Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
gql-types-generator
Advanced tools
``` npm install --save gql-types-generator ``` ``` yarn add gql-types-generator ```
Package to generate TypeScript types depending on GraphQL scheme, mutations and queries.
npm install --save gql-types-generator
yarn add gql-types-generator
gql-types-generator
provides 2 ways of generating types:
After installation of package is done, gql-types-generator
command
becomes available.
Usage: gql-types-generator [options] <schema-globs>
Options:
--operations <globs> globs to find queries and mutations
--remove-description states if description should be removed
--display <sort> how to display compiled types. Valid values are "as-is" and "default". By default, generator compiles scalars first, then enums, interfaces, inputs, unions and then types. "as-is" places types as they are placed in schema
--output-directory <path> path to directory where typings will be saved
-h, --help display help for command
When using CLI, each glob will be formatted as process.cwd() + glob. You can
pass an array of globs using comma between them like src/schema1.graphql,src/schema2.graphql
As a result, command creates a directory on passed --output-directory
path,
generates files schema.d.ts
and schema.js
:
schema.d.ts
contains all schema types and by default exports constant schema: string
which
is a text representation of schemaschema.js
exports by default text representation of schema (modules.exports = ' ... ';
)If --operations
was passed, command is searching for operations and creates a
pair of .d.ts
and .js
files for each found operation. Name of each created
file depends on original operation name and its type. So, if operation was
query getUsers { ... }
, created files will be getUsersQuery.d.ts
and
getUsersQuery.js
.
.d.ts
by default exports string which is a text representation of operation.
Additionally file contains types connected with operation. They can be:
GetUsersQuery
)GetUsersQueryVariables
).js
exports by default text representation of operation (modules.exports = ' ... ';
)Library provides such functions as compile
, compileSchema
and
compileOperations
to generate types.
compile(options)
Name | Type | Description |
---|---|---|
options.outputDirectory | string | Full path to output directory |
options.removeDescription | boolean? | Should library remove descriptions |
options.display | DisplayType? | How to display compiled types. Valid values are "as-is" and "default". By default, generator compiles scalars first, then enums, interfaces, inputs, unions and then types. "as-is" places types as they are placed in schema |
options.schemaPath | PathType | Defines paths to schema. Watch possible values for more |
options.operationsPath | PathType? | Defines paths to operations. Watch possible values for more |
import {compile} from 'gql-types-generator';
import * as path from 'path';
compile({
outputDirectory: path.resolve(__dirname, 'compiled'),
removeDescription: false,
display: 'as-is',
operationsPath: {
glob: {
cwd: process.cwd(),
glob: 'gql/operations/*.graphql'
}
},
schemaPath: {
path: [
path.resolve(__dirname, 'gql/schema/part1.graphql'),
path.resolve(__dirname, 'gql/schema/part2.graphql'),
]
},
// Or pass schema glob
schemaPath: {
glob: {
cwd: process.cwd(),
glob: 'gql/schema/*.graphql'
}
},
// Or pass schema definition directly
schemaPath: {
definition: 'type Query { ... }'
}
});
compileSchema(schemaString, outputDirectory, includeDescription?, display?)
Name | Type | Description |
---|---|---|
schemaString | string | Schema definition |
outputDirectory | string | Full path to output directory |
includeDescription | boolean? | Should library include descriptions |
display | DisplayType? | How to display compiled types. Valid values are "as-is" and "default". By default, generator compiles scalars first, then enums, interfaces, inputs, unions and then types. "as-is" places types as they are placed in schema |
import {compileSchema} from 'gql-types-generator';
import * as path from 'path';
compileSchema(
'type Query { ... }',
path.resolve(__dirname, 'gql/compiled'),
true,
'default',
);
compileOperations(operationsString, outputDirectory, schema, removeDescription?)
Name | Type | Description |
---|---|---|
operationsString | string | Operations definition |
outputDirectory | string | Full path to output directory |
schema | GraphQLSchema | Built GQL schema |
removeDescription | boolean? | Should library remove descriptions |
import {compileOperations} from 'gql-types-generator';
import * as path from 'path';
compileOperations(
'query getUser() { ... } mutation register() { ... }',
path.resolve(__dirname, 'gql/compiled'),
// We can get this value via compileSchema
gqlSchema,
true,
);
FAQs
``` npm install --save gql-types-generator ``` ``` yarn add gql-types-generator ```
The npm package gql-types-generator receives a total of 5 weekly downloads. As such, gql-types-generator popularity was classified as not popular.
We found that gql-types-generator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.