Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The 'graphiql' npm package is an in-browser IDE for exploring GraphQL. It allows developers to interactively build and test GraphQL queries, mutations, and subscriptions. It provides a user-friendly interface with features like syntax highlighting, intelligent type-ahead, and documentation explorer.
Interactive Query Building
This feature allows users to build and test GraphQL queries interactively. The code sample demonstrates how to set up GraphiQL with a custom fetcher function to interact with a GraphQL endpoint.
const React = require('react');
const ReactDOM = require('react-dom');
const GraphiQL = require('graphiql');
const fetch = require('isomorphic-fetch');
function graphQLFetcher(graphQLParams) {
return fetch('https://my-graphql-endpoint.com/graphql', {
method: 'post',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(graphQLParams),
}).then(response => response.json());
}
ReactDOM.render(
React.createElement(GraphiQL, { fetcher: graphQLFetcher }),
document.getElementById('graphiql')
);
Syntax Highlighting and Intelligent Type-Ahead
GraphiQL provides syntax highlighting and intelligent type-ahead, making it easier to write and understand GraphQL queries. The code sample shows the basic setup, which includes these features by default.
const React = require('react');
const ReactDOM = require('react-dom');
const GraphiQL = require('graphiql');
const fetch = require('isomorphic-fetch');
function graphQLFetcher(graphQLParams) {
return fetch('https://my-graphql-endpoint.com/graphql', {
method: 'post',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(graphQLParams),
}).then(response => response.json());
}
ReactDOM.render(
React.createElement(GraphiQL, { fetcher: graphQLFetcher }),
document.getElementById('graphiql')
);
Documentation Explorer
The Documentation Explorer feature allows users to browse the schema documentation directly within the GraphiQL interface. This helps in understanding the available types, queries, and mutations.
const React = require('react');
const ReactDOM = require('react-dom');
const GraphiQL = require('graphiql');
const fetch = require('isomorphic-fetch');
function graphQLFetcher(graphQLParams) {
return fetch('https://my-graphql-endpoint.com/graphql', {
method: 'post',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(graphQLParams),
}).then(response => response.json());
}
ReactDOM.render(
React.createElement(GraphiQL, { fetcher: graphQLFetcher }),
document.getElementById('graphiql')
);
Apollo Server is a community-driven, open-source GraphQL server that works with any GraphQL schema. It provides a simple setup for creating a GraphQL server and includes features like schema stitching, caching, and performance monitoring. Unlike GraphiQL, which is an IDE, Apollo Server focuses on the server-side implementation of GraphQL.
GraphQL Playground is another in-browser IDE for GraphQL, similar to GraphiQL. It offers a more modern interface and additional features like query history, configuration settings, and multiple tabs. It is often used as a replacement for GraphiQL in many projects.
Altair is a feature-rich GraphQL client that provides a clean and modern interface for testing GraphQL queries and mutations. It includes features like query history, variable management, and file uploads. Altair is similar to GraphiQL but offers more advanced features and a more polished user experience.
/ˈɡrafək(ə)l/ An interactive in-browser GraphQL IDE. Try the live demo.
npm install --save graphiql
GraphiQL provides a React component responsible for rendering the UI, which should be provided with a function for fetching from GraphQL, we recommend using the fetch standard API.
import React from 'react';
import GraphiQL from 'graphiql';
import fetch from 'isomorphic-fetch';
function graphQLFetcher(graphQLParams) {
return fetch(window.location.origin + '/graphql', {
method: 'post',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(graphQLParams),
}).then(response => response.json());
}
React.render(<GraphiQL fetcher={graphQLFetcher} />, document.body);
Build for the web with webpack or browserify, or use the pre-bundled graphiql.js file. See the example in the git repository to see how to use the pre-bundled file.
GraphiQL exports a single React component which is intended to encompass the entire browser viewport. This React component renders the GraphiQL editor.
import GraphiQL from 'graphiql';
<GraphiQL />
GraphiQL supports customization in UI and behavior by accepting React props and children.
Props:
fetcher
: a required function which accepts GraphQL-HTTP parameters and
returns a Promise which resolves to the GraphQL parsed JSON response.
schema
: an optional GraphQLSchema instance. If one is not provided,
GraphiQL will fetch one using introspection.
query
: an optional GraphQL string to use as the initial displayed query,
if not provided, the local storage or defaultQuery will be used.
defaultQuery
: an optional GraphQL string to use instead of a
blank screen when a query was not found in the local cache.
variables
: an optional GraphQL string to use as the initial displayed
query variables, if not provided, the local storage will be used.
onEditQuery
: an optional function which will be called when the Query
editor changes. The argument to the function will be the query string.
onEditVariables
: an optional function which will be called when the Query
varible editor changes. The argument to the function will be the
variables string.
getDefaultFieldNames
: an optional function used to provide default fields
to non-leaf fields which invalidly lack a selection set.
Accepts a GraphQLType instance and returns an array of field names.
If not provided, a default behavior will be used.
Children:
<GraphiQL.Logo>
: Replace the GraphiQL logo with your own.
<GraphiQL.Toolbar>
: Add a custom toolbar above GraphiQL.
<GraphiQL.Footer>
: Add a custom footer below GraphiQL Results.
FAQs
An graphical interactive in-browser GraphQL IDE.
The npm package graphiql receives a total of 227,827 weekly downloads. As such, graphiql popularity was classified as popular.
We found that graphiql demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.