If not properly secured, it's easy for attackers to overload and potentially take down GraphQL APIs, e.g. by sending deeply nested queries. In this article, Max Stoiber shares the approach they used at Spectrum to protect their GraphQL API from malicious requests.
For the longest time Apollo and Relay have been the most dominant GraphQL clients. Today, there are multiple other projects that emerged over the last couple of months, such as
urql. Read this excellent article by Abhi Ayer to get an overview of the current GraphQL client landscape.
Wrapping REST APIs is one of the most exciting applications of GraphQL! This tutorial describes how you can turn a REST into a GraphQL API in 3 simple steps.
If you want to learn more about this topic, be sure to also watch Jon Wong's talk from the last GraphQL SF Meetup: Wrapping REST with GraphQL.
Tools & Open Source
Matic Zavadlal has created a nice little library to secure GraphQL servers: "GraphQL Shield helps you create permission layer for your application. The idea behind it is to separate the permission logic from your application logic. This way you can you can make sure no request will ever be resolved if it wasn't meant to be."