Hello,
I’m querying the GitHub GraphQL API in order to fetch repositories and display their Dependabot vulnerabilities. There are 3 things I’m doing:
- Filter out repositories that don’t have any vulnerabilities (but still keep track of how many repositories were fetched, for statistics).
- Sort repositories by number of vulnerabilities, and vulnerabilities by order by importance.
- For each repository that has no vulnerability, I need to make an HTTP request to the GitHub REST API in order to know if vulnerabilities are actually disabled or not (this info is not given by the GraphQL endpoint).
Currently, I do 1. in a custom Apollo Link and I added two @client fields to the GraphQL request in order to store information like number of fetched repositories and total number of vulnerabilities. I do 2. in the merge function of the request’s field, and 3. in the custom Apollo Link I mentioned above and use a custom event bus to notify the UI that the async requests have finished.
So I have a few design questions:
- when should the data coming from the server be modified, in a Link or in the merge function? Does it depend on what/how the data is modified?
- is there a specific way in Apollo to handle the async HTTP requests I need to make?
- is there a better way than using a custom event bus to notify the UI when the HTTP requests have finished? maybe reactive vars?
Thank you for reading 