From 2c4ae43e688a9873e86211ea0e7aeb9ba770dd77 Mon Sep 17 00:00:00 2001
From: Minteck <contact@minteck.org>
Date: Tue, 18 Oct 2022 08:59:09 +0200
Subject: Update

---
 .../custom/NoSchemaIntrospectionCustomRule.mjs     | 25 ++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 alarm/node_modules/graphql/validation/rules/custom/NoSchemaIntrospectionCustomRule.mjs

(limited to 'alarm/node_modules/graphql/validation/rules/custom/NoSchemaIntrospectionCustomRule.mjs')

diff --git a/alarm/node_modules/graphql/validation/rules/custom/NoSchemaIntrospectionCustomRule.mjs b/alarm/node_modules/graphql/validation/rules/custom/NoSchemaIntrospectionCustomRule.mjs
new file mode 100644
index 0000000..26f7d74
--- /dev/null
+++ b/alarm/node_modules/graphql/validation/rules/custom/NoSchemaIntrospectionCustomRule.mjs
@@ -0,0 +1,25 @@
+import { GraphQLError } from "../../../error/GraphQLError.mjs";
+import { getNamedType } from "../../../type/definition.mjs";
+import { isIntrospectionType } from "../../../type/introspection.mjs";
+
+/**
+ * Prohibit introspection queries
+ *
+ * A GraphQL document is only valid if all fields selected are not fields that
+ * return an introspection type.
+ *
+ * Note: This rule is optional and is not part of the Validation section of the
+ * GraphQL Specification. This rule effectively disables introspection, which
+ * does not reflect best practices and should only be done if absolutely necessary.
+ */
+export function NoSchemaIntrospectionCustomRule(context) {
+  return {
+    Field: function Field(node) {
+      var type = getNamedType(context.getType());
+
+      if (type && isIntrospectionType(type)) {
+        context.reportError(new GraphQLError("GraphQL introspection has been disabled, but the requested query contained the field \"".concat(node.name.value, "\"."), node));
+      }
+    }
+  };
+}
-- 
cgit