Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
graphql-config
Advanced tools
The easiest way to configure your development environment with your GraphQL schema (supported by most tools, editors & IDEs)
The graphql-config npm package provides a set of utilities to make it easier to configure and use GraphQL in your development environment. It allows for the centralization of GraphQL project configurations, making it simpler to share settings across different tools such as IDEs, GraphQL clients, and other utilities that work with GraphQL.
Loading GraphQL Project Configuration
This feature allows you to load the GraphQL project configuration. The `loadConfig` function asynchronously loads the configuration from the default or specified configuration file.
const { loadConfig } = require('graphql-config');
async function main() {
const config = await loadConfig();
console.log(config);
}
main();
Getting Schema Information
This feature enables you to retrieve the GraphQL schema information from the configuration. It's useful for tools and applications that need to introspect the schema.
const { loadConfig } = require('graphql-config');
async function main() {
const config = await loadConfig();
const schema = await config.getDefault().getSchema();
console.log(schema);
}
main();
Working with Endpoints
This feature allows for the management of GraphQL API endpoints within the configuration. It simplifies the process of switching between different environments or API versions.
const { loadConfig } = require('graphql-config');
async function main() {
const config = await loadConfig();
const endpoint = config.getDefault().endpoint('default');
console.log(endpoint);
}
main();
graphql-tools is a package that provides a set of utilities for building and working with GraphQL schemas. It is similar to graphql-config in that it helps with GraphQL development, but it focuses more on schema creation, mocking, and stitching, rather than configuration management.
apollo-server is a community-driven, open-source GraphQL server. It's similar to graphql-config in the sense that it's used in GraphQL development environments. However, apollo-server focuses on building and running GraphQL servers, including features like schema definition, data fetching, and request handling, rather than on project configuration.
GraphQL Config - one configuration for all your GraphQL tools (supported by most tools, editors & IDEs). The easiest way to configure your development environment with your GraphQL Schema.
As a developer, you gain simplicity and a central place to setup libraries, tools and your IDE extensions.
As a library author GraphQL Config makes it easier to maintain the code responsible for handling configuration, loading GraphQL schemas or even files with GraphQL operations and fragments. GraphQL Config provides a set of useful methods and an easy-to-work-with API.
schema: ./schema.json
documents: ./src/components/**/*.jsx
Visit our website graphql-config.com to learn more about the GraphQL Config.
Join our Discord chat if you run into issues or have questions. We love talking to you!
Contributions, issues and feature requests are very welcome. If you are using this package and fixed a bug for yourself, please consider submitting a PR!
And if this is your first time contributing to this project, please do read our Contributor Workflow Guide before you get started off.
Help us keep GraphQL Config open and inclusive. Please read and follow our Code of Conduct as adopted from Contributor Covenant
MIT
FAQs
The easiest way to configure your development environment with your GraphQL schema (supported by most tools, editors & IDEs)
We found that graphql-config demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.