express-graphql
Advanced tools
Comparing version 0.8.0 to 0.9.0
{ | ||
"name": "express-graphql", | ||
"version": "0.8.0", | ||
"version": "0.9.0", | ||
"description": "Production ready GraphQL HTTP middleware.", | ||
"license": "BSD-3-Clause", | ||
"license": "MIT", | ||
"main": "index.js", | ||
"types": "index.d.ts", | ||
"homepage": "https://github.com/graphql/express-graphql", | ||
"bugs": { | ||
@@ -11,3 +14,3 @@ "url": "https://github.com/graphql/express-graphql/issues" | ||
"type": "git", | ||
"url": "http://github.com/graphql/express-graphql.git" | ||
"url": "https://github.com/graphql/express-graphql.git" | ||
}, | ||
@@ -24,79 +27,13 @@ "keywords": [ | ||
"engines": { | ||
"node": ">= 6.x" | ||
"node": ">= 8.x" | ||
}, | ||
"main": "dist/index.js", | ||
"directories": { | ||
"lib": "./dist" | ||
}, | ||
"files": [ | ||
"dist", | ||
"README.md", | ||
"LICENSE", | ||
"PATENTS" | ||
], | ||
"options": { | ||
"mocha": "--require resources/mocha-bootload src/**/__tests__/**/*.js" | ||
}, | ||
"babel": { | ||
"presets": [ | ||
"es2015" | ||
], | ||
"plugins": [ | ||
"transform-class-properties", | ||
"transform-flow-strip-types" | ||
] | ||
}, | ||
"scripts": { | ||
"prepublish": ". ./resources/prepublish.sh", | ||
"test": "npm run lint && npm run check && npm run testonly", | ||
"testonly": "mocha $npm_package_options_mocha", | ||
"lint": "eslint src", | ||
"prettier": "prettier --write 'src/**/*.js'", | ||
"check": "flow check", | ||
"build": "rm -rf dist/* && babel src --ignore __tests__ --out-dir dist && npm run build:flow", | ||
"build:flow": "find ./src -name '*.js' -not -path '*/__tests__*' | while read filepath; do cp $filepath `echo $filepath | sed 's/\\/src\\//\\/dist\\//g'`.flow; done", | ||
"watch": "node resources/watch.js", | ||
"cover": "babel-node node_modules/.bin/isparta cover --root src --report html node_modules/.bin/_mocha -- $npm_package_options_mocha", | ||
"cover:lcov": "babel-node node_modules/.bin/isparta cover --root src --report lcovonly node_modules/.bin/_mocha -- $npm_package_options_mocha", | ||
"preversion": "npm test", | ||
"start": "babel-node examples/index.js" | ||
}, | ||
"dependencies": { | ||
"accepts": "^1.3.5", | ||
"accepts": "^1.3.7", | ||
"content-type": "^1.0.4", | ||
"http-errors": "^1.7.2", | ||
"raw-body": "^2.3.3" | ||
"http-errors": "^1.7.3", | ||
"raw-body": "^2.4.1" | ||
}, | ||
"devDependencies": { | ||
"babel-cli": "6.26.0", | ||
"babel-eslint": "10.0.1", | ||
"babel-plugin-transform-async-to-generator": "6.24.1", | ||
"babel-plugin-transform-class-properties": "6.24.1", | ||
"babel-plugin-transform-flow-strip-types": "6.22.0", | ||
"babel-plugin-transform-runtime": "6.23.0", | ||
"babel-preset-es2015": "6.24.1", | ||
"babel-register": "6.26.0", | ||
"babel-runtime": "6.26.0", | ||
"body-parser": "1.18.3", | ||
"chai": "4.2.0", | ||
"connect": "3.6.6", | ||
"coveralls": "3.0.3", | ||
"eslint": "5.16.0", | ||
"eslint-plugin-flowtype": "3.5.1", | ||
"eslint-plugin-prettier": "3.0.1", | ||
"express": "4.16.4", | ||
"flow-bin": "0.96.0", | ||
"graphql": "14.2.1", | ||
"isparta": "4.1.1", | ||
"mocha": "6.0.2", | ||
"multer": "1.4.1", | ||
"prettier": "1.16.4", | ||
"restify": "4.3.2", | ||
"sane": "4.1.0", | ||
"sinon": "7.3.1", | ||
"supertest": "4.0.2" | ||
}, | ||
"peerDependencies": { | ||
"graphql": "^0.12.0 || ^0.13.0 || ^14.0.0" | ||
"graphql": "^14.4.1" | ||
} | ||
} |
241
README.md
@@ -1,3 +0,2 @@ | ||
GraphQL HTTP Server Middleware | ||
============================== | ||
# GraphQL HTTP Server Middleware | ||
@@ -7,3 +6,3 @@ [![Build Status](https://travis-ci.org/graphql/express-graphql.svg?branch=master)](https://travis-ci.org/graphql/express-graphql) | ||
Create a GraphQL HTTP server with any HTTP web framework that supports connect styled middleware, including [Connect](https://github.com/senchalabs/connect) itself, [Express](http://expressjs.com) and [Restify](http://restify.com/). | ||
Create a GraphQL HTTP server with any HTTP web framework that supports connect styled middleware, including [Connect](https://github.com/senchalabs/connect) itself, [Express](https://expressjs.com) and [Restify](http://restify.com/). | ||
@@ -16,3 +15,13 @@ ## Installation | ||
### TypeScript | ||
This module includes a [TypeScript](https://www.typescriptlang.org/) | ||
declaration file to enable auto complete in compatible editors and type | ||
information for TypeScript projects. This module depends on 'graphql' and the Node.js | ||
types, so install `@types/graphql` and `@types/node`: | ||
```sh | ||
$ npm install --save --dev @types/graphql @types/node | ||
``` | ||
## Simple Setup | ||
@@ -28,6 +37,9 @@ | ||
app.use('/graphql', graphqlHTTP({ | ||
schema: MyGraphQLSchema, | ||
graphiql: true | ||
})); | ||
app.use( | ||
'/graphql', | ||
graphqlHTTP({ | ||
schema: MyGraphQLSchema, | ||
graphiql: true, | ||
}), | ||
); | ||
@@ -37,3 +49,2 @@ app.listen(4000); | ||
## Setup with Restify | ||
@@ -49,11 +60,17 @@ | ||
app.post('/graphql', graphqlHTTP({ | ||
schema: MyGraphQLSchema, | ||
graphiql: false | ||
})); | ||
app.post( | ||
'/graphql', | ||
graphqlHTTP({ | ||
schema: MyGraphQLSchema, | ||
graphiql: false, | ||
}), | ||
); | ||
app.get('/graphql', graphqlHTTP({ | ||
schema: MyGraphQLSchema, | ||
graphiql: true | ||
})); | ||
app.get( | ||
'/graphql', | ||
graphqlHTTP({ | ||
schema: MyGraphQLSchema, | ||
graphiql: true, | ||
}), | ||
); | ||
@@ -63,3 +80,2 @@ app.listen(4000); | ||
## Options | ||
@@ -69,42 +85,50 @@ | ||
* **`schema`**: A `GraphQLSchema` instance from [`GraphQL.js`][]. | ||
A `schema` *must* be provided. | ||
- **`schema`**: A `GraphQLSchema` instance from [`GraphQL.js`][]. | ||
A `schema` _must_ be provided. | ||
* **`graphiql`**: If `true`, presents [GraphiQL][] when the GraphQL endpoint is | ||
loaded in a browser. We recommend that you set | ||
`graphiql` to `true` when your app is in development, because it's | ||
quite useful. You may or may not want it in production. | ||
- **`graphiql`**: If `true`, presents [GraphiQL][] when the GraphQL endpoint is | ||
loaded in a browser. We recommend that you set `graphiql` to `true` when your | ||
app is in development, because it's quite useful. You may or may not want it | ||
in production. | ||
Alternatively, instead of `true` you can pass in an options object: | ||
* **`rootValue`**: A value to pass as the `rootValue` to the `graphql()` | ||
function from [`GraphQL.js/src/execute.js`](https://github.com/graphql/graphql-js/blob/master/src/execution/execute.js#L119). | ||
- **`defaultQuery`**: An optional GraphQL string to use when no query | ||
is provided and no stored query exists from a previous session. | ||
If undefined is provided, GraphiQL will use its own default query. | ||
* **`context`**: A value to pass as the `context` to the `graphql()` | ||
function from [`GraphQL.js/src/execute.js`](https://github.com/graphql/graphql-js/blob/master/src/execution/execute.js#L120). If `context` is not provided, the | ||
`request` object is passed as the context. | ||
- **`rootValue`**: A value to pass as the `rootValue` to the `graphql()` | ||
function from [`GraphQL.js/src/execute.js`](https://github.com/graphql/graphql-js/blob/master/src/execution/execute.js#L119). | ||
* **`pretty`**: If `true`, any JSON response will be pretty-printed. | ||
- **`context`**: A value to pass as the `context` to the `graphql()` | ||
function from [`GraphQL.js/src/execute.js`](https://github.com/graphql/graphql-js/blob/master/src/execution/execute.js#L120). If `context` is not provided, the | ||
`request` object is passed as the context. | ||
* **`extensions`**: An optional function for adding additional metadata to the | ||
GraphQL response as a key-value object. The result will be added to | ||
`"extensions"` field in the resulting JSON. This is often a useful place to | ||
add development time metadata such as the runtime of a query or the amount | ||
of resources consumed. This may be an async function. The function is | ||
given one object as an argument: `{ document, variables, operationName, result, context }`. | ||
- **`pretty`**: If `true`, any JSON response will be pretty-printed. | ||
* **`validationRules`**: Optional additional validation rules queries must | ||
satisfy in addition to those defined by the GraphQL spec. | ||
- **`extensions`**: An optional function for adding additional metadata to the | ||
GraphQL response as a key-value object. The result will be added to | ||
`"extensions"` field in the resulting JSON. This is often a useful place to | ||
add development time metadata such as the runtime of a query or the amount | ||
of resources consumed. This may be an async function. The function is | ||
given one object as an argument: `{ document, variables, operationName, result, context }`. | ||
* **`customValidateFn`**: An optional function which will be used to validate | ||
instead of default `validate` from `graphql-js`. | ||
- **`validationRules`**: Optional additional validation rules queries must | ||
satisfy in addition to those defined by the GraphQL spec. | ||
* **`customExecuteFn`**: An optional function which will be used to execute | ||
instead of default `execute` from `graphql-js`. | ||
- **`customValidateFn`**: An optional function which will be used to validate | ||
instead of default `validate` from `graphql-js`. | ||
* **`customFormatErrorFn`**: An optional function which will be used to format any | ||
errors produced by fulfilling a GraphQL operation. If no function is | ||
provided, GraphQL's default spec-compliant [`formatError`][] function will be used. | ||
- **`customExecuteFn`**: An optional function which will be used to execute | ||
instead of default `execute` from `graphql-js`. | ||
* **`formatError`**: is deprecated and replaced by `customFormatErrorFn`. It will be | ||
removed in version 1.0.0. | ||
- **`customFormatErrorFn`**: An optional function which will be used to format any | ||
errors produced by fulfilling a GraphQL operation. If no function is | ||
provided, GraphQL's default spec-compliant [`formatError`][] function will be used. | ||
- **`customParseFn`**: An optional function which will be used to create a document | ||
instead of the default `parse` from `graphql-js`. | ||
- **`formatError`**: is deprecated and replaced by `customFormatErrorFn`. It will be | ||
removed in version 1.0.0. | ||
In addition to an object defining each option, options can also be provided as | ||
@@ -118,10 +142,12 @@ a function (or async function) which returns this options object. This function | ||
```js | ||
app.use('/graphql', graphqlHTTP(async (request, response, graphQLParams) => ({ | ||
schema: MyGraphQLSchema, | ||
rootValue: await someFunctionToGetRootValue(request), | ||
graphiql: true | ||
}))); | ||
app.use( | ||
'/graphql', | ||
graphqlHTTP(async (request, response, graphQLParams) => ({ | ||
schema: MyGraphQLSchema, | ||
rootValue: await someFunctionToGetRootValue(request), | ||
graphiql: true, | ||
})), | ||
); | ||
``` | ||
## HTTP Usage | ||
@@ -132,15 +158,15 @@ | ||
* **`query`**: A string GraphQL document to be executed. | ||
- **`query`**: A string GraphQL document to be executed. | ||
* **`variables`**: The runtime values to use for any GraphQL query variables | ||
as a JSON object. | ||
- **`variables`**: The runtime values to use for any GraphQL query variables | ||
as a JSON object. | ||
* **`operationName`**: If the provided `query` contains multiple named | ||
operations, this specifies which operation should be executed. If not | ||
provided, a 400 error will be returned if the `query` contains multiple | ||
named operations. | ||
- **`operationName`**: If the provided `query` contains multiple named | ||
operations, this specifies which operation should be executed. If not | ||
provided, a 400 error will be returned if the `query` contains multiple | ||
named operations. | ||
* **`raw`**: If the `graphiql` option is enabled and the `raw` parameter is | ||
provided raw JSON will always be returned instead of GraphiQL even when | ||
loaded from a browser. | ||
- **`raw`**: If the `graphiql` option is enabled and the `raw` parameter is | ||
provided raw JSON will always be returned instead of GraphiQL even when | ||
loaded from a browser. | ||
@@ -161,14 +187,13 @@ GraphQL will first look for each parameter in the URL's query-string: | ||
If the POST body has not yet been parsed, express-graphql will interpret it | ||
depending on the provided *Content-Type* header. | ||
depending on the provided _Content-Type_ header. | ||
* **`application/json`**: the POST body will be parsed as a JSON | ||
object of parameters. | ||
- **`application/json`**: the POST body will be parsed as a JSON | ||
object of parameters. | ||
* **`application/x-www-form-urlencoded`**: this POST body will be | ||
parsed as a url-encoded string of key-value pairs. | ||
- **`application/x-www-form-urlencoded`**: this POST body will be | ||
parsed as a url-encoded string of key-value pairs. | ||
* **`application/graphql`**: The POST body will be parsed as GraphQL | ||
query string, which provides the `query` parameter. | ||
- **`application/graphql`**: The POST body will be parsed as GraphQL | ||
query string, which provides the `query` parameter. | ||
## Combining with Other Express Middleware | ||
@@ -188,8 +213,11 @@ | ||
app.use(session({ secret: 'keyboard cat', cookie: { maxAge: 60000 }})); | ||
app.use(session({ secret: 'keyboard cat', cookie: { maxAge: 60000 } })); | ||
app.use('/graphql', graphqlHTTP({ | ||
schema: MySessionAwareGraphQLSchema, | ||
graphiql: true | ||
})); | ||
app.use( | ||
'/graphql', | ||
graphqlHTTP({ | ||
schema: MySessionAwareGraphQLSchema, | ||
graphiql: true, | ||
}), | ||
); | ||
``` | ||
@@ -207,9 +235,8 @@ | ||
// use `request.session` here | ||
} | ||
} | ||
} | ||
}, | ||
}, | ||
}, | ||
}); | ||
``` | ||
## Providing Extensions | ||
@@ -235,18 +262,27 @@ | ||
app.use(session({ secret: 'keyboard cat', cookie: { maxAge: 60000 }})); | ||
app.use(session({ secret: 'keyboard cat', cookie: { maxAge: 60000 } })); | ||
const extensions = ({ document, variables, operationName, result, context }) => { | ||
const extensions = ({ | ||
document, | ||
variables, | ||
operationName, | ||
result, | ||
context, | ||
}) => { | ||
return { | ||
runTime: Date.now() - context.startTime | ||
} | ||
} | ||
runTime: Date.now() - context.startTime, | ||
}; | ||
}; | ||
app.use('/graphql', graphqlHTTP(request => { | ||
return { | ||
schema: MyGraphQLSchema, | ||
context: { startTime: Date.now() }, | ||
graphiql: true, | ||
extensions | ||
}; | ||
})); | ||
app.use( | ||
'/graphql', | ||
graphqlHTTP(request => { | ||
return { | ||
schema: MyGraphQLSchema, | ||
context: { startTime: Date.now() }, | ||
graphiql: true, | ||
extensions, | ||
}; | ||
}), | ||
); | ||
``` | ||
@@ -266,6 +302,5 @@ | ||
## Additional Validation Rules | ||
GraphQL's [validation phase](https://facebook.github.io/graphql/#sec-Validation) checks the query to ensure that it can be successfully executed against the schema. The `validationRules` option allows for additional rules to be run during this phase. Rules are applied to each node in an AST representing the query using the Visitor pattern. | ||
GraphQL's [validation phase](https://graphql.github.io/graphql-spec/#sec-Validation) checks the query to ensure that it can be successfully executed against the schema. The `validationRules` option allows for additional rules to be run during this phase. Rules are applied to each node in an AST representing the query using the Visitor pattern. | ||
@@ -282,3 +317,3 @@ A validation rule is a function which returns a visitor for one or more node Types. Below is an example of a validation preventing the specific fieldname `metadata` from being queried. For more examples see the [`specifiedRules`](https://github.com/graphql/graphql-js/tree/master/src/validation/rules) in the [graphql-js](https://github.com/graphql/graphql-js) package. | ||
if (fieldName === "metadata") { | ||
if (fieldName === 'metadata') { | ||
context.reportError( | ||
@@ -290,3 +325,3 @@ new GraphQLError( | ||
} | ||
} | ||
}, | ||
}; | ||
@@ -309,6 +344,5 @@ } | ||
// do something... | ||
}) | ||
}); | ||
``` | ||
## Debugging Tips | ||
@@ -324,11 +358,10 @@ | ||
stack: error.stack ? error.stack.split('\n') : [], | ||
path: error.path | ||
}) | ||
path: error.path, | ||
}); | ||
``` | ||
[`GraphQL.js`]: https://github.com/graphql/graphql-js | ||
[`formatError`]: https://github.com/graphql/graphql-js/blob/master/src/error/formatError.js | ||
[GraphiQL]: https://github.com/graphql/graphiql | ||
[`graphql.js`]: https://github.com/graphql/graphql-js | ||
[`formaterror`]: https://github.com/graphql/graphql-js/blob/master/src/error/formatError.js | ||
[graphiql]: https://github.com/graphql/graphiql | ||
[`multer`]: https://github.com/expressjs/multer | ||
[`express-session`]: https://github.com/expressjs/session |
Sorry, the diff of this file is not supported yet
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
1394201
0
5785
350
2
4
Updatedaccepts@^1.3.7
Updatedhttp-errors@^1.7.3
Updatedraw-body@^2.4.1