Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
- Zero Configuration - 🚀 [Nuxt 3](https://v3.nuxtjs.org) Support - Full Typescript Support - HMR (Hot Module Reload) for GraphQL documents - Minimal [GraphQL Client](https://github.com/prisma-labs/graphql-request#graphql-request) + [Code Generation](http
⚡️ Minimal GraphQL Client + Code Generation for Nuxt
⚡️ Minimal GraphQL Client + Code Generation for Nuxt
# using yarn
yarn add nuxt-gql
# using npm
npm install nuxt-gql --save
nuxt-gql
to the buildModules
section of nuxt.config.ts
Configuration Optionsimport { defineNuxtConfig } from 'nuxt3'
export default defineNuxtConfig({
buildModules: ['nuxt-gql'],
gql: {
// configuration
},
})
GQL_HOST
to the URL of your GraphQL APIpublicRuntimeConfig: {
GQL_HOST: 'https://api.spacex.land/graphql' // SpaceX GraphQL API for example
}
Example using the SpaceX GraphQL API:
./queries/starlink.gql
- This query will for the SpaceX API to retrieve the launches for Starlink missions.
query launches($sort: String = "launch_year", $order: String = "desc") {
launches(sort: $sort, order: $order, find: { mission_name: "Starlink" }) {
id
details
mission_name
launch_year
launch_success
links {
article_link
flickr_images
}
rocket {
rocket_name
rocket_type
}
}
}
With autoImport
enabled, the query above can be accessed in the Vue portion of your app by prefixing the Operation name (launches
in this example with the Function Prefix).
The launches
query can be executed as GqlLaunches()
Run yarn dev
for the nuxt-gql
module to generate the necessary types and functions.
useGql
composable to execute all your queries / mutations.autoImport
enabled, your queries / mutations are accessible within your app by calling the Operation name prefixed by Function Prefix<script lang="ts" setup>
const { data } = await useAsyncData('starlink', () => GqlLaunches({ order: 'desc' }))
</script>
Your data is now fully-typed based on it's pertinent GraphQL Document.
This module can be configured by adding a gql
section inside your nuxt.config.ts
import { defineNuxtConfig } from 'nuxt3'
export default defineNuxtConfig({
gql: {
/**
* Prevent codegen from printing to console in dev mode
*
* @type boolean
* @default true
*/
silent: boolean,
/**
* Enable hot reloading for GraphQL documents
*
* @type boolean
* @default true
*/
watch: boolean,
/**
* Auto import functions based on the operation names of your queries & mutations
*
* @type boolean
* @default true
*/
autoImport: boolean,
/**
* Prefix for auto imported functions
*
* @type string
* @default 'Gql'
*/
functionPrefix: string,
/**
* Path to folder(s) containing .gql or .graphql files. Can be omitted,
* module will automatically search for GraphQL Documents in the project's root directory.
*
* @note Useful for mono repos.
*
* @type string[]
* @example ['../shared/queries']
* */
documentPaths: string[],
/**
* Only generate the types for the operations in your GraphQL documents.
* When set to true, only the types needed for your operations will be generated.
* When set to false, all types from the GraphQL schema will be generated.
*
* @type boolean
* @default true
* */
onlyOperationTypes: boolean
},
publicRuntimeConfig: {
/**
* URL pointing to a GraphQL endpoint
*
* @type string
*/
GQL_HOST: string,
},
})
FAQs
- Zero Configuration - 🚀 [Nuxt 3](https://v3.nuxtjs.org) Support - Full Typescript Support - HMR (Hot Module Reload) for GraphQL documents - Minimal [GraphQL Client](https://github.com/prisma-labs/graphql-request#graphql-request) + [Code Generation](http
The npm package nuxt-gql receives a total of 0 weekly downloads. As such, nuxt-gql popularity was classified as not popular.
We found that nuxt-gql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.