Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@graphql-inspector/cli
Advanced tools
Readme
GraphQL Inspector outputs a list of changes between two GraphQL schemas. Every change is precisely explained and marked as breaking, non-breaking or dangerous. It helps you validate documents and fragments against a schema and even find similar or duplicated types.
Major features:
GraphQL Inspector has a CLI and also a programmatic API, so you can use it however you want to and even build tools on top of it.
# CLI
pnpm add @graphql-inspector/cli
# Core API for programmatic usage
pnpm add @graphql-inspector/core
Compares schemas and finds breaking or dangerous changes.
CLI:
$ graphql-inspector diff OLD_SCHEMA NEW_SCHEMA
API:
import { Change, diff } from '@graphql-inspector/core'
const changes: Change[] = diff(schemaA, schemaB)
Finds similar / duplicated types.
CLI:
$ graphql-inspector similar SCHEMA
API:
import { similar, SimilarMap } from '@graphql-inspector/core'
const similar: SimilarMap = similar(schema, typename, threshold)
Schema coverage based on documents. Find out how many times types and fields are used in your application.
CLI:
$ graphql-inspector coverage DOCUMENTS SCHEMA
API:
import { coverage, SchemaCoverage } from '@graphql-inspector/core'
const schemaCoverage: SchemaCoverage = coverage(schema, documents)
Validates documents against a schema and looks for deprecated usage.
CLI:
$ graphql-inspector validate DOCUMENTS SCHEMA
API:
import { InvalidDocument, validate } from '@graphql-inspector/core'
const invalid: InvalidDocument[] = validate(documentsGlob, schema)
Audit your documents for useful metrics such as query depth, directive count and alias count.
CLI:
$ graphql-inspector audit DOCUMENTS
API:
Not available
$ pnpm graphql-inspector audit "packages/**/*.graphql|packages/**/*.ts(x)"
Maximum depth is 16
Maximum alias amount is 3
Maximum directive amount is 6
$ pnpm graphql-inspector audit "packages/**/*.graphql|packages/**/*.ts(x)" --detail
┌────────────────┬───────┬─────────┬────────────┐
│ Operation Name │ Depth │ Aliases │ Directives │
├────────────────┼───────┼─────────┼────────────┤
│ getFoo │ 1 │ 2 │ 6 │
├────────────────┼───────┼─────────┼────────────┤
│ getBar │ 16 │ 3 │ 0 │
└────────────────┴───────┴─────────┴────────────┘
Maximum depth is 16
Maximum alias amount is 3
Maximum directive amount is 6
Serves a GraphQL server with faked data and GraphQL Playground
CLI:
$ graphql-inspector serve SCHEMA
✅ Serving the GraphQL API on http://localhost:4000/
Introspects a GraphQL Server and writes the result to a file
CLI:
$ graphql-inspector introspect SCHEMA --write schema.json
✅ Introspection result saved to schema.json
Have a per-repository, self-hosted GraphQL Inspector service or deploy it with Docker.
# install
pnpm add --global @graphql-inspector/actions
# use
$ graphql-inspector-github
{
"name": "app",
"scripts": {
"precommit": "graphql-inspector introspect schema.js --write schema.graphql && git add schema.graphql"
},
"graphql-inspector": {
"diff": true,
"schema": {
"ref": "master",
"path": "schema.graphql"
}
}
}
Get GitHub annotations in your PRs.
SCHEMA
Path to a CommonJS or ES Module that exports an object
Example:
graphql-inspector coverage ./src/schema.js
Example with TypeScript:
graphql-inspector coverage ./src/schema.ts --require ts-node/register
// String
export default `
type Query {
hello: String
}
`
// GraphQLSchema
export default makeExecutableSchema({...});
// GraphQL Document
export default gql`
type Query {
hello: String
}
`
// IntrospectionQuery result
export default {
data: {
__schema: {
...
}
}
}
Pointer to a Git repository
Example:
graphql-inspector diff git:origin/master:schema.graphql
Pattern:
git:ref:path/to/file
Pointer to a GitHub repository
Example:
graphql-inspector coverage github:kamilkisiela/graphql-inspector-example#master:schema.graphql
Pattern:
github:owner/name#ref:path/to/file
GraphQL File
Example:
graphql-inspector coverage schema.graphql
graphql-inspector coverage schema.gql
JSON File
Example:
graphql-inspector coverage introspected-schema.json
URL to a GraphQL endpoint
Example:
graphql-inspector coverage https://localhost:3000/graphql
DOCUMENTS
Glob pattern
Example:
graphql-inspector validate ./src/**/*.{js,jsx,tsx,graphql} https://localhost:3000/graphql
Supports TypeScript, JavaScript and GraphQL Files (Extensions: ts,tsx,js,jsx,graphql,gql,graphqls).
Find out what the CLI is capable of:
graphql-inspector --help
graphql-inspector similar --help
MIT © Kamil Kisiela
FAQs
Tooling for GraphQL. Compare GraphQL Schemas, check documents, find breaking changes, find similar types.
The npm package @graphql-inspector/cli receives a total of 117,173 weekly downloads. As such, @graphql-inspector/cli popularity was classified as popular.
We found that @graphql-inspector/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.