awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

11 Repos

Awesome GitHub RepositoriesGraphQL Security

Protective measures for GraphQL APIs including complexity and depth analysis.

Distinguishing note: Focuses on preventing resource exhaustion in GraphQL specifically.

Explore 11 awesome GitHub repositories matching security & cryptography · GraphQL Security. Refine with filters or upvote what's useful.

Awesome GraphQL Security GitHub Repositories

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • payloadcms/payloadAvatar von payloadcms

    payloadcms/payload

    43,053Auf GitHub ansehen↗

    Payload is a headless content management system and application framework that uses a code-first approach to define data schemas and administrative interfaces. By utilizing a centralized, type-safe configuration object, it automatically generates database schemas, API endpoints, and a fully customizable admin panel. The system is built on a database-agnostic architecture, allowing it to interface with various storage engines while providing a unified, type-safe API for server-side operations, REST, and GraphQL. What distinguishes Payload is its deep extensibility and developer-centric design.

    Protects GraphQL APIs by rejecting queries that exceed defined complexity thresholds.

    TypeScriptcmscontent-managementcontent-management-system
    Auf GitHub ansehen↗43,053
  • owasp/cheatsheetseriesAvatar von OWASP

    OWASP/CheatSheetSeries

    32,298Auf GitHub ansehen↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    Limits query depth and enforces field-level authorization to prevent resource exhaustion.

    Pythonapplication-securityappsecbest-practices
    Auf GitHub ansehen↗32,298
  • shieldfy/api-security-checklistAvatar von shieldfy

    shieldfy/API-Security-Checklist

    23,258Auf GitHub ansehen↗

    This project is a comprehensive API security audit checklist and vulnerability audit framework. It provides a structured guide of security countermeasures for designing, testing, and deploying secure APIs across various protocols. The framework includes specialized guides for securing OAuth 2.0 authorization flows, implementing zero trust networking for service-to-service communication, and protecting GraphQL endpoints from resource exhaustion and information leakage. It also provides standards for integrating static analysis, dynamic scanning, and secret detection into CI/CD delivery pipelin

    Provides specialized protections for GraphQL endpoints to prevent resource exhaustion and introspection leaks.

    apijwtoauth2
    Auf GitHub ansehen↗23,258
  • casbin/casbinAvatar von casbin

    casbin/casbin

    19,848Auf GitHub ansehen↗

    Casbin is an authorization library that provides a model-based engine for enforcing access control across diverse application environments. It decouples authorization logic from application code by using a configuration-driven approach, allowing developers to define access rules and evaluation logic independently. The system supports a wide range of access control models, including role-based, attribute-based, and relationship-based patterns, which are evaluated at runtime to determine if a subject is permitted to perform an action on a resource. The project distinguishes itself through a hig

    Intercepts GraphQL requests before they reach resolvers to validate permissions against defined authorization policies.

    Goabacaccess-controlacl
    Auf GitHub ansehen↗19,848
  • chentsulin/awesome-graphqlAvatar von chentsulin

    chentsulin/awesome-graphql

    14,975Auf GitHub ansehen↗

    Awesome GraphQL is a curated directory and resource collection for the GraphQL ecosystem. It serves as a central index for developers to discover libraries, tools, and specifications required for building, testing, and managing data layer implementations across various programming languages. The repository provides access to a comprehensive range of utilities that support the entire GraphQL lifecycle. This includes resources for server-side API development, client-side integration, and schema management. It also highlights tools for security enforcement, such as rate limiting and input valida

    Highlights security measures for GraphQL APIs including rate limiting and permission enforcement.

    awesomeawesome-listgraphql
    Auf GitHub ansehen↗14,975
  • howtographql/howtographqlAvatar von howtographql

    howtographql/howtographql

    8,708Auf GitHub ansehen↗

    This project is a comprehensive educational resource and fullstack tutorial for GraphQL development. It provides instructional content and guides focused on designing schemas, implementing servers, and managing the end-to-end workflow of building production-ready applications. The material covers the conceptual differences between graph-based data structures and traditional API architectures. It includes a dedicated security course and guides for client integration, teaching users how to fetch data, manage application state, and apply protection measures to secure API endpoints. The scope of

    Includes a dedicated course on applying authentication and protection measures to secure API endpoints.

    TypeScriptapollographqlgraphqlprisma
    Auf GitHub ansehen↗8,708
  • graphql-hive/graphql-yogaAvatar von graphql-hive

    graphql-hive/graphql-yoga

    8,523Auf GitHub ansehen↗

    Yoga is a GraphQL server framework and runtime-agnostic HTTP handler used to build and deploy GraphQL APIs. It functions as a toolkit for managing schemas and resolvers, providing a spec-compliant environment for hosting APIs across diverse JavaScript runtimes, including Node.js, Deno, Bun, and serverless cloud environments. The project distinguishes itself through its ability to act as an Apollo Federation gateway, composing multiple subgraphs into a single unified supergraph. It also serves as a dedicated subscription server, delivering real-time data streaming via both WebSockets and Serve

    Protects APIs using complexity and depth analysis, internal error masking, and persisted operation enforcement.

    TypeScriptbundenofetch
    Auf GitHub ansehen↗8,523
  • 19majkel94/type-graphqlAvatar von 19majkel94

    19majkel94/type-graphql

    8,088Auf GitHub ansehen↗

    Type-graphql is a framework for building GraphQL servers that uses TypeScript classes as the single source of truth for schema definitions and types. It provides a schema generator and a resolver framework that allows developers to define queries and mutations using class-based controllers and decorators. The project focuses on a schema-first approach where TypeScript classes and metadata reflection are used to automatically derive GraphQL schemas. It incorporates a dependency injection container to manage the instantiation and lifecycle of resolver classes. The system includes a middleware

    Ships a system of authorization interceptors to restrict access to resolvers via guards.

    TypeScript
    Auf GitHub ansehen↗8,088
  • vendurehq/vendureAvatar von vendurehq

    vendurehq/vendure

    7,924Auf GitHub ansehen↗

    Vendure is a Node.js e-commerce engine and headless commerce framework built with NestJS and TypeScript. It serves as a multi-channel commerce platform that manages product catalogs, orders, and customers via a strongly typed GraphQL API. The platform is distinguished by its highly extensible architecture, featuring a customizable administrative dashboard where developers can inject custom React components and entity views. It supports multi-channel commerce, allowing the isolation of products, currencies, and regional catalogs from a single unified backend. The engine covers a broad range o

    Protects GraphQL APIs by disabling schema introspection and enforcing query complexity limits.

    TypeScriptecommerceecommerce-apiecommerce-framework
    Auf GitHub ansehen↗7,924
  • rmosolgo/graphql-rubyAvatar von rmosolgo

    rmosolgo/graphql-ruby

    5,448Auf GitHub ansehen↗

    GraphQL-Ruby ist eine Ruby-Bibliothek zum Erstellen von GraphQL-APIs mit einem stark typisierten Schema und einer dedizierten Query-Execution-Engine. Sie bietet ein umfassendes Framework zum Mappen von Anwendungsobjekten auf ein formales Typsystem, was strukturiertes Datenabrufen durch definierte Resolver ermöglicht. Das Projekt zeichnet sich durch fortschrittliche Performance- und Bereitstellungsmechanismen aus, darunter einen Data Loader für Batching und Caching zur Vermeidung von N+1-Abfragemustern. Es unterstützt leistungsstarke Datenbereitstellung durch inkrementelles Response-Streaming, verzögerte Abfrageantworten und paralleles Datenabrufen mittels Fibers. Zudem bietet es native Unterstützung für Relay-Konventionen, einschließlich spezialisierter Helfer für Connections und Objektidentifikation. Die Bibliothek deckt ein breites Spektrum an API-Management ab, einschließlich fein abgestufter Zugriffskontrolle, Schema-Versionierung zur Wahrung der Abwärtskompatibilität und Echtzeit-Updates via Subscriptions. Sie enthält zudem Traffic-Management-Tools zum Schutz von Serverressourcen, wie z. B. die Begrenzung der Abfragekomplexität und Request-Rate-Limiting. Entwicklung und Observability werden durch AST-Analysewerkzeuge, Execution-Tracing und spezialisierte Test-Utilities zur Verifizierung von Batch-Loading unterstützt.

    Provides protective measures including complexity analysis, depth limiting, and object-level authorization to secure the API.

    Ruby
    Auf GitHub ansehen↗5,448
  • graph-gophers/graphql-goAvatar von graph-gophers

    graph-gophers/graphql-go

    4,755Auf GitHub ansehen↗

    graphql-go ist eine schema-first GraphQL-Bibliothek und Server-Implementierung für Go. Sie bietet eine Query-Ausführungs-Engine und einen Schema-Parser, der Schema-Definitions-Strings in ausführbare Strukturen konvertiert und Resolver-Signaturen validiert. Die Bibliothek enthält zudem eine Streaming-Implementierung für Echtzeit-GraphQL-Subscriptions unter Verwendung von Channels innerhalb von Resolvern. Das Projekt zeichnet sich durch parallele Resolver-Ausführung zur Reduzierung der Anfragelatenz und die Verwendung von Buffer-Pool-Speichermanagement zur Senkung des Garbage-Collection-Overheads aus. Es ermöglicht die Erstellung klonbarer Schema-Instanzen aus einem geteilten Syntaxbaum, um eindeutige Resolver-Konfigurationen oder Overrides anzuwenden. Die Bibliothek deckt breite Funktionsbereiche ab, einschließlich Schema-Management mit benutzerdefinierten Skalar-Definitionen und Metadaten-Export sowie Sicherheit durch Query-Tiefen- und Komplexitätsbegrenzungen. Sie bietet zudem Tools für effizienten Datenabruf durch Selection-Set-Inspektion, um N+1-Abfragen zu verhindern, sowie Observability durch Execution-Tracing und Resolver-Panic-Handling.

    Protects GraphQL APIs from resource exhaustion by limiting query depth and complexity.

    Go
    Auf GitHub ansehen↗4,755
  1. Home
  2. Security & Cryptography
  3. GraphQL Security

Unter-Tags erkunden

  • Authorization InterceptorsMiddleware or hooks that validate GraphQL requests against security policies before execution. **Distinct from GraphQL Security:** Distinct from GraphQL Security: focuses on authorization policy enforcement rather than complexity or depth analysis.