Hello, I want to make sure my ProseMirror editor is production-ready and able to handle also potential malicious users and bugs. We are using ProseMirror as a collaborative editor. We would like to validate all steps coming from the client before storing them on the server. We’ve been looking into the idea of having the full current document state instance in memory on the server and try to apply new steps (that may come for different users collaboratively editing the same document) to this state that is in memory on the server and only if it can be applied without problems, store the new steps with changes to our database.
What we are wondering if this is a plausible approach and if there’s something we may take into account before doing this and if there’s any other approach that you recommend to validate steps sent by different clients to the same document? We worry that there might be additional complexity of having all those documents be in memory of the server and keeping them in sync, especially if we consider horizontal scaling of servers. Is there an easier way to validate steps instead of having to keep the state instance for each document around in memory?