Skip to content

perf: DB indexes, eliminate double-query delete, strip hot-path debug logging#1

Merged
Karanpratap7 merged 8 commits into
mainfrom
copilot/setup-project-environment
Apr 4, 2026
Merged

perf: DB indexes, eliminate double-query delete, strip hot-path debug logging#1
Karanpratap7 merged 8 commits into
mainfrom
copilot/setup-project-environment

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 4, 2026

Addresses several performance and security gaps across the stack: missing MongoDB indexes on all queried fields, a redundant round-trip on every delete, and an Axios interceptor leaking auth tokens into console logs on every request.

Database indexes

Three indexes added to schema definitions (before mongoose.model() — after is silently ignored by Mongoose):

userSchema.index({ skills: 1 });                   // searchUsersBySkills $in
projectSchema.index({ owner: 1, createdAt: -1 });  // getUserProjects filter+sort in one pass
projectSchema.index({ techStack: 1 });             // searchProjectsByTech $in

Eliminate double DB round-trip on delete

deleteProject was doing findById (ownership check) → findByIdAndDelete (delete) — two round-trips for a document already in memory:

// Before
await Project.findByIdAndDelete(req.params.id);

// After — reuses already-fetched document
await project.deleteOne();

Strip hot-path debug logging

The Axios request interceptor logged the full config (including Authorization header) on every call; response interceptor logged full payloads. Both removed. 401 redirect logic retained.

Dead client API methods removed

  • userAPI.getProfile — exact duplicate of userAPI.getUser
  • userAPI.updateUser — called PUT /api/users/:id, a route that has never existed

Rate limiting on DELETE /api/projects/:id

The delete route was the only mutation endpoint without rate limiting. Added mutationLimiter (30 req/min) matching the existing pattern in routes/users.js.

Copilot AI and others added 8 commits April 1, 2026 15:58
@Karanpratap7
setup: install deps, fix lint, add tests, fix Profile component
9920e02 
Agent-Logs-Url: https://github.com/Karanpratap7/DevLinkUp/sessions/d771181f-9545-47d8-8a8c-f0895c81784e

Co-authored-by: Karanpratap7 <137878890+Karanpratap7@users.noreply.github.com>
@Karanpratap7
fix: double /api URL bug, add missing updateProfile, fix call site
67172e3 
Agent-Logs-Url: https://github.com/Karanpratap7/DevLinkUp/sessions/f8bb99cc-7875-4d7b-8a16-b4d507a3c3cc

Co-authored-by: Karanpratap7 <137878890+Karanpratap7@users.noreply.github.com>
@Karanpratap7
test: comprehensive test suite with 97% server coverage, 111 client t…
26cd60c 
…ests

Agent-Logs-Url: https://github.com/Karanpratap7/DevLinkUp/sessions/54113b85-03ca-4456-9158-b3ae207e3a90

Co-authored-by: Karanpratap7 <137878890+Karanpratap7@users.noreply.github.com>
@Karanpratap7
fix: add rate limiting to /users/search; fix aria-label on loading sp…
5429aa7 
…inner

Agent-Logs-Url: https://github.com/Karanpratap7/DevLinkUp/sessions/54113b85-03ca-4456-9158-b3ae207e3a90

Co-authored-by: Karanpratap7 <137878890+Karanpratap7@users.noreply.github.com>
@Karanpratap7
fix: auth bugs - _id in responses, no global spinner during login/reg…
60112a2 
…ister, AuthContext tests

Agent-Logs-Url: https://github.com/Karanpratap7/DevLinkUp/sessions/0a696142-6060-46e0-a141-bc74bd174ffa

Co-authored-by: Karanpratap7 <137878890+Karanpratap7@users.noreply.github.com>
@Karanpratap7
fix: setupFiles not setupFilesAfterEnv; increase search rate limit to…
f19b0d9 
… 60/min

Agent-Logs-Url: https://github.com/Karanpratap7/DevLinkUp/sessions/0a696142-6060-46e0-a141-bc74bd174ffa

Co-authored-by: Karanpratap7 <137878890+Karanpratap7@users.noreply.github.com>
@Karanpratap7
fix: code quality - lint errors, dead code, security, error logging, …
1b0b6e6 
…owner comparison bug

Agent-Logs-Url: https://github.com/Karanpratap7/DevLinkUp/sessions/36781746-e387-4359-b941-7fb7a644f608

Co-authored-by: Karanpratap7 <137878890+Karanpratap7@users.noreply.github.com>
@Karanpratap7
perf: database indexes, eliminate double-query delete, remove hot-pat…
b77013e 
…h debug logging

Agent-Logs-Url: https://github.com/Karanpratap7/DevLinkUp/sessions/dc173194-4cc5-424f-8c61-aec8a0b36824

Co-authored-by: Karanpratap7 <137878890+Karanpratap7@users.noreply.github.com>
@vercel
Copy link
Copy Markdown

vercel Bot commented Apr 4, 2026

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
dev-link-up Ready Ready Preview, Comment Apr 4, 2026 10:08am

@Karanpratap7 Karanpratap7 marked this pull request as ready for review April 4, 2026 10:09
@Karanpratap7 Karanpratap7 merged commit 13e2f70 into main Apr 4, 2026
3 checks passed
@Karanpratap7 Karanpratap7 deleted the copilot/setup-project-environment branch April 4, 2026 10:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@Karanpratap7 Karanpratap7

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Karanpratap7