Gathering detailed insights and metrics for @teamstarter/graphql-sequelize-generator
Gathering detailed insights and metrics for @teamstarter/graphql-sequelize-generator
A Graphql API generator based on Sequelize.
Installations
npm install @teamstarter/graphql-sequelize-generatorDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=16.14.0
Node Version
18.17.1
NPM Version
9.6.7
Score
55.9
Supply Chain
88.2
Quality
87.5
Maintenance
25
Vulnerability
95.6
License
Releases
Unable to fetch releases
Languages
2
JavaScript
TypeScript
JavaScript (71.52%)
TypeScript (28.48%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
22 Stars
352 Commits
10 Forks
17 Watchers
16 Branches
8 Contributors
Updated on Mar 27, 2025
Maintainers
3
Package Meta Information
Latest Version
9.6.2
Package Id
@teamstarter/graphql-sequelize-generator@9.6.2
Unpacked Size
315.89 kB
Size
52.04 kB
File Count
67
NPM Version
9.6.7
Node Version
18.17.1
Published on
May 21, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
13
Peer Dependencies
4
Dev Dependencies
32
@types/node@typescript-eslint/eslint-pluginbabel-eslintcorsdataloader-sequelizeeslinteslint-config-prettiereslint-config-standardeslint-plugin-importeslint-plugin-nodeeslint-plugin-prettiereslint-plugin-promiseeslint-plugin-reacteslint-plugin-standardexpressgraphqlgraphql-relaygraphql-sequelizejestprettierprettier-eslintprettier-tslintsequelizesequelize-clispdysqlite3standard-versionsupertestts-migratets-nodets-node-devumzug
Graphql-Sequelize-Generator
Graphql-Sequelize-Generator (GSG) is a set of tools that will allow you to easily generate a GraphQL API from your sequelize models.
It's a very good fit for POCs and MVPs, while also scaling pretty well thanks to dataloader-sequelize.
Documentation
The complete documentation car be found here
What can I do with GSG?
The tools provided by this library will allow you to:
- Query any model defined in your app through GraphQL.
- Auto-generate create/update/delete mutations.
- Define before/after hooks and all resolvers, including the mutations.
- Easily create custom mutations.
- Get an integrated interface to test your GraphQL API.
- Counts for each model can also be generated.
- Subscriptions auto-generated for mutations.
- Add custom fields/resolvers on auto-generated types.
- Easy integration with dataloader-sequelize
Getting started
Setting up the dependencies and the library
Add the lib and the peer dependencies of GraphQL-Sequelize-Generator:
yarn add graphql-sequelize-generator graphql sequelize graphql-sequelize @apollo/server dataloader-sequelize graphql-relay ws
⚠️ Caution: GSG requires Node v9.11.2 or greater as it is using async/await.
Initializing the project with Sequelize-CLI and adding data to the database
If you need to initialize the project, please follow this Sequelize documentation page : Sequelize-Cli and Migrations
Setting up your server
Create a file where you will set up your server and paste the following code. We used index.js (at the root of our example project):
1// index.js 2const { expressMiddleware } = require('@apollo/server/express4') 3const express = require('express') 4const http = require('http') 5const cors = require('cors') 6const json = require('body-parser') 7const { createContext, EXPECTED_OPTIONS_KEY } = require('dataloader-sequelize') 8const setupServer = require('./schema') 9const models = require('./models') //Assuming "models" is your import of the Sequelize models folder, initialized by Sequelize-Cli 10 11const createServer = async (options = {}, globalPreCallback = () => null) => { 12 const app = express() 13 options = { 14 spdy: { plain: true }, 15 ...options, 16 } 17 const httpServer = http.createServer(options, app) 18 const { server } = setupServer(globalPreCallback, httpServer) 19 await server.start() 20 //server.applyMiddleware({ app, path: '/graphql' }) 21 app.use( 22 '/graphql', 23 cors(), 24 json(), 25 expressMiddleware(server, { 26 context: async ({ req, connection }) => { 27 const contextDataloader = createContext(models.sequelize) 28 29 // Connection is provided when a webSocket is connected. 30 if (connection) { 31 // check connection for metadata 32 return { 33 ...connection.context, 34 [EXPECTED_OPTIONS_KEY]: contextDataloader, 35 } 36 } 37 }, 38 }) 39 ) 40 41 await new Promise((resolve) => { 42 httpServer.listen(process.env.PORT || 8080, () => { 43 resolve() 44 }) 45 46 console.log( 47 `🚀 Server ready at http://localhost:${process.env.PORT || 8080}/graphql` 48 ) 49 }) 50 return httpServer 51} 52 53const closeServer = async (server) => { 54 await Promise.all([new Promise((resolve) => server.close(() => resolve()))]) 55} 56 57createServer()
Getting started with boilerplates
You can easily start a project with graphql-sequelize-generator using these boilerplates:
- In JavaScript : GSG Boilerplate
- In TypeScript : GSG Typescript Boilerplate
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 2/22 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/teamstarter/graphql-sequelize-generator/nodejs.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/teamstarter/graphql-sequelize-generator/nodejs.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/teamstarter/graphql-sequelize-generator/nodejs.yml/develop?enable=pin
- Info: 0 out of 3 GitHub-owned GitHubAction dependencies pinned
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'develop'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 10 are checked with a SAST tool
Reason
61 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-j5g3-5c8r-7qfx
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-9pv7-vfvm-6vr7
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-8c25-f3mj-v6h8
- Warn: Project is vulnerable to: GHSA-vqfx-gj96-3w95
- Warn: Project is vulnerable to: GHSA-f598-mfpv-gmfx
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-7xcx-6wjh-7xp2
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
2.2
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More