Add optional maxDepth and maxAliases execution options

Add opt-in depth and alias limits to the execution engine to mitigate
denial-of-service attacks via deeply nested queries and alias bombing.

- maxDepth: limits the field nesting depth during execution. When a
  field exceeds the configured depth, a GraphQLError is raised and the
  parent field resolves to null (standard error handling).

- maxAliases: limits the number of response keys (including aliases)
  per selection set. When exceeded, a GraphQLError is raised before
  the selection set is executed.

Both options are undefined by default, preserving full backwards
compatibility. They are passed via ExecutionArgs.options alongside the
existing maxCoercionErrors option.

Fixes #4662

Author: eddieran