Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@neo4j/introspector
Advanced tools
Readme
This is a tool that enables you, with very little effort, to introspect the schema / data model in an existing Neo4j database and builds up a set of data structures that can be transformed into any output format.
This is provided by a separate npm package, @neo4j/introspector
.
The currently officially supported output format is GraphQL type definitions. This is usually a one-time-thing and should be considered a starting point for a GraphQL schema.
This tool has full support for generating type definitions, including:
@relationship
directive, including relationship properties@node
label
for mapping where a node label might use a character that's not in the GraphQL supported character setadditionalLabels
for nodes that has multiple labels@exclude(operations: [CREATE, DELETE, UPDATE])
directive on all node types.If an element property has mixed types through out your graph, that property will be excluded from the generated type definitions. The reason for this is that your GraphQL server will throw an error if it finds data that doesn't match the specified type.
Currently there's a programmatic API for introspecting the Neo4j schema and generating GraphQL type definitions.
This example introspects the schema, generates GraphQL type definitions and persists them to a file schema.graphql
.
You can then serve this file with your GraphQL server.
const { toGraphQLTypeDefs } = require("@neo4j/introspector");
const neo4j = require("neo4j-driver");
const fs = require("fs");
const driver = neo4j.driver("neo4j://localhost:7687", neo4j.auth.basic("neo4j", "password"));
const sessionFactory = () => driver.session({ defaultAccessMode: neo4j.session.READ });
// We create a async function here until "top level await" has landed
// so we can use async/await
async function main() {
const typeDefs = await toGraphQLTypeDefs(sessionFactory);
fs.writeFileSync("schema.graphql", typeDefs);
await driver.close();
}
main();
This example generates a read-only version of the schema from the database and immediately spins up an Apollo server.
Here the type definitions are never persisted to disk.
const { Neo4jGraphQL } = require("@neo4j/graphql");
const { toGraphQLTypeDefs } = require("@neo4j/introspector");
const neo4j = require("neo4j-driver");
const driver = neo4j.driver("neo4j://localhost:7687", neo4j.auth.basic("neo4j", "password"));
const sessionFactory = () => driver.session({ defaultAccessMode: neo4j.session.READ });
// We create a async function here until "top level await" has landed
// so we can use async/await
async function main() {
const readonly = true; // We don't want to expose mutations in this case
const typeDefs = await toGraphQLTypeDefs(sessionFactory, readonly);
const neoSchema = new Neo4jGraphQL({ typeDefs, driver });
const server = new ApolloServer({
schema: neoSchema.schema,
context: ({ req }) => ({ req }),
});
}
main();
You can introspect the schema and then transform it to any desired format.
Example:
const { toGenericStruct } = require("@neo4j/introspector");
const neo4j = require("neo4j-driver");
const driver = neo4j.driver("neo4j://localhost:7687", neo4j.auth.basic("neo4j", "password"));
const sessionFactory = () => driver.session({ defaultAccessMode: neo4j.session.READ });
async function main() {
const genericStruct = await toGenericStruct(sessionFactory, readonly);
// Programatically transform to what you need.
}
main();
FAQs
Introspect a Neo4j database model/schema
The npm package @neo4j/introspector receives a total of 1,947 weekly downloads. As such, @neo4j/introspector popularity was classified as popular.
We found that @neo4j/introspector demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.