Disable introspection

[alimoli]

As for security, I think a simple feature to disable schema introspection should have high priority in this library.
I think we have already some PRs and suggestions from "issues" on how to approach it.
Is it something are you going to integrate/merge?
Honestly, I thank you so much for this project, but as already raised from other developers, this project seems dead.
Many good PRs never merged, nor evaluated.

[srauba]

Hey, it is possible to disable the introspection with this library.

graphql.SchemaMetaFieldDef.Resolve = func(p graphql.ResolveParams) (any, error) {
    if !isAuthorized(p.Context) {
        return nil, errors.New("unauthorized")
    }
    return p.Info.Schema, nil
}

graphql.TypeMetaFieldDef.Resolve = func(p graphql.ResolveParams) (any, error) {
    if !isAuthorized(p.Context) {
        return nil, errors.New("unauthorized")
    }
    name, _ := p.Args["name"].(string)
    return p.Info.Schema.Type(name), nil
}

You can hook into the context to pass your auth state and gate introspection however you like — API key, role check, environment flag, etc.

Hope that helps!