From 07bf5b8862fb83a0b32efbe704fd91280ef8206f Mon Sep 17 00:00:00 2001 From: mitchellhamilton Date: Tue, 6 Sep 2022 16:31:34 +1000 Subject: [PATCH 1/2] Add `cache: "bounded"` and `persistedQueries: false` to default Apollo Server config --- .changeset/many-bulldogs-scream.md | 5 +++++ packages/core/src/lib/server/createApolloServer.ts | 5 ++++- tests/api-tests/utils.ts | 7 ++----- 3 files changed, 11 insertions(+), 6 deletions(-) create mode 100644 .changeset/many-bulldogs-scream.md diff --git a/.changeset/many-bulldogs-scream.md b/.changeset/many-bulldogs-scream.md new file mode 100644 index 00000000000..b0ef88433a7 --- /dev/null +++ b/.changeset/many-bulldogs-scream.md @@ -0,0 +1,5 @@ +--- +'@keystone-6/core': major +--- + +Adds `cache: "bounded"` and `persistedQueries: false` to default Apollo Server config. diff --git a/packages/core/src/lib/server/createApolloServer.ts b/packages/core/src/lib/server/createApolloServer.ts index 37676b378fc..422ff527ab1 100644 --- a/packages/core/src/lib/server/createApolloServer.ts +++ b/packages/core/src/lib/server/createApolloServer.ts @@ -5,6 +5,7 @@ import { ApolloServer as ApolloServerExpress } from 'apollo-server-express'; import { ApolloServerPluginLandingPageDisabled, ApolloServerPluginLandingPageGraphQLPlayground, + Config, } from 'apollo-server-core'; import type { CreateContext, GraphQLConfig, SessionStrategy } from '../../types'; import { createSessionContext } from '../../session'; @@ -63,13 +64,15 @@ const _createApolloServerConfig = ({ }: { graphQLSchema: GraphQLSchema; graphqlConfig?: GraphQLConfig; -}) => { +}): Config => { const apolloConfig = graphqlConfig?.apolloConfig; const playgroundOption = graphqlConfig?.playground ?? process.env.NODE_ENV !== 'production'; return { schema: graphQLSchema, debug: graphqlConfig?.debug, // If undefined, use Apollo default of NODE_ENV !== 'production' + cache: 'bounded', + persistedQueries: false, ...apolloConfig, plugins: playgroundOption === 'apollo' diff --git a/tests/api-tests/utils.ts b/tests/api-tests/utils.ts index b6640a7927b..a43a9c630c2 100644 --- a/tests/api-tests/utils.ts +++ b/tests/api-tests/utils.ts @@ -7,13 +7,10 @@ let prevConsoleWarn = console.warn; console.warn = function (...args: unknown[]) { if ( typeof args[0] === 'string' && - (args[0].endsWith( + args[0].endsWith( // this is expected 'There are already 10 instances of Prisma Client actively running.' - ) || - // we should really enforce a safe default for this though - args[0] === - 'Persisted queries are enabled and are using an unbounded cache. Your server is vulnerable to denial of service attacks via memory exhaustion. Set `cache: "bounded"` or `persistedQueries: false` in your ApolloServer constructor, or see https://go.apollo.dev/s/cache-backends for other alternatives.') + ) ) { return; } From 285a620bf70bf9a20301bedda0f876682fa25b53 Mon Sep 17 00:00:00 2001 From: Daniel Cousens <413395+dcousens@users.noreply.github.com> Date: Tue, 6 Sep 2022 17:55:20 +1000 Subject: [PATCH 2/2] breaking changeset wording --- .changeset/many-bulldogs-scream.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.changeset/many-bulldogs-scream.md b/.changeset/many-bulldogs-scream.md index b0ef88433a7..d073b098446 100644 --- a/.changeset/many-bulldogs-scream.md +++ b/.changeset/many-bulldogs-scream.md @@ -2,4 +2,4 @@ '@keystone-6/core': major --- -Adds `cache: "bounded"` and `persistedQueries: false` to default Apollo Server config. +Changes default Apollo Server configuration to use `cache: "bounded"` and `persistedQueries: false`