.changeset/config.json

@@ -3,7 +3,7 @@
   "changelog": "@changesets/cli/changelog",
   "commit": false,
   "linked": [],
-  "access": "restricted",
+  "access": "public",
   "baseBranch": "master",
   "updateInternalDependencies": "patch",
   "ignore": [

.eslintrc.json

@@ -61,7 +61,8 @@
     "packages/load/tests/loaders/schema",
     "website",
     "scripts",
-    "packages/loaders/code-file/tests/test-files"
+    "packages/loaders/code-file/tests/test-files",
+    "packages/loaders/git/tests/test-files"
   ],
   "globals":{
     "BigInt": true

.github/ISSUE_TEMPLATE/config.yml

@@ -3,3 +3,6 @@ contact_links:
   - name: Have a question?
     url: https://github.com/ardatan/graphql-tools/discussions/new
     about: Not sure about something? need help from the community? have a question to our team? please ask and answer questions here.
+  - name: Any issue with `npm audit`
+    url: https://overreacted.io/npm-audit-broken-by-design/
+    about: Please do not create issues about `npm audit` and you can contact with us directly for more questions.

.github/labels.yml

@@ -0,0 +1,117 @@
+- color: 1d76db
+  description: ''
+  name: automerge
+- color: b60205
+  description: Prevents production or dev due to perf, bug, build error, etc..
+  name: blocking
+- color: fc2929
+  description: ''
+  name: bug
+- color: b60205
+  description: ''
+  name: bugfix
+- color: 1f6d01
+  description: ''
+  name: chore
+- color: 0366d6
+  description: Pull requests that update a dependency file
+  name: dependencies
+- color: ededed
+  description: ''
+  name: design-limitation
+- color: c2e0c6
+  description: Focuses on documentation changes
+  name: docs
+- color: cccccc
+  description: ''
+  name: duplicate
+- color: d4c5f9
+  description: ''
+  name: easy
+- color: 84b6eb
+  description: ''
+  name: enhancement
+- color: 0e8a16
+  description: ''
+  name: external-bug
+- color: a2eeef
+  description: New addition or enhancement to existing solutions
+  name: feature
+- color: ededed
+  description: ''
+  name: fixed
+- color: 7057ff
+  description: Issues that are suitable for first-time contributors.
+  name: good first issue
+- color: 7057ff
+  description: PR's that are suitable for first-time contributors to review.
+  name: good first review
+- color: ededed
+  description: ''
+  name: greenkeeper
+- color: 42f44e
+  description: ❤ Has a reproduction in a codesandbox or single minimal repository
+  name: has-reproduction
+- color: '159818'
+  description: ''
+  name: help wanted
+- color: c2e0c6
+  description: ''
+  name: import
+- color: ededed
+  description: ''
+  name: in progress
+- color: e6e6e6
+  description: ''
+  name: in progress by contributor
+- color: e6e6e6
+  description: ''
+  name: invalid
+- color: 1d76db
+  description: ''
+  name: loaders
+- color: d93f0b
+  description: ''
+  name: needs-reproduction
+- color: cc317c
+  description: ''
+  name: question
+- color: ededed
+  description: ''
+  name: ready
+- color: d13078
+  description: ''
+  name: repro-only-pr
+- color: fbca04
+  description: ''
+  name: requires documentation fix
+- color: 0052cc
+  description: ''
+  name: schema merging
+- color: 5df492
+  description: ''
+  name: schema stitching
+- color: 0e8a16
+  description: ''
+  name: testing
+- color: ededed
+  description: ''
+  name: to do
+- color: fff2c9
+  description: ''
+  name: v5
+- color: 254faa
+  description: ''
+  name: v6
+- color: b75409
+  description: ''
+  name: waiting for answer
+- color: ffbae9
+  description: ''
+  name: waiting on contributor
+- color: dfff8e
+  description: Fixed/resolved, and waiting for the next stable release
+  name: waiting-for-release
+- color: ffffff
+  description: ''
+  name: wontfix

.github/workflows/benchmark.yml

@@ -0,0 +1,52 @@
+name: Benchmark
+
+on:
+  pull_request: {}
+  workflow_dispatch: {}
+
+jobs:
+  federation-benchmark:
+    name: Federation Benchmark with ${{matrix.products_size}} Products
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        products_size: [3, 10, 50, 100, 1000]
+    steps:
+      - name: Checkout Master
+        uses: actions/checkout@v2
+      - name: Use Node
+        uses: actions/setup-node@master
+        with:
+          node-version: 16
+      - name: Cache Yarn
+        uses: actions/cache@v2
+        with:
+          path: '**/node_modules'
+          key: ${{ runner.os }}-16-15-yarn-${{ hashFiles('yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-16-15-yarn
+      - name: Install Dependencies using Yarn
+        run: yarn install --ignore-engines && git checkout yarn.lock
+      - name: Build packages
+        run: yarn build
+      - name: Setup K6
+        run: |
+          sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys C5AD17C747E3415A3642D57D77C6C491D6AC1D69
+          echo "deb https://dl.k6.io/deb stable main" | sudo tee /etc/apt/sources.list.d/k6.list
+          sudo apt-get update
+          sudo apt-get install k6
+      - name: GraphQL API
+        working-directory: ./benchmark/federation
+        run: |
+          yarn start &
+          yarn wait-on tcp:3000
+        env:
+          PRODUCTS_SIZE: ${{matrix.products_size}}
+      - name: Federation
+        run: k6 -e ENDPOINT=federation run --out json=federation.json benchmark/federation/k6.js
+      - name: Stitching
+        run: k6 -e ENDPOINT=stitching run --out json=stitching.json benchmark/federation/k6.js
+      - name: Monolith
+        run: k6 -e ENDPOINT=monolith run --out json=monolith.json benchmark/federation/k6.js
+      - name: Compare
+        run: node benchmark/compare monolith:monolith.json federation:federation.json stitching:stitching.json

.github/workflows/canary.yml

@@ -4,12 +4,24 @@ on:
   pull_request:
     branches:
       - master
-
+  workflow_dispatch:
+    inputs:
+      onDemand:
+        description: 'Are you sure?'
+        required: true
+        default: 'yes'
+      npmTag:
+        description: 'NPM Tag'
+        required: true
+        default: 'alpha'
+      npmVersionSuffix:
+        description: 'Custom NPM Version Suffix'
+        required: false
 jobs:
   publish-canary:
     name: Publish Canary
     runs-on: ubuntu-latest
-    if: github.event.pull_request.head.repo.full_name == github.repository
+    if: github.event.pull_request.head.repo.full_name == github.repository || github.event.inputs.onDemand == 'yes'
     steps:
       - name: Checkout Master
         uses: actions/checkout@v2
@@ -18,7 +30,7 @@ jobs:
       - name: Use Node
         uses: actions/setup-node@v2
         with:
-          node-version: '15.x'
+          node-version: 16
       - name: Configure Git Credentials
         run: |
           git config --global user.email "theguild-bot@users.noreply.github.com"
@@ -32,9 +44,9 @@ jobs:
         uses: actions/cache@v2
         with:
           path: '**/node_modules'
-          key: ${{ runner.os }}-15-15-yarn-${{ hashFiles('yarn.lock') }}
+          key: ${{ runner.os }}-16-15-yarn-${{ hashFiles('yarn.lock') }}
           restore-keys: |
-            ${{ runner.os }}-15-15-yarn-
+            ${{ runner.os }}-16-15-yarn-
       - name: Install Dependencies using Yarn
         run: yarn install --ignore-engines && git checkout yarn.lock
       - name: Release Canary
@@ -44,6 +56,10 @@ jobs:
           npm-token: ${{ secrets.NODE_AUTH_TOKEN }}
           npm-script: 'yarn release:canary'
           changesets: true
+        env:
+          ON_DEMAND: ${{github.event.inputs.onDemand}}
+          NPM_TAG: ${{github.event.inputs.npmTag || 'alpha'}}
+          NPM_VERSION_SUFFIX: ${{github.event.inputs.npmVersionSuffix}}
       - name: Publish a message
         if: steps.canary.outputs.released
         uses: 'kamilkisiela/pr-comment@master'

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,69 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1

.github/workflows/github.yml

@@ -0,0 +1,18 @@
+name: Sync labels
+on:
+  push:
+    branches:
+      - master
+    paths:
+      - .github/labels.yml
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: micnncim/action-label-syncer@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          manifest: .github/labels.yml
+          prune: false

.github/workflows/release.yml

@@ -24,7 +24,7 @@ jobs:
       - name: Use Node
         uses: actions/setup-node@v2
         with:
-          node-version: '15.x'
+          node-version: 16
       - name: Setup NPM credentials
         run: echo "//registry.npmjs.org/:_authToken=$NODE_AUTH_TOKEN" >> ~/.npmrc
         env:
@@ -33,13 +33,11 @@ jobs:
         uses: actions/cache@v2
         with:
           path: '**/node_modules'
-          key: ${{ runner.os }}-15-15-yarn-${{ hashFiles('yarn.lock') }}
+          key: ${{ runner.os }}-16-15-yarn-${{ hashFiles('yarn.lock') }}
           restore-keys: |
-            ${{ runner.os }}-15-15-yarn-
+            ${{ runner.os }}-16-15-yarn-
       - name: Install Dependencies using Yarn
         run: yarn install --ignore-engines && git checkout yarn.lock
-      - name: Build
-        run: yarn build
       - name: Create Release Pull Request or Publish to npm
         id: changesets
         uses: changesets/action@master