graphql-query-complexity
apollo-ios
graphql-query-complexity | apollo-ios | |
---|---|---|
4 | 6 | |
681 | 3,836 | |
0.1% | 0.6% | |
0.0 | 9.0 | |
7 months ago | 11 days ago | |
TypeScript | Swift | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
graphql-query-complexity
-
Migrating Netflix to GraphQL Safely
https://github.com/slicknode/graphql-query-complexity
In addition you could introduce CI tools to enforce your devs stop writing such complex queries. Also see the @skip and @include directives that can further be used to control what data is queried. In practice, however, this isn't something that comes up too much. In cases where I have seen this happen, it's usually because a developer is trying to reuse fragments without considering what data they are querying, and whether they should be reusing those fragments.
https://graphql.org/learn/queries/#fragments
-
GraphQL DoS amount-attack "breadth"
very cool! I was looking at https://github.com/slicknode/graphql-query-complexity
-
Preventing GraphQL batching attacks
There are a couple of techniques that can be used to prevent this kind of problem one of them is GraphQL Query Complexity Analysis which is, as the name suggests, very complex to implement correctly. It requires analysis of how the graphql API is used, and what queries and mutations are most often called. If you get this wrong, there is a danger of the server denying perfectly valid queries.
-
To GraphQL or not to GraphQL? Pros and Cons
The problem is that those queries are not prevented by commonly available rate limiters. You can send a single request to a GraphQL server that completely overwhelms the servers. To prevent such queries to GraphQL APIs, I wrote graphql-query-complexity, an extensible open-source library that detects such queries and rejects pathological queries before consuming too many resources on the server. You can assign each field a complexity value, and queries that exceed a threshold will be rejected. In Slicknode this protection is added automatically based on the number of nodes that are being returned.
apollo-ios
-
Migrating Netflix to GraphQL Safely
GraphQL queries are just HTTP POST queries with a JSON body. They're supported everywhere.
If you want specialized tooling for them, Kotlin and Swift both have great strongly-typed GraphQL libraries.
Apollo publishes libraries for both:
- https://www.apollographql.com/docs/kotlin/
- https://www.apollographql.com/docs/ios/
- GraphQL making its way into a Twitter discussion about latency is not what I expected
-
Awesome macOS Libraries List
apollo-ios - A strongly-typed, caching GraphQL client. Language: Swift.
-
Apollo iOS 1.0 RFC - Swift Codegen
RFC: apollo-ios/CodegenProposal.md at release/1.0-alpha-incubating · apollographql/apollo-ios · GitHub Example Generated Output: apollo-ios/Tests/ApolloCodegenTests/AnimalKingdomAPI/ExpectedGeneratedOutput at release/1.0-alpha-incubating · apollographql/apollo-ios · GitHub PR for discussion is here: [RFC] In Progress - Release 1.0 - Swift Codegen by calvincestari · Pull Request #1876 · apollographql/apollo-ios · GitHub
-
SwiftGraphQL - A GraphQL client for Swift lovers.
Apollo iOS, on the other hand, generates Swift types from queries in our "queries.graphql" files and supports caching out of the box. Generating types from the SDL is not per se a problem, but it becomes cumbersome and error-prone with large nested queries. Apollo iOS also strongly-binds the generated structures to your queries, making it almost impossible to translate fetched data into an internal state.
-
GraphQL - Diving Deep
Apollo Client does have a good integration with these frameworks including React, iOS and Android — so, you might want to check that out
What are some alternatives?
dataloader - DataLoader is a generic utility to be used as part of your application's data fetching layer to provide a consistent API over various backends and reduce requests to those backends via batching and caching.
Alamofire - Elegant HTTP Networking in Swift
starter-nextjs-blog - NextJS + Slicknode Headless GraphQL CMS blog starter kit
Moya - Network abstraction layer written in Swift.
crystal - 🔮 Graphile's Crystal Monorepo; home to Grafast, PostGraphile, pg-introspection, pg-sql2 and much more!
AFNetworking - A delightful networking framework for iOS, macOS, watchOS, and tvOS.
graphql-no-batched-queries - Graphql validation to disable batched queries and mutations.
swift-graphql - A GraphQL client that lets you forget about GraphQL.
analysis-ui - Front-end for Conveyal Analysis. Model and analyze transport scenarios.
protobuf-swift - Google ProtocolBuffers for Apple Swift
falcor - A JavaScript library for efficient data fetching
Netfox - A lightweight, one line setup, iOS / OSX network debugging library! 🦊