Introduce "recommended" validation rules

Replicates graphql/graphql-js@2744f58

Author: Cito

src/graphql/__init__.py

@@ -385,6 +385,7 @@
     SDLValidationRule,
     # All validation rules in the GraphQL Specification.
     specified_rules,
+    recommended_rules,
     # Individual validation rules.
     ExecutableDefinitionsRule,
     FieldsOnCorrectTypeRule,
@@ -412,6 +413,7 @@
     ValuesOfCorrectTypeRule,
     VariablesAreInputTypesRule,
     VariablesInAllowedPositionRule,
+    MaxIntrospectionDepthRule,
     # SDL-specific validation rules
     LoneSchemaDefinitionRule,
     UniqueOperationTypesRule,
@@ -613,6 +615,7 @@
     "Location",
     "LoneAnonymousOperationRule",
     "LoneSchemaDefinitionRule",
+    "MaxIntrospectionDepthRule",
     "Middleware",
     "MiddlewareManager",
     "NameNode",
@@ -798,6 +801,7 @@
     "print_schema",
     "print_source_location",
     "print_type",
+    "recommended_rules",
     "resolve_thunk",
     "separate_operations",
     "specified_directives",

src/graphql/validation/__init__.py

@@ -15,7 +15,7 @@
 from .rules import ValidationRule, ASTValidationRule, SDLValidationRule
 
 # All validation rules in the GraphQL Specification.
-from .specified_rules import specified_rules
+from .specified_rules import specified_rules, recommended_rules
 
 # Spec Section: "Defer And Stream Directive Labels Are Unique"
 from .rules.defer_stream_directive_label import DeferStreamDirectiveLabel
@@ -109,6 +109,9 @@
 # Spec Section: "All Variable Usages Are Allowed"
 from .rules.variables_in_allowed_position import VariablesInAllowedPositionRule
 
+# No spec section: "Maximum introspection depth"
+from .rules.max_introspection_depth_rule import MaxIntrospectionDepthRule
+
 # SDL-specific validation rules
 from .rules.lone_schema_definition import LoneSchemaDefinitionRule
 from .rules.unique_operation_types import UniqueOperationTypesRule
@@ -138,6 +141,7 @@
     "KnownTypeNamesRule",
     "LoneAnonymousOperationRule",
     "LoneSchemaDefinitionRule",
+    "MaxIntrospectionDepthRule",
     "NoDeprecatedCustomRule",
     "NoFragmentCyclesRule",
     "NoSchemaIntrospectionCustomRule",
@@ -170,6 +174,7 @@
     "ValuesOfCorrectTypeRule",
     "VariablesAreInputTypesRule",
     "VariablesInAllowedPositionRule",
+    "recommended_rules",
     "specified_rules",
     "validate",
 ]

src/graphql/validation/rules/max_introspection_depth_rule.py

@@ -0,0 +1,81 @@
+"""Max introspection depth rule"""
+
+from typing import Any
+
+from ...error import GraphQLError
+from ...language import SKIP, FieldNode, FragmentSpreadNode, Node, VisitorAction
+from . import ASTValidationRule, ValidationContext
+
+__all__ = ["MaxIntrospectionDepthRule"]
+
+MAX_LIST_DEPTH = 3
+
+
+class MaxIntrospectionDepthRule(ASTValidationRule):
+    """Checks maximum introspection depth"""
+
+    def __init__(self, context: ValidationContext) -> None:
+        super().__init__(context)
+        self._visited_fragments: dict[str, None] = {}
+        self._get_fragment = context.get_fragment
+
+    def _check_depth(self, node: Node, depth: int = 0) -> bool:
+        """Check whether the maximum introspection depth has been reached.
+
+        Counts the depth of list fields in "__Type" recursively
+        and returns `True` if the limit has been reached.
+        """
+        if isinstance(node, FragmentSpreadNode):
+            visited_fragments = self._visited_fragments
+            fragment_name = node.name.value
+            if fragment_name in visited_fragments:
+                # Fragment cycles are handled by `NoFragmentCyclesRule`.
+                return False
+            fragment = self._get_fragment(fragment_name)
+            if not fragment:
+                # Missing fragments checks are handled by the `KnownFragmentNamesRule`.
+                return False
+
+            # Rather than following an immutable programming pattern which has
+            # significant memory and garbage collection overhead, we've opted to take
+            # a mutable approach for efficiency's sake. Importantly visiting a fragment
+            # twice is fine, so long as you don't do one visit inside the other.
+            visited_fragments[fragment_name] = None
+            try:
+                return self._check_depth(fragment, depth)
+            finally:
+                del visited_fragments[fragment_name]
+
+        if isinstance(node, FieldNode) and node.name.value in (
+            # check all introspection lists
+            "fields",
+            "interfaces",
+            "possibleTypes",
+            "inputFields",
+        ):
+            depth += 1
+            if depth >= MAX_LIST_DEPTH:
+                return True
+
+        # hendle fields and inline fragments
+        try:
+            selection_set = node.selection_set  # type: ignore[attr-defined]
+        except AttributeError:  # pragma: no cover
+            selection_set = None
+        if selection_set:
+            for child in selection_set.selections:
+                if self._check_depth(child, depth):
+                    return True
+
+        return False
+
+    def enter_field(self, node: FieldNode, *_args: Any) -> VisitorAction:
+        if node.name.value in ("__schema", "__type") and self._check_depth(node):
+            self.report_error(
+                GraphQLError(
+                    "Maximum introspection depth exceeded",
+                    [node],
+                )
+            )
+            return SKIP
+        return None

src/graphql/validation/specified_rules.py

@@ -45,6 +45,9 @@
 # Schema definition language:
 from .rules.lone_schema_definition import LoneSchemaDefinitionRule
 
+# No spec section: "Maximum introspection depth"
+from .rules.max_introspection_depth_rule import MaxIntrospectionDepthRule
+
 # Spec Section: "Fragments must not form cycles"
 from .rules.no_fragment_cycles import NoFragmentCyclesRule
 
@@ -115,8 +118,13 @@
 if TYPE_CHECKING:
     from .rules import ASTValidationRule
 
-__all__ = ["specified_rules", "specified_sdl_rules"]
+__all__ = ["recommended_rules", "specified_rules", "specified_sdl_rules"]
+
+
+# Technically these aren't part of the spec but they are strongly encouraged
+# validation rules.
 
+recommended_rules: tuple[type[ASTValidationRule], ...] = (MaxIntrospectionDepthRule,)
 
 # This list includes all validation rules defined by the GraphQL spec.
 #
@@ -154,6 +162,7 @@
     VariablesInAllowedPositionRule,
     OverlappingFieldsCanBeMergedRule,
     UniqueInputFieldNamesRule,
+    *recommended_rules,
 )
 """A tuple with all validation rules defined by the GraphQL specification.