graphile-plugin-connection-filter 2.3.2 → 2.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -1
- package/README.md +63 -65
- package/package.json +7 -7
package/LICENSE
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
The MIT License (MIT)
|
|
2
2
|
|
|
3
3
|
Copyright (c) 2025 Dan Lynch <pyramation@gmail.com>
|
|
4
|
-
Copyright (c) 2025
|
|
4
|
+
Copyright (c) 2025 Constructive <developers@constructive.io>
|
|
5
5
|
Copyright (c) 2020-present, Interweb, Inc.
|
|
6
6
|
|
|
7
7
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
package/README.md
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
# graphile-plugin-connection-filter
|
|
2
2
|
|
|
3
3
|
<p align="center" width="100%">
|
|
4
|
-
<img height="250" src="https://raw.githubusercontent.com/
|
|
4
|
+
<img height="250" src="https://raw.githubusercontent.com/constructive-io/constructive/refs/heads/main/assets/outline-logo.svg" />
|
|
5
5
|
</p>
|
|
6
6
|
|
|
7
7
|
<p align="center" width="100%">
|
|
8
|
-
<a href="https://github.com/
|
|
9
|
-
<img height="20" src="https://github.com/
|
|
8
|
+
<a href="https://github.com/constructive-io/constructive/actions/workflows/run-tests.yaml">
|
|
9
|
+
<img height="20" src="https://github.com/constructive-io/constructive/actions/workflows/run-tests.yaml/badge.svg" />
|
|
10
10
|
</a>
|
|
11
|
-
<a href="https://github.com/
|
|
11
|
+
<a href="https://github.com/constructive-io/constructive/blob/main/LICENSE">
|
|
12
12
|
<img height="20" src="https://img.shields.io/badge/license-MIT-blue.svg"/>
|
|
13
13
|
</a>
|
|
14
14
|
<a href="https://www.npmjs.com/package/graphile-plugin-connection-filter">
|
|
@@ -16,27 +16,40 @@
|
|
|
16
16
|
</a>
|
|
17
17
|
</p>
|
|
18
18
|
|
|
19
|
-
|
|
19
|
+
**`graphile-plugin-connection-filter`** adds a powerful suite of filtering capabilities to PostGraphile schemas.
|
|
20
20
|
|
|
21
21
|
> **Warning:** Use of this plugin with the default options may make it **astoundingly trivial** for a malicious actor (or a well-intentioned application that generates complex GraphQL queries) to overwhelm your database with expensive queries. See the [Performance and Security](https://github.com/graphile-contrib/graphile-plugin-connection-filter#performance-and-security) section below for details.
|
|
22
22
|
|
|
23
|
-
##
|
|
23
|
+
## 🚀 Installation
|
|
24
24
|
|
|
25
25
|
Requires PostGraphile v4.5.0 or higher.
|
|
26
26
|
|
|
27
27
|
Install with:
|
|
28
28
|
|
|
29
29
|
```
|
|
30
|
-
|
|
30
|
+
pnpm add postgraphile graphile-plugin-connection-filter
|
|
31
31
|
```
|
|
32
32
|
|
|
33
|
-
|
|
33
|
+
## ✨ Features
|
|
34
|
+
|
|
35
|
+
This plugin supports filtering on almost all PostgreSQL types, including complex types such as domains, ranges, arrays, and composite types. For details on the specific operators supported for each type, see [docs/operators.md](https://github.com/graphile-contrib/graphile-plugin-connection-filter/blob/master/docs/operators.md).
|
|
36
|
+
|
|
37
|
+
See also:
|
|
38
|
+
|
|
39
|
+
- [@graphile/pg-aggregates](https://github.com/graphile/pg-aggregates) - integrates with this plugin to enable powerful aggregate filtering
|
|
40
|
+
- [graphile-plugin-connection-filter-postgis](https://github.com/constructive-io/constructive/tree/main/graphile/graphile-plugin-connection-filter-postgis) - adds PostGIS functions and operators for filtering on `geography`/`geometry` columns
|
|
41
|
+
- [postgraphile-plugin-fulltext-filter](https://github.com/mlipscombe/postgraphile-plugin-fulltext-filter) - adds a full text search operator for filtering on `tsvector` columns
|
|
42
|
+
- [postgraphile-plugin-unaccented-text-search-filter](https://github.com/spacefill/postgraphile-plugin-unaccented-text-search-filter) - adds unaccent text search operators
|
|
43
|
+
|
|
44
|
+
## 📦 Usage
|
|
45
|
+
|
|
46
|
+
### CLI usage via `--append-plugins`:
|
|
34
47
|
|
|
35
48
|
```
|
|
36
49
|
postgraphile --append-plugins graphile-plugin-connection-filter -c postgres://localhost/my_db ...
|
|
37
50
|
```
|
|
38
51
|
|
|
39
|
-
Library usage via `appendPlugins`:
|
|
52
|
+
### Library usage via `appendPlugins`:
|
|
40
53
|
|
|
41
54
|
```ts
|
|
42
55
|
import ConnectionFilterPlugin from "graphile-plugin-connection-filter";
|
|
@@ -47,7 +60,7 @@ const middleware = postgraphile(DATABASE_URL, SCHEMAS, {
|
|
|
47
60
|
});
|
|
48
61
|
```
|
|
49
62
|
|
|
50
|
-
## Performance and Security
|
|
63
|
+
## ⚠️ Performance and Security
|
|
51
64
|
|
|
52
65
|
By default, this plugin:
|
|
53
66
|
|
|
@@ -65,24 +78,13 @@ To protect your server, you can:
|
|
|
65
78
|
|
|
66
79
|
Also see the [Production Considerations](https://www.graphile.org/postgraphile/production) page of the official PostGraphile docs, which discusses query whitelisting.
|
|
67
80
|
|
|
68
|
-
##
|
|
69
|
-
|
|
70
|
-
This plugin supports filtering on almost all PostgreSQL types, including complex types such as domains, ranges, arrays, and composite types. For details on the specific operators supported for each type, see [docs/operators.md](https://github.com/graphile-contrib/graphile-plugin-connection-filter/blob/master/docs/operators.md).
|
|
71
|
-
|
|
72
|
-
See also:
|
|
73
|
-
|
|
74
|
-
- [@graphile/pg-aggregates](https://github.com/graphile/pg-aggregates) - integrates with this plugin to enable powerful aggregate filtering
|
|
75
|
-
- [graphile-plugin-connection-filter-postgis](https://github.com/launchql/launchql/tree/main/graphile/graphile-plugin-connection-filter-postgis) - adds PostGIS functions and operators for filtering on `geography`/`geometry` columns
|
|
76
|
-
- [postgraphile-plugin-fulltext-filter](https://github.com/mlipscombe/postgraphile-plugin-fulltext-filter) - adds a full text search operator for filtering on `tsvector` columns
|
|
77
|
-
- [postgraphile-plugin-unaccented-text-search-filter](https://github.com/spacefill/postgraphile-plugin-unaccented-text-search-filter) - adds unaccent text search operators
|
|
78
|
-
|
|
79
|
-
## Handling `null` and empty objects
|
|
81
|
+
## 🚦 Handling `null` and empty objects
|
|
80
82
|
|
|
81
83
|
By default, this plugin will throw an error when `null` literals or empty objects (`{}`) are included in `filter` input objects. This prevents queries with ambiguous semantics such as `filter: { field: null }` and `filter: { field: { equalTo: null } }` from returning unexpected results. For background on this decision, see https://github.com/graphile-contrib/graphile-plugin-connection-filter/issues/58.
|
|
82
84
|
|
|
83
85
|
To allow `null` and `{}` in inputs, use the `connectionFilterAllowNullInput` and `connectionFilterAllowEmptyObjectInput` options documented under [Plugin Options](https://github.com/graphile-contrib/graphile-plugin-connection-filter#plugin-options). Please note that even with `connectionFilterAllowNullInput` enabled, `null` is never interpreted as a SQL `NULL`; fields with `null` values are simply ignored when resolving the query.
|
|
84
86
|
|
|
85
|
-
## Plugin Options
|
|
87
|
+
## 🔧 Plugin Options
|
|
86
88
|
|
|
87
89
|
When using PostGraphile as a library, the following plugin options can be passed via `graphileBuildOptions`:
|
|
88
90
|
|
|
@@ -265,7 +267,7 @@ postgraphile(pgConfig, schema, {
|
|
|
265
267
|
});
|
|
266
268
|
```
|
|
267
269
|
|
|
268
|
-
## Examples
|
|
270
|
+
## 🧪 Examples
|
|
269
271
|
|
|
270
272
|
```graphql
|
|
271
273
|
query {
|
|
@@ -279,86 +281,82 @@ query {
|
|
|
279
281
|
|
|
280
282
|
For an extensive set of examples, see [docs/examples.md](https://github.com/graphile-contrib/graphile-plugin-connection-filter/blob/master/docs/examples.md).
|
|
281
283
|
|
|
282
|
-
##
|
|
283
|
-
|
|
284
|
-
To establish a test environment, create an empty PostgreSQL database with C collation (required for consistent ordering of strings) and set a `TEST_DATABASE_URL` environment variable with your database connection string.
|
|
284
|
+
## 🧪 Testing
|
|
285
285
|
|
|
286
|
-
```
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
yarn
|
|
290
|
-
yarn test
|
|
286
|
+
```sh
|
|
287
|
+
# requires a local Postgres available (defaults to postgres/password@localhost:5432)
|
|
288
|
+
pnpm --filter graphile-plugin-connection-filter test
|
|
291
289
|
```
|
|
292
290
|
|
|
293
291
|
---
|
|
294
292
|
|
|
295
293
|
## Education and Tutorials
|
|
296
294
|
|
|
297
|
-
1. 🚀 [Quickstart: Getting Up and Running](https://
|
|
295
|
+
1. 🚀 [Quickstart: Getting Up and Running](https://constructive.io/learn/quickstart)
|
|
298
296
|
Get started with modular databases in minutes. Install prerequisites and deploy your first module.
|
|
299
297
|
|
|
300
|
-
2. 📦 [Modular PostgreSQL Development with Database Packages](https://
|
|
298
|
+
2. 📦 [Modular PostgreSQL Development with Database Packages](https://constructive.io/learn/modular-postgres)
|
|
301
299
|
Learn to organize PostgreSQL projects with pgpm workspaces and reusable database modules.
|
|
302
300
|
|
|
303
|
-
3. ✏️ [Authoring Database Changes](https://
|
|
301
|
+
3. ✏️ [Authoring Database Changes](https://constructive.io/learn/authoring-database-changes)
|
|
304
302
|
Master the workflow for adding, organizing, and managing database changes with pgpm.
|
|
305
303
|
|
|
306
|
-
4. 🧪 [End-to-End PostgreSQL Testing with TypeScript](https://
|
|
304
|
+
4. 🧪 [End-to-End PostgreSQL Testing with TypeScript](https://constructive.io/learn/e2e-postgres-testing)
|
|
307
305
|
Master end-to-end PostgreSQL testing with ephemeral databases, RLS testing, and CI/CD automation.
|
|
308
306
|
|
|
309
|
-
5. ⚡ [Supabase Testing](https://
|
|
307
|
+
5. ⚡ [Supabase Testing](https://constructive.io/learn/supabase)
|
|
310
308
|
Use TypeScript-first tools to test Supabase projects with realistic RLS, policies, and auth contexts.
|
|
311
309
|
|
|
312
|
-
6. 💧 [Drizzle ORM Testing](https://
|
|
310
|
+
6. 💧 [Drizzle ORM Testing](https://constructive.io/learn/drizzle-testing)
|
|
313
311
|
Run full-stack tests with Drizzle ORM, including database setup, teardown, and RLS enforcement.
|
|
314
312
|
|
|
315
|
-
7. 🔧 [Troubleshooting](https://
|
|
313
|
+
7. 🔧 [Troubleshooting](https://constructive.io/learn/troubleshooting)
|
|
316
314
|
Common issues and solutions for pgpm, PostgreSQL, and testing.
|
|
317
315
|
|
|
318
|
-
## Related
|
|
316
|
+
## Related Constructive Tooling
|
|
319
317
|
|
|
320
318
|
### 🧪 Testing
|
|
321
319
|
|
|
322
|
-
* [
|
|
323
|
-
* [
|
|
324
|
-
* [
|
|
325
|
-
* [
|
|
320
|
+
* [pgsql-test](https://github.com/constructive-io/constructive/tree/main/packages/pgsql-test): **📊 Isolated testing environments** with per-test transaction rollbacks—ideal for integration tests, complex migrations, and RLS simulation.
|
|
321
|
+
* [supabase-test](https://github.com/constructive-io/constructive/tree/main/packages/supabase-test): **🧪 Supabase-native test harness** preconfigured for the local Supabase stack—per-test rollbacks, JWT/role context helpers, and CI/GitHub Actions ready.
|
|
322
|
+
* [graphile-test](https://github.com/constructive-io/constructive/tree/main/packages/graphile-test): **🔐 Authentication mocking** for Graphile-focused test helpers and emulating row-level security contexts.
|
|
323
|
+
* [pg-query-context](https://github.com/constructive-io/constructive/tree/main/packages/pg-query-context): **🔒 Session context injection** to add session-local context (e.g., `SET LOCAL`) into queries—ideal for setting `role`, `jwt.claims`, and other session settings.
|
|
326
324
|
|
|
327
325
|
### 🧠 Parsing & AST
|
|
328
326
|
|
|
329
|
-
* [
|
|
330
|
-
* [
|
|
331
|
-
* [
|
|
332
|
-
* [@pgsql/enums](https://
|
|
333
|
-
* [@pgsql/types](https://
|
|
334
|
-
* [@pgsql/utils](https://
|
|
335
|
-
* [
|
|
327
|
+
* [pgsql-parser](https://www.npmjs.com/package/pgsql-parser): **🔄 SQL conversion engine** that interprets and converts PostgreSQL syntax.
|
|
328
|
+
* [libpg-query-node](https://www.npmjs.com/package/libpg-query): **🌉 Node.js bindings** for `libpg_query`, converting SQL into parse trees.
|
|
329
|
+
* [pg-proto-parser](https://www.npmjs.com/package/pg-proto-parser): **📦 Protobuf parser** for parsing PostgreSQL Protocol Buffers definitions to generate TypeScript interfaces, utility functions, and JSON mappings for enums.
|
|
330
|
+
* [@pgsql/enums](https://www.npmjs.com/package/@pgsql/enums): **🏷️ TypeScript enums** for PostgreSQL AST for safe and ergonomic parsing logic.
|
|
331
|
+
* [@pgsql/types](https://www.npmjs.com/package/@pgsql/types): **📝 Type definitions** for PostgreSQL AST nodes in TypeScript.
|
|
332
|
+
* [@pgsql/utils](https://www.npmjs.com/package/@pgsql/utils): **🛠️ AST utilities** for constructing and transforming PostgreSQL syntax trees.
|
|
333
|
+
* [pg-ast](https://www.npmjs.com/package/pg-ast): **🔍 Low-level AST tools** and transformations for Postgres query structures.
|
|
336
334
|
|
|
337
335
|
### 🚀 API & Dev Tools
|
|
338
336
|
|
|
339
|
-
* [launchql/server](https://github.com/
|
|
340
|
-
* [launchql/explorer](https://github.com/
|
|
337
|
+
* [launchql/server](https://github.com/constructive-io/constructive/tree/main/packages/server): **⚡ Express-based API server** powered by PostGraphile to expose a secure, scalable GraphQL API over your Postgres database.
|
|
338
|
+
* [launchql/explorer](https://github.com/constructive-io/constructive/tree/main/packages/explorer): **🔎 Visual API explorer** with GraphiQL for browsing across all databases and schemas—useful for debugging, documentation, and API prototyping.
|
|
341
339
|
|
|
342
340
|
### 🔁 Streaming & Uploads
|
|
343
341
|
|
|
344
|
-
* [launchql/s3-streamer](https://github.com/
|
|
345
|
-
* [launchql/etag-hash](https://github.com/
|
|
346
|
-
* [launchql/etag-stream](https://github.com/
|
|
347
|
-
* [launchql/uuid-hash](https://github.com/
|
|
348
|
-
* [launchql/uuid-stream](https://github.com/
|
|
349
|
-
* [launchql/upload-names](https://github.com/
|
|
342
|
+
* [launchql/s3-streamer](https://github.com/constructive-io/constructive/tree/main/packages/s3-streamer): **📤 Direct S3 streaming** for large files with support for metadata injection and content validation.
|
|
343
|
+
* [launchql/etag-hash](https://github.com/constructive-io/constructive/tree/main/packages/etag-hash): **🏷️ S3-compatible ETags** created by streaming and hashing file uploads in chunks.
|
|
344
|
+
* [launchql/etag-stream](https://github.com/constructive-io/constructive/tree/main/packages/etag-stream): **🔄 ETag computation** via Node stream transformer during upload or transfer.
|
|
345
|
+
* [launchql/uuid-hash](https://github.com/constructive-io/constructive/tree/main/packages/uuid-hash): **🆔 Deterministic UUIDs** generated from hashed content, great for deduplication and asset referencing.
|
|
346
|
+
* [launchql/uuid-stream](https://github.com/constructive-io/constructive/tree/main/packages/uuid-stream): **🌊 Streaming UUID generation** based on piped file content—ideal for upload pipelines.
|
|
347
|
+
* [launchql/upload-names](https://github.com/constructive-io/constructive/tree/main/packages/upload-names): **📂 Collision-resistant filenames** utility for structured and unique file names for uploads.
|
|
350
348
|
|
|
351
349
|
### 🧰 CLI & Codegen
|
|
352
350
|
|
|
353
|
-
* [pgpm](https://github.com/
|
|
354
|
-
* [@launchql/cli](https://github.com/
|
|
355
|
-
* [launchql/launchql-gen](https://github.com/
|
|
356
|
-
* [@launchql/query-builder](https://github.com/
|
|
357
|
-
* [@launchql/query](https://github.com/
|
|
351
|
+
* [pgpm](https://github.com/constructive-io/constructive/tree/main/packages/pgpm): **🖥️ PostgreSQL Package Manager** for modular Postgres development. Works with database workspaces, scaffolding, migrations, seeding, and installing database packages.
|
|
352
|
+
* [@launchql/cli](https://github.com/constructive-io/constructive/tree/main/packages/cli): **🖥️ Command-line toolkit** for managing LaunchQL projects—supports database scaffolding, migrations, seeding, code generation, and automation.
|
|
353
|
+
* [launchql/launchql-gen](https://github.com/constructive-io/constructive/tree/main/packages/launchql-gen): **✨ Auto-generated GraphQL** mutations and queries dynamically built from introspected schema data.
|
|
354
|
+
* [@launchql/query-builder](https://github.com/constructive-io/constructive/tree/main/packages/query-builder): **🏗️ SQL constructor** providing a robust TypeScript-based query builder for dynamic generation of `SELECT`, `INSERT`, `UPDATE`, `DELETE`, and stored procedure calls—supports advanced SQL features like `JOIN`, `GROUP BY`, and schema-qualified queries.
|
|
355
|
+
* [@launchql/query](https://github.com/constructive-io/constructive/tree/main/packages/query): **🧩 Fluent GraphQL builder** for PostGraphile schemas. ⚡ Schema-aware via introspection, 🧩 composable and ergonomic for building deeply nested queries.
|
|
358
356
|
|
|
359
357
|
## Credits
|
|
360
358
|
|
|
361
|
-
🛠 Built by
|
|
359
|
+
🛠 Built by Constructive — if you like our tools, please checkout and contribute to [our github ⚛️](https://github.com/constructive-io)
|
|
362
360
|
|
|
363
361
|
|
|
364
362
|
## Disclaimer
|
package/package.json
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "graphile-plugin-connection-filter",
|
|
3
|
-
"version": "2.3.
|
|
3
|
+
"version": "2.3.4",
|
|
4
4
|
"description": "Filtering on PostGraphile connections",
|
|
5
5
|
"author": "Matt Bretl",
|
|
6
|
-
"homepage": "https://github.com/
|
|
6
|
+
"homepage": "https://github.com/constructive-io/constructive",
|
|
7
7
|
"license": "MIT",
|
|
8
8
|
"main": "index.js",
|
|
9
9
|
"module": "esm/index.js",
|
|
@@ -24,7 +24,7 @@
|
|
|
24
24
|
},
|
|
25
25
|
"repository": {
|
|
26
26
|
"type": "git",
|
|
27
|
-
"url": "https://github.com/
|
|
27
|
+
"url": "https://github.com/constructive-io/constructive"
|
|
28
28
|
},
|
|
29
29
|
"keywords": [
|
|
30
30
|
"postgraphile",
|
|
@@ -36,7 +36,7 @@
|
|
|
36
36
|
"launchql"
|
|
37
37
|
],
|
|
38
38
|
"bugs": {
|
|
39
|
-
"url": "https://github.com/
|
|
39
|
+
"url": "https://github.com/constructive-io/constructive/issues"
|
|
40
40
|
},
|
|
41
41
|
"dependencies": {
|
|
42
42
|
"graphile-build": "^4.14.1",
|
|
@@ -49,10 +49,10 @@
|
|
|
49
49
|
"devDependencies": {
|
|
50
50
|
"@graphile-contrib/pg-simplify-inflector": "^6.1.0",
|
|
51
51
|
"@types/pg": "^8.15.6",
|
|
52
|
-
"graphile-test": "^2.8.
|
|
52
|
+
"graphile-test": "^2.8.12",
|
|
53
53
|
"makage": "^0.1.6",
|
|
54
54
|
"pg": "^8.16.0",
|
|
55
|
-
"pgsql-test": "^2.14.
|
|
55
|
+
"pgsql-test": "^2.14.15"
|
|
56
56
|
},
|
|
57
|
-
"gitHead": "
|
|
57
|
+
"gitHead": "5a0d7c7502624bd42a214f983fd7ab957e1fb3e3"
|
|
58
58
|
}
|