Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@graphql-tools/optimize
Advanced tools
The @graphql-tools/optimize package is designed to optimize GraphQL schemas and queries. It provides functionalities to simplify and enhance the performance of GraphQL operations by removing unnecessary fields, types, and directives, and by optimizing query execution.
Optimize GraphQL Schema
This feature allows you to optimize GraphQL documents based on a given schema. It removes unused fragments and fields that are not required for the queries to execute, which can lead to performance improvements in query execution.
import { optimizeDocuments } from '@graphql-tools/optimize';
import { parse, print } from 'graphql';
const schema = parse(`type Query { hello: String }`);
const documents = [parse(`query { hello }`)];
const optimizedDocuments = optimizeDocuments(schema, documents);
console.log(print(optimizedDocuments[0]));
Remove Unused Types
This feature optimizes the GraphQL schema by removing types that are not used in any of the operations. This can help in reducing the size of the schema and improving the load times and performance of GraphQL servers.
import { optimizeSchema } from '@graphql-tools/optimize';
import { makeExecutableSchema } from '@graphql-tools/schema';
const schema = makeExecutableSchema({ typeDefs: `type Query { hello: String } type Unused { id: ID }` });
const optimizedSchema = optimizeSchema(schema);
console.log(optimizedSchema.getTypeMap());
This package provides a way to analyze and limit the complexity of GraphQL queries, based on configurable rules. It is similar to @graphql-tools/optimize in that it helps improve the performance of GraphQL APIs by preventing overly complex queries from being executed.
While primarily focused on building and mocking GraphQL schemas, graphql-tools also includes some features for optimizing schemas, similar to @graphql-tools/optimize. However, it covers a broader range of functionalities including stitching and merging schemas, which is not the primary focus of @graphql-tools/optimize.
DocumentNode
OptimizerThis package is intended to allow developers to optimize DocumentNode
objects created by graphql
library.
It's built as a set of small optimizers you can compose to get the most out of your GraphQL setup.
The goal of this package is mostly around making optimizations for the way the data is stored in DocumentNode
, and not to the essence of the DocumentNode
.
yarn add -D @graphql-tools/optimize
To get started with this tool, import it and run it over your DocumentNode
.
import { optimizeDocumentNode } from '@graphql-tools/optimize';
const myDocument: DocumentNode = { ... }
const optimizedDocument = optimizeDocumentNode(myDocument);
By default, we apply all optimizers available in this repo over your document. It shouldn't effect any runtime since we just remove dead or unused areas.
You can modify the list of optimizers this way:
import { optimizeDocumentNode, removeDescriptions } from '@graphql-tools/optimize';
const myDocument: DocumentNode = { ... }
const optimizedDocument = optimizeDocumentNode(myDocument, [removeDescriptions]);
You can create your own optimizer to manipulate DocumentNode
, the API signature is pretty simple:
export type DocumentOptimizer = (input: DocumentNode) => DocumentNode
Take a look at [./optimizers](this directory for inspiration and implementation reference).
FAQs
A set of utils for faster development of GraphQL tools
The npm package @graphql-tools/optimize receives a total of 2,437,389 weekly downloads. As such, @graphql-tools/optimize popularity was classified as popular.
We found that @graphql-tools/optimize demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.