DEV Community

Discussion on: 5 reasons why Frontend Developers love GraphQL

jackmellis profile image

There are definitely places where graphql is better suited and vice versa. In my experience I have had a few issues with graphql:

  • giving the client control over the query and the return fields means it's very hard to control what data should be publicly available, it's very easy to create huge security holes
  • having one endpoint and then dozens or hundreds of queries/mutations is basically gaining you nothing. It's basically the same as using jsonrpc over rest. You still have the same number of endpoints, they're just concealed under 1 url. It also makes it harder to pick out a specific request from the network tab!
  • I've not had to deal with under-fetching luckily but definitely over-fetching (where the response returns 1mb of data but I only needed 1 field!). However, this is not a problem with rest, rather miscommunication within a team or developer laziness...