December 8 - 9, 2022
GraphQL Galaxy
Online
GraphQL Galaxy 2022

The biggest GraphQL conference in the cloud

16 min
Step aside resolvers: a new approach to GraphQL execution
Though GraphQL is declarative, resolvers operate field-by-field, layer-by-layer, often resulting in unnecessary work for your business logic even when using techniques such as DataLoader. In this talk, Benjie will introduce his vision for a new general-purpose GraphQL execution strategy whose holistic approach could lead to significant efficiency and scalability gains for all GraphQL APIs.
31 min
Your GraphQL Groove
Building with GraphQL for the first time can be anywhere between daunting and easy-peasy. Understanding which features to look for in your client-side and server-side tooling and getting into the right habits (and ridding yourself of old habits) is the key to succeed with a team of any size in GraphQL.

This talk gives an overview of common struggles I've seen numerous teams have when building with GraphQL, how they got around common sources of frustration, and the mindset they eventually adopted, and lessons learned, so you can confidently stick with and adopt GraphQL!
22 min
Handling Breaking Changes in GraphQL
Top Content
Requirements change, but API contracts are forever - I wish! A breaking change is something that is not backwards compatible. This means that a consumer of your API would not be able to use the new version without making a code change themselves. We avoid breaking changes if possible, but there are cases when they are inevitable. It could be something small: like making a mandatory field optional. Or it could be something big: like removing a query or a mutation. In this talk we'll review the types of breaking changes you may encounter and how to deal with them gracefully.
38 min
Future-Proof GraphQL Schema Design
In this talk, we will cover schema evolution best practices, common mistakes when extending an existing GraphQL schema and patterns for safely monitoring usage, and finally removing deprecated GraphQL fields over time. The state-of-art GraphQL schema does not need versioning as it only ever returns data that is explicitly requested by a client. In theory, new capabilities and types added to the GraphQL schema are only available as the client updates their operation selection sets. However, in reality, altering and extending a GraphQL schema could easily break existing clients depending on how the change has been implemented, especially when using enum, interface, and union types.
21 min
The new GraphiQL: Next-level Customizability
We shipped the next major version of GraphiQL earlier this year! We completely rethought the experience with a particular focus on customizability. Not all users and every API have the same needs for a GraphQL IDE, so one of our big goals was to allow GraphiQL to work for a large variety of use-cases. Let's dive deep into the changes of how we took the customizability to the next level and explore together how you can make GraphiQL your own.
20 min
GraphQL Everywhere
There's an old guard of developers that try to convince you that GraphQL only belongs on the front-end. Join the resistance and see the true power of GraphQL as the ubiquitous and agnostic tool that it is for data normalization. From event-driven, serverless patterns, to low-code platforms, we'll talk about the why and how of freeing data access with GraphQL.
22 min
Real-Time Data Updates for Neo4j Using GraphQL Subscriptions
Join Thomas from the GraphQL Team at Neo4j as he talks about one of the newest features of the Neo4j GraphQL Library: GraphQL Subscriptions. Using this new feature, GraphQL API consumers can listen to data changes in real-time, which happen in Neo4j via the GraphQL Library. Following a high-level overview of the Neo4j GraphQL Library, he will demonstrate the new Subscriptions feature.
20 min
No Code? No Problem! How GraphQL Servers Break and How to Harden Your Resolvers
GraphQL servers are critical components of your infrastructure and must be highly-available, reliable, and fault-tolerant. This talk demonstrates how to leverage Solo.io’s GraphQL Envoy proxy filter to deploy bullet-proof GraphQL endpoints that are reliable, secure, and developer-friendly. All without writing any code!
22 min
GraphQL. State management
In this talk, I will cover why your switch to GQL and Apollo Client 3 should make you walk away from Redux. I will also talk about my journey from Redux -> Apollo Client and use a few project examples for why it makes sense holistically and the challenges I experienced during that transition. Toward the end of this talk, you will be confident about the pros and cons of each approach.
20 min
Authorization Patterns in GraphQL
As it says in the GraphQL documentation: "Delegate authorization logic to the business logic layer". Is that really everything you need to know? This advice is coming from a good place, but it relies on you knowing how you would go about doing authorization in the first place — and this isn't a widely solved problem! On top of that, many of the approaches used in traditional applications don't quite carry over. In this talk, you'll get a crash course in authorization and how to implement it for GraphQL APIs."
7 min
GraphQL Subscriptions with Debezium and Kafka
Reacting on data changes and publishing those changes as GraphQL events with subscriptions can be hard, especially in a multi-service environment with multiple databases or when scaling your GraphQL server with multiple instances. GraphQL clients shouldn't miss events or receive them twice, no matter how your backend architecture looks like or what trouble (service goes down, database connection lost, ...) they might have when serving a subscription request.In this talk, I will show you, how Debezium and Apache Kafka can help you building reliable subscriptions from changes in your database. Debezium is a change data capture (CDC) tool that can forward changes from a database' transaction log in to the Kafka message broker.In my talk I will use a GraphQL backend implement in Java with "Spring for GraphQL", but as Debezium and Kafka are not tied to java the idea is usable also with other GraphQL frameworks and programming languages. You do not need to have knowledge of Java or Spring for GraphQL" to understand the talk.
8 min
Modern GraphQL API Security Testing
With StackHawk, engineering teams can run security tests against GraphQL APIs to find and fix vulnerabilities before they hit production. With automated testing on every PR, you can be confident that your app is secure. Join StackHawk co-founder and Chief Security Officer Scott Gerlach for a quick overview of GraphQL security testing with StackHawk.