{"id":13499306,"url":"https://github.com/tim-field/graphql-wp","last_synced_at":"2025-10-13T02:57:56.606Z","repository":{"id":51302549,"uuid":"50141708","full_name":"tim-field/graphql-wp","owner":"tim-field","description":"GraphQL endpoint for WordPress","archived":false,"fork":false,"pushed_at":"2021-05-17T02:15:44.000Z","size":473,"stargazers_count":303,"open_issues_count":3,"forks_count":22,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-10-07T07:48:31.205Z","etag":null,"topics":["graphql","graphql-endpoint","graphql-wp","headless-cms","wordpress"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tim-field.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-01-21T22:40:10.000Z","updated_at":"2025-05-27T17:54:52.000Z","dependencies_parsed_at":"2022-08-25T10:31:23.479Z","dependency_job_id":null,"html_url":"https://github.com/tim-field/graphql-wp","commit_stats":null,"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"purl":"pkg:github/tim-field/graphql-wp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tim-field%2Fgraphql-wp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tim-field%2Fgraphql-wp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tim-field%2Fgraphql-wp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tim-field%2Fgraphql-wp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tim-field","download_url":"https://codeload.github.com/tim-field/graphql-wp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tim-field%2Fgraphql-wp/sbom","scorecard":{"id":885439,"data":{"date":"2025-08-11","repo":{"name":"github.com/tim-field/graphql-wp","commit":"aa5edceb0e7f5ca2137c5a514d0f65554860f0ad"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.2,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":1,"reason":"Found 3/23 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-24T09:50:51.031Z","repository_id":51302549,"created_at":"2025-08-24T09:50:51.031Z","updated_at":"2025-08-24T09:50:51.031Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279014028,"owners_count":26085348,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-13T02:00:06.723Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["graphql","graphql-endpoint","graphql-wp","headless-cms","wordpress"],"created_at":"2024-07-31T22:00:32.049Z","updated_at":"2025-10-13T02:57:56.589Z","avatar_url":"https://github.com/tim-field.png","language":"PHP","readme":"# graphql-wp\n\nA GraphQL endpoint for WordPress that's easy to customize.\n\nThis is a WordPress Plugin that exposes a GraphQL endpoint at **/graphql**.\n\nUses this excellent [graphql-php](https://github.com/webonyx/graphql-php) library.\n\nSupports Relay Connections.\n\n## Install\n\n`composer require mohiohio/graphql-wp`\n\nIf your aren't familiar with using composer with WordPress I'd recommend using a setup like [bedrock](https://roots.io/bedrock/). Otherwise you will at the least need to [require autoload.php](https://getcomposer.org/doc/01-basic-usage.md#autoloading) for this to work.\n\n## Using\n\nThe best way to explore / develop with this is by visiting `/graphiql` after installation. This will show you the endpoints and arguments that are available. Note this will only work if you are a logged in admin user.\n\n![https://github.com/tim-field/graphql-wp/raw/master/.readme.md/graphiql.png](https://github.com/tim-field/graphql-wp/raw/master/.readme.md/graphiql.png)\n\n### wp_query\n\nThis is designed to follow WordPress' existing WP Query functions. So as a rule you can pass the same parameters as your can to [WP Query](https://codex.wordpress.org/Class_Reference/WP_Query)\\*.\n\n\\*_In reality there are a lot of params you can pass to WP_Query, and I've only implemented the ones that I've needed so far. But adding more is trivial as the arguments are just passed directly to the get_posts function, so its just a matter of defining them in the schema._\n\n```graphql\nquery example {\n  wp_query {\n    posts(first: 10) {\n      edges {\n        node {\n          title\n          name\n          terms(taxonomy: \"category\") {\n            name\n            slug\n          }\n        }\n      }\n    }\n  }\n}\n```\n\nWill give you\n\n```json\n{\n  \"data\": {\n    \"wp_query\": {\n      \"posts\": {\n        \"edges\": [\n          {\n            \"node\": {\n              \"title\": \"Dashboard\",\n              \"name\": \"hello-world\",\n              \"terms\": [\n                {\n                  \"name\": \"Uncategorized\",\n                  \"slug\": \"uncategorized\"\n                }\n              ]\n            }\n          }\n        ]\n      }\n    }\n  }\n}\n```\n\n### Post\n\nAnd of course you can get an individual post\n\n```graphql\nquery example {\n  wp_post(ID: 9) {\n    title\n    content\n    status\n  }\n}\n```\n\n### Custom Fields\n\nAny meta fields are available like so\n\n```graphql\nquery example {\n  wp_post(ID: 9) {\n    title\n    foo: meta_value(key: \"foo\")\n    bar: meta_value(key: \"bar\")\n  }\n}\n```\n\nIf you want to define your own resolver / type you can extend the field schema for a post type like so.\n\n```php\n// There is a get_{post_type}_schema call available for each post type\nadd_filter('graphql-wp/get_post_schema', function($schema) {\n\n    $schema['fields'] = function() use ($schema) {\n        // Note call to \"parent\" function here\n        return $schema['fields']() + [\n            'foo' =\u003e [\n                'type' =\u003e Type::string(),\n                'resolve' =\u003e function($post) {\n                    return get_post_meta($post-\u003eID, 'foo' ,true);\n                }\n            ],\n            'bar' =\u003e [\n                'type' =\u003e Type::string(),\n                'resolve' =\u003e function($post) {\n                    return get_post_meta($post-\u003eID, 'bar' ,true);\n                }\n            ]\n        ];\n    };\n    return $schema;\n});\n```\n\n### Custom Post Types\n\nThis is how you can add custom post types ( which have custom fields ) to a client specific plugin.\ngraphql-wp/get_post_types is a good hook for this.\nWhere `$types` is a hash of the schema we are working with, so just add new items into this and you are good to go.\n\n```php\nuse GraphQL\\Type\\Definition\\Type;\nuse Mohiohio\\GraphQLWP\\Type\\Definition\\Post;\nuse Mohiohio\\GraphQLWP\\Type\\Definition\\Attachment;\n\nclass Foo extends Post {\n\n    static function getDescription() {\n        return \"A custom post type example, for post type `foo`\";\n    }\n\n    static function getFieldSchema() {\n        return parent::getFieldSchema() + [\n            'website' =\u003e [\n                'type' =\u003e Type::string(),\n                'resolve' =\u003e function($post) {\n                    return get_post_meta($post-\u003eID,'website',true);\n                },\n            ],\n            'image' =\u003e [\n                'type' =\u003e Attachment::getInstance(),\n                'resolve' =\u003e function($post) {\n                    $attachment_id = get_post_meta($post-\u003eID,'image',true);\n                    return $attachment_id ? get_post($attachment_id) : null;\n                },\n            ]\n        ];\n    }\n}\n\nadd_filter('graphql-wp/schema-types', function($types){\n    return array_merge($types, [\n        Foo::getInstance()\n    ]);\n});\n```\n\n### In the wild\n\nhttp://www.page1management.com/\n\nhttps://www.wokexpress.co.nz/menu\n","funding_links":[],"categories":["Libraries","PHP"],"sub_categories":["PHP Libraries"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftim-field%2Fgraphql-wp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftim-field%2Fgraphql-wp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftim-field%2Fgraphql-wp/lists"}