Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@neo4j/graphql
Advanced tools
A GraphQL to Cypher query execution layer for Neo4j and JavaScript GraphQL implementations
A GraphQL to Cypher query execution layer for Neo4j and JavaScript GraphQL implementations.
npm install @neo4j/graphql
⚠ graphql
& neo4j-driver
are peerDependency(s)
npm install graphql neo4j-driver
Our TypeScript source is transpiled into Common JS, this means you can use the require
syntax;
const { Neo4jGraphQL } = require("@neo4j/graphql");
Create schema and serve over port 4000 using Apollo Server:
const { Neo4jGraphQL } = require("@neo4j/graphql");
const neo4j = require("neo4j-driver");
const { ApolloServer } = require("apollo-server");
const typeDefs = `
type Movie {
title: String
year: Int
imdbRating: Float
genres: [Genre!]! @relationship(type: "IN_GENRE", direction: OUT)
}
type Genre {
name: String
movies: [Movie!]! @relationship(type: "IN_GENRE", direction: IN)
}
`;
const driver = neo4j.driver("bolt://localhost:7687", neo4j.auth.basic("neo4j", "letmein"));
const neoSchema = new Neo4jGraphQL({ typeDefs, driver });
async function main() {
const schema = await neoSchema.getSchema();
const server = new ApolloServer({
schema,
context: ({ req }) => ({ req }),
});
await server.listen(4000);
console.log("Online");
}
mutation {
createMovies(input: [{ title: "The Matrix", year: 1999, imdbRating: 8.7 }]) {
movies {
title
}
}
}
mutation {
updateMovies(
where: { title: "The Matrix" }
connect: { genres: { where: { node: { OR: [{ name: "Sci-fi" }, { name: "Action" }] } } } }
) {
movies {
title
}
}
}
mutation {
createMovies(
input: [
{
title: "The Matrix"
year: 1999
imdbRating: 8.7
genres: { connect: { where: { node: { AND: [{ name: "Sci-fi" }, { name: "Action" }] } } } }
}
]
) {
movies {
title
}
}
}
query {
movies {
title
genres {
name
}
}
}
Define, nested & related, authorization rules such as; “grant update access to all moderators of a post”;
type User {
id: ID!
username: String!
}
type Post {
id: ID!
title: String!
moderator: User @relationship(type: "MODERATES_POST", direction: IN)
}
extend type Post @auth(rules: [{ allow: [{ moderator: { id: "$jwt.sub" } }], operations: [UPDATE] }])
Specify rules on fields;
type User {
id: ID!
username: String!
}
extend type User {
password: String! @auth(rules: [{ OR: [{ allow: { id: "$jwt.sub" } }, { roles: ["admin"] }] }])
}
Use RBAC;
type Customer @auth(rules: [{ operations: [READ], roles: ["read:customer"] }]) {
id: ID
name: String
password: String @auth(rules: [{ operations: [READ], roles: ["admin"] }])
}
type Invoice @auth(rules: [{ operations: [READ], roles: ["read:invoice"] }]) {
id: ID
csv: String
total: Int
}
FAQs
A GraphQL to Cypher query execution layer for Neo4j and JavaScript GraphQL implementations
We found that @neo4j/graphql demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.