Bot releases are visible (Hide)
Published by jasonbahl over 5 years ago
show_in_graphql
during init
instead of init_graphql_request
now. This allows for get_post_types( [ 'show_in_graphql' => true ])
to work even outside the context of a GraphQL request. This is especially helpful for tools that want to know what Post Types and Taxonomies are set to show_in_graphql
.menuItems
was introduced as a regression during the v0.3.0 release. Thanks, @JosephCarrington for reporting and working through to confirm it's resolution.TypeRegistry::get_type()
was used for a not-yet registered Type.Published by jasonbahl over 5 years ago
This fixes a critical bug that was introduced by v0.3.0
There was a filter intended only to affect WP_Query calls within the GraphQL context, but it wasn't scoped properly and was affecting WP_Query calls outside of GraphQL requests, causing some funkiness in folks Dashboards.
It is recommended to update from v0.3.0 to v0.3.01 as soon as possible.
Published by jasonbahl over 5 years ago
These features required re-architecting quite a bit of the internals of the plugin. Some classes, functions and filters no longer exist, so if you had a codebase that extended WPGraphQL in any way, we recommend reading the upgrade guide.
This release had 2 primary focuses: Model Layer and DataLoader (Deferred Resolvers). These 2 features are critical to the performance and security of WPGraphQL. Below are some highlights of these features, but you can read more about them here as well.
There are also other new features and bugfixes listed below.
The role of DataLoader is to efficiently load data. It makes use of Deferred resolution of fields, allowing for the fetching of data to happen in batches. You can read more about it here and here:
The primary role of the Model Layer is to centralize access checks for objects. Some examples: a "draft" post should only be accessible to authenticated users with proper capabilities to edit posts. User email addresses should only be exposed to authenticated users with the "list_users" capability. Themes and plugins should only be accessible to authenticated users with proper capabilities as well.
Prior to this release, WPGraphQL helped expose various Types of data, but left the responsibility of controlling "Access" to the site owner by filtering field resolvers and handling Auth checks themselves.
This release puts much more responsibility on the core WPGraphQL plugin where it has a much more restrictive by default approach to exposing data. Data that a vanilla WordPress install doesn't publicly exposed is no longer publicly exposed by WPGraphQL.
Each field can be modified by filters, so if the restrictions WPGraphQL imposes are too restrictive, site owners can still adjust the restrictions to allow access to whatever they want users to have access to.
You can read a bit more about this here and here
As mentioned above, there are many breaking changes, specifically to how internal data is resolved. Below we've listed some high level breaking changes to look out for, but we recommend reading the upgrade guide for more information.
{user { id, roles { nodes { id, name } } } }
)postId
to commentOn
. The field is the ID of the Post Object that the comment should be connected to, but can be an ID of any Post Type.We had a formal security audit performed on the plugin by Simone Quatrini of Pen Test Partners. Fortunately, most of the issues reported by the audit were already being resolved by the Model Layer we had in progress at the time we received the report. Some additional issues were brought to our attention that were not on our radar and were addressed in this release. We recommend updating to this latest version to benefit from all the new features as well as the security fixes. In a week or two, we will publish more information about the security audit, but want to give folks the chance to update the plugin to the latest version before disclosing the issues that were reported.
Some of these new features were also mentioned above in Breaking Changes.
$context
from resolvers to the DataSource methods now, to take advantage of Deferred resolution.\WP_Post
or \WP_User
, etc. If you were registering fields to PostObject Types, or Term Types or User Types, or almost anything, if the object being passed as the first argument of the resolver was a core \WP_*
class instance, it will now be a WPGraphQL Model
instance. . .for example: \WP_Post
is now \WPGraphQL\Model\Post
being passed in.Published by jasonbahl over 5 years ago
TimezoneEnum
type added to the Schemagraphql_menu_item_connection_args
and graphql_menu_item_connection_query_args
filters added to the MenuItemConnectionResolver. Thanks @epeli!MenuLocationEnum
values are determined to include all locations, not just locations with a menu already assigned.Published by jasonbahl over 5 years ago
graphql_request_data
filter causing issues in GET requests. Thanks @epeli!.gitattributes
definitions to exlude files for output to packagist. Thanks @mikelking!categoryNotIn
and tagNotIn
in PostObjectConnection queries. Thanks @craigmcnamara!Access-Control-Max-Age
to the response headers to cache preflight options requests. Thanks @chriszarate!sourceUrl
on the MediaItem
Type to allow for a specific size to be selected. Thanks @hsimah!Published by jasonbahl over 5 years ago
after_execute_actions
in the Request.php classPublished by jasonbahl almost 6 years ago
graphql_request_results
can return data in a different shape than previously returned. If making use of this filter, verify it's working as expected or make appropriate changes for your use case.
do_graphql_request
action now executes after the Schema has been built. In early days this hook was used sometimes to hook in and extend the Schema. If you have anything hooked here that modifies the Schema in some way, try hooking into graphql_get_schema
instead.graphql()
function has been added as an entry point to the Request
class. Ex: $resposne = graphql([ .'query' => '{posts{edges{node{id,title}}}}' ]);
post__in
instead of menu_order
post_by_args
. Thanks @hsimah!
currentConnection
and connectionArgs
down through context to nested fields of a connection. See notes on usage here: https://github.com/wp-graphql/wp-graphql/pull/637
Published by jasonbahl almost 6 years ago
graphql_register_types
hook later in TypeRegistry::init()
to make sure all core Types (including Connections, Unions and Mutations) have all been registered and are available when extending the Schema.Published by jasonbahl almost 6 years ago
resetUserPassword
mutation – thanks @kellenmacesendPasswordResetEmail
mutation – thanks @kellenmacegraphql_input_fields
filter – thanks @chriszaratePublished by jasonbahl almost 6 years ago
Published by jasonbahl almost 6 years ago
Published by jasonbahl almost 6 years ago
Similar to WordPress core register_*
APIs, such as register_post_type
, register_taxonomy
, register_meta
, etc, WPGraphQL now has it's own register_graphql_*
API.
The following regiser_graphql_*
functions are introduced with this release:
register_graphql_type
register_graphql_object_type
register_graphql_input_type
register_graphql_enum_type
register_graphql_union_type
register_graphql_field
register_graphql_fields
register_graphql_schema
register_graphql_connection
register_graphql_mutation
deregister_graphql_field
Docs to come, but for the time being, check the source code to see how things work. Specifically TypeRegistry.php. All Types have been refactored to be registered with these new functions.
Some filters and hooks have been removed, intentionally, because they were redundant.
graphql_RootQuery_fields
filter, or could (recommended) use the new register_graphql_field
or register_graphql_fields
functions to add fields to the root.graphql_UpdatePostInput_fields
or graphql_CreatePostInput_fields
, or (recommended) use the new register_graphql_field
or register_graphql_fields
functions to add fields to the inputs.Input
in their name.Enum
in their nameUnion
in their nameregister_graphql_connection()
function, and therefore all connection types and fields have consistent naming, where before the names were a bit random
RootCommentsCommentArgs
is now RootQueryToCommentConnectionWhereArgs
(see: https://github.com/wp-graphql/wp-graphql/compare/release/v0.1.0?expand=1#diff-00fe868538645d14c1c8af8d3a19bde6)RootCategoriesTermArgs
is now RootQueryToCategoryConnectionWhereArgs
https://github.com/wp-graphql/wp-graphql/compare/release/v0.1.0?expand=1#diff-9d7db44df670461f784357a0a7e3c860L83
WPGraphQL\Data
. If you extend any of the existing resolver classes, you should be able to just update your namespace, such as changing \WPGraphQL\Type\PostObject\Connection\PostObjectConnectionResolver
to \WPGraphQL\Data\PostObjectConnectionResolver
as seen here: https://github.com/wp-graphql/wp-graphql/compare/release/v0.1.0?expand=1#diff-4232742370ce60dbe32afbf8e87e3476L382
Published by jasonbahl about 6 years ago
We were having issues with our Code Coverage reports since switching our testing to a Docker environment.
This release introduces a new Docker setup that effectively runs tests with coverage and utilizes CodeCov for coverage reports. Thanks @mngi-arogers for work on this!
Published by jasonbahl about 6 years ago
We now have a root registerUser
mutation that allows for public users to register as a user on the site. Thanks for working on this @kellenmace!
Example usage:
mutation RegisterUser {
registerUser(input: {
clientMutationId: "registerUser"
username: "newUser"
password: "password"
email: "[email protected]"
firstName: "New"
lastName: "User"
}) {
clientMutationId
user {
id
userId
username
email
firstName
lastName
}
}
}
register_initial_settings
is calledPublished by jasonbahl about 6 years ago
do_action( 'init_graphql_request' )
which fires when a GraphQL request has begun. The use of do_graphql_request
to trigger some actions in certain contexts was causing errors.Running composer validate
presented some suggestions to adjust. This PR adjusts them.
Published by jasonbahl about 6 years ago
register_initial_settings
and setup_types
occur to make sure core post_types are fully setup before building the Schema.wp graphql generate-static-schema
cli command to define the request as a GRAPHQL_REQUEST
and run actions do_graphql_request
and graphql_get_schema
DataSource::resolve_post_object()
method run setup_postdata()
to make sure the Post is passing proper context down to it's resolvable fields.Published by jasonbahl about 6 years ago
userRole
and userRoles
query GetUserRoles {
userRoles {
edges {
node {
name
id
}
}
}
}
createComment
, deleteComment
, updateComment
, restoreComment
menu
, menus
, menuItem
, menuItems
query GetMenuItems {
menuItems {
edges {
node {
menuItemId
connectedObject {
... on Post {
title
postId
}
... on Category {
name
categoryId
}
}
}
}
}
}
docker-compose.dev.yml
file with further instructions outlined on usage..gitignore
to ignore .vscode
files and phpunit.xml
bin/install-wp-tests.sh
to allow for overriding the $DB_USER
when setting up tests$request
variables not working right in one of the hooksapply_filters( 'the_title' )
being applied incorrectlysourceUrl
not properly being returned when querying for sizes
on a mediaItem
graphql_init
a pluggable function allowing for it to be initialized externally once only for themes/plugins that include it in their codebasegraphql_type_config
in favor of graphql_wp_object_type_config
graphql_comment_author_union_possible_types
in favor of the centralized filter graphql_wp_union_type_config
in the new WPUnionTypegraphql_post_object_union_possible_types
in favor of the centralized filter graphql_wp_union_type_config
in the new WPUnionTypegraphql_term_object_union_possible_types
in favor of the centralized filter graphql_wp_union_type_config
in the new WPUnionTypeThanks for contributing to this release @chriszarate @CodeProKid @ElisaMassafra @timhanlon @natewoodbridge @jmlallier @kidunot89!
Published by jasonbahl over 6 years ago
Published by jasonbahl over 6 years ago
graphql_access_control_allow_headers
filterstati
arg to PostObjectConnectionArgsin
, notIn
and parentIn
Published by jasonbahl over 6 years ago