npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@koikorn/keystone

v11.2.0

Published

The main @koikorn class & CLI. This is where the magic happens.

Downloads

19

Readme

Keystone class

Usage

const { Keystone } = require('@koikorn/keystone');

const keystone = new Keystone({
  adapter,
  adapters,
  appVersion,
  cookie,
  cookieSecret,
  defaultAccess,
  defaultAdapter,
  onConnect,
  queryLimits,
  sessionStore,
  schemaNames,
});

appVersion

Configure the application version, which can be surfaced via HTTP headers or GraphQL.

The version can be any string value you choose to use for your system. If addVersionToHttpHeaders is true then all requests will have the header X-Keystone-App-Version set. The version can also be queried from the GraphQL API as { appVersion }. You can control whether this is exposed in your schema using access, which can be either a boolean, or an object with schemaName keys and boolean values.

const keystone = new Keystone({
  appVersion: {
    version: '1.0.0',
    addVersionToHttpHeaders: true,
    access: true,
  },
});

Why don't we just use access to control the HTTP header?

We want to attach the HTTP header at the very top of the middleware stack, so if something gets rejected we can at least be sure of the system version that did the rejecting. This happens well before we have worked out which schema the person is trying to access, and therefore our access control isn’t ready to be used. Also, the access control that we set up is all about controlling access to the GraphQL API, and HTTP headers are a Different Thing, so even if it was technically possible to use the same mechanism, it really makes sense to decouple those two things.

cookie

Default: see Usage.

A description of the cookie properties is included in the express-session documentation.

secure

A secure cookie is only sent to the server with an encrypted request over the HTTPS protocol. If secure is set to true (as is the default with a production build) for a KeystoneJS project running on a non-HTTPS server (such as localhost), you will not be able to log in. In that case, be sure you set secure to false. This does not affect development builds since this value is already false.

You can read more about secure cookies on the MDN web docs.

Usage

const keystone = new Keystone({
  /* ...config */
  cookie: {
    secure: process.env.NODE_ENV === 'production', // Default to true in production
    maxAge: 1000 * 60 * 60 * 24 * 30, // 30 days
    sameSite: false,
  },
});

cookieSecret

The secret used to sign session ID cookies. In production mode (process.env.NODE_ENV === 'production') this option is required. In development mode, if undefined, a random cookieSecret will be generated each time Keystone starts (this will cause sessions to be reset between restarts).

defaultAccess

Default:

{
  list: true,
  field: true,
  custom: true
}

Default list and field access. See the Access Control page for more details.

defaultAdapter

Default: undefined

The name of the database adapter to use by default if multiple are provided.

onConnect

Default: undefined

Callback function that executes once keystone.connect() is complete. Takes no arguments.

queryLimits

Configures global query limits.

These should be used together with list query limits.

const keystone = new Keystone({
  queryLimits: {
    maxTotalResults: 1000,
  },
});
  • maxTotalResults: limit of the total results of all relationship subqueries

Note that maxTotalResults applies to the total results of all relationship queries separately, even if some are nested inside others.

sessionStore

Sets the Express server's session middleware. This should be configured before deploying your app.

This example uses the connect-mongo middleware, but you can use any of the stores that work with express session.

const expressSession = require('express-session');
const MongoStore = require('connect-mongo')(expressSession);

const keystone = new Keystone({
  sessionStore: new MongoStore({ url: 'mongodb://localhost/my-app' }),
});

schemaNames

Default: ['public']

Methods

| Method | Description | | --------------------- | ---------------------------------------------------------------------------- | | connect | Manually connect to Adapters. | | createAuthStrategy | Creates a new authentication middleware instance. | | createItems | Add items to a Keystone list. | | createList | Add a list to the Keystone schema. | | disconnect | Disconnect from all adapters. | | extendGraphQLSchema | Extend keystones generated schema with custom types, queries, and mutations. | | prepare | Manually prepare Keystone middlewares. | | createContext | Create a context object that can be used with executeGraphQL(). | | executeGraphQL | Execute a server-side GraphQL operation within the given context. |

connect()

Manually connect Keystone to the adapters. See Custom Server.

keystone.connect();

Note: keystone.connect() is only required for custom servers. Most example projects use the keystone start command to start a server and automatically connect.

createAuthStrategy(config)

Creates a new authentication middleware instance. See:

const authStrategy = keystone.createAuthStrategy({...});

createItems(items)

Allows bulk creation of items. This method's primary use is intended for migration scripts, or initial seeding of databases.

keystone.createItems({
  User: [{ name: 'Ticiana' }, { name: 'Lauren' }],
  Post: [
    {
      title: 'Hello World',
      author: { where: { name: 'Ticiana' } },
    },
  ],
});

The author field of the Post list would have the following configuration:

keystone.createList('Post', {
  fields: {
    author: { type: Relationship, ref: 'User' },
  },
});

Config

| Option | Type | Description | | ----------- | -------- | ------------------------------------------------------------------------------- | | [listKey] | Object | An object where keys are list keys, and values are an array of items to insert. |

Note: The format of the data must match the lists and fields setup with keystone.createList()

It is possible to create relationships at insertion using the Keystone query syntax.

E.g. author: { where: { name: 'Ticiana' } }

Upon insertion, Keystone will resolve the { where: { name: 'Ticiana' } } query against the User list, ultimately setting the author field to the ID of the first User that is found.

Note an error is thrown if no items match the query.

createList(listKey, config)

Registers a new list with Keystone and returns a Keystone list object. See:

keystone.createList('Posts', {...});

Config

| Option | Type | Default | Description | | --------- | -------- | ------- | ------------------------------------------------------------------------------------------- | | listKey | String | null | The name of the list. This should be singular, E.g. 'User' not 'Users'. | | config | Object | {} | The list config. See the create list API docs for more details. |

disconnect()

Disconnect all adapters.

extendGraphQLSchema(config)

Extends keystones generated schema with custom types, queries, and mutations.

keystone.extendGraphQLSchema({
  types: [{ type: 'type MyType { original: Int, double: Float }' }],
  queries: [
    {
      schema: 'double(x: Int): MyType',
      resolver: (_, { x }) => ({ original: x, double: 2.0 * x }),
    },
  ],
  mutations: [
    {
      schema: 'triple(x: Int): Int',
      resolver: (_, { x }) => 3 * x,
    },
  ],
});

See the Custom schema guide for more information on utilizing custom schema.

Config

| Option | Type | Description | | --------- | ------- | ---------------------------------------------------------------------------------------------- | | types | array | A list of objects of the form { type, access } where the type string defines a GraphQL type. | | queries | array | A list of objects of the form { schema, resolver, access }. | | mutations | array | A list of objects of the form { schema, resolver, access }. |

  • The schema for both queries and mutations should be a string defining the GraphQL schema element for the query/mutation, e.g.
{
  schema: 'getBestPosts(author: ID!): [Post]',
}
  • The resolver for both queries and mutations should be a resolver function with following signature:
{
  resolver: (parent, args, context, info, extra) => {},
}

For more information about the first four arguments, please see the Apollo docs. The last argument extra is an object that contains the following property:

| Name | Description | | -------- | -------------------------------------------------- | | access | Access control information about the current user. |

  • The access argument for types, queries, and mutations are all either boolean values which are used at schema generation time to include or exclude the item from the schema, or a function which must return boolean.
  • See the Access control API docs for more details.

prepare(config)

Manually prepare middlewares. Returns a promise representing the processed middlewares. They are available as an array through the middlewares property of the returned object.

Usage

const { middlewares } = await keystone.prepare({
  apps,
  dev: process.env.NODE_ENV !== 'production',
});

Config

| Option | Type | default | Description | | ------------- | --------- | ------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | | apps | Array | [] | An array of 'Apps' which are express middleware. | | cors | Object | { origin: true, credentials: true } | CORS options passed to the cors npm module | | dev | Boolean | false | Sets the dev flag in Keystone' express middleware. | | distDir | String | dist | The build directory for keystone. | | pinoOptions | Object | undefined | Logging options passed to the express-pino-logger npm module |

createContext({ schemaName, authentication, skipAccessControl })

Create a context object that can be used with executeGraphQL().

Usage

const { gql } = require('apollo-server-express');

// Create a context which can execute GraphQL operations with no access control
const context = keystone.createContext({ skipAccessControl: true })

// Execute a GraphQL operation with no access control
const { data, errors } = keystone.executeGraphQL({ context, query: gql` ... `, variables: { ... }})

Config

| Option | Type | default | Description | | ------------------- | --------- | -------- | -------------------------------------------------------------------------------------------- | | schemaName | String | public | The name of the GraphQL schema to execute against. | | authentication | Object | {} | { item: { id }, listAuthKey: "" }. Specifies the item to be used in access control checks. | | skipAccessControl | Boolean | false | Set to true to skip all access control checks. |

executeGraphQL({ context, query, variables })

Execute a server-side GraphQL query within the given context.

Usage

const { gql } = require('apollo-server-express');

// Create a context which can execute GraphQL operations with no access control
const context = keystone.createContext({ skipAccessControl: true })

// Execute a GraphQL operation with no access control
const { data, errors } = keystone.executeGraphQL({ context, query: gql` ... `, variables: { ... }})

Config

| Option | Type | default | Description | | ----------- | -------- | -------------------------- | ------------------------------------------------------- | | context | Array | keystone.createContext() | A context object to be used by the GraphQL resolvers. | | query | Object | undefined | The GraphQL operation to execute. | | variables | Object | undefined | The variables to be passed to the GraphQL operation. |