graphql
A Query Language and Runtime which can target any service.
About
A Query Language and Runtime which can target any service.
Live mirror of the GitHub README. Updated whenever the repo's default branch changes.
GraphQL.js
The JavaScript reference implementation for GraphQL, a query language for APIs created by Facebook.
See more complete documentation at https://graphql.org/ and https://graphql.org/graphql-js/.
Looking for help? Find resources from the community.
Getting Started
A general overview of GraphQL is available in the README for the Specification for GraphQL. That overview describes a simple set of GraphQL examples that exist as tests in this repository. A good way to get started with this repository is to walk through that README and the corresponding tests in parallel.
Using GraphQL.js
Install GraphQL.js from npm
With npm:
npm install --save graphql
With yarn:
yarn add graphql
With bun:
bun add graphql
GraphQL.js provides two important capabilities: building a type schema and serving queries against that type schema.
First, build a GraphQL type schema which maps to your codebase.
import {
graphql,
GraphQLSchema,
GraphQLObjectType,
GraphQLString,
} from 'graphql';
var schema = new GraphQLSchema({
query: new GraphQLObjectType({
name: 'RootQueryType',
fields: {
hello: {
type: GraphQLString,
resolve() {
return 'world';
},
},
},
}),
});
This defines a simple schema, with one type and one field, that resolves
to a fixed value. The resolve function can return a value, a promise,
or an array of promises. A more complex example is included in the top-level tests directory.
Then, serve the result of a query against that type schema.
var source = '{ hello }';
graphql({ schema, source }).then((result) => {
// Prints
// {
// data: { hello: "world" }
// }
console.log(result);
});
This runs a query fetching the one field defined. The graphql function will
first ensure the query is syntactically and semantically valid before executing
it, reporting errors otherwise.
var source = '{ BoyHowdy }';
graphql({ schema, source }).then((result) => {
// Prints
// {
// errors: [
// { message: 'Cannot query field BoyHowdy on RootQueryType',
// locations: [ { line: 1, column: 3 } ] }
// ]
// }
console.log(result);
});
Want to ride the bleeding edge?
The npm branch in this repository is automatically maintained to be the last
commit to main to pass all tests, in the same form found on npm. It is
recommended to use builds deployed to npm for many reasons, but if you want to use
the latest not-yet-released version of graphql-js, you can do so by depending
directly on this branch:
npm install graphql@git://github.com/graphql/graphql-js.git#npm
Using in a Browser
GraphQL.js is a general-purpose library and can be used both in a Node server and in the browser. As an example, the GraphiQL tool is built with GraphQL.js!
Building a project using GraphQL.js with webpack or
rollup should just work and only include
the portions of the library you use. This works because GraphQL.js is distributed
with both CommonJS (require()) and ESModule (import) files. The exports
map within the project package.json should direct runtimes and bundlers to
the appropriate files. Tools that do not support exports will find the CommonJS
and ESModule builds side by side, with the CommonJS code packaged
in files with the .js extension and the ESModule build within .mjs files.
Contributing
We actively welcome pull requests. Learn how to contribute.
This repository is managed by EasyCLA. Project participants must sign the free (GraphQL Specification Membership agreement before making a contribution. You only need to do this one time, and it can be signed by individual contributors or their employers.
To initiate the signature process please open a PR against this repo. The EasyCLA bot will block the merge if we still need a membership agreement from you.
You can find detailed information here. If you have issues, please email operations@graphql.org.
If your company benefits from GraphQL and you would like to provide essential financial support for the systems and people that power our community, please also consider membership in the GraphQL Foundation.
Changelog
Changes are tracked as GitHub releases.
License
GraphQL.js is MIT-licensed.
Version Support
GraphQL.JS follows Semantic Versioning (SemVer) for its releases. Our version support policy is as follows:
- Latest Major Version: We provide full support, including bug fixes and security updates, for the latest major version of GraphQL.JS.
- Previous Major Version: We offer feature support for the previous major version for 12 months after the release of the newest major version. This means that for 12 months we can backport features for specification changes if they don't cause any breaking changes. We'll continue supporting the previous major version with bug and security fixes.
- Older Versions: Versions older than the previous major release are considered unsupported. While the code remains available, we do not actively maintain or provide updates for these versions. One exception to this rule is when the older version has been released < 1 year ago, in that case we will treat it like the "Previous Major Version".
Long-Term Support (LTS)
We do not currently offer a Long-Term Support version of GraphQL.JS. Users are encouraged to upgrade to the latest stable version to receive the most up-to-date features, performance improvements, and security updates.
End-of-Life (EOL) Schedule
We will announce the EOL date for a major version at least 6 months in advance. After a version reaches its EOL, it will no longer receive updates, even for critical security issues.
Upgrade Assistance
To assist users in upgrading to newer versions:
- We maintain detailed release notes for each version, highlighting new features, breaking changes, and deprecations.
- Our documentation includes migration guides for moving between major versions.
- The community forum (Discord channel #graphql-js) is available for users who need additional assistance with upgrades.
Security Updates
We prioritize the security of GraphQL.JS:
- Critical security updates will be applied to both the current and previous major version.
- For versions that have reached EOL, we strongly recommend upgrading to a supported version to receive security updates.
Community Contributions
We welcome community contributions for all versions of GraphQL.JS. However, our maintainers will primarily focus on reviewing and merging contributions for supported versions.
Quick facts
npm install graphqlThis package powers GraphQL
The graphql package is the canonical implementation of GraphQL. Sourcemap Explorer uses this exact npm package as the framework-level fingerprint when it flags GraphQL on a page — both via the bundled node_modules/graphql/ source paths and via the embedded package.json inside the JavaScript sourcemap.
How Sourcemap Explorer detects graphql
We catch graphql from two complementary signals: bundled source paths and the embedded package.json. Modern bundlers (webpack, Vite, esbuild, Rollup, Turbopack) preserve the original node_modules/graphql/ paths inside the JavaScript sourcemap's sources[] array — that's the canonical signal. When the matching package.json is also captured in sourcesContent[], we read the exact version field — patch number included. No regex guessing, no version inference.
- 1
Confirm the site exposes sourcemaps
In DevTools Network, check the response headers of any application script for `SourceMap` or `X-SourceMap`. Failing that, fetch the script's last 4 KB and look for a `//# sourceMappingURL=` comment.
- 2
Find the package in the bundle
Open DevTools → Network → reload. Click any application script and look at its sourcemap. Inside, search `sources[]` for entries matching `node_modules/graphql/` — every match confirms the package is bundled. The matching `sourcesContent[i]` for `node_modules/graphql/package.json` gives you the exact installed version.
- 3
Read the version directly from package.json
Run `jq -r '. as $m | $m.sources | to_entries[] | select(.value | endswith("node_modules/graphql/package.json")) | $m.sourcesContent[.key] | fromjson | .version' bundle.js.map`. Sourcemap Explorer automates the same query in the popup.
Recent versions
FAQ
What is graphql used for?
A Query Language and Runtime which can target any service.
How can I tell if a website is using graphql?
Open the page in Chrome with the Sourcemap Explorer extension installed and read the Stack tab. We catch `graphql` from two complementary signals: `node_modules/graphql/` paths inside the JavaScript sourcemap, and the embedded `package.json` we read for exact-version detection. Without the extension you can do the same lookup manually in DevTools — the steps are listed in the "How Sourcemap Explorer detects" section above.
What is the latest version of graphql?
16.14.0, as published on the npm registry. The "Recent versions" table on this page lists the most recent 8 releases with their release dates. Sourcemap Explorer reports the version actually bundled into a site, which can lag the latest release by months on real-world deployments.
What is the relationship between graphql and GraphQL?
graphql is the canonical npm package for GraphQL. Sourcemap Explorer treats finding `graphql` in a bundle as the framework-level signal that GraphQL is on the page, and the page you're reading is the canonical Sourcemap Explorer entry for the package itself.
Where can I read more?
Project homepage: https://github.com/graphql/graphql-js. Source code: https://github.com/graphql/graphql-js. Published on npm: https://www.npmjs.com/package/graphql. Licensed as MIT.
Keep reading on Sourcemap Explorer
Practical guides
Detection deep dives
Alternative tools
Detected by Sourcemap Explorer
When a bundle ships sourcemaps, we read the embedded package.json for graphql and report the precise version. Without sourcemaps, an import / require in the page's scripts is enough to flag it.