ASGI support for the Tartiflette GraphQL engine

Overview
tartiflette-asgi logo

Build status Package version Code style

tartiflette-asgi is a wrapper that provides ASGI support for the Tartiflette Python GraphQL engine.

It is ideal for serving a GraphQL API over HTTP, or adding a GraphQL API endpoint to an existing ASGI application (e.g. FastAPI, Starlette, Quart, etc).

Full documentation is available at: https://tartiflette.github.io/tartiflette-asgi

Requirements

tartiflette-asgi is compatible with:

  • Python 3.6, 3.7 or 3.8.
  • Tartiflette 1.x.

Quickstart

First, install Tartiflette's external dependencies, as explained in the Tartiflette tutorial.

Then, you can install Tartiflette and tartiflette-asgi using pip:

pip install tartiflette "tartiflette-asgi==0.*"

You'll also need an ASGI web server. We'll use Uvicorn here:

pip install uvicorn

Create an application that exposes a TartifletteApp instance:

from tartiflette import Resolver
from tartiflette_asgi import TartifletteApp

@Resolver("Query.hello")
async def hello(parent, args, context, info):
    name = args["name"]
    return f"Hello, {name}!"

sdl = "type Query { hello(name: String): String }"
app = TartifletteApp(sdl=sdl, path="/graphql")

Save this file as graphql.py, then start the server:

uvicorn graphql:app

Make an HTTP request containing a GraphQL query:

curl http://localhost:8000/graphql -d '{ hello(name: "Chuck") }' -H "Content-Type: application/graphql"

You should get the following JSON response:

{ "data": { "hello": "Hello, Chuck!" } }

To learn more about using tartiflette-asgi, head to the documentation: https://tartiflette.github.io/tartiflette-asgi

Contributing

Want to contribute? Awesome! Be sure to read our Contributing guidelines.

Changelog

Changes to this project are recorded in the changelog.

License

MIT

Comments
  • `tartiflette-starlette` vs `tartiflette-aiohttp`

    `tartiflette-starlette` vs `tartiflette-aiohttp`

    Both tartiflette-starlette and tartiflette-aiohttp pursue the same goal: provide an HTTP transport layer for Tartiflette.

    Currently, the Tartiflette docs and repo officially recommend tartiflette-aiohttp.

    While I think tartiflette-aiohttp is pretty cool, I have some doubts about its potential as far as integrating into other systems. It seems to me aiohttp applications are "proprietary" and don't rely on a widely accepted standard (maybe I'm wrong, please correct me if that's the case). On the other hand, ASGI is now a standard — it's used everywhere in the Python async web ecosystem and it allows libraries to integrate with one another using a single unified language.

    For this reason, I would be fine with (if not in favor of) gradually shifting to tartiflette-starlette as the official recommendation for Tartiflette-over-HTTP — once it reaches a stable enough state.

    If we were to do this, I think we should reconsider the decision we took to rename it from tartiflette-asgi (see #4). IMO this name (tartiflette-asgi) better reflects why this library was built and why users would want to use it, instead of how it achieves that goal (i.e. using Starlette).

    @tsunammis @abusi Happy to discuss this with you!

    question 
    opened by florimondmanca 11
  • Tartiflette 0.12 compatibility

    Tartiflette 0.12 compatibility

    Problem description

    Note: tartiflette-starlette is currently pinned to tartiflette<0.11.

    I noticed that Tartiflette 0.11 was out, and there are a few changes.

    The major one I see is that engine creation is now asynchronous and must be done via create_engine().

    This means that the current engine parameter to TartifletteApp() isn't appropriate anymore, because we can't create a raw Engine anymore (at least not in a sync context which is typically where the app is registered).

    Alternatives

    First, options previously delegated to Engine must now be handled by TartifletteApp. This can be done in two ways:

    1. Create new keyword parameters on TartifletteApp (similar to what tartiflette-aiohttp currently does things), store them and then pass them to create_engine().
    2. Provide an Engine helper and pass its kwargs down to create_engine().

    Supported keyword arguments should be at least sdl, schema_name and modules (IMO). Supporting all those supported by create_engine() would be best.

    I personally prefer 2) because it keeps things organized and is more explicit/IDE-friendly.

    Next, we're going to have to defer engine creation/"cooking" to when the app starts up. This can be implemented with Starlette's Lifespan helper.

    Additional context

    enhancement maintenance dependencies 
    opened by florimondmanca 8
  • Documentation site

    Documentation site

    All documentation for this package currently lives in the README of this repo. I think it's okay, but READMEs tend to be hard to read and navigate as soon as you have more than an installation/quickstart/learn more structure.

    I'm considering building a simple docs site with MkDocs. It recently acquired autodoc features, which I think is an extra nice thing to have/try out.

    We can setup MkDocs independently, and then see if we add the current docs or review them first before deploying the new docs site.

    The only unknown here is hosting. GitHub Pages seems like a sensible solution (in particular because MkDocs has built-in support for deploying to GitHub Pages).

    @tsunammis / @abusi Are we OK with hosting the docs site at https://tartiflette.github.io/tartiflette-asgi? I don't think there's any setup or steps required on your side, just making sure the Tartiflette org doesn't already have a docs hosting solution in place.

    docs 
    opened by florimondmanca 7
  • issues running example

    issues running example

    I am trying to get the example set up in react-example, but am running into some issues.

    When running the example tartiflette app, I get:

    >> uvicorn server.asgi:app --reload
    INFO: Uvicorn running on http://127.0.0.1:8000 (Press CTRL+C to quit)
    INFO: Started reloader process [13587]
    Process SpawnProcess-1:
    Traceback (most recent call last):
      File "/usr/lib/python3.7/multiprocessing/process.py", line 297, in _bootstrap
        self.run()
      File "/usr/lib/python3.7/multiprocessing/process.py", line 99, in run
        self._target(*self._args, **self._kwargs)
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/uvicorn/main.py", line 304, in run
        loop.run_until_complete(self.serve(sockets=sockets))
      File "uvloop/loop.pyx", line 1451, in uvloop.loop.Loop.run_until_complete
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/uvicorn/main.py", line 311, in serve
        config.load()
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/uvicorn/config.py", line 179, in load
        self.loaded_app = import_from_string(self.app)
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/uvicorn/importer.py", line 20, in import_from_string
        module = importlib.import_module(module_str)
      File "/usr/lib/python3.7/importlib/__init__.py", line 127, in import_module
        return _bootstrap._gcd_import(name[level:], package, level)
      File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
      File "<frozen importlib._bootstrap>", line 983, in _find_and_load
      File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
      File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
      File "<frozen importlib._bootstrap_external>", line 728, in exec_module
      File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
      File "./server/asgi.py", line 2, in <module>
        from .app import app
      File "./server/app.py", line 3, in <module>
        from tartiflette_starlette import TartifletteApp
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/tartiflette_starlette/__init__.py", line 1, in <module>
        from .app import TartifletteApp
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/tartiflette_starlette/app.py", line 5, in <module>
        from .graphql import GraphQLHandler
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/tartiflette_starlette/graphql.py", line 18, in <module>
        with open(os.path.join(CURDIR, "graphiql.html")) as tpl_file:
    FileNotFoundError: [Errno 2] No such file or directory: '/home/csmith/git/react-example/venv/lib/python3.7/site-packages/tartiflette_starlette/graphiql.html'
    
    

    I add the graphiql.html file by copying and pasting its contents.

    Then I get:

    >> uvicorn server.asgi:app --reload
    INFO: Uvicorn running on http://127.0.0.1:8000 (Press CTRL+C to quit)
    INFO: Started reloader process [13898]
    Process SpawnProcess-1:
    Traceback (most recent call last):
      File "/usr/lib/python3.7/multiprocessing/process.py", line 297, in _bootstrap
        self.run()
      File "/usr/lib/python3.7/multiprocessing/process.py", line 99, in run
        self._target(*self._args, **self._kwargs)
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/uvicorn/main.py", line 304, in run
        loop.run_until_complete(self.serve(sockets=sockets))
      File "uvloop/loop.pyx", line 1451, in uvloop.loop.Loop.run_until_complete
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/uvicorn/main.py", line 311, in serve
        config.load()
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/uvicorn/config.py", line 179, in load
        self.loaded_app = import_from_string(self.app)
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/uvicorn/importer.py", line 20, in import_from_string
        module = importlib.import_module(module_str)
      File "/usr/lib/python3.7/importlib/__init__.py", line 127, in import_module
        return _bootstrap._gcd_import(name[level:], package, level)
      File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
      File "<frozen importlib._bootstrap>", line 983, in _find_and_load
      File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
      File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
      File "<frozen importlib._bootstrap_external>", line 728, in exec_module
      File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
      File "./server/asgi.py", line 5, in <module>
        configure(app, settings)
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/bocadillo/config.py", line 102, in configure
        plugin(app)
      File "/home/csmith/git/react-example/venv/lib/python3.7/site-packages/bocadillo/plugins.py", line 46, in use_providers
        app.on("startup", STORE.enter_session)
    AttributeError: 'TartifletteApp' object has no attribute 'on'
    INFO: Stopping reloader process [13898]
    

    Output of pip freeze:

    aiodine==1.2.5
    bocadillo==0.15.0
    certifi==2019.3.9
    cffi==1.12.3
    chardet==3.0.4
    Click==7.0
    h11==0.8.1
    httptools==0.0.13
    idna==2.8
    Jinja2==2.10.1
    lark-parser==0.6.4
    MarkupSafe==1.1.1
    pkg-resources==0.0.0
    pycparser==2.19
    python-multipart==0.0.5
    pytz==2019.1
    requests==2.21.0
    six==1.12.0
    starlette==0.12.0b3
    tartiflette==0.8.9
    tartiflette-starlette==0.1.0
    typesystem==0.2.2
    urllib3==1.24.2
    uvicorn==0.7.0
    uvloop==0.12.2
    websockets==7.0
    whitenoise==4.1.2
    
    bug 
    opened by cs01 7
  • Release 0.11.0

    Release 0.11.0

    0.11.0 - 2021-08-27

    Added

    • Add official compatibility with Tartiflette 1.4.x. (Pull #153)

    Changed

    • Update dependency on Starlette to 0.16.*. (Pull #154)
    • Refactor internal subscription streams (Pull #156)
    • Update httpx requirement to 0.19.* (Pull #159)
    opened by aljinovic 6
  • Adapt Starlette doc usage according starlette v13

    Adapt Starlette doc usage according starlette v13

    opened by petrus-v 6
  • Incompatibility with Starlette 0.13

    Incompatibility with Starlette 0.13

    As demonstrated by #99, Starlette 0.13 was recently released and contains changes that break compatibility with tartiflette-asgi.

    In particular, the (undocumented) Lifespan component was removed from starlette.routing, and the corresponding features were merged into Router, e.g. router.add_event_handler(...). (See: https://github.com/encode/starlette/pull/704)

    We already use Router internally, so the fix would be to use the new methods on Router instead of the Lifespan component.

    We could maintain backwards-compatibility with Starlette 0.12, but I'm not really for it (these are alpha/beta times, users should expect things to break).

    So let's fix this and release in the next minor version. :+1:

    bug good first issue dependencies 
    opened by florimondmanca 5
  • Internal Server Error when receiving invalid JSON.

    Internal Server Error when receiving invalid JSON.

    When receiving invalid JSON and content type is "application/json" tartiflette-starlette returns a 500. This catches decode errors and now returns a 400.

    opened by AutumnalDream 5
  • Graphiql broken in quickstart tutorial

    Graphiql broken in quickstart tutorial

    Following the quickstart guide and navigating to http://localhost:8000 results in Graphiql crashing - it gets stuck on "Loading". The javascript error is as follows:

    Uncaught DOMException: Failed to construct 'WebSocket': The URL 'ws://localhost:8000None' is invalid.
        at SubscriptionClient.connect (https://cdn.jsdelivr.net/npm/[email protected]/browser/client.js:1571:23)
        at new SubscriptionClient (https://cdn.jsdelivr.net/npm/[email protected]/browser/client.js:1314:18)
        at http://localhost:8000/:150:35
    
    bug good first issue 
    opened by mikeyjkmo 5
  • Add support for starlette 0.16

    Add support for starlette 0.16

    Closed #157

    Update requirements to support starlette 1.6. Type checks are failing, but are resolved in #150.

    Minor adjustment required for test, due to the starlette 1.5 release: https://github.com/encode/starlette/releases/tag/0.15.0

    TestClient.websocket_connect() now must be used as a context manager.

    opened by siopaonow 4
  • Update tartiflette requirement from <1.3,>=1.0 to >=1.0,<1.4

    Update tartiflette requirement from <1.3,>=1.0 to >=1.0,<1.4

    Updates the requirements on tartiflette to permit the latest version.

    Release notes

    Sourced from tartiflette's releases.

    1.3.0

    [1.3.0] - 2020-12-08

    Added

    • Setup a CodeQL analysis Github Action
    • ISSUE-457 - Add a coerce_list_concurrently parameter to create_engine, Engine.__init__ & Engine.cook to control whether or not output list should be coerced concurrently
    • ISSUE-457 - Add a concurrently parameter to both @Resolver & @Subscription in order to control whether or not the output list of the decorated field should be coerced concurrently

    Fixed

    • Fix link issue on 1.2.0 changelog (thanks @mkniewallner)
    • Fix year reference for 1.2.0 changelog (thanks @garyd203)
    • Improve documentation (thanks @dkbarn)
    • Fix README.md typo (thanks @mazzi)
    • Add clarification on the breaking change on output list coercion introduced with the 1.2.0 version (thanks @garyd203)
    • ISSUE-457 - Output list are now coerced concurrently by default (breaking the change made on 1.2.0)

    Changed

    • Upgrade black from 19.10b0 to 20.8b1
    • Upgrade isort from 4.3.21 to 5.6.4
    • Upgrade lark-parser from 0.8.5 to 0.11.1
    • Upgrade pylint from 2.5.2 to 2.6.0
    • Upgrade pytest-asyncio from 0.12.0 to 0.14.0
    • Upgrade pytest-cov from 2.8.1 to 2.10.1
    • Upgrade pytest-xdist from 1.32.0 to 2.1.0
    • Upgrade pytest from 5.4.1 to 6.1.2
    Changelog

    Sourced from tartiflette's changelog.

    Tartiflette Changelog

    All notable changes to this project will be documented in this file.

    The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

    [Unreleased]

    [Released]

    Commits
    • 20cb0d6 Merge pull request #460 from tartiflette/mra/release-1.3.0
    • 0bea41e chore(setup): bump package version and update changelogs
    • 2b544b1 doc: update the documentation to reflect changes made on output list coerce
    • b6f37d0 Merge pull request #459 from tartiflette/dependabot/pip/lark-parser-0.11.1
    • 397feb5 Merge pull request #458 from tartiflette/ISSUE-457
    • 4a86953 feat(coercer): handle list sequentially/concurrently coerced at engine level
    • ca81a38 chore(deps): bump lark-parser from 0.10.1 to 0.11.1
    • 2a1142a feat(coercer): handle list sequentially/concurrently coerced at decorators level
    • fcdefb3 Merge pull request #455 from tartiflette/dependabot/pip/pytest-6.1.2
    • f2bfcd5 chore(deps-dev): bump pytest from 6.1.0 to 6.1.2
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 4
  • Bump black from 22.3.0 to 22.12.0

    Bump black from 22.3.0 to 22.12.0

    Bumps black from 22.3.0 to 22.12.0.

    Release notes

    Sourced from black's releases.

    22.12.0

    Preview style

    • Enforce empty lines before classes and functions with sticky leading comments (#3302)
    • Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)
    • Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)
    • Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)

    Configuration

    • Fix incorrectly applied .gitignore rules by considering the .gitignore location and the relative path to the target file (#3338)
    • Fix incorrectly ignoring .gitignore presence when more than one source directory is specified (#3336)

    Parser

    • Parsing support has been added for walruses inside generator expression that are passed as function args (for example, any(match := my_re.match(text) for text in texts)) (#3327).

    Integrations

    • Vim plugin: Optionally allow using the system installation of Black via let g:black_use_virtualenv = 0(#3309)

    22.10.0

    Highlights

    • Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be supported until further notice.

    Stable style

    • Fix a crash when # fmt: on is used on a different block level than # fmt: off (#3281)

    Preview style

    ... (truncated)

    Changelog

    Sourced from black's changelog.

    22.12.0

    Preview style

    • Enforce empty lines before classes and functions with sticky leading comments (#3302)
    • Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)
    • Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)
    • Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)

    Configuration

    • Fix incorrectly applied .gitignore rules by considering the .gitignore location and the relative path to the target file (#3338)
    • Fix incorrectly ignoring .gitignore presence when more than one source directory is specified (#3336)

    Parser

    • Parsing support has been added for walruses inside generator expression that are passed as function args (for example, any(match := my_re.match(text) for text in texts)) (#3327).

    Integrations

    • Vim plugin: Optionally allow using the system installation of Black via let g:black_use_virtualenv = 0(#3309)

    22.10.0

    Highlights

    • Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be supported until further notice.

    Stable style

    • Fix a crash when # fmt: on is used on a different block level than # fmt: off (#3281)

    ... (truncated)

    Commits
    • 2ddea29 Prepare release 22.12.0 (#3413)
    • 5b1443a release: skip bad macos wheels for now (#3411)
    • 9ace064 Bump peter-evans/find-comment from 2.0.1 to 2.1.0 (#3404)
    • 19c5fe4 Fix CI with latest flake8-bugbear (#3412)
    • d4a8564 Bump sphinx-copybutton from 0.5.0 to 0.5.1 in /docs (#3390)
    • 2793249 Wordsmith current_style.md (#3383)
    • d97b789 Remove whitespaces of whitespace-only files (#3348)
    • c23a5c1 Clarify that Black runs with --safe by default (#3378)
    • 8091b25 Correctly handle trailing commas that are inside a line's leading non-nested ...
    • ffaaf48 Compare each .gitignore found with an appropiate relative path (#3338)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Add CodeQL workflow for GitHub code scanning

    Add CodeQL workflow for GitHub code scanning

    Hi tartiflette/tartiflette-asgi!

    This is a one-off automatically generated pull request from LGTM.com :robot:. You might have heard that we’ve integrated LGTM’s underlying CodeQL analysis engine natively into GitHub. The result is GitHub code scanning!

    With LGTM fully integrated into code scanning, we are focused on improving CodeQL within the native GitHub code scanning experience. In order to take advantage of current and future improvements to our analysis capabilities, we suggest you enable code scanning on your repository. Please take a look at our blog post for more information.

    This pull request enables code scanning by adding an auto-generated codeql.yml workflow file for GitHub Actions to your repository — take a look! We tested it before opening this pull request, so all should be working :heavy_check_mark:. In fact, you might already have seen some alerts appear on this pull request!

    Where needed and if possible, we’ve adjusted the configuration to the needs of your particular repository. But of course, you should feel free to tweak it further! Check this page for detailed documentation.

    Questions? Check out the FAQ below!

    FAQ

    Click here to expand the FAQ section

    How often will the code scanning analysis run?

    By default, code scanning will trigger a scan with the CodeQL engine on the following events:

    • On every pull request — to flag up potential security problems for you to investigate before merging a PR.
    • On every push to your default branch and other protected branches — this keeps the analysis results on your repository’s Security tab up to date.
    • Once a week at a fixed time — to make sure you benefit from the latest updated security analysis even when no code was committed or PRs were opened.

    What will this cost?

    Nothing! The CodeQL engine will run inside GitHub Actions, making use of your unlimited free compute minutes for public repositories.

    What types of problems does CodeQL find?

    The CodeQL engine that powers GitHub code scanning is the exact same engine that powers LGTM.com. The exact set of rules has been tweaked slightly, but you should see almost exactly the same types of alerts as you were used to on LGTM.com: we’ve enabled the security-and-quality query suite for you.

    How do I upgrade my CodeQL engine?

    No need! New versions of the CodeQL analysis are constantly deployed on GitHub.com; your repository will automatically benefit from the most recently released version.

    The analysis doesn’t seem to be working

    If you get an error in GitHub Actions that indicates that CodeQL wasn’t able to analyze your code, please follow the instructions here to debug the analysis.

    How do I disable LGTM.com?

    If you have LGTM’s automatic pull request analysis enabled, then you can follow these steps to disable the LGTM pull request analysis. You don’t actually need to remove your repository from LGTM.com; it will automatically be removed in the next few months as part of the deprecation of LGTM.com (more info here).

    Which source code hosting platforms does code scanning support?

    GitHub code scanning is deeply integrated within GitHub itself. If you’d like to scan source code that is hosted elsewhere, we suggest that you create a mirror of that code on GitHub.

    How do I know this PR is legitimate?

    This PR is filed by the official LGTM.com GitHub App, in line with the deprecation timeline that was announced on the official GitHub Blog. The proposed GitHub Action workflow uses the official open source GitHub CodeQL Action. If you have any other questions or concerns, please join the discussion here in the official GitHub community!

    I have another question / how do I get in touch?

    Please join the discussion here to ask further questions and send us suggestions!

    opened by lgtm-com[bot] 0
  • Update httpx requirement from ==0.21.* to ==0.23.*

    Update httpx requirement from ==0.21.* to ==0.23.*

    Updates the requirements on httpx to permit the latest version.

    Release notes

    Sourced from httpx's releases.

    Version 0.23.0

    0.23.0 (23rd May, 2022)

    Changed

    • Drop support for Python 3.6. (#2097)
    • Use utf-8 as the default character set, instead of falling back to charset-normalizer for auto-detection. To enable automatic character set detection, see the documentation. (#2165)

    Fixed

    • Fix URL.copy_with for some oddly formed URL cases. (#2185)
    • Digest authentication should use case-insensitive comparison for determining which algorithm is being used. (#2204)
    • Fix console markup escaping in command line client. (#1866)
    • When files are used in multipart upload, ensure we always seek to the start of the file. (#2065)
    • Ensure that iter_bytes never yields zero-length chunks. (#2068)
    • Preserve Authorization header for redirects that are to the same origin, but are an http-to-https upgrade. (#2074)
    • When responses have binary output, don't print the output to the console in the command line client. Use output like <16086 bytes of binary data> instead. (#2076)
    • Fix display of --proxies argument in the command line client help. (#2125)
    • Close responses when task cancellations occur during stream reading. (#2156)
    • Fix type error on accessing .request on HTTPError exceptions. (#2158)
    Changelog

    Sourced from httpx's changelog.

    0.23.0 (23rd May, 2022)

    Changed

    • Drop support for Python 3.6. (#2097)
    • Use utf-8 as the default character set, instead of falling back to charset-normalizer for auto-detection. To enable automatic character set detection, see the documentation. (#2165)

    Fixed

    • Fix URL.copy_with for some oddly formed URL cases. (#2185)
    • Digest authentication should use case-insensitive comparison for determining which algorithm is being used. (#2204)
    • Fix console markup escaping in command line client. (#1866)
    • When files are used in multipart upload, ensure we always seek to the start of the file. (#2065)
    • Ensure that iter_bytes never yields zero-length chunks. (#2068)
    • Preserve Authorization header for redirects that are to the same origin, but are an http-to-https upgrade. (#2074)
    • When responses have binary output, don't print the output to the console in the command line client. Use output like <16086 bytes of binary data> instead. (#2076)
    • Fix display of --proxies argument in the command line client help. (#2125)
    • Close responses when task cancellations occur during stream reading. (#2156)
    • Fix type error on accessing .request on HTTPError exceptions. (#2158)

    0.22.0 (26th January, 2022)

    Added

    Fixed

    • Don't perform unreliable close/warning on __del__ with unclosed clients. (#2026)
    • Fix Headers.update(...) to correctly handle repeated headers (#2038)

    0.21.3 (6th January, 2022)

    Fixed

    • Fix streaming uploads using SyncByteStream or AsyncByteStream. Regression in 0.21.2. (#2016)

    0.21.2 (5th January, 2022)

    Fixed

    • HTTP/2 support for tunnelled proxy cases. (#2009)
    • Improved the speed of large file uploads. (#1948)

    0.21.1 (16th November, 2021)

    Fixed

    • The response.url property is now correctly annotated as URL, instead of Optional[URL]. (#1940)

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • aclose() exception in Uvicorn when subscription running

    aclose() exception in Uvicorn when subscription running

    After less than 30 seconds of subscribing the Tartiflette ASGI implementation blows up with an exception.

    I see this both with Altair and with a simple Python graphql_client-based client, so pretty sure this is Tartiflette not the client. The platform is Ubuntu focal, Python 3.8.12, with:

    • tartiflette==1.4.1
    • tartiflette-asgi==0.11.0
    • uvicorn==0.15.0
    • websockets==9.1

    Note same issue also observed with uvicorn 0.17.0-post1 and websockets 10.1, though the error recovery appears a bit more graceful with the newer versions.

    This is quite critical for us as our backend is all based on Tartiflette, and I cannot switch to another GraphQL server implementation due to core library conflicts with another major library in our stack.

    2022-01-26 20:48:51,050 [Thread-7] - uvicorn.error - ERROR - Exception in ASGI application
    Traceback (most recent call last):
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/uvicorn/protocols/websockets/websockets_impl.py", line 203, in run_asgi
        result = await self.app(self.scope, self.asgi_receive, self.asgi_send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__
        return await self.app(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette/applications.py", line 112, in __call__
        await self.middleware_stack(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette/middleware/errors.py", line 146, in __call__
        await self.app(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette_exporter/middleware.py", line 101, in __call__
        await self.app(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette/exceptions.py", line 58, in __call__
        await self.app(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette/routing.py", line 656, in __call__
        await route.handle(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette/routing.py", line 408, in handle
        await self.app(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/tartiflette_asgi/_app.py", line 90, in __call__
        await self.app(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/tartiflette_asgi/_middleware.py", line 14, in __call__
        await self.app(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette/routing.py", line 656, in __call__
        await route.handle(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette/routing.py", line 315, in handle
        await self.app(scope, receive, send)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/starlette/endpoints.py", line 76, in dispatch
        await self.on_disconnect(websocket, close_code)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/tartiflette_asgi/_endpoints.py", line 116, in on_disconnect
        await self.protocol.on_disconnect(close_code)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/tartiflette_asgi/_subscriptions/impl.py", line 25, in on_disconnect
        await super().on_disconnect(close_code)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/tartiflette_asgi/_subscriptions/protocol.py", line 164, in on_disconnect
        await self._unsubscribe(opid)
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/tartiflette_asgi/_subscriptions/protocol.py", line 101, in _unsubscribe
        await subscription.aclose()
      File "/workspaces/serenity.core/venv/lib/python3.8/site-packages/tartiflette_asgi/_subscriptions/protocol.py", line 36, in aclose
        await self._agen.aclose()
    RuntimeError: aclose(): asynchronous generator is already running
    
    opened by kdowney-cloudwallcapital 0
  • Update pyee requirement from <8,>=6 to >=6,<10

    Update pyee requirement from <8,>=6 to >=6,<10

    Updates the requirements on pyee to permit the latest version.

    Changelog

    Sourced from pyee's changelog.

    2022/01/18 Version 9.0.3

    • Improve type safety of EventEmitter#on, EventEmitter#add_listener and EventEmitter#listens_to by parameterizing the Handler
    • Minor fixes to documentation

    2022/01/17 Version 9.0.2

    • Add tests_require to setup.py, fixing COPR build
    • Install as an editable package in environment.yml and requirements_docs.txt, fixing Conda workflows and ReadTheDocs respectively

    2022/01/17 Version 9.0.1

    • Fix regression where EventEmitter#listeners began crashing when called with uninitialized listeners

    2022/01/17 Version 9.0.0

    Compatibility:

    • Drop 3.6 support

    New features:

    • New EventEmitter.event_names() method (see PR #96)
    • Type annotations and type checking with pyright
    • Exprimental pyee.cls module exposing an @evented class decorator and a @on method decorator (see PR #84)

    Moved/deprecated interfaces:

    • pyee.TwistedEventEmitter -> pyee.twisted.TwistedEventEmitter
    • pyee.AsyncIOEventEmitter -> pyee.asyncio.AsyncIOEventEmitter
    • pyee.ExecutorEventEmitter -> pyee.executor.ExecutorEventEmitter
    • pyee.TrioEventEmitter -> pyee.trio.TrioEventEmitter

    Removed interfaces:

    • pyee.CompatEventEmitter

    Documentation fixes:

    • Add docstring to BaseEventEmitter
    • Update docstrings to reference EventEmitter instead of BaseEventEmitter

    ... (truncated)

    Commits
    • 94a6d54 Release 9.0.3
    • d009957 Add a type parameter for Handler in on/add_listener/listens_to (#107)
    • 8fc4276 Docs fixes
    • 777bf44 Release 9.0.2
    • f5c9312 Add tests_require field (might fix COPR build?)
    • 4d67d8a Minor fixes to environment.yml
    • b5df2d3 Make RTD install pyee itself
    • 1abfc06 Release 9.0.1
    • 794a201 fix: EventEmitter.listeners() should not throw on unknown listeners (#104)
    • aee3da9 Add requirements_docs.txt file for RTDs benefit
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Add support for GraphQL Multipart Uploads

    Add support for GraphQL Multipart Uploads

    Wondering if it would be in the scope of this library support for GraphQL Multipart Uploads as per: https://github.com/jaydenseric/graphql-multipart-request-spec? More than happy to give writing an implementation a go and submittined a PR.

    Reference Python implementations:

    • https://github.com/strawberry-graphql/strawberry
    • https://github.com/lmcgartland/graphene-file-upload
    enhancement 
    opened by siopaonow 5
Releases(0.12.0)
Owner
tartiflette
GraphQL Python Engine built for python 3.6+, by dailymotion
tartiflette
ASGI support for the Tartiflette GraphQL engine

tartiflette-asgi is a wrapper that provides ASGI support for the Tartiflette Python GraphQL engine. It is ideal for serving a GraphQL API over HTTP, o

tartiflette 99 Dec 27, 2022
ASGI support for the Tartiflette GraphQL engine

tartiflette-asgi is a wrapper that provides ASGI support for the Tartiflette Python GraphQL engine. It is ideal for serving a GraphQL API over HTTP, o

tartiflette 99 Dec 27, 2022
A Python 3.6+ port of the GraphQL.js reference implementation of GraphQL.

GraphQL-core 3 GraphQL-core 3 is a Python 3.6+ port of GraphQL.js, the JavaScript reference implementation for GraphQL, a query language for APIs crea

GraphQL Python 458 Dec 13, 2022
GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations

BatchQL BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is not complex, and

Assetnote 267 Dec 24, 2022
This is a graphql api build using ariadne python that serves a graphql-endpoint at port 3002 to perform language translation and identification using deep learning in python pytorch.

Language Translation and Identification this machine/deep learning api that will be served as a graphql-api using ariadne, to perform the following ta

crispengari 2 Dec 30, 2021
A Django GraphQL Starter that uses graphene and graphene_django to interface GraphQL.

Django GraphQL Starter GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data... According to the doc

0101 Solutions 1 Jan 10, 2022
MGE-GraphQL is a Python library for building GraphQL mutations fast and easily

MGE-GraphQL Introduction MGE-GraphQL is a Python library for building GraphQL mutations fast and easily. Data Validations: A similar data validation w

MGE Software 4 Apr 23, 2022
GraphQL is a query language and execution engine tied to any backend service.

GraphQL The GraphQL specification is edited in the markdown files found in /spec the latest release of which is published at https://graphql.github.io

GraphQL 14k Jan 1, 2023
GraphQL Engine built with Python 3.6+ / asyncio

Tartiflette is a GraphQL Server implementation built with Python 3.6+. Summary Motivation Status Usage Installation Installation dependencies Tartifle

tartiflette 839 Dec 31, 2022
graphw00f is Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

graphw00f - GraphQL Server Fingerprinting graphw00f (inspired by wafw00f) is the GraphQL fingerprinting tool for GQL endpoints. Table of Contents How

Dolev Farhi 282 Jan 4, 2023
Adds GraphQL support to your Flask application.

Flask-GraphQL Adds GraphQL support to your Flask application. Usage Just use the GraphQLView view from flask_graphql from flask import Flask from flas

GraphQL Python 1.3k Dec 31, 2022
Support for Apollo's Automatic Persisted Queries in Strawberry GraphQL 🍓

strawberry-apollo-apq Supporting Apollo's automatic persisted queries in Strawberry GraphQL ?? Notes Don't use this for production yet, unless you kno

Bas 3 May 17, 2022
GraphQL framework for Python

Graphene ?? Join the community on Slack We are looking for contributors! Please check the ROADMAP to see how you can help ❤️ The below readme is the d

GraphQL Python 7.5k Jan 1, 2023
GraphQL framework for Python

Graphene ?? Join the community on Slack We are looking for contributors! Please check the ROADMAP to see how you can help ❤️ The below readme is the d

GraphQL Python 7.5k Jan 1, 2023
Integrate GraphQL into your Django project.

Graphene-Django A Django integration for Graphene. ?? Join the community on Slack Documentation Visit the documentation to get started! Quickstart For

GraphQL Python 4k Dec 31, 2022
Ariadne is a Python library for implementing GraphQL servers using schema-first approach.

Ariadne Ariadne is a Python library for implementing GraphQL servers. Schema-first: Ariadne enables Python developers to use schema-first approach to

Mirumee Labs 1.9k Jan 1, 2023
A library to help construct a graphql-py server supporting react-relay

Relay Library for GraphQL Python GraphQL-relay-py is the Relay library for GraphQL-core. It allows the easy creation of Relay-compliant servers using

GraphQL Python 143 Nov 15, 2022
Django registration and authentication with GraphQL.

Django GraphQL Auth Django registration and authentication with GraphQL. Demo About Abstract all the basic logic of handling user accounts out of your

pedrobern 301 Dec 9, 2022
A new GraphQL library for Python 🍓

Strawberry GraphQL Python GraphQL library based on dataclasses Installation ( Quick Start ) The quick start method provides a server and CLI to get go

Strawberry GraphQL 2.8k Jan 1, 2023