Skip to content

Runtime Security Enhancements / Configs #68

New issue
New issue
Open
Open
Runtime Security Enhancements / Configs#68
Labels
enhancementNew feature or request
@cawalch

Description

@cawalch
cawalch
opened on Jul 13, 2025

Security Enhancements

  • max query depth - this allows setting (or using default) recursion depth limits to prevent stack overflow attacks through deeply nested queries

  • max output size - set / default a max size of query results to prevent mem exhaustion

  • execution time limit - query execution time limits to prevent Denial of Service (DoS) through complex queries (this might be better controlled by the caller, and avoiding support for features that could lead to excessive computational operations)

  • function allow-listing - only allow specific built-in functions (e.g. exclude merge if obj manipulation is risky)

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions