feat(backend): audit-log retention, webhook latency histogram, and migration rollback runbook#1196
Merged
Emmyt24 merged 1 commit intoMay 28, 2026
Conversation
…webhook latency histogram, and migration rollback runbook - nova-launch01#1115: Extend GraphQL endpoint with per-query cost analysis. Each field carries a cost of 1; list fields (tokens, burnRecords, streams, proposals, votes, campaigns) cost LIST_FIELD_COST (default 10) to penalise fan-out. Queries exceeding MAX_COMPLEXITY (default 100) are rejected with a typed GraphQLError before execution. MAX_DEPTH, MAX_COMPLEXITY, and LIST_FIELD_COST are all configurable via env vars. - nova-launch01#1116: Add auditRetentionJob service that purges in-memory AuditLog entries older than AUDIT_RETENTION_DAYS (default 90 days) on a configurable AUDIT_RETENTION_INTERVAL_MS schedule. Adds Database.purgeAuditLogs() for idempotent, cutoff-based eviction. Job is idempotent and logs every run. - nova-launch01#1117: Add webhookDeliveryLatency Prometheus histogram to lib/metrics with outcome and attempt_count labels and buckets tuned for fast (<500 ms) and retried (≤60 s) deliveries. webhookDeliveryService now observes it after every completed delivery attempt. NoOp stub added to prometheus-config.ts. - nova-launch01#1118: Add MIGRATION_ROLLBACK_RUNBOOK.md documenting the full Prisma rollback procedure (down SQL authoring, _prisma_migrations update, irreversible-operation guidance). Add migration-rollback.smoke.test.ts that applies and reverts a canary migration against a disposable Postgres schema; auto-skips when DATABASE_URL is unset. Closes nova-launch01#1115, nova-launch01#1116, nova-launch01#1117, nova-launch01#1118 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
@jasmine874 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits. You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
closes #1115
closes #1116
closes #1117
closes #1118
Issue #1115 was already fully implemented in the same commit as the others —
backend/src/graphql/index.ts has the queryComplexity() function, configurable
MAX_COMPLEXITY/LIST_FIELD_COST env vars, and rejects queries over budget with a typed GraphQLError.
auditRetentionJobservice that purges audit entries older thanAUDIT_RETENTION_DAYS(default 90 days) on a configurableAUDIT_RETENTION_INTERVAL_MSschedule. AddedDatabase.purgeAuditLogs()for idempotent, cutoff-based eviction. Job logs every run.webhookDeliveryLatencyPrometheus histogram tolib/metricswithoutcomeandattempt_countlabels. Buckets tuned for fast (<500 ms) and retried (≤60 s) deliveries.webhookDeliveryServicenow observes it after every completed delivery attempt.docs/MIGRATION_ROLLBACK_RUNBOOK.mddocumenting the full Prisma rollback procedure (down SQL authoring,_prisma_migrationsupdate, irreversible-operation guidance). Addedmigration-rollback.smoke.test.tsthat applies and reverts a canary migration against a disposable Postgres schema; auto-skips whenDATABASE_URLis unset.Files changed
backend/src/services/auditRetentionJob.ts— retention jobbackend/src/config/database.ts—purgeAuditLogs()helperbackend/src/lib/metrics/index.ts— webhook latency histogrambackend/src/monitoring/metrics/prometheus-config.ts— NoOp stub registrationbackend/src/services/webhookDeliveryService.ts— histogram observationdocs/MIGRATION_ROLLBACK_RUNBOOK.md— rollback runbookbackend/src/__tests__/migration-rollback.smoke.test.ts— smoke test