npmpackage.info

Gathering detailed insights and metrics for @graphql-inspector/core

Other packages similar to @graphql-inspector/core

@graphql-inspector/cli

5.0.7

Tooling for GraphQL. Compare GraphQL Schemas, check documents, find breaking changes, find similar types.

@contentful/content-source-maps

0.11.6

Base SDK for building Content Source Maps with Contentful

@octokit/core

6.1.2

Extendable client for GitHub's REST & GraphQL APIs

react-inspector

6.0.2

Power of Browser DevTools inspectors right inside your React app

Gathering detailed insights and metrics for @graphql-inspector/core

@graphql-inspector/core

🕵️‍♀️ Validate schema, get schema change notifications, validate operations, find breaking changes, look for similar types, schema coverage

6.2.0

1,653

MIT

TypeScript

18.32 kB

44,477,338 3.6

Installations

npm install @graphql-inspector/core

Pull Requests

Open

35

Total

2,497

Closed

402

Merged

2,060

Issues

Open

81

Total

278

Closed

197

Releases

November 13, 2024

release-1731490071726

Published on 13 Nov 2024

June 03, 2024

release-1717403590269

Published on 03 Jun 2024

May 26, 2024

release-1716735735584

Published on 26 May 2024

May 26, 2024

release-1716727014081

Published on 26 May 2024

November 29, 2023

release-1701263349990

Published on 29 Nov 2023

July 11, 2023

release-1689086705050

Published on 11 Jul 2023

View all 92 releases

Developer

kamilkisiela

Developer Guide

BETA

Module System

ESM

Min. Node Version

>=18.0.0

Typescript Support

No

Node Version

18.20.4

NPM Version

10.7.0 Statistics

1,653 Stars

2,337 Commits

185 Forks

10 Watching

94 Branches

76 Contributors

Updated on 23 Nov 2024

Bundle Size

94.27 kB

Minified

18.32 kB

Minified + Gzipped

Bundlephobia

Languages

TypeScript (86.38%)

MDX (12.04%)

JavaScript (1.38%)

Dockerfile (0.13%)

CSS (0.08%)

Total Downloads

Cumulative downloads

Total Downloads

44,477,338

Last day

-9.8%

52,703

Compared to previous day

Last week

-2%

282,776

Compared to previous week

Last month

6.2%

1,243,753

Compared to previous month

Last year

12.4%

13,055,437

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

dependency-graph object-inspect tslib

Peer Dependencies

graphql

Versions

GraphQL Inspector outputs a list of changes between two GraphQL schemas. Every change is precisely explained and marked as breaking, non-breaking or dangerous. It helps you validate documents and fragments against a schema and even find similar or duplicated types.

You may like GraphQL Hive as well!

It's an open-source performance monitoring tool and schema registry for GraphQL.

GraphQL Hive is currently available as a hosted service but it offers self-hosting as well.

Use GraphQL Inspector however you want:

Features

Compares schemas
Detect breaking or dangerous changes
Schema change notifications
Use serverless functions validate changes
Validates Operations and Fragments against a schema
Finds similar / duplicated types
Schema coverage based on Operations and Fragments
Serves a GraphQL server with faked data and GraphiQL
Docker Image

Use on GitHub

Github

Use everywhere

Example

Installation and Usage

Visit our website graphql-inspector.com to learn more about the project.

Documentation

Documentation is available at graphql-inspector.com/docs.

Some part of the library was ported to NodeJS from Ruby's GraphQL Schema Comparator

Contributions

Contributions, issues and feature requests are very welcome. If you are using this package and fixed a bug for yourself, please consider submitting a PR!

And if this is your first time contributing to this project, please do read our Contributor Workflow Guide before you get started off.

Code of Conduct

Help us keep GraphQL Inspector open and inclusive. Please read and follow our Code of Conduct as adopted from Contributor Covenant

License

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

3

Maintained

Determines if the project is "actively maintained".

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Security-Policy

Determines if the project has published a security policy.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/actions.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/actions.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/docker.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/docker.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/docker.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/docker.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/github.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/github.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/github.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/github.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/website.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/website.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/website.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/website.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/kamilkisiela/graphql-inspector/website.yml/master?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:1
Warn: containerImage not pinned by hash: Dockerfile:13
Warn: npmCommand not pinned by hash: Dockerfile:9
Warn: npmCommand not pinned by hash: Dockerfile:24
Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 7 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned
Info: 0 out of 2 npmCommand dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

3.6

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to @graphql-inspector/core

Other packages similar to @graphql-inspector/core

@graphql-inspector/core

Installations

Pull Requests

35

2,497

402

2,060

Issues

81

278

197

Releases

Developer

Developer Guide

ESM

>=18.0.0

No

18.20.4

10.7.0

Statistics

Bundle Size

94.27 kB

18.32 kB

Languages

Total Downloads

44,477,338

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Peer Dependencies

Features

Use on GitHub

Use everywhere

Installation and Usage

Documentation

Related

Contributions

Code of Conduct

License

10

10

10

10

3

1

0

0

0

0

0

0

0

3.6

/10