Merge pull request #980 from constructive-io/devin/1776247185-safe-error-codes

feat: add missing SAFE_ERROR_CODES for rate limiting and auth errors

Author: pyramation

graphql/server/src/middleware/graphile.ts

@@ -36,6 +36,19 @@ const SAFE_ERROR_CODES = new Set([
   'INVITE_LIMIT',
   'INVITE_EMAIL_NOT_FOUND',
   'INVALID_CREDENTIALS',
+  // CSRF
+  'CSRF_TOKEN_REQUIRED',
+  'INVALID_CSRF_TOKEN',
+  // Rate limiting / throttling
+  'TOO_MANY_REQUESTS',
+  'PASSWORD_RESET_LOCKED_EXCEED_ATTEMPTS',
+  // TOTP
+  'TOTP_NOT_ENABLED',
+  // Account / resource operations
+  'NULL_VALUES_DISALLOWED',
+  'OBJECT_NOT_FOUND',
+  'LIMIT_REACHED',
+  'REQUIRES_ONE_OWNER',
   // PublicKeySignature
   'FEATURE_DISABLED',
   'INVALID_PUBLIC_KEY',