A principled approach to GraphQL query cost analysis

@article{Cha2020APA,
  title={A principled approach to GraphQL query cost analysis},
  author={Alan Cha and Erik Wittern and Guillaume Baudart and James C. Davis and Louis Mandel and Jim Laredo},
  journal={Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering},
  year={2020}
}
  • Alan Cha, Erik Wittern, +3 authors Jim Laredo
  • Published 11 September 2020
  • Computer Science
  • Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering
The landscape of web APIs is evolving to meet new client requirements and to facilitate how providers fulfill them. A recent web API model is GraphQL, which is both a query language and a runtime. Using GraphQL, client queries express the data they want to retrieve or mutate, and servers respond with exactly those data or changes. GraphQL’s expressiveness is risky for service providers because clients can succinctly request stupendous amounts of data, and responding to overly complex queries… Expand

Figures and Tables from this paper

Learning GraphQLQuery Costs
GraphQL is a query language for APIs and a runtime for executing those queries, fetching the requested data from existing microservices, REST APIs, databases, or other sources. Its expressiveness andExpand
Evaluating GraphQL and REST API Services Performance in a Massive and Intensive Accessible Information System
Currently, most middleware application developers have two choices when designing or implementing Application Programming Interface (API) services; i.e., they can either stick with RepresentationalExpand

References

SHOWING 1-10 OF 33 REFERENCES
Result size calculation for Facebook's GraphQL query language
  • 2018
A Principled Approach to GraphQL Query Cost Analysis Research Paper Artifact
  • 2020
API Connect is making GraphQL safer for the enterprise
  • 2020
4Catalyzer/graphql-validation-complexity: Query complexity validation for GraphQL
  • GraphQL query complexity analysis and validation for graphql-js
  • 2019
An Empirical Study of GraphQL Schemas
TLDR
It is reported that a majority of GraphQL APIs are susceptible to denial of service through complex queries, posing real security risks previously discussed only in theory. Expand
GitHub -GraphQL API v4
  • GitHub -GraphQL Example Queries
  • 2019
GitHub ś GraphQL API v4
  • GitHub ś GraphQL Example Queries
  • 2019
GraphQL Docs: The Query and Mutation types
  • GraphQL Docs: Introspection
  • 2019
GraphiQL -An in-browser IDE for exploring GraphQL
  • 2019
GraphiQL ś An in-browser IDE for exploring GraphQL
  • 2019
...
1
2
3
4
...