kjanat/livedash-node
1
0
Fork 0
mirror of https://github.com/kjanat/livedash-node.git synced 2026-01-16 14:12:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: enhance security, performance, and stability

Browse Source 
This commit introduces a range of improvements across the application:

- **Security:**
  - Adds authentication to the CSP metrics endpoint.
  - Hardens CSP bypass detection regex to prevent ReDoS attacks.
  - Improves CORS headers for the CSP metrics API.
  - Adds filtering for acknowledged alerts in security monitoring.

- **Performance:**
  - Optimizes database connection pooling for NeonDB.
  - Improves session fetching with abort controller.

- **Stability:**
  - Adds error handling to the tRPC demo component.
  - Fixes type inconsistencies in session data mapping.

- **Docs & DX:**
  - Ignores  files in git.
  - Fixes a token placeholder in the documentation.
This commit is contained in:
Kaj Kowalski
2025-07-12 01:03:52 +02:00
parent 314326400e
commit 7a3eabccd9
9 changed files with 173 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
lib/database-pool.ts
View File

@ -21,15 +21,24 @@ export const createEnhancedPrismaClient = () => {
? { rejectUnauthorized: false }
: undefined,
// Connection pool settings
max: env.DATABASE_CONNECTION_LIMIT || 20, // Maximum number of connections
// Connection pool settings optimized for Neon
max: env.DATABASE_CONNECTION_LIMIT || 15, // Maximum number of connections (reduced for Neon)
min: 2, // Minimum connections to keep warm (prevent auto-pause)
idleTimeoutMillis: env.DATABASE_POOL_TIMEOUT * 1000 || 30000, // Use env timeout
connectionTimeoutMillis: 5000, // 5 seconds
query_timeout: 10000, // 10 seconds
statement_timeout: 10000, // 10 seconds
connectionTimeoutMillis: 10000, // 10 seconds (increased for Neon cold starts)
query_timeout: 15000, // 15 seconds (increased for Neon)
statement_timeout: 15000, // 15 seconds (increased for Neon)
// Keepalive settings to prevent Neon auto-pause
keepAlive: true,
keepAliveInitialDelayMillis: 10000,
// Application name for monitoring in Neon dashboard
application_name:
dbUrl.searchParams.get("application_name") || "livedash-app",
// Connection lifecycle
allowExitOnIdle: true,
allowExitOnIdle: false, // Keep minimum connections alive for Neon
};
const adapter = new PrismaPg(poolConfig);