Package Health Score

90 / 100

security
No known security issues
popularity
Key ecosystem project
maintenance
Sustainable
community
Active

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
16.8.1	\|	09/2023	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
16.7.1	\|	06/2023		0 C 0 H 1 M 0 L	0 H 0 M 0 L
15.8.0	\|	12/2021		0 C 0 H 0 M 0 L	0 H 0 M 0 L
14.7.0	\|	07/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L
14.6.0	\|	01/2020		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Key ecosystem project

Weekly Downloads (12,134,986)

GitHub Stars: 19.91K
Forks: 1.98K
Contributors: 190

Direct Usage Popularity

The npm package graphql receives a total of 12,134,986 downloads a week. As such, we scored graphql popularity level to be Key ecosystem project.

Based on project statistics from the GitHub repository for the npm package graphql, we found that it has been starred 19,915 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Active

Readme.md: Yes
Contributing.md: Yes
Code of Conduct: No
Contributors: 190
Funding: No

A good and healthy external contribution signal for graphql project, which invites more than one hundred open source maintainers to collaborate on the repository.

We found a way for you to contribute to the project! Looks like graphql is missing a Code of Conduct.

Embed Package Health Score Badge

Maintenance

Sustainable

Commit Frequency

Open Issues: 169
Open PR: 110
Last Release: 7 months ago
Last Commit: 8 days ago

Further analysis of the maintenance status of graphql based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Sustainable.

We found that graphql demonstrates a positive version release cadence with at least one new version released in the past 12 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: ^12.22.0 || ^14.16.0 || ^16.0.0 || >=17.0.0

Age: 9 years
Dependencies: 0 Direct
Versions: 250
Install Size: 1.34 MB
Dist-tags: 60
# of Files: 388
Maintainers: 8
TS Typings: Yes

graphql has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use graphql?

To help you get started, we've collected the most common ways that graphql is being used within popular public projects.

kamilkisiela / graphql-inspector / packages / core / __tests__ / diff / enum.ts View on Github

test('description changed', () => {
    const a = buildSchema(/* GraphQL */ `
      type Query {
        fieldA: String
      }

      """
      Old Description
      """
      enum enumA {
        A
        B
      }
    `);

    const b = buildSchema(/* GraphQL */ `
      type Query {
        fieldA: String
      }

      """
      New Description
      """
      enum enumA {
        A
        B
      }
    `);

    const changes = diff(a, b);
    const change = findFirstChangeByPath(changes, 'enumA');

View more ways to use graphql

GraphQL.js

The JavaScript reference implementation for GraphQL, a query language for APIs created by Facebook.

See more complete documentation at https://graphql.org/ and https://graphql.org/graphql-js/.

Looking for help? Find resources from the community.

Getting Started

A general overview of GraphQL is available in the README for the Specification for GraphQL. That overview describes a simple set of GraphQL examples that exist as tests in this repository. A good way to get started with this repository is to walk through that README and the corresponding tests in parallel.

Using GraphQL.js

Install GraphQL.js from npm

With npm:

npm install --save graphql

With yarn:

yarn add graphql

With bun:

bun add graphql

GraphQL.js provides two important capabilities: building a type schema and serving queries against that type schema.

First, build a GraphQL type schema which maps to your codebase.

import {
  graphql,
  GraphQLSchema,
  GraphQLObjectType,
  GraphQLString,
} from 'graphql';

var schema = new GraphQLSchema({
  query: new GraphQLObjectType({
    name: 'RootQueryType',
    fields: {
      hello: {
        type: GraphQLString,
        resolve() {
          return 'world';
        },
      },
    },
  }),
});

This defines a simple schema, with one type and one field, that resolves to a fixed value. The resolve function can return a value, a promise, or an array of promises. A more complex example is included in the top-level tests directory.

Then, serve the result of a query against that type schema.

var source = '{ hello }';

graphql({ schema, source }).then((result) => {
  // Prints
  // {
  //   data: { hello: "world" }
  // }
  console.log(result);
});

This runs a query fetching the one field defined. The graphql function will first ensure the query is syntactically and semantically valid before executing it, reporting errors otherwise.

var source = '{ BoyHowdy }';

graphql({ schema, source }).then((result) => {
  // Prints
  // {
  //   errors: [
  //     { message: 'Cannot query field BoyHowdy on RootQueryType',
  //       locations: [ { line: 1, column: 3 } ] }
  //   ]
  // }
  console.log(result);
});

Note: Please don't forget to set NODE_ENV=production if you are running a production server. It will disable some checks that can be useful during development but will significantly improve performance.

Want to ride the bleeding edge?

The npm branch in this repository is automatically maintained to be the last commit to main to pass all tests, in the same form found on npm. It is recommended to use builds deployed to npm for many reasons, but if you want to use the latest not-yet-released version of graphql-js, you can do so by depending directly on this branch:

npm install graphql@git://github.com/graphql/graphql-js.git#npm

Using in a Browser

GraphQL.js is a general-purpose library and can be used both in a Node server and in the browser. As an example, the GraphiQL tool is built with GraphQL.js!

Building a project using GraphQL.js with webpack or rollup should just work and only include the portions of the library you use. This works because GraphQL.js is distributed with both CommonJS (require()) and ESModule (import) files. Ensure that any custom build configurations look for .mjs files!

Contributing

We actively welcome pull requests. Learn how to contribute.

This repository is managed by EasyCLA. Project participants must sign the free (GraphQL Specification Membership agreement before making a contribution. You only need to do this one time, and it can be signed by individual contributors or their employers.

To initiate the signature process please open a PR against this repo. The EasyCLA bot will block the merge if we still need a membership agreement from you.

You can find detailed information here. If you have issues, please email operations@graphql.org.

If your company benefits from GraphQL and you would like to provide essential financial support for the systems and people that power our community, please also consider membership in the GraphQL Foundation.

Changelog

Changes are tracked as GitHub releases.

License

GraphQL.js is MIT-licensed.

FAQs

What is graphql?

A Query Language and Runtime which can target any service. Visit Snyk Advisor to see a full health score report for graphql, including popularity, security, maintenance & community analysis.

Is graphql popular?

The npm package graphql receives a total of 12,134,986 weekly downloads. As such, graphql popularity was classified as a key ecosystem project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is graphql well maintained?

We found indications that graphql maintenance is sustainable demonstrating some project activity. We saw a total of 190 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is graphql safe to use?

The npm package graphql was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 27 April-2024, at 11:24 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

graphql

A Query Language and Runtime which can target any service. For more information about how to use this package see README

Ensure you're using the healthiest npm packages

Package Health Score

Explore Similar Packages

Security

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Popularity

Weekly Downloads (12,134,986)

Direct Usage Popularity

Community

Embed Package Health Score Badge

Maintenance

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Package

Not sure how to use graphql?

GraphQL.js

Getting Started

Using GraphQL.js

Want to ride the bleeding edge?

Using in a Browser

Contributing

Changelog

License

FAQs

What is graphql?

Is graphql popular?

Is graphql well maintained?

Is graphql safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Fix identified vulnerabilities

Monitor for new issues

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (12,134,986)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Not sure how to use graphql?

GraphQL.js

Getting Started

Using GraphQL.js

Want to ride the bleeding edge?

Using in a Browser

Contributing

Changelog

License

FAQs

What is graphql?

Is graphql popular?

Is graphql well maintained?

Is graphql safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues