Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
codemirror-graphql
Advanced tools
The codemirror-graphql npm package provides a set of tools and utilities to integrate GraphQL syntax highlighting, linting, and autocomplete features into CodeMirror, a versatile text editor implemented in JavaScript for the browser.
Syntax Highlighting
This feature allows you to enable GraphQL syntax highlighting in a CodeMirror editor instance. The code sample demonstrates how to set up a CodeMirror editor with GraphQL mode enabled.
import { GraphQLMode } from 'codemirror-graphql';
import CodeMirror from 'codemirror';
const editor = CodeMirror.fromTextArea(document.getElementById('editor'), {
mode: 'graphql',
lineNumbers: true
});
Linting
This feature provides linting capabilities for GraphQL code within a CodeMirror editor. The code sample shows how to enable linting by setting the 'lint' option to true and adding the 'CodeMirror-lint-markers' gutter.
import { GraphQLLint } from 'codemirror-graphql';
import CodeMirror from 'codemirror';
const editor = CodeMirror.fromTextArea(document.getElementById('editor'), {
mode: 'graphql',
lint: true,
gutters: ['CodeMirror-lint-markers']
});
Autocomplete
This feature enables autocomplete functionality for GraphQL code in a CodeMirror editor. The code sample demonstrates how to set up the editor to trigger autocomplete suggestions with the 'Ctrl-Space' key combination.
import { GraphQLHints } from 'codemirror-graphql';
import CodeMirror from 'codemirror';
const editor = CodeMirror.fromTextArea(document.getElementById('editor'), {
mode: 'graphql',
extraKeys: { 'Ctrl-Space': 'autocomplete' }
});
The graphql-language-service package provides a set of utilities to enhance the development experience with GraphQL, including features like syntax highlighting, linting, and autocomplete. It is similar to codemirror-graphql but can be used with different editors and environments.
The monaco-graphql package integrates GraphQL language support into the Monaco Editor, which is the editor that powers Visual Studio Code. It offers similar functionalities to codemirror-graphql, such as syntax highlighting, linting, and autocomplete, but is designed specifically for use with the Monaco Editor.
GraphiQL is an in-browser IDE for exploring GraphQL. It provides a rich set of features including syntax highlighting, linting, and autocomplete, similar to codemirror-graphql. However, GraphiQL is a complete IDE rather than a library to be integrated into other editors.
NOTE: For CodeMirror 6, use cm6-graphql instead
Provides CodeMirror with a parser mode for GraphQL along with a live linter and typeahead hinter powered by your GraphQL Schema.
npm install --save codemirror-graphql
CodeMirror helpers install themselves to the global CodeMirror when they are imported.
import type { ValidationContext, SDLValidationContext } from 'graphql';
import CodeMirror from 'codemirror';
import 'codemirror/addon/hint/show-hint';
import 'codemirror/addon/lint/lint';
import 'codemirror-graphql/hint';
import 'codemirror-graphql/lint';
import 'codemirror-graphql/mode';
CodeMirror.fromTextArea(myTextarea, {
mode: 'graphql',
lint: {
schema: myGraphQLSchema,
validationRules: [ExampleRule],
},
hintOptions: {
schema: myGraphQLSchema,
},
});
If you want to have autocompletion for external fragment definitions, there's a new configuration setting available
import CodeMirror from 'codemirror';
import 'codemirror/addon/hint/show-hint';
import 'codemirror/addon/lint/lint';
import 'codemirror-graphql/hint';
import 'codemirror-graphql/lint';
import 'codemirror-graphql/mode';
const externalFragments = /* GraphQL */ `
fragment MyFragment on Example {
id: ID!
name: String!
}
fragment AnotherFragment on Example {
id: ID!
title: String!
}
`;
CodeMirror.fromTextArea(myTextarea, {
mode: 'graphql',
lint: {
schema: myGraphQLSchema,
},
hintOptions: {
schema: myGraphQLSchema,
// here we use a string, but
// you can also provide an array of FragmentDefinitionNodes
externalFragments,
},
});
If you want to show custom validation, you can do that too! It uses the
ValidationRule
interface.
import type { ValidationRule } from 'graphql';
import CodeMirror from 'codemirror';
import 'codemirror/addon/hint/show-hint';
import 'codemirror/addon/lint/lint';
import 'codemirror-graphql/hint';
import 'codemirror-graphql/lint';
import 'codemirror-graphql/mode';
const ExampleRule: ValidationRule = context => {
// your custom rules here
const schema = context.getSchema();
const document = context.getDocument();
return {
NamedType(node) {
if (node.name.value !== node.name.value.toLowercase()) {
context.reportError('only lowercase type names allowed!');
}
},
};
};
CodeMirror.fromTextArea(myTextarea, {
mode: 'graphql',
lint: {
schema: myGraphQLSchema,
validationRules: [ExampleRule],
},
hintOptions: {
schema: myGraphQLSchema,
},
});
Build for the web with webpack or browserify.
FAQs
GraphQL mode and helpers for CodeMirror.
The npm package codemirror-graphql receives a total of 90,193 weekly downloads. As such, codemirror-graphql popularity was classified as popular.
We found that codemirror-graphql demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.