Fix N+1 issue for GraphQL VulnerabilityType (!116643) · Merge requests · GitLab.org / GitLab

Jarka Košanová requested to merge fix-vuln-graphql-performance into master Apr 04, 2023

What does this MR do and why?

This MR fixes the N+1 problem caused by authorization.

Basically, authorization is made for every single record that is found, even for collections. I moved the authorizations to resolvers/fields.

I think it is a general GraphQL problem, opened to discussion, maybe even as a follow-up issue.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Apr 04, 2023 by Jarka Košanová

Fix N+1 issue for GraphQL VulnerabilityType

What does this MR do and why?

MR acceptance checklist

Merge request reports