Catch the highlights of GraphQLConf 2023! Click for recordings. Or check out our recap blog post.
Docs
Commands
Audit

Audit (Documents)

Audit your documents for useful metrics such as query depth, directive count and alias count. This is useful if you want to introduce security rules on your GraphQL server (e.g. via graphql-armor) and need to figure out the values for doing so.

Audit - Usage

Run the following command:

graphql-inspector audit DOCUMENTS

Arguments

  • DOCUMENTS - a glob pattern that points to GraphQL Documents / Operations

Flags

  • -d, --detail - Print statistics for each single GraphQL operation (default: false)
  • --complexityScalarCost - The cost of a scalar field for calculating the complexity score (default: 1)
  • --complexityObjectCost - The cost of an object field for calculating the complexity score (default: 2)
  • --complexityDepthCostFactor - The cost factor of a field per depth level for calculating the complexity score (default: 1.5)

Output

A list of metrics including the maximum depth limit, maximum alias count and maximum directive count.

This process does not fail, as it is mainly for showing useful information. In case you want to enforce a certain query deth, directive count or alias count limit check the --maxDepth, --maxAliasCount and --maxDirectiveCount flags in the Validate Documents documentation.

Example

graphql-inspector audit './documents/document.graphql'
⚠️
Make sure to wrap the document in quotes.

Example - Glob Pattern

graphql-inspector audit './documents/*.graphql'

Make sure to wrap the glob pattern in quotes, otherwise the glob pattern will be expanded by your

⚠️
Glob patterns are not supported on GitHub Action and GitHub App.