Issue 172 | 12/06/2019
What's new with the GraphQL community?

powered by
Tom Nagle provides insight into GraphQL security vulnerabilities that are useful to keep in mind when building a large-scale enterprise application or even a simple side project. He breaks down major threats, like brute forcing vulnerable mutations, and offers detailed solutions against various attacks. The article includes sample code as well as helpful tools to prevent your schema from being leaked in public environments.
Read Article
In this quick tutorial, learn how to set up and use the Apollo iOS SDK library, which supports GraphQL subscriptions. You can generate all the subscriptions using the GraphQLSubscription protocol, passing parameters to the subscription you want to implement. The tutorial teaches how to utilize the GraphQL subscription feature to listen and send real-time messages using WebSockets.
Read Article
This blog discusses how Airbnb successfully migrated their large API to GraphQL, which led to improved page load times and a more intuitive user experience. The blog talks about the stack Airbnb used, how they handled aliasing and adapters to convert a GraphQL response, stage management, and other features in the project. Thomas Betts also explains all the benefits and improvements for Airbnb ever since they switched to GraphQL over REST.
Read Article
This article shares some key learnings on utilizing DynamoDB to develop a fully serverless GraphQL API in production. It discusses which query access patterns are important, how to handle proper abstractions and create your own opinionated ORM, and more. Learn the dos and don’ts to prevent your table from consuming too many write capacity units and enable large scalability.
Read Article
In Charles Lee’s talk, he presents on how Shopify has been updating and deprecating one of their most used GraphQL APIs, with the help of permissions, visibility markers, and versioning. He explores the setup of their GraphQL API and explains why Shopify has versioned schemas, which helps local development provide checks to ensure version constraints.
See Resource
Made with by Novvum