Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@escape.tech/graphql-armor-max-tokens
Advanced tools
@escape.tech/graphql-armor-max-tokens - npm Package Compare versions
Comparing version 1.3.1 to 1.3.2
| export * from "./declarations/src/index"; | ||
| //# sourceMappingURL=graphql-armor-max-tokens.cjs.d.ts.map |
@@ -9,3 +9,20 @@ 'use strict'; | ||
| function _toPrimitive(input, hint) { | ||
| if (typeof input !== "object" || input === null) return input; | ||
| var prim = input[Symbol.toPrimitive]; | ||
| if (prim !== undefined) { | ||
| var res = prim.call(input, hint || "default"); | ||
| if (typeof res !== "object") return res; | ||
| throw new TypeError("@@toPrimitive must return a primitive value."); | ||
| } | ||
| return (hint === "string" ? String : Number)(input); | ||
| } | ||
| function _toPropertyKey(arg) { | ||
| var key = _toPrimitive(arg, "string"); | ||
| return typeof key === "symbol" ? key : String(key); | ||
| } | ||
| function _defineProperty(obj, key, value) { | ||
| key = _toPropertyKey(key); | ||
| if (key in obj) { | ||
@@ -21,3 +38,2 @@ Object.defineProperty(obj, key, { | ||
| } | ||
| return obj; | ||
@@ -36,10 +52,6 @@ } | ||
| } | ||
| constructor(source, options) { | ||
| super(source, options); | ||
| _defineProperty(this, "_tokenCount", 0); | ||
| _defineProperty(this, "config", void 0); | ||
| this.config = Object.assign({}, maxTokenDefaultOptions, ...Object.entries(options !== null && options !== void 0 ? options : {}).map(([k, v]) => v === undefined ? {} : { | ||
@@ -54,14 +66,10 @@ [k]: v | ||
| const token = target.advance(); | ||
| if (token.kind !== graphql.TokenKind.EOF) { | ||
| this._tokenCount++; | ||
| } | ||
| if (this._tokenCount > this.config.n) { | ||
| const err = error.syntaxError(this._lexer.source, token.start, `Token limit of ${this.config.n} exceeded, found ${this._tokenCount}.`); | ||
| for (const handler of this.config.onReject) { | ||
| handler(null, err); | ||
| } | ||
| if (this.config.propagateOnRejection) { | ||
@@ -71,3 +79,2 @@ throw err; | ||
| } | ||
| for (const handler of this.config.onAccept) { | ||
@@ -78,7 +85,5 @@ handler(null, { | ||
| } | ||
| return token; | ||
| }; | ||
| } | ||
| return Reflect.get(target, prop, receiver); | ||
@@ -88,3 +93,2 @@ } | ||
| } | ||
| } | ||
@@ -97,3 +101,2 @@ function maxTokensPlugin(config) { | ||
| } | ||
| return { | ||
@@ -105,3 +108,2 @@ onParse({ | ||
| } | ||
| }; | ||
@@ -108,0 +110,0 @@ } |
@@ -9,3 +9,20 @@ 'use strict'; | ||
| function _toPrimitive(input, hint) { | ||
| if (typeof input !== "object" || input === null) return input; | ||
| var prim = input[Symbol.toPrimitive]; | ||
| if (prim !== undefined) { | ||
| var res = prim.call(input, hint || "default"); | ||
| if (typeof res !== "object") return res; | ||
| throw new TypeError("@@toPrimitive must return a primitive value."); | ||
| } | ||
| return (hint === "string" ? String : Number)(input); | ||
| } | ||
| function _toPropertyKey(arg) { | ||
| var key = _toPrimitive(arg, "string"); | ||
| return typeof key === "symbol" ? key : String(key); | ||
| } | ||
| function _defineProperty(obj, key, value) { | ||
| key = _toPropertyKey(key); | ||
| if (key in obj) { | ||
@@ -21,3 +38,2 @@ Object.defineProperty(obj, key, { | ||
| } | ||
| return obj; | ||
@@ -36,10 +52,6 @@ } | ||
| } | ||
| constructor(source, options) { | ||
| super(source, options); | ||
| _defineProperty(this, "_tokenCount", 0); | ||
| _defineProperty(this, "config", void 0); | ||
| this.config = Object.assign({}, maxTokenDefaultOptions, ...Object.entries(options !== null && options !== void 0 ? options : {}).map(([k, v]) => v === undefined ? {} : { | ||
@@ -54,14 +66,10 @@ [k]: v | ||
| const token = target.advance(); | ||
| if (token.kind !== graphql.TokenKind.EOF) { | ||
| this._tokenCount++; | ||
| } | ||
| if (this._tokenCount > this.config.n) { | ||
| const err = error.syntaxError(this._lexer.source, token.start, `Token limit of ${this.config.n} exceeded, found ${this._tokenCount}.`); | ||
| for (const handler of this.config.onReject) { | ||
| handler(null, err); | ||
| } | ||
| if (this.config.propagateOnRejection) { | ||
@@ -71,3 +79,2 @@ throw err; | ||
| } | ||
| for (const handler of this.config.onAccept) { | ||
@@ -78,7 +85,5 @@ handler(null, { | ||
| } | ||
| return token; | ||
| }; | ||
| } | ||
| return Reflect.get(target, prop, receiver); | ||
@@ -88,3 +93,2 @@ } | ||
| } | ||
| } | ||
@@ -97,3 +101,2 @@ function maxTokensPlugin(config) { | ||
| } | ||
| return { | ||
@@ -105,3 +108,2 @@ onParse({ | ||
| } | ||
| }; | ||
@@ -108,0 +110,0 @@ } |
@@ -5,3 +5,20 @@ import { TokenKind } from 'graphql'; | ||
| function _toPrimitive(input, hint) { | ||
| if (typeof input !== "object" || input === null) return input; | ||
| var prim = input[Symbol.toPrimitive]; | ||
| if (prim !== undefined) { | ||
| var res = prim.call(input, hint || "default"); | ||
| if (typeof res !== "object") return res; | ||
| throw new TypeError("@@toPrimitive must return a primitive value."); | ||
| } | ||
| return (hint === "string" ? String : Number)(input); | ||
| } | ||
| function _toPropertyKey(arg) { | ||
| var key = _toPrimitive(arg, "string"); | ||
| return typeof key === "symbol" ? key : String(key); | ||
| } | ||
| function _defineProperty(obj, key, value) { | ||
| key = _toPropertyKey(key); | ||
| if (key in obj) { | ||
@@ -17,3 +34,2 @@ Object.defineProperty(obj, key, { | ||
| } | ||
| return obj; | ||
@@ -32,10 +48,6 @@ } | ||
| } | ||
| constructor(source, options) { | ||
| super(source, options); | ||
| _defineProperty(this, "_tokenCount", 0); | ||
| _defineProperty(this, "config", void 0); | ||
| this.config = Object.assign({}, maxTokenDefaultOptions, ...Object.entries(options !== null && options !== void 0 ? options : {}).map(([k, v]) => v === undefined ? {} : { | ||
@@ -50,14 +62,10 @@ [k]: v | ||
| const token = target.advance(); | ||
| if (token.kind !== TokenKind.EOF) { | ||
| this._tokenCount++; | ||
| } | ||
| if (this._tokenCount > this.config.n) { | ||
| const err = syntaxError(this._lexer.source, token.start, `Token limit of ${this.config.n} exceeded, found ${this._tokenCount}.`); | ||
| for (const handler of this.config.onReject) { | ||
| handler(null, err); | ||
| } | ||
| if (this.config.propagateOnRejection) { | ||
@@ -67,3 +75,2 @@ throw err; | ||
| } | ||
| for (const handler of this.config.onAccept) { | ||
@@ -74,7 +81,5 @@ handler(null, { | ||
| } | ||
| return token; | ||
| }; | ||
| } | ||
| return Reflect.get(target, prop, receiver); | ||
@@ -84,3 +89,2 @@ } | ||
| } | ||
| } | ||
@@ -93,3 +97,2 @@ function maxTokensPlugin(config) { | ||
| } | ||
| return { | ||
@@ -101,3 +104,2 @@ onParse({ | ||
| } | ||
| }; | ||
@@ -104,0 +106,0 @@ } |
| { | ||
| "name": "@escape.tech/graphql-armor-max-tokens", | ||
| "version": "1.3.1", | ||
| "version": "1.3.2", | ||
| "description": "Limit the number of tokens allowed in a GraphQL document.", | ||
| "packageManager": "yarn@3.3.1", | ||
| "packageManager": "yarn@3.5.0", | ||
| "main": "dist/graphql-armor-max-tokens.cjs.js", | ||
@@ -31,12 +31,12 @@ "module": "dist/graphql-armor-max-tokens.esm.js", | ||
| "@envelop/core": "^3.0.0", | ||
| "@escape.tech/graphql-armor-types": "0.4.0" | ||
| "@escape.tech/graphql-armor-types": "0.4.1" | ||
| }, | ||
| "devDependencies": { | ||
| "@envelop/core": "3.0.4", | ||
| "@envelop/testing": "5.0.4", | ||
| "@envelop/types": "3.0.1", | ||
| "@escape.tech/graphql-armor-types": "0.4.0", | ||
| "@envelop/core": "3.0.6", | ||
| "@envelop/testing": "5.0.6", | ||
| "@envelop/types": "3.0.2", | ||
| "@escape.tech/graphql-armor-types": "0.4.1", | ||
| "graphql": "16.6.0", | ||
| "typescript": "4.9.4" | ||
| "typescript": "5.0.3" | ||
| } | ||
| } |
| # @escape.tech/graphql-armor-max-tokens | ||
| This plugin will limit the number of tokens in a GraphQL operation. | ||
| **Limit** the number of **tokens** in a GraphQL document. | ||
| ## Getting Started | ||
| It is used to prevent **DOS attack**, **heap overflow** or **server overloading**. | ||
| ## Installation | ||
| This plugin is bundled within GraphQL Armor, so you don't need to install it separately. | ||
| However, for a standalone usage, you can install it with: | ||
| ```bash | ||
@@ -15,26 +21,4 @@ # npm | ||
| ## Usage example | ||
| ## Documentation | ||
| ### With `@envelop/core` from `@the-guild-org` | ||
| ```typescript | ||
| import { envelop } from '@envelop/core'; | ||
| import { maxTokensPlugin } from '@escape.tech/graphql-armor-max-tokens'; | ||
| const getEnveloped = envelop({ | ||
| plugins: [ | ||
| // ... other plugins ... | ||
| maxTokensPlugin({ | ||
| maxTokenCount: 1000, // Number of tokens allowed in a document | Default: 1000 | ||
| }), | ||
| ] | ||
| }) | ||
| ``` | ||
| ## Design considerations | ||
| This plugin relies on a parser plugin to works and access query from the context. | ||
| This should be supported by the engine you use. | ||
| If you experience any issues, please open an issue. | ||
| [https://escape.tech/graphql-armor/docs/plugins/max-tokens](https://escape.tech/graphql-armor/docs/plugins/max-tokens) |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by14.86%
12265
- Number of package files
- increased by12.5%
9
- Lines of code
- increased by16.97%
317
Worsened metrics
- Number of lines in readme file
- decreased by-40%
24
No dependency changes