Gathering detailed insights and metrics for relay-compiler
Gathering detailed insights and metrics for relay-compiler
Relay is a JavaScript framework for building data-driven React applications.
Installations
npm install relay-compilerReleases
86
Version 18.2.0 Release Notes
v18.2.0
Published on 21 Nov 2024
Version 18.1.0 Release Notes
v18.1.0
Published on 04 Oct 2024
Version 18.0.0 Release Notes
v18.0.0
Published on 07 Sept 2024
Version 17.0.0 Release Notes
v17.0.0
Published on 14 Jun 2024
v16.2.0
v16.2.0
Published on 23 Jan 2024
v16.1.0
v16.1.0
Published on 11 Dec 2023
Developer
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
18.20.5
NPM Version
10.8.2
Statistics
18,413 Stars
10,189 Commits
1,831 Forks
327 Watching
87 Branches
687 Contributors
Updated on 28 Nov 2024
Languages
Rust (55.81%)
JavaScript (41.57%)
HTML (1.17%)
MDX (0.53%)
CSS (0.5%)
TypeScript (0.38%)
Shell (0.02%)
Python (0.02%)
Total Downloads
Cumulative downloads
Total Downloads
256,878,368
Last day
-4.8%
55,401
Compared to previous day
Last week
0.3%
319,962
Compared to previous week
Last month
18.5%
1,274,053
Compared to previous month
Last year
-44.2%
16,529,954
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
No dependencies detected.
Versions
Relay · 
Relay is a JavaScript framework for building data-driven React applications.
- Declarative: Never again communicate with your data store using an imperative API. Simply declare your data requirements using GraphQL and let Relay figure out how and when to fetch your data.
- Colocation: Queries live next to the views that rely on them, so you can easily reason about your app. Relay aggregates queries into efficient network requests to fetch only what you need.
- Mutations: Relay lets you mutate data on the client and server using GraphQL mutations, and offers automatic data consistency, optimistic updates, and error handling.
See how to use Relay in your own project.
Example
The relay-examples repository contains an implementation of TodoMVC. To try it out:
git clone https://github.com/relayjs/relay-examples.git
cd relay-examples/todo
yarn
yarn build
yarn start
Then, just point your browser at http://localhost:3000.
Contribute
We actively welcome pull requests, learn how to contribute.
Users
We have a community-maintained list of people and projects using Relay in production.
License
Relay is MIT licensed.
Thanks
We'd like to thank the contributors that helped make Relay in open source possible.
The open source project relay-hooks allowed the community to experiment with Relay and React Hooks, and was a source of valuable feedback for us. The idea for the useSubscription hook originated in an issue on that repo. Thank you @morrys for driving this project and for playing such an important role in our open source community.
Thank you for helping make this possible!
No vulnerabilities found.
Reason
all changesets reviewed
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
no binaries found in the repo
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/facebook/.github/SECURITY.md:1
- Info: Found linked content: github.com/facebook/.github/SECURITY.md:1
- Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy
- Info: Found text in security policy: github.com/facebook/.github/SECURITY.md:1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/docusaurus.yml:14
- Warn: no topLevel permission defined: .github/workflows/update-cargo-lock.yml:1
- Warn: no topLevel permission defined: .github/workflows/vscode.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:213: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:238: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:243: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:248: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:253: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docusaurus.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/docusaurus.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docusaurus.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/docusaurus.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docusaurus.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/docusaurus.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docusaurus.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/docusaurus.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docusaurus.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/docusaurus.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docusaurus.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/docusaurus.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docusaurus.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/docusaurus.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docusaurus.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/docusaurus.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-cargo-lock.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/update-cargo-lock.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-cargo-lock.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/update-cargo-lock.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-cargo-lock.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/update-cargo-lock.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vscode.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/vscode.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vscode.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/relay/vscode.yml/main?enable=pin
- Warn: downloadThenRun not pinned by hash: .github/workflows/docusaurus.yml:28
- Info: 0 out of 30 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 9 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 downloadThenRun dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
49 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: RUSTSEC-2021-0122 / GHSA-3jch-9qgp-4844
- Warn: Project is vulnerable to: RUSTSEC-2024-0332 / GHSA-q6cp-qfwq-4gcv
- Warn: Project is vulnerable to: GHSA-q445-7m23-qrmw
- Warn: Project is vulnerable to: RUSTSEC-2024-0357
- Warn: Project is vulnerable to: RUSTSEC-2022-0054 / GHSA-rc23-xxgq-x27g
- Warn: Project is vulnerable to: RUSTSEC-2024-0384
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
- Warn: Project is vulnerable to: GHSA-q8gg-vj6m-hgmj
- Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-36jr-mh4h-2g58
- Warn: Project is vulnerable to: GHSA-jrvm-mcxc-mf6m
- Warn: Project is vulnerable to: GHSA-p3vf-v8qc-cwcr
- Warn: Project is vulnerable to: GHSA-gx9m-whjm-85jf
- Warn: Project is vulnerable to: GHSA-mmhx-hmjr-r674
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-m4gq-x24j-jpmf
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-gj77-59wh-66hg
- Warn: Project is vulnerable to: GHSA-hqhp-5p83-hx96
- Warn: Project is vulnerable to: GHSA-3949-f494-cm99
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Score
5.4
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More