Adjusted complexity limiter for developer mode

Author: rogyar

lib/internal/Magento/Framework/GraphQl/Query/QueryComplexityLimiter.php

@@ -16,6 +16,8 @@
  * Sets limits for query complexity. A single GraphQL query can potentially
  * generate thousands of database operations so, the very complex queries
  * should be filtered and rejected.
+ *
+ * https://github.com/webonyx/graphql-php/blob/master/docs/security.md#query-complexity-analysis
  */
 class QueryComplexityLimiter
 {
@@ -42,15 +44,15 @@ public function __construct(
     }
 
     /**
-     * @param bool $disableIntrospection
+     * @param bool $developerMode
      */
-    public function execute(bool $disableIntrospection = false): void
+    public function execute(bool $developerMode = false): void
     {
-        DocumentValidator::addRule(new QueryDepth($this->queryDepth));
         DocumentValidator::addRule(new QueryComplexity($this->queryComplexity));
 
-        if ($disableIntrospection) {
+        if (!$developerMode) {
             DocumentValidator::addRule(new DisableIntrospection());
+            DocumentValidator::addRule(new QueryDepth($this->queryDepth));
         }
     }
 }

lib/internal/Magento/Framework/GraphQl/Query/QueryProcessor.php

@@ -24,7 +24,7 @@ class QueryProcessor
     /**
      * @var QueryComplexityLimiter
      */
-    protected $queryComplexityLimiter;
+    private $queryComplexityLimiter;
 
     /**
      * @param ExceptionFormatter $exceptionFormatter
@@ -55,8 +55,8 @@ public function process(
         array $variableValues = null,
         string $operationName = null
     ) : array {
-        $disableIntrospection = !$this->exceptionFormatter->shouldShowDetail();
-        $this->queryComplexityLimiter->execute($disableIntrospection);
+        $developerMode = !$this->exceptionFormatter->shouldShowDetail();
+        $this->queryComplexityLimiter->execute($developerMode);
 
         $rootValue = null;
         return \GraphQL\GraphQL::executeQuery(