We have rolled out initial support for GraphQL Query Batching which means an array of queries can be sent all at once.

A usual GraphQL JSON payload looks like this:

{ "query": "{ roadster { name } }" }

With query batching you now can send this:

[
  { "query": "{ roadster { name } }" },
  { "query": "{ launchesPast(limit: 5) { mission_name } }" }
]

Batched queries are analyzed at our edge locations, split into individual requests, and then handled concurrently by either the cache (if already cached) or the GraphQL backend servers configured for your service. The GraphCDN service will wait until all requests have been answered, merge the individual responses, and send them to the client.

If you are using batched queries, there is nothing for you to configure or set up. Any requests that would have been passed through to your backend servers are now being analyzed and cached by the CDN. The same cache rules and scope that apply you have already configured apply to batched queries as well.

If you have any questions or are running into issues with batched queries, please let us know at support@graphcdn.io (or via the handy chat button on your dashboard).

To make sure you stay on top of your servers, GraphCDN will now automatically send you alerts via email for any 5xx responses from your origin. For example, if your server were overloaded you might get an email like this:

----

Your service just received 7 errors in the last 60 seconds. Here is one example error:

Service Unavailable, No server is available to handle this request

You can see all the details on your dashboard.

----

We plan to expand this and make it configurable in the future, but for now this will at least let you know when something is going very wrong with your server.

At its core, the GraphCDN Edge Cache analyses GraphQL queries and computes the correct Cache-Control header for them based on your rules.

However, some origin's respond with a Cache-Control: private, no-store header by default, which would cause the Edge Cache to not cache anything, ever. To combat that and make sure the GraphCDN Edge Cache caches as expected we ignore the origin Cache-Control header by default. 

However, in some edge cases you might actually want the cache to respect it, so there is now a setting to disable "Ignore origin Cache-Control header" in the "Advanced" section of the "Cache" tab:

Today, we're excited to introduce our first (of hopefully many!) highly requested security feature.

One of the most common attacks malicious actors do to GraphQL APIs is sending deeply nested queries to overload the server and/or database. For example, imagine a CMS with a Post that has Comments:

query maliciousQuery {
  allPosts {
    comments {
      post {
        comments {
          post {
            comments {
              post {
                # ...repeat times 10000...
              }
            }
          }
        }
      }
    }
  }
}

DataLoader can prevent some of these queries from taking up too many server resources, but not all of them.

As of today, GraphCDN analyses incoming queries and blocks them if they are nested too deeply. Since GraphCDN sits at the edge, your origin server will never have to deal with these malicious queries!

You can configure your service's query depth limiting on the "Security" tab of the dashboard:

Your services API playgrounds now have a new "Cache debug sidebar":

It contains the information that was previously at the bottom of the playground (cache result, maxAge, swr) and some new information as well:

• Cache miss reason: sometimes, requests can be MISSes for reasons outside of GraphCDNs control. For example, if your origin server sends back a Set-Cookie header we cannot cache the response.
• Cache scopes: all the scopes your rules applied to the query.

You can now create, edit and delete cache rules right from your dashboard. Head to the "Cache" tab of your service and click on the "Create new rule" button to open the form to create a new rule:

You can also edit and delete existing rules by clicking on them.

As of v1.0.0 of the CLI you can push individual fields with the graphcdn push command! For example, to push a schema change run:

graphcdn push schema

This will only update the schema of your service. You can do the same thing with almost any property of your graphcdn.yml, for example:

graphcdn push rules

or

graphcdn push headers

When you run the graphcdn push command we immediately validate your configuration file to ensure it is correctly formatted.

However, the validation error messages were not as helpful as they should be. We have overhauled them in the latest release of the CLI (v0.4.3) to make sure they precisely explain the issue(s):

$ graphcdn push
Error:  Invalid graphcdn.yml:
- schema: Required
- defaultCacheControl.scope: Expected string, received number

Install the latest version of the CLI by running the npm install graphcdn@latest command in your project's directory.

Our gateway wasn't built with very large (megabytes) responses in mind, and thus would sometimes hang or even crash when lots of data was being sent through it.

As of today, we have added support for responses in the dozens of megabytes. We've also added a pass-through for responses that are too large for us to handle, so even if you're above our gateway's limit your users won't notice a thing.

On your dashboard, you will from now on see the familiar Intercom bubble in the bottom right corner. If you click on it you can start chatting with us right away:

If you have any questions about GraphCDN or your usage, you can always reach us there!