graphql-query-complexity VS apollo-ios

https://github.com/slicknode/graphql-query-complexity

In addition you could introduce CI tools to enforce your devs stop writing such complex queries. Also see the @skip and @include directives that can further be used to control what data is queried. In practice, however, this isn't something that comes up too much. In cases where I have seen this happen, it's usually because a developer is trying to reuse fragments without considering what data they are querying, and whether they should be reusing those fragments.

https://graphql.org/learn/queries/#fragments

very cool! I was looking at https://github.com/slicknode/graphql-query-complexity

There are a couple of techniques that can be used to prevent this kind of problem one of them is GraphQL Query Complexity Analysis which is, as the name suggests, very complex to implement correctly. It requires analysis of how the graphql API is used, and what queries and mutations are most often called. If you get this wrong, there is a danger of the server denying perfectly valid queries.

The problem is that those queries are not prevented by commonly available rate limiters. You can send a single request to a GraphQL server that completely overwhelms the servers. To prevent such queries to GraphQL APIs, I wrote graphql-query-complexity, an extensible open-source library that detects such queries and rejects pathological queries before consuming too many resources on the server. You can assign each field a complexity value, and queries that exceed a threshold will be rejected. In Slicknode this protection is added automatically based on the number of nodes that are being returned.

GraphQL queries are just HTTP POST queries with a JSON body. They're supported everywhere.

If you want specialized tooling for them, Kotlin and Swift both have great strongly-typed GraphQL libraries.

Apollo publishes libraries for both:

- https://www.apollographql.com/docs/kotlin/

- https://www.apollographql.com/docs/ios/

apollo-ios - A strongly-typed, caching GraphQL client. Language: Swift.

RFC: apollo-ios/CodegenProposal.md at release/1.0-alpha-incubating · apollographql/apollo-ios · GitHub Example Generated Output: apollo-ios/Tests/ApolloCodegenTests/AnimalKingdomAPI/ExpectedGeneratedOutput at release/1.0-alpha-incubating · apollographql/apollo-ios · GitHub PR for discussion is here: [RFC] In Progress - Release 1.0 - Swift Codegen by calvincestari · Pull Request #1876 · apollographql/apollo-ios · GitHub

Apollo iOS, on the other hand, generates Swift types from queries in our "queries.graphql" files and supports caching out of the box. Generating types from the SDL is not per se a problem, but it becomes cumbersome and error-prone with large nested queries. Apollo iOS also strongly-binds the generated structures to your queries, making it almost impossible to translate fetched data into an internal state.

Apollo Client does have a good integration with these frameworks including React, iOS and Android — so, you might want to check that out