From f0bc04eee1ab2fb374aa4420e763fe8f70bfad9d Mon Sep 17 00:00:00 2001
From: sahan <sahan.dissanayake@roamdigital.com>
Date: Sat, 6 Nov 2021 16:56:28 +1300
Subject: [PATCH 1/2] fix: remove security vulnerability of exposing graph in
 production environment

---
 src/jsutils/didYouMean.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/jsutils/didYouMean.ts b/src/jsutils/didYouMean.ts
index 33e10a42c1..1d7c281a9c 100644
--- a/src/jsutils/didYouMean.ts
+++ b/src/jsutils/didYouMean.ts
@@ -12,6 +12,10 @@ export function didYouMean(
   firstArg: string | ReadonlyArray<string>,
   secondArg?: ReadonlyArray<string>,
 ) {
+  if (process.ENV.NODE_ENV === 'production') {
+    return ''
+  };
+
   const [subMessage, suggestionsArg] = secondArg
     ? [firstArg as string, secondArg]
     : [undefined, firstArg as ReadonlyArray<string>];

From 482f1477ed7b5b7623ed79d598746fb5b6577588 Mon Sep 17 00:00:00 2001
From: sahan <sahan.dissanayake@roamdigital.com>
Date: Sat, 6 Nov 2021 17:08:41 +1300
Subject: [PATCH 2/2] chore: correct env value on process

---
 src/jsutils/didYouMean.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/jsutils/didYouMean.ts b/src/jsutils/didYouMean.ts
index 1d7c281a9c..64e8c69ee7 100644
--- a/src/jsutils/didYouMean.ts
+++ b/src/jsutils/didYouMean.ts
@@ -12,7 +12,7 @@ export function didYouMean(
   firstArg: string | ReadonlyArray<string>,
   secondArg?: ReadonlyArray<string>,
 ) {
-  if (process.ENV.NODE_ENV === 'production') {
+  if (process.env.NODE_ENV === 'production') {
     return ''
   };