Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@envelop/core
Advanced tools
This is the core package for Envelop. You can find a complete documentation here: https://github.com/n1ru4l/envelop
@envelop/core is a powerful library for building GraphQL servers with a focus on extensibility and modularity. It provides a plugin system that allows developers to easily add, remove, or customize functionalities in their GraphQL server setup.
Plugin System
The plugin system allows you to add various plugins to your GraphQL server. In this example, we use the `useSchema` plugin to set up a basic schema.
const { envelop, useSchema } = require('@envelop/core');
const { makeExecutableSchema } = require('@graphql-tools/schema');
const schema = makeExecutableSchema({
typeDefs: `
type Query {
hello: String
}
`,
resolvers: {
Query: {
hello: () => 'Hello world!',
},
},
});
const getEnveloped = envelop({
plugins: [useSchema(schema)],
});
const { parse, validate, contextFactory, execute, schema: finalSchema } = getEnveloped();
Custom Plugins
You can create custom plugins to extend the functionality of your GraphQL server. This example shows a custom plugin that logs the operation name whenever an operation is executed.
const { envelop, useLogger } = require('@envelop/core');
const customPlugin = {
onExecute({ args }) {
console.log('Executing operation:', args.operationName);
},
};
const getEnveloped = envelop({
plugins: [useLogger(), customPlugin],
});
const { execute } = getEnveloped();
Error Handling
The error handling feature allows you to manage and log errors that occur during GraphQL operations. This example demonstrates how to use the `useErrorHandler` plugin to log errors.
const { envelop, useErrorHandler } = require('@envelop/core');
const errorHandlerPlugin = useErrorHandler((errors) => {
console.error('GraphQL Errors:', errors);
});
const getEnveloped = envelop({
plugins: [errorHandlerPlugin],
});
const { execute } = getEnveloped();
Apollo Server is a popular GraphQL server library that provides an easy-to-use setup and a rich ecosystem of tools and integrations. Compared to @envelop/core, Apollo Server is more opinionated and comes with built-in features like caching, tracing, and schema stitching.
GraphQL Yoga is a fully-featured GraphQL server with a focus on simplicity and ease of use. It is built on top of GraphQL.js and provides a lot of out-of-the-box features. While @envelop/core focuses on modularity and extensibility through plugins, GraphQL Yoga aims to provide a more straightforward setup.
Express-GraphQL is a minimalistic GraphQL server middleware for Express.js. It is simple to set up and use, making it a good choice for small to medium-sized applications. Unlike @envelop/core, express-graphql does not have a plugin system and is less extensible.
@envelop/core
This is the core package for Envelop. You can find a complete documentation here: https://github.com/n1ru4l/envelop
FAQs
This is the core package for Envelop. You can find a complete documentation here: https://github.com/n1ru4l/envelop
We found that @envelop/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.