How GraphQL revolutionizes headless CMS architectures with precise data fetching, improved developer experience, real-time updates, and seamless omnichannel content delivery. Learn why GraphQL outperforms REST APIs for modern content management.| Infographic Portal - New Infographics Resource Portal
Improve the security of your GraphQL API with Escape and Postman Are you tired of dealing with pesky API vulnerabilities? Want to take your GraphQL game to the next level? Introducing the perfect combo for GraphQL success - Escape and Postman. Escape is a tool that helps developers automatically and| Escape DAST - Application Security Blog
Today, I'm going to answer a question asked by Łukasz Biały on Twitter: Is there a way to get field-level RBAC (Role-Based Access Control)? It turns out there is! However, Caliban's approach to authentication and authorization is quite flexible. In...| Pierre Ricadat's Tech Blog
In my Beginner's Guide to GraphQL in Scala, I created a simplistic resolver that just returned data from an immutable value loaded in memory. In real-life use cases, things are usually quite different: data may come from a database, external APIs, or...| Pierre Ricadat's Tech Blog
In my Beginner's Guide to GraphQL in Scala, I explained how Caliban can automatically transform Scala types into GraphQL types through a process called schema derivation. This mechanism enables you to generate a Schema for user-defined types using a ...| Pierre Ricadat's Tech Blog
Crafting a simple GraphQL API using Scala and Caliban| Pierre Ricadat's Tech Blog
Discover GraphQL security experience from the GraphQL pentester point of view. This article will explain discovery in the pentesting process.| Escape DAST - Application Security Blog
Discover our story behind open source GraphQL wordlist for penetration testing, built from 60k+ production GraphQL endpoints. Available on GitHub| Escape DAST - Application Security Blog
Escape launches the first Asset Inventory and Attack Surface Management solution for GraphQL APIs with its new API Catalog feature.| Escape DAST - Application Security Blog
While querying, developing, and testing your GraphQL APIs with postman is easy and convenient, it has a big caveat: if you want to cover an endpoint with all its queries and mutations entirely, it will take you hours and repetitive steps to create every request, and you'll almost surely miss| Escape DAST - Application Security Blog
Explore how the API Security Academy uses WebContainers for interactive Node.js lessons directly in your browser.| Escape DAST - Application Security Blog
Discover the importance of API catalogs, their differences from API portals & gateways, and how to ensure optimal API management and security.| Escape DAST - Application Security Blog
REST is dead, long live REST| Pact Docs Blog
JSer.info #735 - Zod 4がリリースされました。| JSer.info
Learn how to test GraphQL with Postman, the go-to tool for querying APIs, and quickly start sending requests and testing your GraphQL endpoints.| Escape DAST - Application Security Blog
Change the fields returned by your API by offering more representations of the resources. This under-appreciated feature of API design can help teams to get the best from their API for multiple use cases, without the need to switch to GraphQL.| LornaJane
Discover a Golang-based tool developed at Escape for GraphQL endpoint discovery and fingerprinting, enhancing API security. Available on GitHub.| Escape DAST - Application Security Blog
Enhance GraphQL security with input validation & sanitization. Learn about homemade middleware,directives and custom scalars for protecting APIs| Escape DAST - Application Security Blog
Understand the concept behind GraphQL in context of iOS development.| iOS development by tanaschita.com
Learn how to integrate GraphQL into a Swift application using Apollo iOS.| iOS development by tanaschita.com
Discover the power of GraphQL with Java in 2025, and learn how it enhances API development with frameworks like Spring Boot.| Java Code Geeks
Introduction In this post, we’ll explore AWS AppSync field-level resolvers and how they can enhance your GraphQL API development. Field-level resolvers are powerful units of code that determine how data is fetched, processed, and returned for specific fields in your schema types. By leveraging field-level resolvers in AWS AppSync, you’ll learn how to efficiently handle […]| Amazon Web Services
In a recent project around open source contributors, I wanted to take a look at which projects a particular user (actually a few of them, but I wrote a wrapper to repeat the process for each handle) maintains. GitHub doesn't show this maintainer relationship, so instead I used the v4 GraphQL API and| LornaJane
GraphQL is a typed language, so why redefine all of the types ourselves inside our TypeScript code when we should be able to take advantage of the types coming from GraphQL and have them automatically generated for us? That's exactly what we can…| Leigh Halliday's RSS Feed
With React 16.7 we were introduced to hooks . A way to allow things like state, refs, and lifecycle functions to live inside functional components, functionality once only available in class based components. The great thing about hooks though is…| Leigh Halliday's RSS Feed
So you've updated your React code to use GraphQL, but there's those 2 RESTful API endpoints that you still have to integrate with... what do you do? You could use fetch or axios with your favorite state management tool, but now you have 2 ways of…| Leigh Halliday's RSS Feed
Explore how you can prevent data breaches in GraphQL. Learn to manage sensitive data effectively with robust access control.| Escape - The API Security Blog
Insecure Direct Object References (IDOR) are common security vulnerabilities. Discover IDOR real-life examples and best practices for GraphQL API| Escape - The API Security Blog
Cross-Site Scripting (XSS) happens when attackers send malicious scripts via web apps to end users. Learn how to remediate it in GraphQL apps.| Escape - The API Security Blog
A deep dive into schemas and specifications, how can they be used for schema-based contract testing and their respective benefits and tradeoffs| Pactflow Contract Testing Platform
GraphQL has no security by default. All doors are open for the most basic attacks. Read more to learn about the exact threats and some simple strategies you can implement to get your users' data under lock and key 🔐| Escape - The API Security Blog
An example of a GraphQL schema, containing Object types, a Query type, a Mutation type, a Subscription type and a Schema type. With all the explanation needed.| Zero Day Hacker
Six years ago, I wrote "Is GraphQL The Future?" We can now confidently say that the answer is "no", but I'm still very proud of that piece, and I think I was right about a lot of other things. What happened to GraphQL?| Never Down, Always Up
Today GraphQL is a mature alternative for building API's. Many developers have discovering its flexibility, expressiveness, and efficiency. ...| bartwullems.blogspot.com
GraphQL is an amazing new(ish) paradigm for communicating with APIs, made popular by Facebook but since then used by many companies…| www.leighhalliday.com
GraphQL best practices for 2023| Alan Norbauer
Opaqueness and compatibility| coady.github.io
In a previous post I talked about how I set up server side rendering of React components in Rails with Hypernova. I went on to build a complex Ruby based Gra...| bessey.dev
UPDATE: This post has been made redundant by my discovery of a simpler approach. Please see: Server Side Rendering for React + Apollo GraphQL Client.In a pre...| bessey.dev
Dive into the complexities of securing GraphQL APIs and common vulnerabilities and learn best practices for enhancing GraphQL security.| Escape DAST - Application Security Blog
概要 今回はNestJSでGraphQL を使用したサンプルです。 Code fristとSchema firstの2つのアプローチがあります。今回はCode fristのアプローチで実装していきたいと思います。 GraphQL については以下のページを参照 graphql.org NestJSのGraphQL の説明記事 docs.nestjs.com| 開発覚書はてな版
There is no such thing as a “root field”.| coady.github.io
GraphQL is a query language that you can use to interact with an API. GraphQL allows you to write your own queries that will bring back specifically the info you want from the GraphQL server’s database (within the boundaries of what the API provider wants you to see, which is defined in the schema). From... Continue reading The post What is GraphQL? first appeared on Zero Day Hacker.| Zero Day Hacker
Credit 👏: My teammate, Riley Rangel, worked out this solution and improved the DX for our team. Problem: How to select the correct…| duncanleung.com
Here's everything I learned this year about GraphQL for anyone getting started.| whitep4nth3r.com RSS Feed
How can you make sure your GraphQL queries are safe from nasties? Let’s find out.| whitep4nth3r.com RSS Feed
In this article, we will look into defining a GraphQL schema, implement APIs and write integration tests.| RefactorFirst
To fetch or modify information through a GraphQL API, you need to write a request in a formatted way that follows a set of rules: it needs to be a JSON object and it must match the structure of the API’s schema. Also, if GraphQL objects are the containers that give structure to the API,... Continue reading The post Writing a GraphQL query first appeared on Zero Day Hacker.| Zero Day Hacker
Three different operation types can be used to send requests to a GraphQL server: queries, mutations and subscriptions. Let’s look at them one by one. Queries The query operation is used when we want to retrieve data from the GraphQL server. You could compare it to an HTTP GET request in RESTful APIs. In the... Continue reading The post GraphQL queries, mutations and subscriptions first appeared on Zero Day Hacker.| Zero Day Hacker
Every language needs a grammar. If GraphQL is the language you can use to talk to an API, the GraphQL type system gives you the grammar that will make sure your queries are properly formatted and understood. Just like a programming language, GraphQL relies on types to define and describe every element you will find... Continue reading The post What are GraphQL types? first appeared on Zero Day Hacker.| Zero Day Hacker
Explore the most popular API protocols today, including their key strengths, limitations, and use cases.| Postman Blog
Litany against nulls.| coady.github.io
GraphQL resolvers should have been coroutines.| coady.github.io
GraphQL is the new ORM.| coady.github.io
In this episode of Learn with Jason, I teach Jason how to use Contentful’s GraphQL API to power dynamic routes in Next.js.| whitep4nth3r.com
Generate a FullStack playground using FastAPI, GraphQL and Ariadne| blog.yezz.me
Large enterprises talk a lot about governance, but stewardship may be a better model.| justin.abrah.ms
There are a few operational concerns when moving to GraphQL. Here are the ones I know.| justin.abrah.ms
Now attack GraphQL endpoints with the new GraphQL add-on for ZAP| ZAP
