A new open-source tool called graphql-safe-depth aims to prevent denial-of-service attacks by limiting the execution depth of GraphQL queries. Unlike other libraries, it focuses on actual resolver depth rather than field count, reducing false positives and improving reliability.

Deep queries in GraphQL can trigger excessive resolver executions, N+1 problems, and memory overuse. Without built-in limits, servers must handle this risk. Many existing solutions either break introspection queries or are hard to configure, leaving developers vulnerable or confused.

The library integrates with Apollo Server and NestJS, offering simple setup and clear configuration. It supports TypeScript, ignores introspection by default, and works with fragments. For production use, experts recommend combining it with rate limiting, authentication, and query complexity controls.

Developers can install it via npm or yarn. The tool is ready for real-world deployment, backed by a stable v1.0 release.