[v6 PROD RELEASE] - dev -> master #3
Conversation
chore(PM-2539): added timeout for prisma service
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| jobs: | ||
| trivy-scan: | ||
| name: Use Trivy | ||
| runs-on: ubuntu-24.04 |
There was a problem hiding this comment.
[maintainability]
Consider using a stable version of the runner, such as ubuntu-latest, instead of ubuntu-24.04 to ensure compatibility and support. The specific version ubuntu-24.04 may not be available or supported in the future.
| ignore-unfixed: true | ||
| format: "sarif" | ||
| output: "trivy-results.sarif" | ||
| severity: "CRITICAL,HIGH,UNKNOWN" |
There was a problem hiding this comment.
[❗❗ correctness]
The severity level UNKNOWN is not a standard Trivy severity level. Consider removing it to avoid potential issues with the scan results.
| @@ -0,0 +1,17 @@ | |||
| -- CreateIndex | |||
| CREATE INDEX "Group_status_organizationId_idx" ON "Group"("status", "organizationId"); | |||
There was a problem hiding this comment.
[performance]
Consider evaluating the selectivity of the status and organizationId columns. If either column has low cardinality, the index might not significantly improve query performance.
| CREATE INDEX "Group_status_organizationId_idx" ON "Group"("status", "organizationId"); | ||
|
|
||
| -- CreateIndex | ||
| CREATE INDEX "Group_domain_idx" ON "Group"("domain"); |
There was a problem hiding this comment.
[performance]
Ensure that the domain column has a high cardinality. Indexing columns with low cardinality may not provide significant performance benefits.
| CREATE INDEX "Group_domain_idx" ON "Group"("domain"); | ||
|
|
||
| -- CreateIndex | ||
| CREATE INDEX "Group_ssoId_idx" ON "Group"("ssoId"); |
There was a problem hiding this comment.
[performance]
Verify that the ssoId column is frequently used in query filters or joins. Indexing columns that are rarely used in queries may not be beneficial.
| CREATE INDEX "Group_ssoId_idx" ON "Group"("ssoId"); | ||
|
|
||
| -- CreateIndex | ||
| CREATE INDEX "Group_privateGroup_status_idx" ON "Group"("privateGroup", "status"); |
There was a problem hiding this comment.
[performance]
Check the cardinality of the privateGroup and status columns. Indexing columns with low cardinality might not yield substantial performance improvements.
| CREATE INDEX "Group_privateGroup_status_idx" ON "Group"("privateGroup", "status"); | ||
|
|
||
| -- CreateIndex | ||
| CREATE INDEX "GroupMember_memberId_membershipType_idx" ON "GroupMember"("memberId", "membershipType"); |
There was a problem hiding this comment.
[performance]
Ensure that the memberId and membershipType columns are frequently queried together. If not, consider separate indexes or reevaluating the need for this composite index.
| CREATE INDEX "GroupMember_memberId_membershipType_idx" ON "GroupMember"("memberId", "membershipType"); | ||
|
|
||
| -- CreateIndex | ||
| CREATE INDEX "User_universalUID_idx" ON "User"("universalUID"); |
There was a problem hiding this comment.
[performance]
Verify that the universalUID column is used in query filters or joins. Indexing columns that are not frequently queried may not be necessary.
| @@index([name]) // Index for filtering by name | ||
| @@index([status]) // Index for filtering by status | ||
| @@index([oldId]) // Index for filtering by oldId | ||
| @@index([status, organizationId]) |
There was a problem hiding this comment.
[performance]
Consider the potential impact on query performance when adding multiple indexes. While adding indexes can improve read performance, it can also slow down write operations and increase storage requirements. Ensure that these indexes are necessary for your application's query patterns.
| @@index([groupId]) // Index for joining with group table | ||
| @@index([memberId]) // Index for filtering by memberId | ||
| @@map("GroupMember") | ||
| @@index([memberId, membershipType]) |
There was a problem hiding this comment.
[performance]
Ensure that the new index on [memberId, membershipType] aligns with your query patterns. Adding composite indexes can be beneficial, but they should be justified by actual query needs to avoid unnecessary overhead.
| updatedAt DateTime @updatedAt | ||
| updatedBy String? | ||
| @@index([universalUID]) |
There was a problem hiding this comment.
[performance]
Adding an index on universalUID is generally beneficial for lookups, but ensure that this field is queried frequently enough to justify the index. Consider the trade-offs in write performance and storage.
| constructor(private readonly prismaErrorService?: PrismaErrorService) { | ||
| super({ | ||
| transactionOptions: { | ||
| timeout: process.env.GROUPS_SERVICE_PRISMA_TIMEOUT |
There was a problem hiding this comment.
[correctness]
Consider validating the environment variable process.env.GROUPS_SERVICE_PRISMA_TIMEOUT to ensure it is a valid number before parsing. This will prevent potential runtime errors if the environment variable is set to a non-numeric value.
No description provided.