Abstract
Collective adaptive systems whose entities are loosely coupled by their exchange of complex data structures became a very common architecture for distributed web-based systems. As HTTP-based APIs transfer data as plain text, this exchange is very error prone: API changes and malicious data modifications may remain unnoticed. GraphQL addresses this concern at the server side with strong typing but leaves the clients untouched. In this paper we present an approach to align the type schemas provided by GraphQL and type definitions at the client side on three levels during the systems’ life cycles: At generation time by verifying queries against the GraphQL schema, at compile time by leveraging TypeScript’s type system, and at run time by using decoders to validate payloads. Key to our solution are a functional, type-safe domain-specific language for the definition of GraphQL queries and a corresponding generator implementation providing the GraphQL queries and TypeScript artefacts. Together they ensure that clients become aware of and are able to react to changes of the (evolving) GraphQL schema, a precondition for maintaining the consistency of the overall collective adaptive system. We will illustrate our approach along a popular GitHub-based, collaborative development scenario.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
Other approaches to reuse based on auxiliary technologies like templating at run time, won’t be discussed in this paper. Due to their missing type safety and error-proneness, we don’t consider them resilient solutions.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
References
Bass, L., Weber, I.M., Zhu, L.: DevOps: A Software Architect’s Perspective. The SEI Series in Software Engineering. Addison-Wesley, Boston (2015)
Boswell, D., Foucher, T.: The Art of Readable Code. O’Reilly Series. O’Reilly Media Incorporated, Sebastopol (2011)
Brown, A., Forsgren, N., Humble, J., Kersten, N., Kim, G.: 2016 state of DevOps report. Technical report (2016). https://services.google.com/fh/files/misc/state-of-devops-2016.pdf
Bugayenko, Y.: Elegant Objects. No. v. 2 in Elegant Objects, CreateSpace Independent Publishing Platform, Scotts Valley (2017)
Bures, T., Gerostathopoulos, I., Hnetynka, P., Keznikl, J., Kit, M., Plasil, F.: DEECO: an ensemble-based component system. In: Proceedings of the 16th International ACM Sigsoft Symposium on Component-Based Software Engineering, CBSE 2013, pp. 81–90. Association for Computing Machinery, New York (2013)
Bures, T., et al.: A language and framework for dynamic component ensembles in smart systems. Int. J. Softw. Tools Technol. Transf. 22(4), 497–509 (2020). https://doi.org/10.1007/s10009-020-00558-z
Callegati, F., Cerroni, W., Ramilli, M.: Man-in-the-middle attack to the HTTPS protocol. IEEE Secur. Priv. 7(1), 78–81 (2009)
Campinhos, J., Seco, J.C., Cunha, J.: Type-safe evolution of web services. In: 2017 IEEE/ACM 2nd International Workshop on Variability and Complexity in Software Design (VACE), pp. 20–26 (2017)
Chaudhuri, A., Vekris, P., Goldman, S., Roch, M., Levi, G.: Fast and precise type checking for JavaScript. Proc. ACM Program. Lang. 1(OOPSLA) (2017)
Cohn, M.: Succeeding with Agile: Software Development Using Scrum, 1st edn. Addison-Wesley Professional, Boston (2009)
Costantini, G., Ferrara, P., Cortesi, A.: A suite of abstract domains for static analysis of string values. Softw. Pract. Exper. 45(2), 245–287 (2015)
De Nicola, R., et al.: The SCEL language: design, implementation, verification. In: Wirsing, M., Hölzl, M., Koch, N., Mayer, P. (eds.) Software Engineering for Collective Autonomic Systems. LNCS, vol. 8998, pp. 3–71. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16310-9_1
Dhar, A., Purandare, R., Dhawan, M., Rangaswamy, S.: CLOTHO: saving programs from malformed strings and incorrect string-handling. In: Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2015, pp. 555–566. Association for Computing Machinery (2015)
Fowler, M.: Domain-Specific Languages. Addison-Wesley Signature Series (Fowler). Pearson Education, Boston (2010)
Gao, Z., Bird, C., Barr, E.T.: To type or not to type: quantifying detectable bugs in JavaScript. In: 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE), pp. 758–769 (2017)
Hartig, O., Perez, J.: Semantics and complexity of GraphQL. In: Proceedings of the 2018 World Wide Web Conference, WWW 2018, International World Wide Web Conferences Steering Committee, pp. 1155–1164 (2018)
Kizza, J.M.: Internet of Things (IoT): growth, challenges, and security. Guide to Computer Network Security. TCS, pp. 517–531. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-38141-7_24
Kula, R.G., Ouni, A., German, D.M., Inoue, K.: On the impact of micro-packages: an empirical study of the NPM JavaScript ecosystem. CoRR abs/1709.04638 (2017)
Margaria, T., Hinchey, M.: Simplicity in it: the power of less. Computer 46(11), 23–25 (2013)
Margaria, T., Steffen, B.: Simplicity as a driver for agile innovation. Computer 43(6), 90–92 (2010)
Margaria, T., Steffen, B., Reitenspieß, M.: Service-oriented design: the roots. In: Benatallah, B., Casati, F., Traverso, P. (eds.) ICSOC 2005. LNCS, vol. 3826, pp. 450–464. Springer, Heidelberg (2005). https://doi.org/10.1007/11596141_34
Merten, M., Steffen, B.: Simplicity driven application development. J. Integr. Des. Process Sci. 17, 9–23 (2013)
Parr, T.: The definitive ANTLR 4 reference. In: Pragmatic Bookshelf (2013)
Schiavio, F., Sun, H., Bonetta, D., Rosa, A., Binder, W.: NodeMOP: runtime verification for Node.js applications. In: Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing, SAC 2019, pp. 1794–1801. Association for Computing Machinery (2019)
Stahl, D., Martensson, T., Bosch, J.: Continuous practices and DevOps: beyond the buzz, what does it all mean? In: 2017 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA), pp. 440–448 (2017)
Taskula, T.: Advanced data fetching with GraphQL: case bakery service. Master’s thesis, Aalto University, 11 March 2019
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Schürmann, J., Tegeler, T., Steffen, B. (2020). Guaranteeing Type Consistency in Collective Adaptive Systems. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation: Engineering Principles. ISoLA 2020. Lecture Notes in Computer Science(), vol 12477. Springer, Cham. https://doi.org/10.1007/978-3-030-61470-6_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-61470-6_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-61469-0
Online ISBN: 978-3-030-61470-6
eBook Packages: Computer ScienceComputer Science (R0)