Security News
Vite+ Joins the Push to Consolidate JavaScript Tooling
Evan You announces Vite+, a commercial, Rust-powered toolchain built on the Vite ecosystem to unify JavaScript development and fund open source.
By Sarah Gooding - Oct 15, 2025
Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More →
@carlipa/aurora-graphql
Advanced tools
@carlipa/aurora-graphql
GraphQL dynamic server, using lazy schema creation, and agnostic (mongoose based) storage engine
Aurora GraphQL
Aurora GraphQL is an express middleware that supports multiple projects, dynamically loaded.
GraphQL - Relay
The goal of this library is to provide an easy and fast way to create a GraphQL, Relay compliant server, that can serve multiple projects.
Express Middleware
Aurora GraphQL is an express middleware, that uses the content of req.aurora to operate.
Usage
Aurora GraphQL expect its req to contains an aurora key, which is an object of 3 values: project, storage and allowMutation.
Project
The project can either be hard loaded at the server start, or dynamically loaded with each request.
The GraphQL schema is created each time the hash value of a given project changes.
project: {
name: 'Project name',
// A Hash of the classes definitions, if not present, it will be generated for each request
hash: '123456789',
// The classes
classes: {
// Classes definition version, used when upgrading
version: 2,
// The actual classes definitions
definitions: { ... }
}
}
Each time you change the project object in your database, you should create the hash value, and store it. That way, it won't be recreated each time a request is performed.
Storage
To be as agnostic as possible, the storage part is not handled by Aurora GraphQL, you must create some methods in a previous middleware.
The storage object must have this shape:
storage: {
// A method that must return a mongoose model
getModel: function(modelName, schema) { ... },
// Files specific methods
files: {
// Takes one ID, returns one file metadata
getOneFileMetadataById: function(id) { ... },
// Takes an array of IDs, returns an array of files metadata
getManyFileMetadataByIds: function(ids) { ... }
}
}
The getModel method should act like mongoose's model method (http://mongoosejs.com/docs/models.html)
Allow Mutation
Mutations are disabled by default, this is a safety lock.
Using your own authentication system, set the value of req.aurora.allowMutation to true, and they will be unlocked.
FAQs
GraphQL dynamic server, using lazy schema creation, and agnostic (mongoose based) storage engine
The npm package @carlipa/aurora-graphql receives a total of 0 weekly downloads. As such, @carlipa/aurora-graphql popularity was classified as not popular.
We found that @carlipa/aurora-graphql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 17 Aug 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Ruby Central Faces Backlash After Publishing Incident Timeline on RubyGems Access Dispute
Ruby Central’s incident report on the RubyGems.org access dispute sparks backlash from former maintainers and renewed debate over project governance.
By Sarah Gooding - Oct 14, 2025
Research
/Security News
Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
By Olivia Brown - Oct 11, 2025