumHourlyRate: NonNegativeFloat
currentlyActiveProjects: NonNegativeInt
email: EmailAddress
homePage: URL
phoneNumber: PhoneNumber
homePostalCode: PostalCode
}
These scalars can be used just like the base, built-in ones.
import { ApolloServer } from 'apollo-server';
import { makeExecutableSchema } from 'graphql-tools';
// import all scalars and resolvers
import OKGGraphQLScalars, {
OKGScalarDefinitions,
} from '@okgrow/graphql-scalars';
// Alternatively, import individual scalars and resolvers
// import { DateTime, DateTimeScalar, ... } from "@okgrow/graphql-scalars"
const server = new ApolloServer({
schema: makeExecutableSchema({
typeDefs: [
// use spread syntax to add scalar definitions to your schema
...OKGScalarDefinitions,
// DateTimeScalar,
// ...
// ... other type definitions ...
],
resolvers: {
// use spread syntax to add scalar resolvers to your resolver map
...OKGGraphQLScalars,
// DateTime,
// ...
// ... remainder of resolver map ...
},
}),
});
server.listen().then(({ url }) => {
console.log(`🚀 Server ready at ${url}`);
});
First an explanation: To create a new scalar type to the GraphQL schema language, you must create an
instance of a new GraphQLScalarType
object that implements three general functions/methods:
serialize
, parseValue
and parseLiteral
which are used at different stages of processing your
GraphQL types during queries and mutations. So creating a new scalar looks like this:
const MyScalar = new GraphQLScalarType({
'MyScalar',
description: 'A description of my scalar',
serialize(value) {
// ...
return value;
},
parseValue(value) {
// ...
return value;
},
parseLiteral(ast) {
// ...
return ast.value;
}
});
Given this, if we want to create a new type that is essentially the same except for one little
customizable aspect (e.g., a regular expression type that has all the same code except the regex is
different) then we need to dynamically generate a new GraphQLScalarType
object given some
parameters. That's the approach we take here.
Therefore the RegularExpression
scalar type is really a GraphQLScalarType
object generator
that takes two arguments:
So to create a new scalar for a given regex, you will do this:
const MyRegexType = new RegularExpression('MyRegexType', /^ABC$/);
Now MyRegexType
is your new GraphQL scalar type that will enforce a value of, in this case, "ABC".
Add your new scalar type to your resolver map:
export default {
MyRegexType,
};
And to your schema:
scalar MyRegexType
That's it. Now you can use MyRegexType
as a type in the rest of your schema.
There is an optional third options
argument to the RegularExpression constructor that can be used like this:
const options = {
errorMessage: (regex, value) => {
if (process.env.NODE_ENV === 'production')
return `Value is invalid format: ${value} `;
else
return `Value does not match the regular expression ${regex}: ${value}`;
},
};
const MyRegexType = new RegularExpression('MyRegexType', /^ABC$/, options);
The primary purposes these scalars, really of all types are to:
Person
type in your schema
and that type has as field like ageInYears
, the value of that can only be null or a positive
integer (or float, depending on how you want your schema to work). It should never be zero or
negative.This package adds to the base options available in GraphQL to support types that are reasonably common in defining schemas or interfaces to data.
Use real JavaScript Dates for GraphQL fields. Currently you can use a String or an Int (e.g., a timestamp in milliseconds) to represent a date/time. This scalar makes it easy to be explicit about the type and have a real JavaScript Date returned that the client can use without doing the inevitable parsing or conversion themselves.
Integers that will have a value of 0 or more. Uses parseInt()
.
Integers that will have a value of 0 or less. Uses parseInt()
.
Integers that will have a value greater than 0. Uses parseInt()
.
Integers that will have a value less than 0. Uses parseInt()
.
Floats that will have a value of 0 or more. Uses parseFloat()
.
Floats that will have a value of 0 or less. Uses parseFloat()
.
Floats that will have a value greater than 0. Uses parseFloat()
.
Floats that will have a value less than 0. Uses parseFloat()
.
A field whose value conforms to the standard internet email address format as specified in RFC822.
A field whose value conforms to the standard URL format as specified in RFC3986.
A field whose value conforms to the standard E.164 format as specified in
E.164 specification. Basically this is +17895551234
.
The very powerful
libphonenumber
library is available to take
that format, parse and display it in whatever display format you want. It can also be used to
parse user input and get the E.164 format to pass into a schema.
We're going to start with a limited set as suggested here and here.
Which gives us the following countries:
This is really a practical decision of weight (of the package) vs. completeness.
In the future we might expand this list and use the more comprehensive list found here.
A GraphQLScalarType
object generator that takes two arguments:
name
- The name of your custom typeregex
- The regex to be used to check against any values for fields with this new typeconst MyRegexType = new RegularExpression('MyRegexType', /^ABC$/);
GraphQL is a wonderful new approach to application data and API layers that's gaining momentum. If you have not heard of it, start here and check out Apollo also.
However, for all of GraphQL's greatness. It is missing a couple things that we have (and you might) find very useful in defining your schemas. Namely GraphQL has a limited set of scalar types and we have found there are some additional scalar types that are useful in being more precise in our schemas. Thankfully, those sharp GraphQL folks provided a simple way to add new custom scalar types if needed. That's what this package does.
NOTE: We don't fault the GraphQL folks for these omissions. They have kept the core small and clean. Arguably not every project needs these additional scalar types. But we have, and now you can use them too if needed.
Released under the MIT license.
Issues and Pull Requests are always welcome.
Please read our contribution guidelines.
FAQs
A collection of scalar types not included in base GraphQL.
The npm package @ardatan/graphql-scalars receives a total of 0 weekly downloads. As such, @ardatan/graphql-scalars popularity was classified as not popular.
We found that @ardatan/graphql-scalars demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.