@@ -14,7 +14,7 @@ using static analysis. You'll learn how to estimate the cost
1414of an operation before execution and reject it if it exceeds a safe limit.
1515
1616<Callout type = " info" emoji = " ℹ️"
17- In production, we recommend using [ trusted documents] ( https://graphql.org/learn/persistence/ )
17+ In production, we recommend using [ trusted documents] ( /docs/going-to-production#only-allow-trusted-documents )
1818 rather than analyzing arbitrary documents at runtime. Complexity analysis can still be
1919 useful at build time to catch expensive operations before they're deployed.
2020</Callout >
@@ -28,7 +28,7 @@ at the schema.
2828Without safeguards, clients could:
2929
3030- Request deeply nested object relationships
31- - Use recursive fragments to multiply field resolution
31+ - Use nested fragments to multiply field resolution
3232- Exploit pagination arguments to retrieve excessive data
3333
3434Certain field types (e.g., lists, interfaces, unions) can also significantly
@@ -246,8 +246,8 @@ useful, just in a different way. You can run it at build time to:
246246
247247## Best practices
248248
249- - Use trusted documents in production when possible.
250- - Use complexity analysis as a development-time safeguards .
249+ - Only accept trusted documents in production when possible.
250+ - Use complexity analysis as a development-time safeguard .
251251- Avoid running untrusted operations without additional validation and cost checks.
252252- Account for list fields and abstract types, which can significantly increase cost.
253253- Avoid estimating complexity before validation unless you're confident in your tooling.
0 commit comments