The advisory script brought up a RUSTSEC error: --- error[A001]: Use after free in lru crate ┌─ /home/haptop/Developer/radicle-link/Cargo.lock:207:1 │ 207 │ lru 0.6.6 registry+https://github.com/rust-lang/crates.io-index │ --------------------------------------------------------------- security vulnerability detected │ = ID: RUSTSEC-2021-0130 = Advisory: https://rustsec.org/advisories/RUSTSEC-2021-0130 = Lru crate has use after free vulnerability. Lru crate has two functions for getting an iterator. Both iterators give references to key and value. Calling specific functions, like pop(), will remove and free the value, and but it's still possible to access the reference of value which is already dropped causing use after free. = Announcement: jeromefroe/lru-rs#120 = Solution: Upgrade to >=0.7.1 --- This patch follows the recommended solution and pins the `lru` crate to 0.7.1. |
||
---|---|---|
.github | ||
derive | ||
docs | ||
examples@0ce0a43874 | ||
integrations | ||
parser | ||
src | ||
tests | ||
value | ||
.gitignore | ||
.gitmodules | ||
.rustfmt.toml | ||
ARCHITECTURE.md | ||
Cargo.toml | ||
CHANGELOG.md | ||
feature-comparison.md | ||
LICENSE-APACHE | ||
LICENSE-MIT | ||
README.md |
A GraphQL server library implemented in Rust
Async-graphql
is a high-performance server-side library that supports all GraphQL specifications.
- Feature Comparison
- Book
- 中文文档
- Docs
- GitHub repository
- Cargo package
- Minimum supported Rust version: 1.56.1 or later
Safety
This crate uses #![forbid(unsafe_code)]
to ensure everything is implemented in 100% Safe Rust.
Features
- Fully supports async/await
- Type safety
- Rustfmt friendly (Procedural Macro)
- Custom scalars
- Minimal overhead
- Easy integration (poem, actix_web, tide, warp, rocket ...)
- Upload files (Multipart request)
- Subscriptions (WebSocket transport)
- Custom extensions
- Apollo Tracing extension
- Limit query complexity/depth
- Error Extensions
- Apollo Federation
- Batch Queries
- Apollo Persisted Queries
Crate features
This crate offers the following features, all of which are not activated by default:
apollo_tracing
: Enable the Apollo tracing extension.apollo_persisted_queries
: Enable the Apollo persisted queries extension.log
: Enable the logger extension.tracing
: Enable the tracing extension.opentelemetry
: Enable the OpenTelemetry extension.unblock
: Support asynchronous reader for Uploadbson
: Integrate with thebson
crate.chrono
: Integrate with thechrono
crate.chrono-tz
: Integrate with thechrono-tz
crate.url
: Integrate with theurl
crate.uuid
: Integrate with theuuid
crate.string_number
: Enable the StringNumber.dataloader
: Support DataLoader.secrecy
: Integrate with thesecrecy
crate.decimal
: Integrate with therust_decimal
crate.cbor
: Support for serde_cbor.smol_str
: Integrate with thesmol_str
crate.hashbrown
: Integrate with thehashbrown
crate.
Apollo Studio
Apollo Studio is a cloud platform that helps you build, monitor, validate, and secure your organization's data graph. An existing extension is available for this crate here
Examples
All examples are in the sub-repository, located in the examples directory.
Run an example:
git submodule update # update the examples repo
cd examples && cargo run --bin [name]
Integrations
- Poem async-graphql-poem
- Actix-web async-graphql-actix-web
- Warp async-graphql-warp
- Tide async-graphql-tide
- Rocket async-graphql-rocket
- Axum async-graphql-axum
Who's using Async-graphql in production?
Community Showcase
- rust-actix-graphql-sqlx-postgresql Using GraphQL with Rust and Apollo Federation
- entity-rs A simplistic framework based on TAO, Facebook's distributed database for Social Graph.
- vimwiki-server Provides graphql server to inspect and manipulate vimwiki files.
- Diana Diana is a GraphQL system for Rust that's designed to work as simply as possible out of the box, without sacrificing configuration ability.
- cindythink
- sudograph
Blog Posts
License
Licensed under either of
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT) at your option.
References
- GraphQL
- GraphQL Multipart Request
- GraphQL Cursor Connections Specification
- GraphQL over WebSocket Protocol
- Apollo Tracing
- Apollo Federation
Contribute
Welcome to contribute !