Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@ardatan/graphql-tools
Advanced tools
This package provides a few useful ways to create a GraphQL schema:
If you want to bind your JavaScript GraphQL schema to an HTTP server, we recommend using Apollo Server, which supports every popular Node HTTP server library including Express, Koa, Hapi, and more.
JavaScript GraphQL servers are often developed with graphql-tools
and apollo-server-express
together: One to write the schema and resolver code, and the other to connect it to a web server.
When using graphql-tools
, you describe the schema as a GraphQL type language string:
const typeDefs = `
type Author {
id: ID! # the ! means that every author object _must_ have an id
firstName: String
lastName: String
"""
the list of Posts by this author
"""
posts: [Post]
}
type Post {
id: ID!
title: String
author: Author
votes: Int
}
# the schema allows the following query:
type Query {
posts: [Post]
}
# this schema allows the following mutation:
type Mutation {
upvotePost (
postId: ID!
): Post
}
# we need to tell the server which types represent the root query
# and root mutation types. We call them RootQuery and RootMutation by convention.
schema {
query: Query
mutation: Mutation
}
`;
export default typeDefs;
Then you define resolvers as a nested object that maps type and field names to resolver functions:
const resolvers = {
Query: {
posts() {
return posts;
},
},
Mutation: {
upvotePost(_, { postId }) {
const post = find(posts, { id: postId });
if (!post) {
throw new Error(`Couldn't find post with id ${postId}`);
}
post.votes += 1;
return post;
},
},
Author: {
posts(author) {
return filter(posts, { authorId: author.id });
},
},
Post: {
author(post) {
return find(authors, { id: post.authorId });
},
},
};
export default resolvers;
At the end, the schema and resolvers are combined using makeExecutableSchema
:
import { makeExecutableSchema } from 'graphql-tools';
const executableSchema = makeExecutableSchema({
typeDefs,
resolvers,
});
This example has the entire type definition in one string and all resolvers in one file, but you can combine types and resolvers from multiple files and objects, as documented in the modularizing the schema section of the docs.
Contributions, issues and feature requests are very welcome. If you are using this package and fixed a bug for yourself, please consider submitting a PR!
FAQs
Useful tools to create and manipulate GraphQL schemas.
We found that @ardatan/graphql-tools demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.