Rust GraphQL lib async-graphql is reporting a High severity (7.5/10) security issue. DOS GraphQL Nested Fragments overflow

Update to version 4.0.6 for the fix. This version isn’t published to crates.io, yet. 4.0.6 info

GraphQL Voyager makes a GraphQL API’s schema into a visual display that can be navigated and shows the data that lives on the edges. This is super useful in understanding an existing schema. I’m using it on the Github API.

ivangoncharov.github.io/graphql-v…

GraphQL social reach change in May 2022 - part2

Github Metrics

• Watchers. -1

• Forks +8

• Stars +25

• Stack Overflow Questions +674

GraphQL’s social reach change in May 2022.

+1493 Twitter Followers No change on discord

• 71 LinkedIn User Group
• 293 Meetup members

The Web Platform team at Major League Baseball is multiple web properties like MLB.com, USA Baseball, play.com & more.

Over the last nine months, they have implemented Federated GraphQL. More details in GraphQL Landscape Report.

#GraphQL #Adoption

GraphiQL 2.0 UI mocks.

www.figma.com/file/p8f8…

Twitter has been using GraphQL in production since 2017 making it one of the early adopters and a source of many challenges and solutions and more than a few custom tools.

A common security measure for GraphQL APIs is to block use of introspection in production.

The client implementations for both Twitter and the New York Times use both Relay and GraphiQL.

Relay, also developed and used at Facebook, is something I need to learn more about. I would love to hear from others what resources they have used to learn about Relay.

Why are FE devs are salty about union types in a GraphQL schema?

Anytime the schema devs add an arm to a union type it will cause a breaking change on the client, IF the client doesn’t account for unknown types in their query.

News to me:

The BFF (Backend for Frontends) architecture pattern was created at Soundcloud circa 2015 and is based upon the strangler pattern.

Recommended tools that aren’t custom like those at Twitter.

Apollo - defacto standard for working with GraphQL Mature ecosystem of tooling

GraphQLjs allowed us to build to the linter at Twitter

Twitter uses Relay on the client

Next you’ll want to add a helper function in your resolvers.

export enum QueryStatus {  
  success = 'SUCCESS',  
  notFound = 'NOT_FOUND',  
  error = 'ERROR',  
}  
  
export const success = (node: Customer) => ({ status: QueryStatus.success, node });  
export const notFound = (message: string) => ({ status: QueryStatus.notFound, message });  
export const error = (message: string) => ({ status: QueryStatus.error, message });

What does the ! do?

Bang indicates a value that can’t return null. The field will return either a value or an error.

I just received a question on why GraphQL always returns HTTP status 200.

The specification defines GraphQL at the application layer, but the status code reflects the status of a transport layer.

To return query statuses you need to add a type to the schema with a field for status.

type Customer {  
  id: Int!  
  name: String!  
}
type CustomerResult {  
  status: String!  
  message: String  
  node: Customer  
}   
type Query {  
  customer(id: Int!): CustomerResult!  
}  

This is a test. Oddly enough it’s a test of integration as opposed to an integration test. heh

The first enterprise, not named Facebook, to build a GraphQL implementation was Airbnb.

The GraphQL specification doesn’t support file uploads.

Next steps

Add plugin for twitter cards and test pushing these posts to twitter.

micro.blog with docdocgo.dev

• Step 1. Set up a microblog on this site. And build a collection of posts.
• Step 2. Set up dynamic routing in ghost by adding til to routes.yaml
• Step 3. Testing, testing, testing

Learning

How to use micro.blog for TIL with the intent to publish on a docdocgo.dev page to share the things that I’m learning. Inspired by “Learning in Public”.

This is a test to see if this will work as a platform for live blogging and In a microblog format. If what works here will update to a page on my ghost blog I’m all set.

Hello World!