Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
graphql-tools
Advanced tools
The graphql-tools package is a set of utilities that help in the development of GraphQL schemas and resolvers in JavaScript. It provides tools for schema stitching, schema delegation, and schema transformation, among other functionalities.
Schema Stitching
Schema stitching allows you to combine multiple GraphQL schemas into a single schema. This is useful for modularizing your GraphQL API and for integrating multiple services.
const { makeExecutableSchema, mergeSchemas } = require('graphql-tools');
const schemaA = makeExecutableSchema({ typeDefs: `type Query { hello: String }`, resolvers: { Query: { hello: () => 'Hello from schema A' } } });
const schemaB = makeExecutableSchema({ typeDefs: `type Query { world: String }`, resolvers: { Query: { world: () => 'World from schema B' } } });
const mergedSchema = mergeSchemas({ schemas: [schemaA, schemaB] });
Schema Delegation
Schema delegation allows you to forward a query from one schema to another. This is useful for creating a unified API that delegates parts of the query to different underlying services.
const { delegateToSchema } = require('graphql-tools');
const schemaA = makeExecutableSchema({ typeDefs: `type Query { hello: String }`, resolvers: { Query: { hello: () => 'Hello from schema A' } } });
const resolvers = {
Query: {
helloFromA: (parent, args, context, info) => delegateToSchema({ schema: schemaA, operation: 'query', fieldName: 'hello', context, info })
}
};
Schema Transformation
Schema transformation allows you to modify an existing schema. This can include renaming types, adding or removing fields, and other modifications. This is useful for adapting third-party schemas to fit your needs.
const { transformSchema, RenameTypes } = require('graphql-tools');
const schema = makeExecutableSchema({ typeDefs: `type Query { hello: String }`, resolvers: { Query: { hello: () => 'Hello' } } });
const transformedSchema = transformSchema(schema, [new RenameTypes(name => `New_${name}`)]);
Apollo Server is a community-maintained open-source GraphQL server that works with any GraphQL schema built with graphql-tools. It provides an easy way to set up a GraphQL server with features like schema stitching, schema delegation, and more. Compared to graphql-tools, Apollo Server is more focused on providing a complete server setup, including integrations with various data sources and middleware.
graphql-compose is a toolkit for generating complex GraphQL schemas in an easier and more readable way. It provides a set of utilities for schema creation, schema stitching, and schema transformation. Compared to graphql-tools, graphql-compose offers a more composable and functional approach to building GraphQL schemas.
This package allows you to use the GraphQL schema language to build your GraphQL.js schema, and also includes useful schema tools like per-type mocking.
See and edit the live example on Launchpad.
When using graphql-tools
, you describe the schema as a GraphQL type language string:
const typeDefs = `
type Author {
id: ID! # the ! means that every author object _must_ have an id
firstName: String
lastName: String
posts: [Post] # the list of Posts by this author
}
type Post {
id: ID!
title: String
author: Author
votes: Int
}
# the schema allows the following query:
type Query {
posts: [Post]
}
# this schema allows the following mutation:
type Mutation {
upvotePost (
postId: ID!
): Post
}
# we need to tell the server which types represent the root query
# and root mutation types. We call them RootQuery and RootMutation by convention.
schema {
query: Query
mutation: Mutation
}
`;
export default typeDefs;
Then you define resolvers as a nested object that maps type and field names to resolver functions:
const resolvers = {
Query: {
posts() {
return posts;
},
},
Mutation: {
upvotePost(_, { postId }) {
const post = find(posts, { id: postId });
if (!post) {
throw new Error(`Couldn't find post with id ${postId}`);
}
post.votes += 1;
return post;
},
},
Author: {
posts(author) {
return filter(posts, { authorId: author.id });
},
},
Post: {
author(post) {
return find(authors, { id: post.authorId });
},
},
};
export default resolvers;
At the end, the schema and resolvers are combined using makeExecutableSchema
:
import { makeExecutableSchema } from 'graphql-tools';
const executableSchema = makeExecutableSchema({
typeDefs,
resolvers,
});
This example has the entire type definition in one string and all resolvers in one file, but you can combine types and resolvers from multiple files and objects, as documented in the modularizing the schema section of the docs.
Contributions, issues and feature requests are very welcome. If you are using this package and fixed a bug for yourself, please consider submitting a PR!
FAQs
Useful tools to create and manipulate GraphQL schemas.
The npm package graphql-tools receives a total of 579,480 weekly downloads. As such, graphql-tools popularity was classified as popular.
We found that graphql-tools demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.