A weekly newsletter of the best news, articles and projects about GraphQL


Introducing the Dagger GraphQL API

Dagger, a programmable CI/CD engine that runs your pipelines in containers, announced the release of their internal GraphQL API for everyone as a unified interface for programming the Dagger Engine using any standard GraphQL client.

The simplicity of tRPC with the power of GraphQL

The Wundergraph team explores the developer experience and tradeoffs of tRPC and GraphQL and how we could get the same benefits with GraphQL APIs.

Add Python to your GraphQL API with GraphOS and Strawberry GraphQL

The Apollo team explains how to create a federated subgraph in Python using the Strawberry GraphQL library.


Achieving end-to-end type safety in a modern JS GraphQL stack

In this article, the team at Escape will show you how to create a simple GraphQL application, a message board, by combining many recent open-source technologies. This article aims to be a showcase of technologies that work well together rather than a complete tutorial on project setup.

The Hunt for Prod Bugtober: Apollo GraphQL Edition

Join Andrew Kallem as he recaps his journey to track down a material bug in a commonly used GraphQL client. Along the way, he'll touch on topics in GraphQL, deploy previews, cache normalization, optimistic UI, memoization, git, and debugging. Even if you're well-versed in all of those, you may find this story interesting because it has some surprising twists.


How to Build a GraphQL eCommerce App from Scratch

If you're looking to expand your business and operate an eCommerce app, take a look at Prithwish Nath's article that details all the necessary steps to get up and running with WunderGraph, Next.js, Strapi and Snipcart

Make backend services easy with Nhost

Eke Olise guides readers through all the steps necessary to build your backend service on top of Nhost, the open-source alternative to Firebase. With support for GraphQL, of course!

Thinking outside the box when pentesting GraphQL

Karim Rustom from the team at Escape shares more insights into pentesting GraphQL APIs and explains how thinking outside of the box will help with that.


Grafbase, Announcing $7.3m to build the data platform of the future

Grafbase recently announced its newest funding round and took the opportunity to explain its plans around building the best developer platform to build and deploy serverless GraphQL backends.

How to Build a GraphQL API using GraphQL-Go

This two-part series by Victor Kabata guides you through all the required steps to build a GraphQL service using Go and the GraphQL-Go package. If you're new to GraphQL and are working with Go already, give this a read!


State of GraphQL 2022 Survey Report Summary and Insights

Continuing with insights from the State of GraphQL survey, Hasura released their report summary and insights, which are a fantastic read, whether you are a user of their products and services or not.

Implementing GraphQL API Gateway in .NET 6 + Hot Chocolate v12 + Redis

If you want to start looking into federation and schema stitching and are using .Net and Hot Chocolate, Diego Pereira has the perfect guide for you. He’ll show you how to get started and guide you through the setup of a GraphQL API Gateway using federation to make multiple backend APIs available via a single GraphQL schema.

SDL or Code-first GraphQL Schemas?

Whether to build GraphQL schemas directly using the GraphQL SDL or by using code has been a debate since GraphQL’s inception. We’re in 2022, and things haven’t changed much. Marc-André Giroux looks into both options and explores the advantages and shortcomings of each so that you can make a well-informed decision.


Some Learnings from the State of GraphQL 2022 Survey

Michał Tyszkiewicz from the GraphQLEditor team looks at the first State of GraphQL survey and some interesting takeaways.

GraphQL Optimizations: Automatic Persisted Queries

If you haven’t heard of Automatic Persisted Queries (or APQs for short), or have heard about them, but never used them in your projects, this post provides an excellent introduction to get you started.

Fullstack GraphQL Applications with React, Node.js, and Neo4j

William Lyon of the Neo4j team recently published a free ebook that teaches you how to use GraphQL with React, Node.js, and Neo4j to build complex, data-intensive applications from start to finish.


State of GraphQL 2022, Results

Over 3000 developers participated in the first “State of GraphQL” survey, and the results are finally in. If you’re interested in GraphQL (which I assume you are, otherwise, why did you subscribe 🤔), check out the results!

Rails & GraphQL, the N+1 Solution

There’s a common problem with GraphQL, the N+1 Query. The power of GraphQL makes it a perfect storm for triggering N+1 Queries in a web framework. The team at Popmenu devised a solution that harnesses ActiveRecord’s association reflection system and a helpful tool supplied by the graphql gem, the lookahead, to solve this issue.

How I Mock GraphQL API for Frontend Development

Whether for testing or more independent development, mocking a GraphQL server can be incredibly useful during any phase of your projects. If you’re interested in how to use GraphQL Mesh for this purpose, read up!


How to hide parts of your GraphQL Schema

GraphQL is a powerful tool for describing your server’s capabilities and allowing clients to quickly discover and access available data. However, sometimes you want to control which data is available in which context, for example, to separate internal use cases of an API from external users. This article discusses several techniques for maintaining different schemas and how the team at Midas solved this.

Uploading files using GraphQL Client to MongoDB with NestJS / NodeJS

This article covers how to upload, process, and store files in a MongoDB backend using the BinData format. It uses NestJS as a Javascript framework, GraphQL as API technology, and MongoDB with mongoose as ODM.

Open Source Stripe GraphQL API

Nhost recently released a new npm package that makes it available to query the Stripe API via GraphQL, integrate Stripe into your existing GraphQL API, and allow your developers to query it alongside data stored in your database.


OAuth2 authentication for GraphQL in Node.js

If you’re looking to secure access to your GraphQL APIs with OAuth2, make sure to read this article by Bruno for a helpful guide on implementing this using Node.js.

10 Decisions Stellate Made Around Opening Up Their GraphQL API

Stellate recently announced their open GraphQL API, giving anyone full access to integrate with their platform. In this blog post, they share how they went from an internal GraphQL API used by the dashboard only to having a public version usable by everyone in just two weeks.

Build flexible GraphQL APIs by treating the schema like a database

In this post, Jens shares a new Architecture pattern for building flexible GraphQL APIs. By treating your GraphQL Schema like a Database, you can build use-case agnostic and flexible GraphQL APIs.


Getting Started with GraphQL API with Node.js Backend Support

If you are new to GraphQL and are using Node.js, this guide will show you how GraphQL works, how it differs from REST APIs, and how to write your first GraphQL service.

Adding Authorization to a GraphQL Server

Learn about the different ways you can add authorization and access controls to your GraphQL API, their advantages and disadvantages, and best practices. And learn how Cerbos can help with that.

What Makes Defending GraphQL APIs Challenging to Security Engineers

Monitoring GraphQL APIs for security-related incidents and identifying suspicious queries and exploitation attempts requires different specialized tooling and processes. This article helps identify what you need to look for and how to adapt your toolchain and monitoring solutions.


Pentesting GraphQL 101 Part 1 - Discovery

Karim Rustom shares his GraphQL security experience from the point of view of an attacker/pentester and guides us through the steps required to test your API. This article deals with discovery. Make sure to read the other parts of the series as well.

How we send data from Django to Gatsby.js through GraphQL

Maciej Baron shares how to use a Django-based GraphQL API as a custom, tailored CMS for your Gatsby-powered site. He walks us through setting up a GraphQL source within Gatsby, creating pages based on the data, and integrating with the Gatsby image processing pipeline.

How Priceline.com manages PCI compliance with GraphQL

Managing PCI compliance is a tricky topic for all companies. It gets even more challenging if you have all your data in a single GraphQL API available to your internal and external tooling. Mike Byrnes from the Priceline team delves into how they solved this using Apollo GraphQL.


Merge GraphQL Schemas using Apollo Server and Koa

Anton Kalik from the CoverWallet team looks at how to merge two GraphQL schemas using Apollo Server and Koa middleware to provide a unified API for your clients.

GraphQL Security Testing Without a Schema

Is it possible to passively observe traffic from a GraphQL API and piece together a schema? That’s the question that started Alex Leahu’s journey to build GraphQuail and some observations on testing a GraphQL service without knowing the schema.

How to fetch data in React Native using Apollo Client

Lauren Steven takes you from start to finish using Apollo Client within your React Native project, including configuration and how to use React hooks to fetch data.

Stellate Open GraphQL API Pilot Program

Stellate, hosts of GraphQL Weekly, are focused on building GraphQL tooling daily, every day. Let us know if you are looking into making your GraphQL API public and would like some help from a team operating APIs with billions of requests per month. We’d love to help!


GraphQL Observability

Marc-André dives into GraphQL Observability, which questions you should ask yourself when assessing your tooling, and provides tips on implementing or improving your setup.

Overview of GraphQL Frameworks in Java

If you’re working with Java and want to add GraphQL to your stack, see Rahul's article, which provides an in-depth overview of the various clients and their advantages and shortcomings.


GraphQL for Beginners: Schema-first vs Code-first

Victoria looks at the two ways we can build our GraphQL APIs, how they differ, and their respective advantages and disadvantages.

Stellates GraphQL Metrics: Full Observability for Your GraphQL API

Stellate recently released a new dashboard and, as part of that release, a completely revamped GraphQL Metrics product that provides full observability for your API.

Forging GraphQL Bombs, the 2022 version of Zip Bombs

While ZIP Bombs are a thing of the past, their concept is still relevant. Gautier from Escape looks at how those concepts can be applied to GraphQL and, more importantly, how to mitigate those attacks.

Scaling GraphQL with Redis Consumer Groups

The team at Parabol saw their GraphQL API response times starting to increase and looked into how to improve their setup. They decided to scale their backend based on Redis Consumer Groups and write up their experience.


A Guide to GraphQL Rate Limiting & Security

Rate limiting and securing server resources are central problems when developing any API. We want to prevent clients from being able to affect the experience of other clients or simply avoid being taken down. Marc-André Giroux dives into the rate-limiting of GraphQL APIs, how to get started, what else to keep in mind and his recommendations.

GraphQL Optimization: Deduplication & Reuse

In the 2nd article of the series, Bobbie Cochrane and Dan Debrunner explain how Deduplication and Reuse can help to reduce the number of backend requests for a GraphQL operation and improve the performance of your services.

Schema Governance Approaches for GraphQL

Isha from the Walmart Engineering team outlines Walmarts approach to ensure onboarding the various subgraphs to their federated gateway is a smooth and easy process that doesn't run into collisions and eliminates concerns ahead of time.

Unleash the Power of Fragments with GraphQL Codegen

Lauring Quast and The Guild extract some of the standout features that make Relay such a powerful GraphQL client and make them available to other clients via a new GraphQL Codegen plugin.


GraphQL Performance Testing With Apache JMeter

Mohamed looks into performance testing of your GraphQL APIs with Apache JMeter.

GraphQLGate - Rate Limiting with Query Complexity for Node.js

Evan introduces a new open source library that helps you implement rate-limiting and query complexity analysis for your Node.js and Express-based GraphQL services.

No, GraphQL Persisted Queries are not “Reinventing a REST API”

Marc-André looks into Persisted Queries, their advantages, and the problems they help solve. And why using APQs did not magically transform your GraphQL server into a REST API.

Feeling nerdy? Query issues of GraphQL Weekly, with GraphQL itself!
Powered by the GraphQL Playground
Enter a query
  allIssues {
    author {
or press CMD + Enter
Curated by Stellate, and the awesome GraphQL community.