Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
gql-cache-patch
Advanced tools
Changelog
Readme
Declarative patching for gql-cache
This package contains functions to do declarative patching of gql-cache. It should also work with any cache that is a plain JS object with a flat normalized structure.
You can declare patches as data and then apply them. One usage is to apply optimistic updates to the cache when doing mutations.
Since the patches are data you can also return patches from the server. So the server could return patches to the client as part of the mutation response, and the client can then apply them to get the needed upates. One benefit of this is that the server now is responsible for knowing what parts of the schema needs updating after a mutation has been executed.
npm install gql-cache-patch --save
The package has the following constructor functions for creating the patches:
export function createEntity<T>(
id: GraphQLEntityCache.EntityId,
newValue: T
): CreateEntity;
export function deleteEntity(id: GraphQLEntityCache.EntityId): DeleteEntity;
export function updateField<T>(
id: string,
fieldName: Extract<keyof T, string>,
newValue: GraphQLEntityCache.EntityFieldValue | null
): UpdateField;
export function insertElement<T>(
id: GraphQLEntityCache.EntityId,
fieldName: Extract<keyof T, string>,
index: number,
newValue: GraphQLEntityCache.EntityFieldValue
): InsertElement;
export function removeElement<T>(
id: GraphQLEntityCache.EntityId,
fieldName: Extract<keyof T, string>,
index: number
): RemoveElement;
export function removeEntityElement<T>(
id: GraphQLEntityCache.EntityId,
fieldName: Extract<keyof T, string>,
entityId: GraphQLEntityCache.EntityId
): RemoveEntityElement;
It also has a function to apply the patches to a cache and returns a tuple of the new cache object and stale entities map:
export function apply(
patches: ReadonlyArray<CachePatch.CachePatch>,
cache: GraphQLEntityCache.EntityCache,
staleEntities: GraphQLEntityCache.StaleEntities
): [GraphQLEntityCache.EntityCache, GraphQLEntityCache.StaleEntities];
Here is a small example:
import { createEntity, apply } from "gql-cache-patch";
const cache = {};
const stale = {};
const patch = createEntity("myid", { id: "myid", name: "foo" });
const [patchedCache, patchedStale] = apply(testCase.patches, cache, stale);
console.log(JSON.stringify(cache));
/* { myid: { id: "myid", name: "foo" } } */
A patch always specifies an ID for an entity in the cache. If the specified ID does not exist in cache, applying the patch will silently do nothing. The exception to this rule is the CreateEntity
patch which will create the entity in the cache.
Applying patches that specify a field name will only have effect if that field name already exits in the cache. If the field name does not exist on the specified entity in the cache, then applying the patch will silently do nothing. If a field exists but have value null
and a InsertElement
patch is applied to that field, a new array will automatically be created when applying the patch.
This package has built-in typescript types, and when using typescript some type saftey can be achieved by using types generated for the GraphQL schema. Types for the schema can be genereted using for example graphql-code-generator and then be used as this:
import { updateField } from "gql-cache-patch";
const patch = updateField<GraphQLSchemaTypes.Foo>("myid", "myfield", "myvalue");
It would be interesting to investigate returning patches as an extension of the graphql response.
FAQs
Declarative patching for gql-cache
The npm package gql-cache-patch receives a total of 38 weekly downloads. As such, gql-cache-patch popularity was classified as not popular.
We found that gql-cache-patch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.