Execute one command (or mount one Node.js middleware) and get an instant high-performance GraphQL API for your PostgreSQL database!

Overview

PostGraphile

Patreon sponsor button Discord chat room Package on npm MIT license Follow

Instant lightning-fast GraphQL API backed primarily by your PostgreSQL database. Highly customisable and extensible thanks to incredibly powerful plugin system. Formerly "PostGraphQL".

Documentation: graphile.org/postgraphile

Crowd-funded open-source software

To help us develop this software sustainably under the MIT license, we ask all individuals and businesses that use it to help support its ongoing maintenance and development via sponsorship.

Click here to find out more about sponsors and sponsorship.

And please give some love to our featured sponsors 🤩 :

Chad Furman
Chad Furman
*
Storyscript
Storyscript
*
Postlight
Postlight
*
Surge.io
Surge.io
*
Sterblue
Sterblue
Politics Rewired
Politics Rewired

* Sponsors the entire Graphile suite

About

GraphQL is a new way of communicating with your server. It eliminates the problems of over- and under-fetching, incorporates strong data types, has built-in introspection, documentation and deprecation capabilities, and is implemented in many programming languages. This all leads to gloriously low-latency user experiences, better developer experiences, and much increased productivity. Because of all this, GraphQL is typically used as a replacement for (or companion to) RESTful API services.

PostgreSQL is the self-proclaimed “world’s most advanced open source database,” with each new release bring more amazing features and performance gains. Thinking of your database as a plain CRUD store is now an archaic viewpoint as modern PostgreSQL can do so much for you — from authorization with Row-Level Security (RLS, introduced in PG9.5), through Foreign Data Wrappers (FDW), to real time notifications with LISTEN/NOTIFY.

PostGraphile pairs these two incredible technologies together, helping you not only build applications more rapidly, but to build lightning-fast applications. PostGraphile allows you to access the power of PostgreSQL through a well designed, extensible, customisable and incredibly performant GraphQL server. It automatically detects tables, columns, indexes, relationships, views, types, functions, comments, and more - providing a GraphQL server that is highly intelligent about your data, and that automatically updates itself without restarting when you change your database schema.

With PostGraphile, a well designed database schema should serve the basis for a well thought out API. PostgreSQL already has amazing authorization and relationship infrastructure, why duplicate that logic in a custom API? A PostGraphile API is likely to provide a more performant and standards compliant GraphQL API than any created in-house, and can be built in a fraction of the time. Focus on your product and let PostGraphile worry about the API layer. Once you need to expand beyond this, we have a powerful plugin system including many community contributed plugins. For a critical evaluation of PostGraphile to determine if it fits in your tech stack, read evaluating PostGraphile for your project.

Introduction

Watch a talk by the original author Caleb at GraphQL Summit for a walk-through of building an application with PostGraphile in under 7 minutes. This was using v2 (then called PostGraphQL); we're now up to v4 which has many more bells and whistles!

PostGraphile at GraphQL Summit

Hear from the current maintainer Benjie at GraphQL Finland about the benefits of Database-Driven GraphQL Development:

Database Driven GraphQL Development at GraphQL Finland

Usage

Documentation: graphile.org/postgraphile

You can use PostGraphile via the CLI, as a Node.js middleware, or use the GraphQL schema directly. Make sure to check out the full usage instructions on the documentation website. We also have a PostgreSQL schema design guide you can follow to build a fully functional PostGraphile API.

CLI

To get started you can install PostGraphile globally:

npm install -g postgraphile

…and then just run it! By default, PostGraphile will connect to your local database at postgres://localhost:5432 and introspect the public schema. See the available CLI flags with:

postgraphile --help

When you're ready to use PostGraphile for your own project, you're advised to install it locally with yarn, and run it with npx:

yarn add postgraphile
npx postgraphile --help

Middleware

You can also use PostGraphile as native HTTP, Connect, Express, or Koa (experimental) middleware, e.g.:

yarn add postgraphile
import { createServer } from 'http';
import postgraphile from 'postgraphile';

createServer(postgraphile());

Check out hapi-postgraphile if you're interested in using PostGraphile as a hapi server plugin.

Docker

To run via Docker, simply pass the CLI options to the Docker container:

docker pull graphile/postgraphile
docker run --init graphile/postgraphile --help

E.g. you might run this command (substituting the relevant variables):

docker run --init -p 5000:5000 graphile/postgraphile --connection postgres://POSTGRES_USER:POSTGRES_PASSWORD@POSTGRES_HOST:POSTGRES_PORT/POSTGRES_DATABASE --schema app_public --watch

Read More

Full documentation for PostGraphile is located at graphile.org/postgraphile.

PostGraphile features include:

Requirements

Full requirements are on the website, but a basic summary is:

  • Node v8.6+
  • PostgreSQL 9.6+ (officially; but currently works with 9.4+)
  • Linux, macOS or Windows

Caveats:

  • PostGraphile does not have automated tests on Windows, if you notice any issues please file them (or send a PR!)

Supporting PostGraphile

The fastest and easiest way you can help PostGraphile thrive is by sponsoring ongoing development and maintenance.

Want to help testing and developing PostGraphile? Check out the contributing document to get started quickly!

Commercial support, consultancy and development services are available direct from the maintainer; see Professional Services for more information, or get in touch!

The maintainer of this project is @Benjie - follow him on Twitter!

Thanks

Huge thanks to the individuals and companies who sponsor PostGraphile's development - their financial contributions enable more time to be spent on the project: from bug fixes, to code review, to new features! If you want to help the project advance more rapidly, please join them in supporting this project 🙏

A humongous, heart-felt, thank you to the original author of PostGraphile - Caleb Meredith - for everything he put into PostGraphile! He's now graduated from the project and we all wish him the best for his future ventures!

Thanks also to the people working on PostgREST which was a huge inspiration for this project!

Thanks and enjoy 👍

Comments
  • Adding subscriptions

    Adding subscriptions

    In #87 I laid out a timeline for PostGraphQL, but I forgot to add subscriptions to that timeline! Once we’re done writing lots of documentation for PostGraphQL (step 2 in #87), let’s implement subscriptions to make PostGraphQL a viable contender for realtime API needs. I want to open this issue now because I’m not entirely sure how this would work, and I want help designing the feature. I know GraphQL JS has support for subscriptions, and PostgreSQL has a LISTEN/NOTIFY command for building simple pubsub systems. I’m just not sure how to wire them up.

    This is especially challenging because (as I understand it) LISTEN/NOTIFY is not statically typed, so this means events are:

    1. Not discoverable.
    2. Not easily convertible into a statically typed GraphQL schema.

    To make things even more tricky, in the default configuration NOTIFY payloads must be shorter than 8000 bytes.


    Here are my preliminary thoughts on implementation, but let’s discuss them!

    I’ve talked to people before who’ve implemented subscriptions in their GraphQL API and they said that whenever their server would get an update they would rerun the full GraphQL query. Lee Byron also said Facebook did this in the Reactiflux Q&A. The quote is:

    the full subscription query is run every time the underlying pubsub system gets triggered

    So we’ll do that. This means the 8000 bytes can be a Relay ID or something similar.

    PostGraphQL would LISTEN to the postgraphql channel, where we’d expect information about types and a table primary key from NOTIFYs.

    But we still need somewhere to define what kinds of subscriptions PostGraphQL knows about on startup time, so do we define these in a JSON file? In CLI arguments? Is there a way to add metadata to the PostgreSQL database itself? Do we create a postgraphql_subscriptions table and expect users to register subscriptions there? Or would a table like that be completely internal?

    Thoughts?

    💅 enhancement ✅ plugin-available 
    opened by calebmer 87
  • PostGraphQL V4 - announcing graphile-build

    PostGraphQL V4 - announcing graphile-build

    TL;DR:

    • This is v4 of PostGraphQL
    • PostGraphQL is renaming to "PostGraphile"
    • Massively improved performance and added extensibility via plugins
    • Breaking changes have been kept to a minimum; see bottom of this post
    • Remaining tasks: https://trello.com/b/x4xS0bVG/postgraphile-v4-remaining-tasks
    • Support my work https://www.patreon.com/benjie 🙏

    In spirit, this is a follow on to Caleb's "My vision for the future of PostGraphQL" #87, to learn about our history I suggest you read that.

    Hello everyone, I'm @benjie - the new primary maintainer of PostGraphQL!

    I've been a PostGraphQL user for almost a year and have used it on various projects; and I really love how easy it makes starting a new project - all I have to do is build my data schema in my favourite database (PostgreSQL), making sure that the schema itself is secure (using such features as Row Level Security), run postgraphql and voila - I've got a fully working GraphQL API that does what I'd expect. It's an extremely impressive piece of software and I think we're all extremely grateful to @calebmer for authoring it and bringing it to fruition!

    One of the issues that pops up time and again on the GitHub issues is extensibility - you can't add your own types/resolvers to the schema - everything has to be done in PostgreSQL. There's some work in #448 to partially resolve this, but I think I've found a better way...

    Another issue has been the performance of the system - it's an excellent reference implementation in terms of accuracy and returning what you'd expect, but under the covers it sometimes generates and runs a very large number of SQL queries and over-fetches data. I attempted to solve this in #342, but since then I think I've found a better way...

    Starting with GraphQL as a foundation I tried to imagine a system that could replicate PostGraphQL's benefits whilst remaining customisable, extensible and performant. I imagined PostGraphQL implemented as a number of plugins into a GraphQL schema builder - if you don't want certain functionality, simply don't use that plugin; if you want to add a bit of custom code, write a plugin; if you want to wrap one of PostGraphQL's resolvers with your own, write a plugin; if you... well: you get the point!

    64294439

    Introducing graphile-build!

    To enable this goal, over the past few weeks I've been busy building the following packages in a new monorepo at https://github.com/graphile/graphile-build

    • graphile-build: the core plugin system that enables you to build a GraphQL schema out of plugins

    • graphile-build-pg: A selection of plugins related to PostgreSQL: schema introspection, generation of fields and types for all tables, computed columns, query procedures, etc

    • postgraphile-core: a tiny compatibility layer between PostGraphQL and graphile-build/graphile-build-pg

    • graphql-parse-resolve-info: Parses a GraphQLResolveInfo object into a tree of the fields that are being requested to enable optimisations to the GraphQL schema (e.g. we use it to determine which fields are required from the SQL database)

    I believe this plugin interface can really enable PostGraphQL to grow and flourish. Changes can be implemented as replacements for existing plugins which can be tested outside of core until stable, at which point they can be merged. New functionality can be added in a similar way (subscriptions anyone?) without requiring to fork core. Experiments can be ran; not to mention that individual users can fix their issues with the system without having to have long running forked branches running!

    But, alas, it's not quite ready to go just yet. So far I've managed to get the core working sufficiently that I can run my existing projects against it, but there's more to be done before it's release ready. If you're interested in contributing (code, testing, or other support) please get in touch!

    Thanks for reading this far, to quote Blaise Pascal: "I would have written a shorter letter, but I did not have the time."

    Features required before release:

    • [x] Pass the PostGraphQL integration tests for queries
    • [x] Pass the PostGraphQL integration tests for mutations
    • [x] Only fetch the columns that are needed
    • [x] Perform as few SQL queries as possible, using the database instead of DataLoader to batch requests
    • [x] Fix issues with case insensitive unique keys
    • [x] Surface all the inflections to enable them to be overridden
    • [x] Optimise generated SQL queries
    • [x] Domain (alias) support
    • [x] Ensure all PG types are supported at least as well as PostGraphQL v3
    • [x] Pass the PostGraphQL schema tests (small changes are acceptable since we're doing a major version bump so are allowed breaking changes)
    • [x] Re-implement schema watching
    • [x] Ensure the JWT creation functionality still works
    • [x] Ensure GraphiQL still works (including with schema watching)
    • [x] Set up CI for graphile-build
    • [x] Don't crash on empty mutations
    • [x] Look into nodeId/id issue commented on in PR review below
    • [x] Resolve issues with mutations and computed columns
    • [x] Solve https://github.com/graphile/graphile-build/issues/3
    • [x] Solve @danscan's issue
    • [x] Restore PgCatalog functionality https://github.com/postgraphql/postgraphql/pull/306
    • [x] Have some beta-testers approve
    • [ ] Update documentation where necessary
    • [ ] Write a migration guide (if necessary)

    Features that would be nice to have, but can be implemented after release:

    • [x] Enable users to specify their own inflection
    • [x] More Documentation
    • [x] Add plugin customisation functionality to postgraphile-core
    • [x] Tidy up the remaining PostGraphQL codebase
    • [x] Enable users to specify additional plugins to load via the CLI
    • [ ] Enable users to specify plugins to not load via the CLI
    • [ ] Enable users to specify settings to be passed through to the plugin system via the CLI

    Breaking changes (should be a drop-in replacement for v3 for most people)

    Breaking changes I'm aware of (that aren't listed in the checkboxes to be solved above):

    • Minimum PostgreSQL version is now 9.4
    • Minimum Node.js version is now 4.0.0 (but you get significant performance boost by using v8+)
    • Json and Uuid have been renamed to JSON and UUID
    • UUID is enabled by default
    • Watch mode works differently, so if you had to set up that schema yourself (rather than having PostGraphQL do it for you) you'll need to set it up again
    • The introspection query has changed slightly, so if you use this directly for anything you may need to tweak your code.
    • A small number of things that were nullable before are not nullable now (deliberately - e.g. an empty list of results is now an empty array rather than null)
    • A small number of things that were not nullable before are nullable now (deliberately - e.g. setof procedures can return nulls (though I'd argue that doing so is bad practice!))
    • Many of the descriptions of fields have changed slightly
    • I use a different library for changing case, so it's possible that parts of the schema differ subtly, nothing in the acceptance tests has been affected by this
    • Procedure connections that return setof table have gone back to the V2 behaviour of returning the generic table connection rather than a connection specific to the procedure
    • Procedures that previously only supported orderBy: NATURAL no longer have orderBy
    • Ranges are handled differently, so there will likely be some subtly different behaviours there (the interface is basically the same however)
    • Scalar procedures returning setof no longer have pageInfo nor totalCount (this might be temporary depending on demand - let me know if this is a problem for you)
    • https://github.com/graphile/graphile-build/pull/89#issuecomment-336379423
    • security definer mutations that return a type from a private schema that the requesting PostgreSQL user is not allowed to view may now result in permission denied for schema xxxx see gitter

    Despite the long list, PostGraphQL v4 should be a drop-in replacement for most people - if you see any major issues please let me know.

    Have a look at postgraphqlIntegrationSchema-test.js.snap to get an idea what sort of changes you're dealing with - they're mostly minor.

    opened by benjie 78
  • Postgraph4 Type.getFields is not a function

    Postgraph4 Type.getFields is not a function

    It's possible my procedure is invalid or returning invalid results.

    This procedure

    create or replace function account.authenticate(email text, password text)
      returns account.auth_response_data
    AS $$
    declare
      credentials account_private.credentials;
      profile account.profile;
    begin
      select c.* into credentials
        from account_private.credentials as c
        where c.email = $1;
    
      select p.* into profile
        from account.profile as p
        where p.id = credentials.profile_id;
    
      if credentials.password <> crypt(password, credentials.password) then
        -- FIXME: update failed login count for this IP addres
        return null;
      end if;
    
      -- FIXME: update last login time and IP address
      return (profile, ('evercast_account', credentials.profile_id)::account.jwt)::account.auth_response_data;
    end;
    $$
    LANGUAGE 'plpgsql' VOLATILE
    

    This query:

    mutation Authentication {
      authenticate(input: {email:"chad@adsfasdf", password:"asdfasdfasdf"}) {
        authResponseDatum {
          jwt
        }
      }
    }
    

    This error

    {
      "errors": [
        {
          "message": "Type.getFields is not a function",
          "locations": [
            {
              "line": 14,
              "column": 3
            }
          ],
          "path": [
            "authenticate"
          ]
        }
      ],
      "data": null
    }
    `
    opened by chadfurman 60
  • Enhance error handling and expression in the GraphQL schema

    Enhance error handling and expression in the GraphQL schema

    Hey there,

    I was wondering how I could use postgraphql with relay that has a bit of app state as well?

    it looks like what facebook does with modern is build a graphql endpoint that just doesn't do anything to the database, but then the cache picks it up, so how would this work within postgraphql?

    💅 enhancement 📄 add-to-docs 🚨 breaking-change 💬 discussion 
    opened by lifeiscontent 54
  • Using PostGIS with postgraphql

    Using PostGIS with postgraphql

    Is this library compatible with PostGIS?

    Running postgraphql@next, I can generate the graphql schema of a pg database with PostGIS installed.

    However, I cannot manage to find how to get for example the result of this query via GraphQL:

    SELECT ST_AsGeoJSON(polygon) from territories;
    

    assuming I have a table called territories with a column named polygon.

    📄 add-to-docs 
    opened by amaurym 50
  • List query filter improvements

    List query filter improvements

    Deprecation of existing list

    Some of my applications rely heavily on current implementation. I think removal should be done only after similar mechanism will be developed. Creating procedures for each entity is rather time consuming.

    New filter syntax suggestion:

    One of the possible solutions is to use Mongo like syntax http://rest-layer.io/#filtering

    userNodes(filters:UserFilters,order:UserOrdering,pagination:Pagination)
    
    UserFilters
    {
      login: StringFilters
      email: StringFilters
      birthdate: DateFilters
    }
    
    StringFilters
    {
     eq: String
     like: String
     regex: String
    }
    
    DateFilters
    {
     gt: Date
     ge: Date
     between: [Date,Date]
    }
    

    Each Filter can also be a union type:

    StringFilters = String | StringFiltersExtended
    
    StringFiltersExtended
    {
     eq: String
     like: String
     regex: String
    }
    

    By default equality filters is performed. That allow keep compatibility with previous syntax(in case if all fields will be listed in query itself)

    In this way we will be able to support specific operators for different types. Otherwise this can be parametrized type with (eq,gt,ge,le,etc..) operators

    💅 enhancement 🙏 help-wanted 📄 add-to-docs ✨ Possible via v4 plugin 
    opened by artem-barmin 48
  • get JWT from cookies and customize response headers from stored procedure

    get JWT from cookies and customize response headers from stored procedure

    Cookies have the ability to be HttpOnly and can require HTTPS -- things that local storage cannot do. If the client must know the JWT to send the request, that means the JWT is accessible via JavaScript. Postgraph should be able to pull the jwt out of a cookie with a name of your choosing, rather than relying on the Authorization header.

    To get the JWT from a cookie we'd need to change getJwt: https://github.com/postgraphql/postgraphql/blob/607f6629986735139e2b77d5a9b1143846c4f691/src/postgraphql/http/createPostGraphQLHttpRequestHandler.js#L548

    Getting the JWT into an HttpOnly cookie is another can of worms. Maybe we could have it so if we return an optional, configurable field (i.e. select 'Cookie: ........' as responseHeaders) then the response header is automatically set and in this way we can support all sorts of response-header types including mime-types for dumping binary data straight out of the database.

    📄 add-to-docs 
    opened by chadfurman 46
  • 💅 Logo wanted 🙏

    💅 Logo wanted 🙏

    Hey lovely community, we need a logo! Can anyone help us out? I propose that requirements at this stage are:

    • Free (as in beer and speech)
    • Licensed in a way compatible with the PostGraphQL license that also allows us to modify it, scale it, redistribute it, print it on T-Shirts to sell, etc (I'm not sure how this would work best - Creative Commons maybe?)
    • Works well as an avatar (e.g. on GitHub, Twitter, etc)

    I'd like to keep this issue open for a few weeks to let people make alternative submissions and maybe iterate upon existing ones; at the end I think @calebmer will pick the winning logo, but he will likely be influenced by your 👍 votes.

    Please use the reactions in this way:

    • 👍 I vote for this logo (you can vote for as many logos as you want)
    • ❤️ Thanks for the submission, we really appreciate the effort you've put in
    • 👎 I do NOT want to see this, let's keep it positive!
    • 😕 If you think the logo is inappropriate in some way (e.g. violates a trademark, is rude, etc) - if you use this please add a (very polite!) explanation in the comments

    Thanks so much everyone!

    🙏 help-wanted 
    opened by benjie 46
  • WIP: Reduce the number of SQL queries

    WIP: Reduce the number of SQL queries

    • [x] calculate hasNextPage/hasPreviousPage in the same query as fetching the data
    • [x] remove a source of N+1 queries relating to relations (foo.barsByBazId)

    TODO:

    • [ ] merge master
    • [ ] try and remove additional parameters where possible (requires @calebmer's help)
    • [ ] look into using CTEs to bypass performance issues, a la #396

    KNOWN ISSUES:

    I've been informed by @cusxio that the following query returns null, but that including the username field fixes this - sounds like I need to add username to the list of implicit fields on the search endpoints:

    query {
      userByUsername(username:"cusx") {
        id
      }
    }
    

    Workaround:

    query {
      userByUsername(username:"cusx") {
        id
        username
      }
    }
    

    Fixes #219
    Fixes #265

    opened by benjie 42
  • Feature Request: Add support for Apollo Federation `@key` in generated schema

    Feature Request: Add support for Apollo Federation `@key` in generated schema

    I'm submitting a ...

    • [ ] bug report
    • [x] feature request
    • [ ] question

    Apollo Federation introduces a cleaner way for micro-service oriented schema stitching. The auto-generated Postgraphile schemas can include the newly introduced @key directive for the generated types, which will help consuming them in federated schemas.

    E.g. Given this table:

    
    CREATE TABLE app_public.users (
      id serial PRIMARY KEY,
      username citext NOT NULL unique,
    );
    
    

    The generated type would be:

    type User @keys(fields: "nodeID") @keys(fields: "id") @keys(fields: "userName") {
      nodeID: ID!
      id: Int!
      userName: String!
    }
    
    
    ✨ feature ⚛️ compatibility 
    opened by purplemana 39
  • feat(subscriptions): support `graphql-ws` and all operations over websockets

    feat(subscriptions): support `graphql-ws` and all operations over websockets

    Story

    Support graphql-ws clients alongside subscriptions-transport-ws.

    A single breaking change of dropping the hook postgraphile:ws:onOperation in favour of the new postgraphile:ws:onSubscription is introduced by opting-in.

    Additionally, support all 3 GraphQL operations by setting the websocketOperations option to all. Defaults to subscriptions which restricts operations to subscriptions only.

    TODOs:

    • [x] WebSocket transport support for query & mutation
    • [x] Add support for live queries
    • [x] Add support for silent auto-reconnect (Commit c6f7872)
    • [x] Expose client listeners for connected, connecting and disconnected (Commit 627775b)
    • [x] Implement keep-alive (PR #11)
    opened by enisdenjo 38
  • chore(deps): Bump json5 from 2.1.3 to 2.2.2

    chore(deps): Bump json5 from 2.1.3 to 2.2.2

    Bumps json5 from 2.1.3 to 2.2.2.

    Release notes

    Sourced from json5's releases.

    v2.2.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
    Changelog

    Sourced from json5's changelog.

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
    Commits
    • 14f8cb1 2.2.2
    • 10cc7ca docs: update CHANGELOG for v2.2.2
    • 7774c10 fix: add proto to objects and arrays
    • edde30a Readme: slight tweak to intro
    • 97286f8 Improve example in readme
    • d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
    • 910ce25 docs: fix spelling of Aseem
    • 2aab4dd test: require tap as t in cli tests
    • 6d42686 test: remove mocha syntax from tests
    • 4798b9d docs: update installation and usage for modules
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): Bump jsonwebtoken from 8.5.1 to 9.0.0

    chore(deps): Bump jsonwebtoken from 8.5.1 to 9.0.0

    Bumps jsonwebtoken from 8.5.1 to 9.0.0.

    Changelog

    Sourced from jsonwebtoken's changelog.

    9.0.0 - 2022-12-21

    Breaking changes: See Migration from v8 to v9

    Breaking changes

    Security fixes

    • security: fixes Arbitrary File Write via verify function - CVE-2022-23529
    • security: fixes Insecure default algorithm in jwt.verify() could lead to signature validation bypass - CVE-2022-23540
    • security: fixes Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC - CVE-2022-23541
    • security: fixes Unrestricted key type could lead to legacy keys usage - CVE-2022-23539
    Commits
    • e1fa9dc Merge pull request from GHSA-8cf7-32gw-wr33
    • 5eaedbf chore(ci): remove github test actions job (#861)
    • cd4163e chore(ci): configure Github Actions jobs for Tests & Security Scanning (#856)
    • ecdf6cc fix!: Prevent accidental use of insecure key sizes & misconfiguration of secr...
    • 8345030 fix(sign&verify)!: Remove default none support from sign and verify met...
    • 7e6a86b Upload OpsLevel YAML (#849)
    • 74d5719 docs: update references vercel/ms references (#770)
    • d71e383 docs: document "invalid token" error
    • 3765003 docs: fix spelling in README.md: Peak -> Peek (#754)
    • a46097e docs: make decode impossible to discover before verify
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by julien.wollscheid, a new releaser for jsonwebtoken since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • extendedErrors: ['role']

    extendedErrors: ['role']

    Feature description

    When you get a permission denied error from Postgraphile, it can be difficult to debug, because you have no way of knowing what role Postgraphile is using.

    It would be nice if you could specify "role" under the extendedErrors configuration to tell Postgraphile to provide it (and it'd similarly be nice if it was provided to handleErrors).

    Motivating example

    1. Setup a user that has permission to edit table X in the database
    2. Try to edit table X through Postgrapile API (while using a JWT for that user)
    3. Get a permission denied error
    4. Be stuck and have no idea how to see why Postgraphile gave a permission denied

    Breaking changes

    It shouldn't.

    Supporting development

    I [tick all that apply]:

    • [ ] am interested in building this feature myself
    • [X] am interested in collaborating on building this feature
    • [X] am willing to help testing this feature before it's released
    • [ ] am willing to write a test-driven test suite for this feature (before it exists)
    • [ ] am a Graphile sponsor ❤️
    • [ ] have an active support or consultancy contract with Graphile
    💅 enhancement 
    opened by machineghost 7
  • chore(deps): Bump express from 4.17.1 to 4.18.2 in /postgraphiql

    chore(deps): Bump express from 4.17.1 to 4.18.2 in /postgraphiql

    Bumps express from 4.17.1 to 4.18.2.

    Release notes

    Sourced from express's releases.

    4.18.2

    4.18.1

    • Fix hanging on large stack of sync routes

    4.18.0

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.18.2 / 2022-10-08

    4.18.1 / 2022-04-29

    • Fix hanging on large stack of sync routes

    4.18.0 / 2022-04-25

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps-dev): Bump express from 4.17.1 to 4.17.3

    chore(deps-dev): Bump express from 4.17.1 to 4.17.3

    Bumps express from 4.17.1 to 4.17.3.

    Release notes

    Sourced from express's releases.

    4.17.3

    4.17.2

    Changelog

    Sourced from express's changelog.

    4.17.3 / 2022-02-16

    4.17.2 / 2021-12-16

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): Bump qs from 6.5.2 to 6.5.3

    chore(deps): Bump qs from 6.5.2 to 6.5.3

    Bumps qs from 6.5.2 to 6.5.3.

    Changelog

    Sourced from qs's changelog.

    6.5.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source
    • [Fix] correctly parse nested arrays
    • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • [Fix] when parseArrays is false, properly handle keys ending in []
    • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • [Fix] utils.merge: avoid a crash with a null target and an array source
    • [Refactor] utils: reduce observable [[Get]]s
    • [Refactor] use cached Array.isArray
    • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • [Refactor] parse: only need to reassign the var once
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
    • [Docs] Clarify the need for "arrayLimit" option
    • [meta] fix README.md (#399)
    • [meta] add FUNDING.yml
    • [actions] backport actions from main
    • [Tests] always use String(x) over x.toString()
    • [Tests] remove nonexistent tape option
    • [Dev Deps] backport from main
    Commits
    • 298bfa5 v6.5.3
    • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
    • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
    • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • 12ac1c4 [meta] fix README.md (#399)
    • 0338716 [actions] backport actions from main
    • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
    • 51b8a0b add FUNDING.yml
    • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
    • f814a7f [Dev Deps] backport from main
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(v4.12.11)
  • v4.12.11(May 25, 2022)

    • Improve error message when enum creation fails (thanks @tsnobip)
    • Fix "max stack size exceeded" in pg-sql2 (thanks @roytan883)
    • Add error listener to subscription listener PG client to avoid crashes (thanks @enisdenjo)
    • Add error listener to other PG clients
    Source code(tar.gz)
    Source code(zip)
  • v4.12.10(May 25, 2022)

    • Fixes potential memory leak in subscriptions (thanks @enisdenjo)
    • Fixes order of logic in subscriptions code (determine context last)
    • Ensure operation is available before validating subscriptions (thanks @enisdenjo)
    Source code(tar.gz)
    Source code(zip)
  • v4.12.9(May 25, 2022)

  • v4.12.8(Dec 20, 2021)

    Give the CLI the ability to leverage the rejectUnauthorized: false option to pg's ssl option when using ?ssl=no-verify on your PostgreSQL connection string. Thanks to @maximsmol for tracking this down and fixing it :raised_hands:

    Source code(tar.gz)
    Source code(zip)
  • v4.12.7(Dec 20, 2021)

  • v4.12.6(Nov 30, 2021)

    Fixes a couple of bugs related to websocketOperations: 'all'

    • --websocket-operations CLI flag was previously ignored
    • When issuing queries/mutations over websockets, singleStatement: true was set incorrectly (this should be set only for subscriptions), resulting in performance costs and errors when issuing mutations that use savepoints (which should be all mutations).

    Also upgrades GraphiQL

    Source code(tar.gz)
    Source code(zip)
  • v4.12.5(Oct 21, 2021)

    • JWT can now operate with only jwtPublicKey set - no need for jwtSecret in this case (thanks @phryneas)
    • Shutdown actions now called in reverse order to make shutdown more reliable
    • Fix TypeScript type on handleErrors function (thanks @pinn3)
    • --append-plugins and similar options now support Windows file paths (in theory... can someone who has access to Windows test this and get back to me?)
    • introduces new smart tag @hasDefault so you can indicate that a column has a default - be that implemented via a trigger, or maybe as an instead of insert rule - so the field will be nullable in create* mutations
    • inflection: now uses builtin inflector for NATURAL and PRIMARY_KEY_ASC/DESC enum values (thanks @Eldow)

    Work on V5 of PostGraphile is heavily under way, currently closed source due to immense churn but will be open sourced when it's ready. To help speed up this process, please become a sponsor: https://www.graphile.org/sponsor/

    Source code(tar.gz)
    Source code(zip)
  • v4.12.4(Sep 23, 2021)

  • v4.12.3(Sep 23, 2021)

  • v4.12.2(Jun 1, 2021)

  • v4.12.1(May 27, 2021)

    We've finally taken our proof of concept aggregation plugin and fleshed it out with some very significant features: calculating aggregates across connections, grouped aggregates, applying conditions to grouped aggregates, ordering by relational aggregates, filtering by the results of aggregates on related connections, etc.

    For more details check out the plugin: https://github.com/graphile/pg-aggregates

    This release also includes a few small fixes and some other minor features that enable greater community expansion of PostGraphile. We love seeing your plugins - do share them in our #i-made-this channel on Discord and/or add them to the list on the website!

    Features

    • middleware: add a release() function (experimental) (#1396) (818dad6)
    • utils: support for NULLS FIRST/LAST in orderByAscDesc (#737) (99b1a8e)
    • pg: connections can use named queries (#715) (352dab3)
    • pg: makeProcField can be used to construct aggregates (#714) (8e0102b)
    • pg: procFieldDetails helper (#717) (59a07a2)
    • export pgSmartTagRulesFromJSON (#722) (48e07cd)
    • hooks: add postgraphile:liveSubscribe:executionResult hook (#1483) (73fe801)

    Bug Fixes

    • explain: fix 'unhandled' promise rejection (#1442) (716efb0)
    • order: fix order by computed column SQL item bug (#741) (0635ecb)
    • uniqueKey/pgViewUniqueKey applies to views (#739) (b715f6d)
    Source code(tar.gz)
    Source code(zip)
  • v4.11.0(Jan 22, 2021)

    Thanks to help from the author @enisdenjo, this release adds support for the new graphql-ws websocket transport module to replace Apollo's unmaintained subscriptions-transport-ws. It's advised that anyone using websockets with GraphQL move to this new module and protocol. You can also now perform queries and mutations over the websocket transport if you opt into this; when doing so you should be very very careful of security implications (particularly CORS/cross-site request forgery issues, since websockets behave differently in this way).

    We've also extended support for "enum tables" to views and given graphile-utils' makeExtendSchemaPlugin support for defining and extending interfaces.

    There was a bug in watch mode (which is not intended for production usage) which could result in pool exhaustion if your PostgreSQL connection keeps being unexpectedly terminated (e.g. PostgreSQL restarting or pg_terminate_backend being called); this is now resolved.

    One major change in this release is that we now validate the GraphQL schema that's built. Apparently we've not done that over the last 3 years (!!). Fortunately the schema that PostGraphile defines is already valid, but this at least means that bugs in third-party plugins will be caught before the server goes live.

    We also have a minor performance enhancement to pg-sql2 that allows re-use of sql.value nodes for improved PostgreSQL query planning and marginally more efficient queries.

    The special GRAPHILE_TURBO environmental variable, if you use it, is only valid on the latest LTS release of Node. This is now Node 14; so this release notes you can no longer use GRAPHILE_TURBO with Node 12 (rather than just giving you a weird crash when you try to do so).

    We've also updated GraphiQL, which now contains my enhancements to the "Merge" functionality - we can now merge things more deeply by using schema type information.

    :heart: THANK YOU SPONSORS :pray:

    Bug Fixes

    Features

    Source code(tar.gz)
    Source code(zip)
  • v4.10.0(Nov 27, 2020)

    Pretty big release, so let's get straight to it:

    Improved Framework Support

    The major feature in this release is much more solid support for various Node.js webserver frameworks: Node itself, Connect, Express, Koa, Fastify (v2 and v3 :new:), and Restify :new:. This also fixes some long-standing compatibility issues with certain Koa plugins :wink:

    To accomplish this we've split the middleware into separate route handlers for each of our routes, and you can either use the middleware to delegate to these (where the framework allows), or you can add the route handlers directly. You can find documentation in our library usage page and can see examples in our new server examples folder: https://github.com/graphile/postgraphile/tree/v4/examples/servers

    Along with this we get some new server hooks that you can use in place of (or in addition to) postgraphile:http:handler that are only called on the relevant routes: postgraphile:http:eventStreamRouteHandler, postgraphile:http:faviconRouteHandler, postgraphile:http:graphiqlRouteHandler and postgraphile:http:graphqlRouteHandler.

    Upgraded PostGraphiQL

    We've upgraded GraphiQL and GraphiQL Explorer.

    With the GraphiQL upgrade we now get a dedicated headers editor panel next to the variables editor, so no more hacky sidebar :tada: It also adds new "Merge Query" and "Copy Query" buttons to the enhanced GraphiQL which may ease you development or debugging flows.

    GraphiQL Explorer is now smoother and better looking.

    @eddiewang also added the ability to configure credentials for GraphiQL.

    Screenshot_20201030_170602

    Thank you

    PostGraphile wouldn't be where it is today without the support of the community; as always I want to say a huge THANK YOU to all our sponsors and contributors that make this possible.

    GraphQL v15

    I've had many (many) requests for GraphQL v15 compatibility; this has finally been added. You should review the GraphQL v15 changes for yourself, and if you deem them to be breaking for your workflows then you should pin GraphQL v14 in your projects which PostGraphile continues to support.

    Domain constrained composite types

    @jcgsville has added a tweak so that domain constrained composite types (CREATE DOMAIN my_domain AS my_composite_type ..., where my_composite_type is a type with multiple attributes) are now supported.

    MaxListenersExceededWarning fix

    If you've ever been greeted with:

    MaxListenersExceededWarning: Possible EventEmitter memory leak detected. 11 graphql:... listeners added to [EventEmitter]. Use emitter.setMaxListeners() to increase limit
    

    because you use @graphile/pg-pubsub, you can now opt-out of this by passing a sufficiently large subscriptionEventEmitterMaxListeners option to PostGraphile. Thanks @xvaara!

    Features

    PostgreSQL schema review

    If you'd like to give your schema a checkup right now, take pgRITA for a spin! We also offer one-on-one consultancy over Zoom screen sharing; if that's of interest you can book a call at https://benjie.dev or email jem @ our website domain (there's no www :wink:) to enquire as to other options. Thanks for your support!

    Source code(tar.gz)
    Source code(zip)
  • v4.10.0-alpha.0(Nov 18, 2020)

  • v4.9.2(Oct 23, 2020)

    Fixes an issue where @unique (introduced in 4.9.1) is applied more than once to the same table (previously it would incorrectly set the fields non-nullable); also fixes an issue with enum tables where columns referencing enum tables were not usable in custom mutations.

    Features

    Fixes

    Thank you, sponsors :heart:

    Source code(tar.gz)
    Source code(zip)
  • v4.9.1(Oct 16, 2020)

    Features

    Bug Fixes

    • types: fix parsing interval to support fractional seconds (#678) (79017c5) (hat tip @keithlayne)
    • types: domains over array types now correctly apply "tweaks" (#672) (99259f4)
    • types: add more numeric casting exceptions (#661) (ea8480e) (thanks @wesselvdv)
    • proc: fix output of record/table returning functions (#667) (7182d92)
    • utils: selectGraphQLResultFromTable now debugs SQL (#668) (04a996a)
    • utils: load makeAddPgTableConditionPlugins before PgConnectionArgOrderBy (#658) (16d7b30)

    We seriously appreciate your support through these troubling times; thank you, sponsors, for helping us to keep producing OSS! :heart:

    Graphile's pgRITA has found a number of important issues in customer's databases; you should check it out! A $25/mo pgRITA subscription helps to keep issues out of your database, and also help to fund Graphile's OSS endeavours :muscle:

    Source code(tar.gz)
    Source code(zip)
  • v4.9.0(Sep 15, 2020)

    Help Us Keep Making Open Source!

    Join the ranks of our awesome sponsors so we can spend more time developing and advancing the software your business/charity/side-project depends on. :sparkling_heart:

    Private Advisor: have Benjie join your company's Slack and GitHub organizations and answer your questions privately with this new sponsorship tier.

    pgRITA is a new service from Graphile: it scans your databases and lets you know of any issues it finds. Set it up on your CI today, free, and never risk forgetting to enable row-level security on a table!

    Bug Fixes

    • :rotating_light: BREAKING FIX: root level custom query connection fields now nullable (#653) (131c6ac)
    • types: update next function for Express compatability (#1343) (0420c95) (thanks @purge)

    :rotating_light: The above "breaking fix" will affect you if you have any custom queries that return SETOF and result in a connection. These should always have been nullable according to our documentation and GraphQL best practices, however they were incorrectly marked as non-nullable. This has been fixed, but it means you may now receive field-level nulls where previously the entire operation would have been invalidated if an error occurs, so you may need to adjust your code to match. If you're using graphql-code-generator, like in Graphile Starter, then tracking these down should be just a case of working through the TypeScript errors, replacing data?.myFunction.nodes with data?.myFunction?.nodes (and similar for edges, pageInfo, totalCount and any other fields you have on connections).

    For details of how to opt-out of this breaking fix and why it's not treated as a semver-major change, please see #653.

    Enhancements

    • allow overriding init fail handling (#1342) (b06142a)
    • intervals now return zeros instead of nulls (#656) (2739f79)
    • improve error when cannot read from enum table (#651) (dbafe55)
    • add UUID validation so errors are raised earlier (#652) (9265262)
    • upgraded a load of dependencies

    If you run multiple PostGraphile instances in one Node instance, this first enhancement might be something you've been hoping for for a while. It gives you a way to handle "fatal errors" that occur whilst building the initial GraphQL schema; you can specify a callback that gets called in these cases and choose how to handle it: exit the process, retry after a custom delay, give up and unmount this instance. For more details, see #1342.

    Another common request is previously interval types returned null for fields that weren't used in the interval:

    {
      "days": null,
      "hours": null,
      "minutes": null,
      "months": null,
      "seconds": 12,
      "years": null,
    }
    

    In 4.9.0 we now use zeros instead (as you'd probably expect), thanks to an update to the postgres-interval module:

    {
      "days": 0,
      "hours": 0,
      "minutes": 0,
      "months": 0,
      "seconds": 12,
      "years": 0,
    }
    

    Thanks Sponsors!

    We love you :sparkling_heart:

    Source code(tar.gz)
    Source code(zip)
  • v4.8.0(Aug 5, 2020)

    Announcements

    Dear Sponsors: we love you! Thanks so much for continuing to support us during these difficult times, the progress below, across the other Graphile projects, and of course toward V5 would not be possible without your support :heart:

    PostGraphile Development: work on version 5 is underway, for more details see #dev-postgraphile channel on our Discord: https://discord.gg/graphile

    pgRITA: if you've ever thought "I'd love to have the Graphile maintainer checking over my database schema design," then we're extremely excited to share our news with you! We've built a service (using Graphile Starter :muscle: ) that will analyze your database design against a list of rules we've compiled over the last few years of consultancy and support, explains any detected issues, and in many cases provides tailored SQL fixes to inspire your next migration. Income from this service will help fund Graphile's OSS endeavours, and what's more, it has a free plan with some essential rules that pair beautifully with PostGraphile. Sign up today, no credit card necessary: https://pgrita.com/

    Other projects: in case you've not previously heard of Graphile Starter, Graphile Worker or Graphile Migrate you should check them out. Worker in particular pairs beautifully with PostGraphile projects, and is currently downloaded over 15k times per week!

    Features

    Enum Tables

    PostGraphile now supports "enum tables"; for years I've recommended against using PostgreSQL enums iff the enums are ever likely to change after creation, specifically because PostgreSQL enums cannot be added to within a transaction, and cannot ever have a value removed. Instead, I recommend creating a table where the enum value is the primary key, and using foreign key constraints to reference this value. I've now written this functionality up inside of PostGraphile (this is the first thing in introspection that queries actual user tables rather than just the system catalog, so you may need to revisit your database permissions if you wish to use this functionality - don't worry, it only queries the table if it sees the @enum smart comment).

    An enum table must have a text (or varchar or char) primary key, and may have other columns. It must have the @enum smart comment, and this must be done via a smart comment (and not a smart tag file or plugin) due to the way in which PostGraphile v4's introspection engine works.

    Example:

    create table abcd (
      letter text primary key,
      description text
    );
    insert into abcd (letter, description) values
      ('A', 'The letter A'),
      ('B', 'The letter B'),
      ('C', 'The letter C'),
      ('D', 'The letter D');
    comment on table abcd is E'@enum';
    

    If one of the columns of an enum table is named 'description' or has the smart comment (NOT smart tag) @enumDescription then its contents will be used as the description of the enum value in GraphiQL.

    The enum table will not show up in your GraphQL schema, it's automatically omitted. (Don't bypass this with a smart tags plugin, bad things will occur.) To use a value from another table, use a foreign key constraint:

    create table letter_descriptions (
      id serial primary key,
      letter text not null REFERENCES abcd, -- < This
      description text
    );
    

    PostGraphile will represent this field as if it were an enum rather than text. This works for queries, mutations, conditions and ordering.

    NOTE: we currently don't have an official way to mark function input/output parameters as enum-table enums, so they will remain as text.

    NOTE: --watch won't monitor for new enum values being added.

    NOTE: makeExtendSchemaPlugin should work with these enums, but has not yet been tested.

    Docs: http://graphile.org/postgraphile/enums/

    Geometric types

    We already had support for the point type in PostgreSQL; but this release extends to all of Postgres' built-in Geometric Types: Line, LineSegment, Box, Path, Polygon and Circle.

    Since these types were already supported via the String type, we could not simply replace them, so you need to opt in to this feature; currently this is done with a graphileBuildOptions flag:

    app.use(postgraphile(DATABASE_URL, SCHEMAS, {
      // ...
      graphileBuildOptions: {
        pgGeometricTypes: true,
      },
    }));
    

    For CLI users, you can use a .postgraphilerc.js with the following contents:

    module.exports = {
      options: {
        graphileBuildOptions: {
          pgGeometricTypes: true,
        },
      },
    };
    

    pgSubscriptions initial events

    The @pgSubscription directive now accepts an initialEvent argument allowing you to guarantee data freshness by emitting an event which triggers the related resolver as soon as the user subscribes.

    import { makeExtendSchemaPlugin, gql, embed } from 'graphile-utils';
    
    function buildInitialEvent(args) {
      // the `topic` value will be injected in the returning event
      return { subject: args.id };
    }
    
    export const FileSubscriptionPlugin = makeExtendSchemaPlugin(({ pgSql: sql }) => ({
      typeDefs: gql`
        type FileChangedPayload {
          event: String!
          file: File!
        }
    
        extend type Subscription {
          fileChanged(id: UUID!): FileChangedPayload!
            @pgSubscription(
              topic: ${embed((args) => `fileChanged:${args.id}`)}
              initialEvent: ${embed(buildInitialEvent)} # < THIS
            )
        }
      `,
      // ...
    }));
    

    All new features

    Fixes

    • Fixed an issue where --watch would stop working if an error occurred and --retry-on-init-fail was specified (engine #624) (4ef1b7b)
    • Fixed an issue where a single (i.e. unique) "backwards" relationship was not watched via live queries (engine #625) (7f0225e)
    • Fixed a regression with queryCacheMaxSize due to our new LRU implementation (#1312, @zacherkkila)
    • Type fixes for addPgTableOrderByPlugin (engine #629, @hansololai) (91dbf6f)
    • Fixed an error message typo (001de88)
    • Added tslib to all the TypeScript packages
    • Fix issue where jwtSignOptions went undocumented and omitted from the TypeScript types (#1324)
    Source code(tar.gz)
    Source code(zip)
  • v4.7.0(Apr 27, 2020)

    • Look for jwtSecret in process.env.JWT_SECRET (#1236, @AxelUlmestig)
    • Update supported pg version range to support Node 14 (#1270)
    • Expose parseTags, withPgClient and getPgClientAndReleaserFromConfig from graphile-build-pg (engine#601, @enisdenjo)
    • Don't query roles when ignoring RBAC (engine#598, @jnbarlow) - reduces introspection time on databases with a very large number of database roles
    • Fix index signature of JSONPgSmartTags (engine#618, @LeoBakerHytch)
    • Various other docs and code maintenance events

    If you're using self-signed certificates for your PostgreSQL database, either keep your pg version pinned to whatever it is currently, or read: https://node-postgres.com/announcements#2020-02-25.

    Please note that we do not consider widening the range of a supported module to be a breaking change. You should use a lockfile and only upgrade the dependencies you intend to. Read more in our versioning policy.

    Source code(tar.gz)
    Source code(zip)
  • v4.6.0(Jan 27, 2020)

    The main features in this release are:

    • smart-tags: ability to @omit many from foreign key constraints (https://github.com/graphile/graphile-engine/pull/565; thanks @ab-pm)
    • graphql: support non-scalar value ranges (https://github.com/graphile/graphile-engine/pull/591; thanks @singingwolfboy)
    • pg-pubsub: the @pgSubscription directive now supports a filter argument (#596; thanks @enisdenjo)

    We also did an amount of housekeeping including adding a couple minor TypeScript types, improving our snapshot tests, and adding more tests on the built project.

    IMPORTANT: we released a preliminary 4.6.0-alpha.0 which completed conversion of the entire project to TypeScript (finally removing Flow from its last places) but unfortunately the type churn was too high for this to be included in a non-breaking update (even though it was only the types that changed) so we decided to move the release of TypeScript conversion until v5 of PostGraphile. Effectively we're going to pretent v4.6.0-alpha.0 never happened.

    Source code(tar.gz)
    Source code(zip)
  • v4.5.5(Dec 13, 2019)

  • v4.5.4(Dec 11, 2019)

    (v4.5.1-v4.5.3 were skipped)

    Fixes some Smart Tags teething problems (specifically related to fake constraints).

    Features

    • utils: makeExtendSchemaPlugin accepts typeDef array (#574) (82ff872) thanks @jkantr

    Bug Fixes

    • utils: fix smart tags for attributes (324f066)
    • utils: to match early enough, we need build to be passed (9aa5565)
    • deps: bump graphile-utils peerDependencies (cd6b52a)
    • smart-tags: enable using Smart Tags with @foreignKey and @primaryKey (#586) (b2d8c65)
    • utils: only apply condition when specified (#572) (314fce1)
    • utils: make makeAddPgTableConditionPlugin work on simple collections (#569) (0a4db65)
    Source code(tar.gz)
    Source code(zip)
  • v4.5.0(Nov 12, 2019)

    Lots of pull requests and documentation improvements from the community in this release! :raised_hands:

    First, things to be aware of before you deploy:

    • previously the CLI would ignore arguments it didn't understand (dangerous!) now it exits stating the arguments it wasn't expecting
    • more improvements have been made to our TypeScript types, and there's more to come, so your builds might need some minor type tweaks

    New feature spotlight: explain

    In enhanced GraphiQL you can now toggle 'Explain' to view the generated SQL and the query plan of that statement. This is not enabled by default - you have to opt in with --allow-explain, or in library mode you can supply an allowExplain(req) function that determines on a per-request basis if the user may use the explain functionality or not.

    Screenshot_20191120_161911

    New feature spotlight: Smart Tags

    No longer do you need to put COMMENT commands in the database ("smart comments") to customise your schema, you can now use a tags file to gather these "smart tags" into one, version controlled, easy to diff, place. Smart comments and smart tags can be used in unison, and both will be supported going forward so you can pick whichever works best for your team. In library mode you can manage smart tags however you like, and it's possible to pull smart tags from multiple sources and they will be automatically combined. Find out more about smart tags here: graphile.org/postgraphile/smart-tags/.

    Community member @singingwolfboy has drafted a JSON schema definition that may help editors such as VSCode to help you when editing the default postgraphile.tags.json5 file. We've not upstreamed it yet, but hopefully will do so in the coming months.

    New video

    Team Graphile went to ReactiveConf in Prague last month; check out Benjie's talk Increasing Velocity with GraphQL and PostgreSQL.

    :pray: HUGE THANKS TO NEW, EXISTING AND PREVIOUS SPONSORS! :pray:

    We now have 84 sponsors across GitHub and Patreon and that means we're funded to spend an average of nearly 2 days per week on Open Source; this is brilliant!

    Don't forget GitHub are matching sponsorship currently - so do sign up to be a sponsor if you haven't already - the more time we can put into open source, the faster we can build awesome tools for you to build epic software with!

    Changes

    Features

    • graphiql: add 'explain' button (#1179) (1a065ab)
    • jwt: support lazy public key loading for verification (#1167) (d27aaf9); thanks @ab-pm
    • tags: add postgraphile.tags.json5 support (#1177) (7da3c7f), closes graphile/graphile-engine#529
    • jwt: add asymmetric JWT signing and verifying support (#1089) (b4730b7); thanks @speller
    • graphiql: save headers to localStorage (#1174) (37abcd3); thanks @phryneas
    • connections: expose totalCount on custom connections (#529) (b6c08cf); thanks @mattbretl
    • pg: add partial index detection to introspection (#535) (360e5e0); thanks @hansololai
    • pg: add support for cidr and macaddr types (#520) (676c3f2) - opt in with pgUseCustomNetworkScalars; thanks @higherorderfunctor
    • QueryBuilder: new methods for managing QB children (#537) (1a8a0bc); thanks @singingwolfboy
    • utils: @pgQuery support for scalars (#534) (49259c2); thanks @phryneas/Mayflower
    • utils: @pgQuery.source can be function (#555) (907c8e6)
    • utils: add makePgSmartTagsPlugin (#541) (40a7bfa)
    • utils: makeExtendSchemaPlugin supports enums and default values (#562) (2a23aee)
    • types: various improvements to the TypeScript typings, including making Middleware generic
    • export: only write schema if it differs (#1180) (6334897)

    Bug Fixes

    • cli: abort if given unused arguments (#1181) (3e7381d)
    • jwt: allow JWT exp to be bigint (#542) (69c7e8e)
    • omit: if you omit update on all columns don't throw (#531) (b5d9e99)
    • pagination: fix bug in cursor pagination for PL/pgSQL SETOF… (#559) (0089a07)
    • types: correct tuples to arrays in pgIntrospectionPlugin (#530) (6488d5c); thanks @hansololai
    • types: export more types inc PgIntrospectionResultByKind (#532) (1689f66); thanks @hansololai
    • types: minor TypeScript fixes (#545) (0170064); thanks @benhjames
    • types: use jwt.Secret type in PostGraphileCoreOptions (#546) (be18000); thanks @ab-pm
    • watch: don't built schema twice in watch mode (#558) (0a36f7b)
    • graphiql: fix operation detection on multi-op documents (#1191) (49b2176)
    • utils: make makeAddPgTableConditionPlugin work on simple collections (#569) (0a4db65)

    We're no-longer listing chore-level items, but there have been a lot of them. Special thanks to @singingwolfboy for helping me to keep the codebase tidy.

    Source code(tar.gz)
    Source code(zip)
  • v4.4.4(Sep 24, 2019)

    General maintenance release.

    Features:

    • Add experimental plugin generators for adding conditions, orders (https://github.com/graphile/graphile-engine/pull/517)
    • readCache can now pass an object to be used as the cache (@garcianavalon, https://github.com/graphile/graphile-engine/pull/479)

    Fixes:

    • Fixed a 3 year old bug in the introspection query (means correct CRUD mutations are generated for views with triggers) (@rudism, https://github.com/graphile/graphile-engine/pull/508)
    • Improved the error message when orderBy is not unique and before/after are attempted (@soutot, https://github.com/graphile/graphile-engine/pull/515)
    • Improved error messages for smart comments (https://github.com/graphile/graphile-engine/pull/525)
    • Remove sortable/filterable from functions that require args (@mattbretl, https://github.com/graphile/graphile-engine/pull/519)
    • Ensure X-GraphQL-Event-Stream is domain relative (@mathroc, https://github.com/graphile/postgraphile/pull/1148)
    • Recommend using --init with Docker; turn off progress bars

    Chores:

    • Updated to latest GraphQL, so @types/graphql is no longer required (@none23, https://github.com/graphile/graphile-engine/pull/511)
    • Updated to latest Flow (@none23, https://github.com/graphile/graphile-engine/pull/514)
    • Standardise database setup instructions (@ab-pm, https://github.com/graphile/graphile-engine/pull/512, https://github.com/graphile/postgraphile/pull/1145)
    • Move from TSLint to ESLint (https://github.com/graphile/graphile-engine/pull/526)
    Source code(tar.gz)
    Source code(zip)
  • v4.4.3(Aug 9, 2019)

  • v4.4.2(Aug 7, 2019)

    Benjie has been approved for GitHub Sponsors and for a limited time GitHub are match-funding, so there has never been a better time to support development of this software!

    Talking of sponsorship, please check out our new featured sponsor, Timescale!

    This is mostly a maintenance release, no major new features.

    Features:

    • updated to the latest version of GraphiQL explorer (see their release post)
    • you can now pass jwtSignOptions to PostGraphile, thanks to @speller
    • makeExtendSchemaPlugin now supports defining unions, directives and scalars (required to support Apollo Federation, which you can try out with @graphile/federation); unions only work in certain places and are currently undocumented (and thus unsupported)
    • new hideIndexWarnings option for when you have ignoreIndexes: false thanks to @tinymarsracing
    • various code has been tidied/fixed/modernised thanks to @singingwolfboy
    • auto-coerce numeric field names to begin with an underscore (shouldn't affect existing users)

    Fixes:

    • node identifiers have been made safer:
      • If you have identically named tables in different schemas and you use relay global object identifiers (on by default) you'll be warned, and encouraged to disable the PgNodeAliasPostGraphile plugin to solve it
      • If you use bigint or bigserial in your primary key, values greater than 9 quadrillion (technically > 9,007,199,254,740,991) are now treated as strings in the node identifier, so nodeId is now valid for these
      • :rotating_light: BREAKING: if you use money, or decimal/numeric or some other weird numeric type in your primary keys these will now also be represented as a string within the base64-encoded node IDs, so your node IDs will change. If this affects you (unlikely?) please get in touch with Benjie (to be clear: int, int2, int4, float, float4 and float8 are unaffected; and int8/bigint only changes node IDs for values over 9 quadrillion)
    • fix issue with default values for orderBy argument on edge fields on mutation payloads when printing the schema
    • mark fake constraints (e.g. @foreignKey smart comment) as indexed so it works nicer with ignoreIndexes: false
    • @graphile/pg-pubsub now uses exponential back-off when server shuts down, rather than giving up after 9 attempts
    • more validation is applied to cursors in connections
    • fix misleading description of queryCacheMaxSize
    • fix docs for jwtRole, thanks to @bidoubiwa
    Source code(tar.gz)
    Source code(zip)
  • v4.4.1(Jun 24, 2019)

    The main feature of this release is significant performance improvements — enjoy!

    We also overhauled how Docker builds work, so they're now tagged in a more sensible manner. Almost all previous tags have been deleted. From now onwards we have versioned Docker images:

    • graphile/postgraphile:4 will give you the latest stable in the "v4.x.x" line (no alphas, betas, rcs); this is the recommended version to use
    • Every new vX.Y.Z git tag (i.e. no alpha/beta/rc) will automatically release graphile/postgraphile:X-Y and graphile/postgraphile:X-Y-Z
    • graphile/postgraphile:latest will give you the latest stable (but beware of major version bumps!)
    • graphile/postgraphile:next will give you the equivalent of what's on master right now (i.e. pre-release/bleeding edge/nightly)

    We're currently in a teething period for this, so there may be some bumpiness - if you face any issues, please let me know via GitHub issues or discord.

    NOTE: this only applies to future releases; we are not back-filling previous releases, so there's not many tags to choose from right now.

    Other changes:

    • update various dependencies
    • significant performance improvements
    • fix a bug with standalone LDS server announcements for insert/update (thanks @pepijnverburg)
    • export more TypeScript interfaces from graphile-utils
    • add missing dependencies (thanks @michaelbeaumont)
    • respect externalUrlBase for websockets (thanks @DvdGiessen)
    • typo fixes (thanks @angelosarto, @ludwigbacklund)
    • add support for PGHOSTADDR envvar if PGHOST is not present (thanks @encima)
    • 🚨 Remove invalid fields from payloads for SETOF function mutations (these fields were never valid, so any client using them would already be broken, thus I am not classing this as a breaking change).
    Source code(tar.gz)
    Source code(zip)
  • v4.4.0(May 3, 2019)

    Please sponsor development (anything from $1/mo) or take out a support contract to help fund ongoing development on the project. PostGraphile is liberally licensed and relies on crowd-funding to advance.

    Thanks to the continuing sponsorship from PostGraphile's community, we've added to PostGraphile core what you've all been waiting for - GraphQL Subscriptions, and Live Queries!

    GraphQL Subscriptions

    We've enhanced PostGraphile with subscriptions / websockets functionality, including adding subscriptions support to our built in GraphiQL IDE (no more need to test with external GraphQL clients!). To get this you have to opt-in via the --subscriptions flag (library: subscriptions: true).

    You can use our simple subscriptions listen endpoint, or easily write your own subscription endpoints using makeExtendSchemaPlugin - it's all documented on our website. PostGraphile subscriptions can use Postgres' LISTEN/NOTIFY, or any other source of realtime data — you decide what makes sense for your application.

    Subscriptions are the recommended way for adding realtime features to PostGraphile.

    PostGraphile Live Queries

    More experimental and much heavier on the database is our live queries support — suitable for use in internal tooling within your company, but perhaps not for the internet at large. You can opt-in via the --live flag.

    We've built into the core of PostGraphile the ability to track when collections/records are referenced (and the filters that apply to them, such as foreign key constraints and conditions); you can then combine this with one or more realtime provider plugins which inform PostGraphile when these tracked resources change, triggering the query to be re-executed and the result sent to the user.

    This feature is exposed over standard GraphQL subscription operations so you should be able to just switch out query with subscription at the beginning of your GraphQL document to make it live. No need for specific client support — it supports all clients that support subscriptions. (We plan to support the @live directive optimisation available in Apollo Client in a future release, should demand be sufficient.)

    We recommend using simple request documents with live queries because each time a relevant row is changed the entire document is recalculated and sent to the user: more complex queries will consume more resources when recalculated and will likely be triggered more frequently, leading to non-linear performance costs. (Note: we throttle updates to prevent overwhelming the client or the server, and this throttle period is configurable.)

    Our first live queries provider plugin, @graphile/subscriptions-lds uses PostgreSQL's extremely efficient logical decoding functionality to stream changes out of the database using the replication interface. It requires you to tweak a couple of settings in postgresql.conf but is otherwise simple to set up - see the documentation on the website which also includes instructions for Amazon RDS.

    Note that live queries are still experimental, and have not been performance optimised yet - please let us know of any issues you face!

    Other features

    Docker compose/kubernetes users may appreciate the new --retry-on-init-fail flag that means PostGraphile will keep trying to rebuild the initial schema, so with this flag it can be started before the database is ready. (Uses exponential backoff with a 30s cap.)

    We've increased performance for queries that use large offset values (so long as the relevant table is not using column-level select grants, which are not recommended with PostGraphile).

    makeExtendSchemaPlugin now has support for re-using existing Relay Connections; it can also be used with the @pgQuery directive to add connections deeper into the schema. The documentation has been updated with more details.

    You can now add your own aggregates to connections using our new aggregates infrastructure. totalCount on connections has been re-written to use this, and there are more examples (e.g. exposing SUM(...)) in the PR description: https://github.com/graphile/graphile-engine/pull/415; if you require certain aggregates please get in touch.

    Thanks to @dijam we now accept Buffer objects as jwtSecret in addition to strings.

    build.scopeByType was added to enable plugin authors to get from a GraphQL type the scope it was created with - useful for finding the PostgreSQL table associated with a GraphQL object type, for example.

    Plugins now have a dependency ordering system, so we can move to using --append-plugins for everything and have hooks register their own positions. This system is not yet documented (or final) so is not officially supported yet, but it's a good way to easily enable features that previously involved a complex setup.

    Many more tests were added.

    --owner-connection / ownerConnectionString setting added, to give PostGraphile access to a privileged Postgres account. It is needed for logical decoding, but it's now also used (if present) to install watch fixtures and avoid the "Failed to setup watch fixtures in Postgres database" error. It is recommended in development for the watch schema, but only recommended in production if you are using live queries.

    Newly introduced @simpleCollections smart comment enables you to override the simpleCollections setting on a per-table, per-relation and per-function basis. I.e. you can now opt-in to using the list interface (rather than Relay connection interface) in certain places without affecting the rest of your schema.

    Filterable, filter-by-able, sortable and sort-by-able functions support was introduced in 4.3.1.

    GraphiQL Explorer support added in 4.3.2;

    🚨 Breaking fixes

    These are fixes that might break you schema if you were relying on the broken behaviour (please don't do that!). We've added flags to some of them so you can maintain the old (broken) behaviour should you need to.

    • Fixed issues with arrays of certain types (interval, etc) incorrectly having a String input type (opt out with disableIssue390Fix - ref https://github.com/graphile/graphile-engine/pull/405)
    • If you're using --simple-collections only we still used to add Relay edges to mutation payloads (these edges are pointless without the connections they applied to). We've corrected this oversight by removing them, but you can add them back with the disableIssue397Fix flag - ref https://github.com/graphile/graphile-engine/pull/408)
    • graphile-utils: if you were using makeExtendSchemaPlugin to add a field returning a Connection type, this will not have been working correctly. Instead of returning return {data: await selectGraphQLResultFromTable(...)} from your custom resolver you should now just return the result of selectGraphQLResultFromTable directly: return await selectGraphQLResultFromTable(...), and then pageInfo and the rest will work correctly. The makeExtendSchemaPlugin docs have been updated, worth a re-read. If you're affected by this and don't make this change, you'll see errors like TypeError: data.data.map is not a function.

    Fixes

    • PostGraphile handles PostgreSQL server restart much more gracefully
    • Improved error messages when no values were deleted/updated because of RLS
    • Fully qualify reference to hstore to handle issues in search_path
    • Lots of improvements to TypeScript typings
    • Domains with defaults now exposed as nullable (thanks @mattbretl)
    • Fixed an issue with relations on custom mutation payloads when the custom mutation returned null without an error
    • Fixed an issue with an entire record being returned as null when you only request nullable columns. The fix requires you to provide --subscriptions or --live flags as it requires you to have granted select to at least the primary keys of the tables you expose
    • makeWrapResolversPlugin can now replace the arguments that are pass to PostgreSQL function calls for root-level custom queries and mutations.
    • totalCount is now non-nullable because I couldn't find any justification for it being nullable and no issues came up during the beta and RC phase
    • Fixed a bug in the times generated by the PostGraphile logs
    • Exposed the X-GraphQL-Event-Stream header (thanks @imolorhe)
    • Stricter pool validation
    • Fixed an issue with HTTP2 support in Fastify
    • Fixed hasVersion to allow pre-releases
    • Include namespaceName in introspection for extensions
    Source code(tar.gz)
    Source code(zip)
  • v4.3.3(Feb 5, 2019)

    Fixes an issue one of the PostGraphile sponsors had where sharing the PgPool between their own code and PostGraphile, using pgPool.query, and setting DEBUG with the SQL-outputting debug variables caused an error to be produced. https://github.com/graphile/postgraphile/pull/987

    Source code(tar.gz)
    Source code(zip)
  • v4.3.2(Jan 30, 2019)

    The lovely folks over at OneGraph sent a PR to integrate their GraphiQL Explorer into PostGraphile — this awesome feature really helps users get started with GraphQL. Make sure you're using --enhance-graphiql to use it! #981

    image

    Additionally @mlipscombe discovered an issue where your PgPool could become exhausted if an enough errors were thrown on COMMIT, and sent over a PR to fix: #978

    Source code(tar.gz)
    Source code(zip)
Owner
Graphile
A set of tools to enable building powerful, performant and extensible applications rapidly, centred around PostgreSQL and/or GraphQL
Graphile
NodeJS PostgreSQL database performance insights. Locks, index usage, buffer cache hit ratios, vacuum stats and more.

Node Postgres Extras NodeJS port of Heroku PG Extras with several additions and improvements. The goal of this project is to provide powerful insights

Paweł Urbanek 68 Nov 14, 2022
Ultimate Script to complete PostgreSQL-to-PostgreSQL Migration right after AWS DMS task done

Ultimate Script to complete PostgreSQL-to-PostgreSQL Migration right after AWS DMS task done

방신우 22 Dec 23, 2022
A Node.js library for retrieving data from a PostgreSQL database with an interesting query language included.

RefQL A Node.js library for retrieving data from a PostgreSQL database with an interesting query language included. Introduction RefQL is about retrie

Rafael Tureluren 7 Nov 2, 2022
A high performance MongoDB ORM for Node.js

Iridium A High Performance, IDE Friendly ODM for MongoDB Iridium is designed to offer a high performance, easy to use and above all, editor friendly O

Sierra Softworks 570 Dec 14, 2022
:rocket: One command to generate REST APIs for any MySql Database.

Xmysql : One command to generate REST APIs for any MySql database Why this ? Generating REST APIs for a MySql database which does not follow conventio

null 129 Dec 30, 2022
Database manager for MySQL, PostgreSQL, SQL Server, MongoDB, SQLite and others. Runs under Windows, Linux, Mac or as web application

Database manager for MySQL, PostgreSQL, SQL Server, MongoDB, SQLite and others. Runs under Windows, Linux, Mac or as web application

DbGate 2k Dec 30, 2022
DolphinDB JavaScript API is a JavaScript library that encapsulates the ability to operate the DolphinDB database, such as: connecting to the database, executing scripts, calling functions, uploading variables, etc.

DolphinDB JavaScript API English | 中文 Overview DolphinDB JavaScript API is a JavaScript library that encapsulates the ability to operate the DolphinDB

DolphinDB 6 Dec 12, 2022
curl for GraphQL with autocomplete, subscriptions and GraphiQL. Also a dead-simple universal javascript GraphQL client.

graphqurl graphqurl is a curl like CLI for GraphQL. It's features include: CLI for making GraphQL queries. It also provisions queries with autocomplet

Hasura 3.2k Jan 3, 2023
GraphQL Fastify Server is an implementation of GraphQL.

GraphQL Fastify Server Installation Usage Using cache Middlewares Liveness & Readiness Contributing License Installation npm install --save graphql-fa

Rui Silva 33 Dec 19, 2022
TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Supports MongoDB, MySQL, MariaDB, PostgreSQL and SQLite databases.

TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Supports MongoDB, MySQL, MariaDB, PostgreSQL and SQLite datab

MikroORM 5.4k Dec 31, 2022
A simple Node.js ORM for PostgreSQL, MySQL and SQLite3 built on top of Knex.js

bookshelf.js Bookshelf is a JavaScript ORM for Node.js, built on the Knex SQL query builder. It features both Promise-based and traditional callback i

Bookshelf.js 6.3k Jan 2, 2023
A Node.js ORM for MySQL, SQLite, PostgreSQL, MongoDB, GitHub and serverless service like Deta, InspireCloud, CloudBase, LeanCloud.

Dittorm A Node.js ORM for MySQL, SQLite, PostgreSQL, MongoDB, GitHub and serverless service like Deta, InspireCloud, CloudBase, LeanCloud. Installatio

Waline 21 Dec 25, 2022
A simple url shorter API built with nodejs running on Kubernetes in Google Cloud, using PostgreSQL for storage and cloud sql proxy.

Simple URL Shorter - Google Cloud - Kubernetes A simple url shorter API built with nodejs running on Kubernetes in Google Cloud, using PostgreSQL for

null 3 Nov 25, 2021
PostgreSQL client for node.js.

node-postgres Non-blocking PostgreSQL client for Node.js. Pure JavaScript and optional native libpq bindings. Monorepo This repo is a monorepo which c

Brian C 10.9k Jan 9, 2023
Next-generation ORM for Node.js & TypeScript | PostgreSQL, MySQL, MariaDB, SQL Server & SQLite

Prisma Quickstart • Website • Docs • Examples • Blog • Slack • Twitter • Prisma 1 What is Prisma? Prisma is a next-generation ORM that consists of the

Prisma 28k Jan 2, 2023
PostgreSQL interface for Node.js

pg-promise PostgreSQL interface for Node.js About Support & Sponsorship Documentation Contributing Usage Methods Query Formatting Index Variables Name

Vitaly Tomilov 3.2k Jan 6, 2023
🔥 Dreamy-db - A Powerful database for storing, accessing, and managing multiple database.

Dreamy-db About Dreamy-db - A Powerful database for storing, accessing, and managing multiple databases. A powerful node.js module that allows you to

Dreamy Developer 24 Dec 22, 2022
ORM for TypeScript and JavaScript (ES7, ES6, ES5). Supports MySQL, PostgreSQL, MariaDB, SQLite, MS SQL Server, Oracle, SAP Hana, WebSQL databases. Works in NodeJS, Browser, Ionic, Cordova and Electron platforms.

TypeORM is an ORM that can run in NodeJS, Browser, Cordova, PhoneGap, Ionic, React Native, NativeScript, Expo, and Electron platforms and can be used

null 30.1k Jan 3, 2023
A query builder for PostgreSQL, MySQL and SQLite3, designed to be flexible, portable, and fun to use.

knex.js A SQL query builder that is flexible, portable, and fun to use! A batteries-included, multi-dialect (MSSQL, MySQL, PostgreSQL, SQLite3, Oracle

knex 16.9k Jan 4, 2023