Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@ddder/type-graphql
Advanced tools
Create GraphQL schema and resolvers with TypeScript, using classes and decorators!
Create GraphQL schema and resolvers with TypeScript, using classes and decorators!
https://19majkel94.github.io/type-graphql/
We all know that GraphQL is so great and solves many problems that we have with REST API, like overfetching and underfetching. But developing a GraphQL API in Node.js with TypeScript is sometimes a bit of pain. Why? Let's take a look at the steps we usually have to make.
At first, we create the all the schema types in SDL. We also create our data models using ORM classes, which represents our db entities. Then we start to write resolvers for our queries, mutations and fields, but this forces us to first create TS interfaces for all arguments, inputs, and even object types. Only then can we actually implement the resolvers, using weird generic signatures, e.g.:
export const recipesResolver: GraphQLFieldResolver<void, Context, RecipesArgs> =
async (_, args) => {
// our business logic, e.g.:
const repository = getRepository(Recipe);
return repository.find();
}
The biggest problem is the redundancy in our codebase, which makes it difficult to keep things in sync. To add a new field to our entity, we have to jump through all the files - modify an entity class, the schema, as well as the interface. The same goes with inputs or arguments. It's easy to forget to update one piece or make a mistake with a single type. Also, what if we've made a typo in field name? The rename feature (F2) won't work correctly.
TypeGraphQL comes to address this issues, based on experience from over a dozen months of developing GraphQL APIs in TypeScript. The main idea is to have only one source of truth by defining the schema using classes and a bit of decorator help. Additional features like dependency injection, validation or auth guards helps with common tasks that normally we would have to handle by ourselves.
As I mentioned, TypeGraphQL makes developing a GraphQL API and enjoyable process, i.e. by defining the schema using only classes and a bit of decorator magic.
So, to create types like object type or input type, we use kind of DTO classes.
For example, to declare Recipe
type we simply create a class and annotate it with decorators:
@ObjectType()
class Recipe {
@Field(type => ID)
id: string;
@Field()
title: string;
@Field(type => [Rate])
ratings: Rate[];
@Field({ nullable: true })
averageRating?: number;
}
And we get corresponding part of schema in SDL:
type Recipe {
id: ID!
title: String!
ratings: [Rate!]!
averageRating: Float
}
Then we can create queries, mutations and field resolvers. For this purpose we use controller-like classes that are called "resolvers" by convention. We can also use awesome features like dependency injection or auth guards:
@Resolver(Recipe)
class RecipeResolver {
constructor(
private recipeService: RecipeService,
) {}
@Query(returns => [Recipe])
recipes() {
return this.recipeService.findAll();
}
@Mutation()
@Authorized(Roles.Admin)
removeRecipe(@Arg("id") id: string): boolean {
return this.recipeService.removeById(id);
}
@FieldResolver()
averageRating(@Root() recipe: Recipe) {
return recipe.ratings.reduce((a, b) => a + b, 0) / recipe.ratings.length;
}
}
And in this simple way we get this part of schema in SDL:
type Query {
recipes: [Recipe!]!
}
type Mutation {
removeRecipe(id: String!): Boolean!
}
Full getting started guide with a simple walkthrough/tutorial can be found in getting started docs.
The documentation with detailed description of the API and the features is available on the website.
Below you can find installation instructions that are also important.
npm i type-graphql
reflect-metadata
shim is required:npm i reflect-metadata
and make sure to import it on top of your entry file (before you use/import type-graphql
or your resolvers):
import "reflect-metadata";
tsconfig.json
file of your project:{
"emitDecoratorMetadata": true,
"experimentalDecorators": true
}
TypeGraphQL
is designed to work with Node.js 6, 8 and latest stable. It uses features from ES7 (ES2016) so you should set your tsconfig.json
appropriately:{
"target": "es2016" // or newer if your node.js version supports this
}
graphql-subscription
dependency that rely on an AsyncIterator
, you may also have to provide the esnext.asynciterable
to the lib
option:{
"lib": ["es2016", "esnext.asynciterable"]
}
All in all, the minimal tsconfig.json
file example looks like this:
{
"compilerOptions": {
"target": "es2016",
"module": "commonjs",
"lib": ["es2016", "esnext.asynciterable"],
"experimentalDecorators": true,
"emitDecoratorMetadata": true
}
}
You can also check the examples folder on this repository for more examples of usage: simple fields resolvers, DI Container support, TypeORM integration, automatic validation, etc.
The Tests folder might also give you some tips how to get various things done.
Currently released version is a MVP (Minimum Viable Product). It is well tested (95% coverage, 4400 lines of test code) and has 90% of the planned features already implemented. However there's some work to do before 1.0.0 release and it's mostly about documentation (website, api reference and jsdoc).
There are also plans for more features like better TypeORM and dataloader integration or middlewares and custom decorators support - the full list of ideas is available on the GitHub repo. You can also keep track of development's progress on project board.
I encourage you to give it a try and experiment with TypeGraphQL. If you have any question, you can ask about it on gitter. If you find a bug, please report it as an issue on GitHub. If you have an interesting feature request, I will be happy to hear about it.
PRs are welcome, but first check, test and build your code before committing it.
If you want to add a new big feature, please create a proposal first, where we can discuss the idea and implementation details. This will prevent wasting of your time if the PR be rejected.
FAQs
Create GraphQL schema and resolvers with TypeScript, using classes and decorators!
The npm package @ddder/type-graphql receives a total of 1 weekly downloads. As such, @ddder/type-graphql popularity was classified as not popular.
We found that @ddder/type-graphql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.