I'm a huge fan of GraphQL but since leaving Meta and exploring what's going on with GraphQL in the wild, its a bit scary/risky how people are adopting it.<p>Background -- I worked on integrity & security at Meta and little of the abuse protections we had internally seem to exist in wild. (also, I am not the speaker in the video)<p>Apollo has auto-persisted queries and query allow-listing so +1 there.
Not much out there in the way of rate limiting, write policies, row level and edge level privacy from what I can tell.