The apollo-server-core package uses Node's built-in crypto module only to
create SHA-256 and -512 hashes.
When we're actually running in Node, the native crypto library is clearly
the best way to create these hashes, not least because we can assume it
will be available without having to bundle it first.
Outside of Node (such as in React Native apps), bundlers tend to fall back
on the crypto-browserify polyfill, which comprises more than a hundred
separate modules. Importing this polyfill at runtime (likely during
application startup) takes precious time and memory, even though almost
all of it is unused.
Since we only need to create SHA hashes, we can import the much smaller
sha.js library in non-Node environments, which happens to be what
crypto-browserify uses for SHA hashing, and is a widely used npm package
in its own right: https://www.npmjs.com/package/sha.js.
When getEngineServiceId does not return a truthy value, we can save memory
and startup time by avoiding importing apollo-engine-reporting, which
(among its other dependencies) imports the protobuf.js implementation.
Since we already write to the persisted query cache asynchronously (and
intentionally do not await the Promise) this won't have any affect on the
current behavior of when the persisted query cache is written to in the
event of an executable request, but if an operation comes in and doesn't
parse or validate, we'll avoid wasting cache space on an operation that will
never execute.
Additionally, in a similar light, if a plugin throws an error which stops
execution, we can avoid the side-effect of writing to the persisted query
cache.
In terms of the APQ behavior, while this could cause additional round-trips
for a client which repeatedly sends an invalid operation, that operation is
never going to successfully finish anyway. While developer tooling will
help avoid this problem in the first place, this refusal to store an invalid
operation in the APQ cache could actually help diagnose a failure since the
full operation (rather than just the SHA256 of that document) will appear
in the browser's dev-tools on the retry.
If we're looking to spare parsing and validating documents which we know are
going to fail, I think that's going to be a better use of the (new)
`documentStore` cache (#2111), since its in-memory and can accommodate a
more complex data structure which includes the validation errors from the
previous attempt which will, of course, be the same when validating the same
operation against the same schema again. As the PR that introduced that
feature shows, sparing those additional parses and validations (cached APQ
documents still needs to be parsed and validated, currently) will provide a
more successful performance win overall.
Ref: https://github.com/apollographql/apollo-server/pull/2111
This PR contains the following updates:
| Package | Type | Update | Change | References |
|---|---|---|---|---|
| prettier | devDependencies | minor | `1.15.3` -> `1.16.1` | [homepage](https://prettier.io), [source](https://togithub.com/prettier/prettier) |
---
### Release Notes
<details>
<summary>prettier/prettier</summary>
### [`v1.16.1`](https://togithub.com/prettier/prettier/blob/master/CHANGELOG.md#​1161)
[Compare Source](https://togithub.com/prettier/prettier/compare/1.16.0...1.16.1)
[diff](https://togithub.com/prettier/prettier/compare/1.16.0...1.16.1)
- JavaScript: Do not format functions with arguments as react hooks ([#​5778] by [@​SimenB])
The formatting added in Prettier 1.16 would format any function receiving an
arrow function and an array literal to match React Hook's documentation.
Prettier will now format this the same as before that change if the arrow
function receives any arguments.
<!-- prettier-ignore -->
```js
// Input
["red", "white", "blue", "black", "hotpink", "rebeccapurple"].reduce(
(allColors, color) => {
return allColors.concat(color);
},
[]
);
// Output (Prettier 1.16.0)
["red", "white", "blue", "black", "hotpink", "rebeccapurple"].reduce((
allColors,
color
) => {
return allColors.concat(color);
}, []);
// Output (Prettier 1.16.1)
["red", "white", "blue", "black", "hotpink", "rebeccapurple"].reduce(
(allColors, color) => {
return allColors.concat(color);
},
[]
);
```
- JavaScript: Add necessary parentheses for decorators ([#​5785] by [@​ikatyang])
Parentheses for decorators with nested call expressions are optional for legacy decorators
but they're required for decorators in the current [proposal](https://tc39.github.io/proposal-decorators/#sec-syntax).
<!-- prettier-ignore -->
```js
// Input
class X {
@​(computed().volatile())
prop
}
// Output (Prettier 1.16.0)
class X {
@​computed().volatile()
prop
}
// Output (Prettier 1.16.1)
class X {
@​(computed().volatile())
prop
}
```
- TypeScript: Stable parentheses for function type in the return type of arrow function ([#​5790] by [@​ikatyang])
There's a regression introduced in 1.16 that
parentheses for function type in the return type of arrow function were kept adding/removing.
Their parentheses are always printed now.
<!-- prettier-ignore -->
```ts
// Input
const foo = (): (() => void) => (): void => null;
const bar = (): () => void => (): void => null;
// First Output (Prettier 1.16.0)
const foo = (): () => void => (): void => null;
const bar = (): (() => void) => (): void => null;
// Second Output (Prettier 1.16.0)
const foo = (): (() => void) => (): void => null;
const bar = (): () => void => (): void => null;
// Output (Prettier 1.16.1)
const foo = (): (() => void) => (): void => null;
const bar = (): (() => void) => (): void => null;
```
- MDX: Correctly recognize inline JSX ([#​5783] by [@​ikatyang])
Previously, some inline JSXs are wrongly recognized as block HTML/JSX,
which causes unexpected behaviors. This issue is now fixed.
<!-- prettier-ignore -->
```md
<!-- Input -->
_foo <InlineJSX /> bar_
<!-- Output (Prettier 1.16.0) -->
_foo
<InlineJSX /> bar_
<!-- Output (Prettier 1.16.1) -->
_foo <InlineJSX /> bar_
```
[@​ikatyang]: https://togithub.com/ikatyang
[@​simenb]: https://togithub.com/SimenB
[#​5778]: https://togithub.com/prettier/prettier/pull/5778
[#​5783]: https://togithub.com/prettier/prettier/pull/5783
[#​5785]: https://togithub.com/prettier/prettier/pull/5785
[#​5790]: https://togithub.com/prettier/prettier/pull/5790
### [`v1.16.0`](https://togithub.com/prettier/prettier/blob/master/CHANGELOG.md#​1160)
[Compare Source](https://togithub.com/prettier/prettier/compare/1.15.3...1.16.0)
[diff](https://togithub.com/prettier/prettier/compare/1.15.3...1.16.0)
🔗 [Release Notes](https://prettier.io/blog/2019/01/20/1.16.0.html)
</details>
---
### Renovate configuration
📅 **Schedule**: "after 6pm every weekday,before 5am every weekday" in timezone America/Los_Angeles.
🚦 **Automerge**: Enabled.
♻️ **Rebasing**: Whenever PR is stale, or if you modify the PR title to begin with "`rebase!`".
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- renovate-rebase -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Renovate Bot](https://togithub.com/marketplace/renovate). View repository job log [here](https://renovatebot.com/dashboard#apollographql/apollo-server).
In an effort to see how effective this cache is in production during this
alpha phase, we'll print out the stats on the document store every 60
seconds.
The implementation of object-size approximation which is used for cache
eviction purposes in the `InMemoryLRUCache` implementation (via `lru-cache`)
was a short-term location for extensible logic which is better located
within `ApolloServerBase`.
This is particularly important since future logic may necessitate knowing or
understanding the current size (roughly, memory usage) of the in-memory
storage. Effective immediately, this adds support for providing a `dispose`
function which is called when an object is purged from the cache to make
room for another.
While the implementation of the `documentStore` is currently simple enough
to never throw (it is in-memory), it makes some sense to guard against future
extended functionality where an exception might be raised.
Since storing this object in a distributed memory store isn't currently
feasible, I'm not sure what such an exception would be right now, but I
don't mind being proactive!
Ref: https://github.com/apollographql/apollo-server/pull/2111/files#r247618501
Without this change, the `document` property was not set on the
`requestContext` for consumption by request pipeline plugins.
To further guard against this oversight, I've removed the extra `document`
variable which was being used as scoped state for the document and switched to
directly using (and assigning to) the `requestContext.document`.
Nice catch, @glasser!
Ref: https://github.com/apollographql/apollo-server/pull/2111/files#r247617469
* refactor: switch `json-stable-stringify` to `fast-json-stable-stringify`
* chore: drop `@types/json-stable-stringify`
* Update CHANGELOG.md for #2065.
Rather than crutching on the `return`, this logic reads more concisely with
a full `if` / `else` pattern.
I say this because two people looked at it and weren't immediately aware,
which really shouldn't be the case from such a brief piece of code.
This test harness is intended to be relatively temporary, but it seems
fruitful to start picking from where these types are already defined rather
than re-implementing them in multiple places.
This change came up in a larger feature implementation and should otherwise be
a no-op but was worth surfacing as its own commit in case that feature never
lands.
Now that there are specific versions of Node.js which don't support file
uploads (namely, <= 8.5.0) we need to explicitly disable uploads on those
versions, similar to how those users must opt-in to that behavior by setting
`uploads: false` in their Apollo Server constructor options.
This effectively accomplishes exactly that, but only when necessary.
Due to changes in the third-party `graphql-upload` package which Apollo
Server utilizes to implement out-of-the-box file upload functionality, we
must drop support for file uploads in versions of the Node.js engine prior
to v8.5.0. Since file uploads are supported by default in Apollo Server 2.x,
and there is an explicit dependency on `graphql-upload`, we must
prevent users who are affected by this mid-major-release deprecation by
being surprised by the sudden lack of upload support.
By `throw`-ing an error at server startup for affected users, we certainly
are breaking a semantic versioning agreement for these users, however with a
relatively simple ergonomic (setting `uploads: false`) we allow those users
who are NOT utilizing file uploads (as we believe is the case with a
majority) to continue using their version of Node.js until it reaches the
end of its supported lifetime (as dictated by its Long Term Support
agreement with the Node.js Foundation). If we did not `throw` the error at
server start-up, those affected may not notice since they may update and start
their updated server without noticing the impending chance of failure when
someone tries updating!
Apollo Server 2.x has attempted to maintain full compatibility with versions
of Node.js which are still under Long Term Support agreements with the
Node.js Foundation. While this continues to mostly be true, file uploads
are an exception which we've now had to make.
Third-party open-source projects must absolutely do what's best for their
project. From an architecture standpoint, I suspect that we (the designers
behind Apollo Server) are mostly to blame for this. Namely, it's unfortunate
that we had made such an incredibly coupled integration with a third-party
package that we restricted our users from incrementally adopting the
changes (and new/improved functionality) of, in this particular case,
the `graphql-upload` package. I hope we can take better care with decisions
like this in the future!
Lastly, this commit also adds documentation to help those affected.
