Analyzing code for compliance with guidelines is one part of the code quality assuarance and automating it with tools like ESLint and binding the checks with build process is common and routine operation. But what about validating GraphQL schema and queries? Here are some pointers to tools you can use to start linting your GraphQL schema.
apollo-tooling: Brings together your GraphQL clients and servers with tools for validating your schema, linting your operations and generating static types.
Using ESLint for GraphQL checks
Depending of you project structure and how you've created your schema and queries you can use different tools for linting it. eslint-plugin-graphql requires you to have the schema ready whereas graphql-eslint can do some checks and validation without the schema.
Using the graphql-eslint and configuration in package.json where the project uses code files to store GraphQL schema / operations:
Linting process can be enriched and extended with GraphQL type information, if you are able to provide your GraphQL schema.
Introspection Query and schema linting
GraphQL APIs are required to be self-documenting and every standard conforming GraphQL API needs to respond to queries about its own structure. This system is called introspection. The key for GraphQL validation is doing the introspection query and getting the schema in GraphQL Schema Definition Language format. The query gets you the JSON representation of the shape of the API which you can convert to SDL. See more about GraphQL Schemas.
You can use the apollo-tooling for the introspection. First start your GraphQL service and point the apollo to it.
npx apollo client:download-schema --endpoint=http://localhost:4444/graphql schema.graphql
The tooling outputs in this case the schema in GraphQL SDL format (.graphql) and you can also get it in JSON by using the schema.json filename.
Now that you have the GraphQL schema you can lint it by using graphql-schema-linter. Create config graphql-schema-linter.config.js in your project root folder.
CitySec Mayhem presentations playlist "Five Ways To Fail At Crime, Spotting the Storm: Attack Detection in the Cloud, Hunted: From Wanted Blackhat to Celebrated Whitehat, Plug - Silver Sparrow And The Tale Of The Mysterious Insu File, Forensics Crash Course, Find & kill your WordPress intruder with bare hands (and logs)"
Take a Ride With Me "Watch cyclists ride down hill form the comfort of your own saddle. Better with sound on. Website takes forever to load, so open in background, and check on it in a minute." (from Weekend Reading)