| Notes: Limiting query depth: https://github.com/stems/graphql-depth-limit
Complexity analysis: https://github.com/4Catalyzer/graphql-validation-complexity OR https://github.com/ivome/graphql-query-complexity
Limiting query length: Doesn't make too much sense according to research
Disabling introspection queries: Normally introspection queries are used by clients to get what queries/mutations are available. In our case, users need to download a schema JSON which is the result of introspection query. However, it is ok to disable introspection queries on the data sync server because clients download this schema on the sync UI. Use https://github.com/helfer/graphql-disable-introspection |
