/graphql-armor

🛡️ The missing GraphQL security security layer for Apollo GraphQL and Yoga / Envelop servers 🛡️

Primary LanguageTypeScriptMIT LicenseMIT

GraphQL Armor 🛡️

GraphQL Armor is a dead-simple yet highly customizable security middleware for various GraphQL server engines.

GraphQL-Armor banner

CI release e2e npm codecov

Installation

# npm
npm install -S @escape.tech/graphql-armor

# yarn
yarn add @escape.tech/graphql-armor

Documentation

https://escape.tech/graphql-armor/docs/getting-started

Supported GraphQL Engines

We support the following engines :

We additionally support the following engines through the Envelop plugin system :

  • GraphQL-Helix
  • Node.js HTTP
  • GraphQL-Helix (with @defer and @stream)
  • GraphQL-WS
  • GraphQL-SSE
  • Azure Functions
  • Cloudflare Workers
  • Google Cloud Functions
  • Lambda AWS
  • type-graphql
  • nexus
  • express-graphql

See here for more information about Envelop compatibility.

GraphQL security for Enterprise

Interested in securing GraphQL APIs on the enterprise level? Visit Escape’s website to learn more.

Contributing

Ensure you have read the Contributing Guide before contributing.

To setup your project, make sure you run the install-dev.sh script.

git clone git@github.com:Escape-Technologies/graphql-armor.git
cd graphql-armor
bash ./install-dev.sh

We are using yarn as our package manager and the workspaces monorepo setup. Please read the associated documentation and feel free to open issues if you encounter problems when developing on our project!

🤝 We're hiring!

We believe it’s time to bring more AI-driven innovation to cybersecurity, and we'd love your help in building this dream! Want to join our adventure? Check out our Careers page!