npm - graphjin - Versions diffs - 2.0.3 → 2.0.5 - Mend

graphjin 2.0.3 → 2.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +29 -30
package/package.json +9 -14
package/wasm/config/dev.yml +128 -0
package/wasm/config/prod.yml +21 -0
package/wasm/graphjin.wasm +0 -0
package/wasm/{globals.js → js/globals.js} +0 -0
package/wasm/{graphjin.js → js/graphjin.js} +3 -2
package/wasm/js/install.js +27 -0
/package/wasm/{runtime → js}/wasm_exec.js +0 -0

package/README.md CHANGED Viewed

@@ -9,39 +9,12 @@
 <!-- [![Run on Google Cloud](./.github/deploy-cloud-run-button.svg)](https://deploy.cloud.run)
  -->
-GraphJin gives you an instant secure and fast GraphQL API without code. Just use a GraphQL query to define your API and GraphJin automagically converts it into a full featured API. Build your backend APIs 100X faster.
-Works with NodeJS and GO. Supports several databases, Postgres, MySQL, YugabyteDB Cockroach, etc.
-## Quick install
-NPM
-```
-npm install graphjin
-```
-Mac (Homebrew)
-```
-brew install dosco/graphjin/graphjin
-```
-Ubuntu (Snap)
-```
-sudo snap install --classic graphjin
-```
-Debian and Redhat ([releases](https://github.com/dosco/graphjin/releases))
-```
-Download the .deb or .rpm from the releases page and install with dpkg -i and rpm -i respectively.
-```
+GraphJin gives you an instant secure and fast GraphQL API without code. Just use a GraphQL query to define your API and GraphJin automagically converts it into a full featured API. Build your backend APIs **100X** faster. Works with **NodeJS** and **GO**. Supports several databases, **Postgres**, **MySQL**, **YugabyteDB**, **Cockroach**, etc.
 ## Secure out of the box
-When you use a query in development it's saved to an allow list and only queries from this allow list can be run in production. In production these allowed queries are converted into prepared statments in the database to protect against sql injection, etc. This makes GraphJin very secure and also very fast since no compiling happens in production all queries go directly to the database. GraphJin is built in Go a language designed by Google to be fast and secure.
+In production all queries are always read from locally saved copies not from what the client sends hence clients cannot modify the query. This makes
+GraphJin very secure as its similiar to building APIs by hand. The idea that GraphQL means that clients can change the query as they wish **does not** apply to GraphJin
 ---
@@ -108,6 +81,32 @@ console.log("Express server started on port %s", server.address().port);
 ## Use with GO / Standalone service
+### Quick install
+Mac (Homebrew)
+```
+brew install dosco/graphjin/graphjin
+```
+Ubuntu (Snap)
+```
+sudo snap install --classic graphjin
+```
+Debian and Redhat ([releases](https://github.com/dosco/graphjin/releases))
+```
+Download the .deb or .rpm from the releases page and install with dpkg -i and rpm -i respectively.
+```
+NPM
+```
+npm install graphjin
+```
 ### Quickly create and deploy new apps
 ```bash

package/package.json CHANGED Viewed

@@ -1,17 +1,17 @@
 {
   "name": "graphjin",
-  "version": "2.0.3",
-  "description": "GraphJin - Build APIs in 5 minutes with GraphQL. An instant GraphQL to SQL compiler.",
+  "version": "2.0.5",
+  "description": "GraphJin - Build APIs in 5 minutes with GraphQL",
   "type": "module",
-  "main": "wasm/graphjin.js",
+  "main": "wasm/js/graphjin.js",
   "files": [
+    "./wasm/config",
+    "./wasm/runtime",
     "./wasm/graphjin.wasm",
-    "./wasm/*.js",
-    "./wasm/runtime"
+    "./wasm/js/*.js"
   ],
   "scripts": {
-    "postinstall": "go-npm install",
-    "preuninstall": "go-npm uninstall"
+    "postinstall": "node ./wasm/js/install.js"
   },
   "repository": {
     "type": "git",
@@ -29,12 +29,7 @@
     "url": "https://github.com/dosco/graphjin/issues"
   },
   "homepage": "https://github.com/dosco/graphjin#readme",
-  "goBinary": {
-    "name": "graphjin",
-    "path": "./bin",
-    "url": "https://github.com/dosco/graphjin/releases/download/v{{version}}/graphjin_{{version}}_{{platform}}_{{arch}}.tar.gz"
-  },
-  "dependencies": {
-    "@go-task/cli": "^3.16.0"
+  "devDependencies": {
+    "fs-extra": "^11.1.0"
   }
 }

package/wasm/config/dev.yml ADDED Viewed

@@ -0,0 +1,128 @@
+# When production mode is 'true' only queries
+# from the allow list are permitted.
+production: false
+# Secret key for general encryption operations like
+# encrypting the cursor data
+secret_key: supercalifajalistics
+# Subscriptions poll the database to query for updates
+# this sets the duration (in seconds) between requests.
+# Defaults to 5 seconds
+subs_poll_every_seconds: 5
+# Default limit value to be used on queries and as the max
+# limit on all queries where a limit is defined as a query variable.
+# Defaults to 20
+default_limit: 20
+# Disables all aggregation functions like count, sum, etc
+# disable_agg_functions: false
+# Disables all functions like count, length, etc
+# disable_functions: false
+# Enables using camel case terms in GraphQL which are converted
+# to snake case in SQL
+# enable_camelcase: false
+# Set session variable "user.id" to the user id
+# Enable this if you need the user id in triggers, etc
+# Note: This will not work with subscriptions
+set_user_id: false
+# DefaultBlock ensures that in anonymous mode (role 'anon') all tables
+# are blocked from queries and mutations. To open access to tables in
+# anonymous mode they have to be added to the 'anon' role config.
+default_block: false
+# Define additional variables here to be used with filters
+# Variables used require a type suffix eg. $user_id:bigint
+variables:
+  #admin_account_id: "5"
+  admin_account_id: "sql:select id from users where admin = true limit 1"
+# Define variables set to values extracted from http headers
+header_variables:
+  remote_ip: "X-Forwarded-For"
+# Field and table names that you wish to block
+blocklist:
+  - ar_internal_metadata
+  - schema_migrations
+  - secret
+  - password
+  - encrypted
+  - token
+# resolvers:
+#   - name: payments
+#     type: remote_api
+#     table: customers
+#     column: stripe_id
+#     json_path: data
+#     debug: false
+#     url: http://payments/payments/$id
+#     pass_headers:
+#       - cookie
+#     set_headers:
+#       - name: Host
+#         value: 0.0.0.0
+#       # - name: Authorization
+#       #   value: Bearer <stripe_api_key>
+tables:
+  - # You can create new fields that have a
+    # real db table backing them
+    name: me
+    table: users
+  - name: users
+    order_by:
+      new_users: ["created_at desc", "id asc"]
+      id: ["id asc"]
+# Variables used require a type suffix eg. $user_id:bigint
+#roles_query: "SELECT * FROM users WHERE id = $user_id:bigint"
+roles:
+  # if `auth.type` is set to a valid auth type then
+  # all tables are blocked for the anon role unless
+  # added to the role like below.
+  # - name: anon
+  #   tables:
+  #     - name: users
+  #       query:
+  #         limit: 10
+  - name: user
+    tables:
+      - name: me
+        query:
+          filters: ["{ id: { _eq: $user_id } }"]
+      # - name: products
+      #   query:
+      #     limit: 50
+      #     filters: ["{ user_id: { eq: $user_id } }"]
+      #     disable_functions: false
+      #   insert:
+      #     filters: ["{ user_id: { eq: $user_id } }"]
+      #     presets:
+      #       - user_id: "$user_id"
+      #       - created_at: "now"
+      #   update:
+      #     filters: ["{ user_id: { eq: $user_id } }"]
+      #     presets:
+      #       - updated_at: "now"
+      #   delete:
+      #     block: true
+  # - name: admin
+  #   match: id = 1000
+  #   tables:
+  #     - name: users
+  #       filters: []

package/wasm/config/prod.yml ADDED Viewed

@@ -0,0 +1,21 @@
+# Inherit config from this other config file
+# so I only need to overwrite some values
+inherits: dev
+# When production mode is 'true' only queries
+# from the allow list are permitted.
+production: true
+# Secret key for general encryption operations like
+# encrypting the cursor data
+secret_key: supercalifajalistics
+# Subscriptions poll the database to query for updates
+# this sets the duration (in seconds) between requests.
+# Defaults to 5 seconds
+subs_poll_every_seconds: 5
+# Default limit value to be used on queries and as the max
+# limit on all queries where a limit is defined as a query variable.
+# Defaults to 20
+default_limit: 20

package/wasm/graphjin.wasm CHANGED Viewed

Binary file

package/wasm/{globals.js → js/globals.js} RENAMED Viewed

File without changes

package/wasm/{graphjin.js → js/graphjin.js} RENAMED Viewed

@@ -1,6 +1,7 @@
 import "./globals.js"
+import * as _ from "./wasm_exec.js";
 import fs from "fs"
-import * as _ from "./runtime/wasm_exec.js";
 import { fileURLToPath } from 'url';
 import { dirname, join } from 'path';
@@ -9,7 +10,7 @@ const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
 const go = new Go();
-const f = fs.readFileSync(join(__dirname,"./graphjin.wasm"));
+const f = fs.readFileSync(join(__dirname,"../graphjin.wasm"));
 const inst = await WebAssembly.instantiate(f, go.importObject);
 go.run(inst.instance);

package/wasm/js/install.js ADDED Viewed

@@ -0,0 +1,27 @@
+import fs from "fs-extra"
+import { fileURLToPath } from 'url';
+import { basename, dirname, join } from 'path';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+const src = join(__dirname,"../config")
+const dst = process.env.INIT_CWD
+const newDst = join(dst, basename(src));
+const opt = {
+    overwrite: false,
+    errorOnExist: false,
+    dereference: true
+}
+try {
+    await fs.emptyDir(newDst)
+    await fs.copy(src, newDst, opt)
+} catch (err) {
+    console.error(err)
+    process.exit(1);
+}

/package/wasm/{runtime → js}/wasm_exec.js RENAMED Viewed

File without changes