{"id":13879263,"url":"https://github.com/sunny/graph_attack","last_synced_at":"2025-04-07T19:12:23.374Z","repository":{"id":32959134,"uuid":"131522981","full_name":"sunny/graph_attack","owner":"sunny","description":"Ruby GraphQL analyser for blocking \u0026 throttling calls by IP","archived":false,"fork":false,"pushed_at":"2025-03-21T14:08:29.000Z","size":73,"stargazers_count":51,"open_issues_count":0,"forks_count":8,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-31T18:21:41.502Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sunny.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-04-29T19:23:32.000Z","updated_at":"2025-03-21T14:08:32.000Z","dependencies_parsed_at":"2023-11-11T11:26:08.273Z","dependency_job_id":"e1f34eef-a3a2-4349-b899-88abce8ec7ef","html_url":"https://github.com/sunny/graph_attack","commit_stats":{"total_commits":68,"total_committers":5,"mean_commits":13.6,"dds":"0.27941176470588236","last_synced_commit":"20ca338ef9dc1549c1300078151f4cbe14dc37bb"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sunny%2Fgraph_attack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sunny%2Fgraph_attack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sunny%2Fgraph_attack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sunny%2Fgraph_attack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sunny","download_url":"https://codeload.github.com/sunny/graph_attack/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247713258,"owners_count":20983683,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-06T08:02:15.636Z","updated_at":"2025-04-07T19:12:23.044Z","avatar_url":"https://github.com/sunny.png","language":"Ruby","readme":"# GraphAttack\n\n[![Build Status](https://app.travis-ci.com/sunny/graph_attack.svg?branch=main)](https://app.travis-ci.com/sunny/graph_attack)\n\nGraphQL analyser for blocking \u0026 throttling.\n\n## Usage\n\nThis gem adds a method to limit access to your GraphQL fields by IP address:\n\n```rb\nclass QueryType \u003c GraphQL::Schema::Object\n  field :some_expensive_field, String, null: false do\n    extension GraphAttack::RateLimit, threshold: 15, interval: 60\n  end\n\n  # …\nend\n```\n\nThis would allow only 15 calls per minute by the same IP address.\n\n## Requirements\n\nRequires [GraphQL Ruby](http://graphql-ruby.org/) and a running instance\nof [Redis](https://redis.io/).\n\n## Installation\n\nAdd these lines to your application’s `Gemfile`:\n\n```ruby\n# GraphQL analyser for blocking \u0026 throttling by IP.\ngem \"graph_attack\"\n```\n\nAnd then execute:\n\n```sh\n$ bundle\n```\n\nFinally, make sure you add the current user’s IP address as `ip:` to the\nGraphQL context. E.g.:\n\n```rb\nclass GraphqlController \u003c ApplicationController\n  def create\n    result = ApplicationSchema.execute(\n      params[:query],\n      variables: params[:variables],\n      context: {\n        ip: request.ip,\n      },\n    )\n    render json: result\n  end\nend\n```\n\nIf that key is `nil`, throttling will be disabled.\n\n## Configuration\n\n### Custom context key\n\nIf you want to throttle using a different value than the IP address, you can\nchoose which context key you want to use with the `on` option. E.g.:\n\n```rb\nextension GraphAttack::RateLimit,\n          threshold: 15,\n          interval: 60,\n          on: :client_id\n```\n\n### Custom Redis client\n\nUse a custom Redis client instead of the default with the `redis_client` option:\n\n```rb\nextension GraphAttack::RateLimit,\n          threshold: 15,\n          interval: 60,\n          redis_client: Redis.new(url: \"…\")\n```\n\n### Common configuration\n\nTo have a default configuration for all rate-limited fields, you can create an\ninitializer:\n\n```rb\nGraphAttack.configure do |config|\n  # config.threshold = 15\n  # config.interval = 60\n  # config.on = :ip\n  # config.redis_client = Redis.new\nend\n```\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run\n`bin/rake` to run the tests and the linter. You can also run `bin/console` for\nan interactive prompt that will allow you to experiment.\n\n## Versionning\n\nWe use [SemVer](http://semver.org/) for versioning. For the versions available,\nsee the tags on this repository.\n\n## Releasing\n\nTo release a new version, update the version number in `version.rb` and in the\n`CHANGELOG.md`. Update the `README.md` if there are missing segments, make sure\ntests and linting are pristine by calling `bundle \u0026\u0026 bin/rake`, then create a\ncommit for this version, for example with:\n\n```sh\ngit add --patch\ngit commit -m v`ruby -rbundler/setup -rgraph_attack/version -e \"puts GraphAttack::VERSION\"`\n```\n\nYou can then run `bin/rake release`, which will assign a git tag, push using\ngit, and push the gem to [rubygems.org](https://rubygems.org).\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at\nhttps://github.com/sunny/graph_attack. This project is intended to be a safe,\nwelcoming space for collaboration, and contributors are expected to adhere to\nthe [Contributor Covenant](http://contributor-covenant.org) code of conduct.\n\n## Code of Conduct\n\nEveryone interacting in the GraphAttack project’s codebases, issue trackers,\nchat rooms and mailing lists is expected to follow the\n[code of conduct](https://github.com/sunny/graph_attack/blob/main/CODE_OF_CONDUCT.md).\n\n## License\n\nThis project is licensed under the MIT License - see the\n[LICENSE.md](https://github.com/sunny/graph_attack/blob/main/LICENSE.md)\nfile for details.\n\n## Authors\n\n- [Fanny Cheung](https://github.com/Ynote) — [ynote.hk](https://ynote.hk)\n- [Sunny Ripert](https://github.com/sunny) — [sunfox.org](https://sunfox.org)\n\n## Acknowledgments\n\nHat tip to [Rack::Attack](https://github.com/kickstarter/rack-attack) for the\nthe name.\n\nSponsored by [Cults](https://cults3d.com).\n\n![Cults. Logo](https://github.com/user-attachments/assets/3a51b90d-1033-4df5-a903-03668fc4b966)\n","funding_links":[],"categories":["Ruby"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsunny%2Fgraph_attack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsunny%2Fgraph_attack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsunny%2Fgraph_attack/lists"}