🐞 Describe the bug
Apollo server seems to be using an unbounded cache with no way of configuring to be bounded.
Getting the following warning when starting production:
Persisted queries are enabled and are using an unbounded cache. Your server is vulnerable to denial of service attacks via memory exhaustion. Set cache: "bounded" or persistedQueries: false in your ApolloServer constructor, or see https://go.apollo.dev/s/cache-backends for other alternatives.
📚 To Reproduce
Start Ackee with NODE_ENV=production should be enough.
Configuration mentioned in the systemd docs also produces this warning.
💡 Expected behavior
To not be vulnerable to denial of service attacks by default.
⚙️ Environment
- Installation: Manually / Standalone
- Ackee version: v3.4.2
🐞 Describe the bug
Apollo server seems to be using an unbounded cache with no way of configuring to be bounded.
Getting the following warning when starting production:
📚 To Reproduce
Start Ackee with NODE_ENV=production should be enough.
Configuration mentioned in the systemd docs also produces this warning.
💡 Expected behavior
To not be vulnerable to denial of service attacks by default.
⚙️ Environment