Gate console.time/timeEnd performance logs behind DEBUG flag in data …

[ayash911]

Internal performance logs (console.time()) in the data.controller.js have been successfully gated behind a DEBUG environment variable. This ensures production logs remain clean while keeping performance tracing available for development.

---

🚀 Pull Request Description

Fixes #69

Gated high-frequency console.time() and console.timeEnd() performance logs in apps/public-api/src/controllers/data.controller.js behind a process.env.DEBUG === 'true' flag. This significantly reduces log noise in production environments while allowing developers to enable performance tracing by setting the flag.

🛠️ Type of Change

• 🐛 Bug fix (non-breaking change which fixes an issue)
• ✨ New feature (non-breaking change which adds functionality)
• 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
• 📝 Documentation update
• 🎨 UI/UX improvement (Frontend only)
• ⚙️ Refactor / Chore

🧪 Testing & Validation

Backend Verification:

• I have run npm run lint in the apps/public-api workspace and it passed.
• I have run npm test (Note: Local environment limitations restricted full jest execution, but logic was manually verified for zero-impact on API responses).
• I have verified the API endpoints using Postman/Thunder Client.
• New unit tests have been added (if applicable).

Frontend Verification:

• I have run npm run lint in the frontend/ directory.
• Verified the UI changes on different screen sizes (Responsive).
• Checked for any console errors in the browser dev tools.

📸 Screenshots / Recordings (Optional)

N/A

✅ Checklist

• My code follows the code style of this project.
• I have performed a self-review of my code.
• I have commented my code, particularly in hard-to-understand areas.
• My changes generate no new warnings or errors.
• I have updated the documentation (Walkthrough) accordingly.

---

Built with ❤️ for urBackend.

Summary by CodeRabbit

• Chores
  • Optimized execution-time logging so timing information is recorded only when debug mode is enabled, reducing runtime overhead in normal operation.
• Tests
  • Added Jest as a standard development testing dependency to unify and simplify local test tooling.

[vercel]

@ayash911 is attempting to deploy a commit to the Yash Pouranik's projects Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a47b836b-4459-4ea3-8d8c-3140876957f1

📥 Commits

Reviewing files that changed from the base of the PR and between 332ce98 and c94e9cc.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (2)

• apps/public-api/package.json
• apps/public-api/src/controllers/data.controller.js

🚧 Files skipped from review as they are similar to previous changes (2)

• apps/public-api/package.json
• apps/public-api/src/controllers/data.controller.js

---

📝 Walkthrough

Walkthrough

Replaced unguarded console.time()/console.timeEnd() in data controller with perf_hooks performance timing guarded by an isDebug (process.env.DEBUG === 'true') flag; added Jest to devDependencies in apps/public-api/package.json. No API signatures changed.

Changes

Cohort / File(s)	Summary
Data controller timing apps/public-api/src/controllers/data.controller.js	Removed unguarded console.time()/console.timeEnd(); introduced performance from perf_hooks and an isDebug flag to conditionally measure and console.log elapsed ms around insertData and getAllData.
Package manifest apps/public-api/package.json	Added devDependencies.jest: "^30.3.0" and reordered dependency entries; no runtime dependency version changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related issues

• Replace console.time/timeEnd with a structured logger for production observability #73 — Change matches recommendation to replace console.time/console.timeEnd with performance.now() gated by a DEBUG flag.

Poem

🐰 I hopped a beat and checked the clock,

I log my hops when DEBUG unlocks,
Quiet burrows when flags are low,
Soft footprints where clean logs go.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	⚠️ Warning	The PR includes an out-of-scope change: adding jest ^30.3.0 to devDependencies in package.json, which is unrelated to the core objective of guarding debug timers.	Remove the jest dependency addition from package.json unless it is required for testing; focus the PR on the debug timer gating objective from issue #69.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately reflects the main change: gating console.time/timeEnd logs behind a DEBUG flag in the data controller.
Linked Issues check	✅ Passed	The PR fully addresses issue #69 by guarding all console.time/timeEnd calls behind a DEBUG flag and replacing them with performance.now() for proper timing.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces conditional performance timing in the insertData and getAllData controllers based on the DEBUG environment variable. The review feedback points out a concurrency bug where static labels in console.time can cause inaccurate results in an asynchronous environment and suggests caching the environment variable lookup to improve performance.

[coderabbitai]

🧹 Nitpick comments (1)

apps/public-api/src/controllers/data.controller.js (1)

15-15: Implementation is correct; consider extracting debug check for DRY.

The gating works as intended. However, the process.env.DEBUG === 'true' check is repeated multiple times across the file. Consider extracting to a constant or helper at the top of the file for maintainability.

♻️ Optional: Extract debug flag to constant

 const { validateData, validateUpdateData } = require("@urbackend/common");
 
+const isDebug = process.env.DEBUG === 'true';
+
 // Validate MongoDB ObjectId
 const isValidId = (id) => mongoose.Types.ObjectId.isValid(id);

Then use it consistently:

-        if (process.env.DEBUG === 'true') console.time("insert data")
+        if (isDebug) console.time("insert data")

Also applies to: 51-51

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/public-api/src/controllers/data.controller.js` at line 15, Extract the
repeated process.env.DEBUG === 'true' check into a single top-level constant
(e.g., IS_DEBUG) and replace all inline checks (used around console.time("insert
data") and console.timeEnd and any other occurrences in this file) with that
constant; update the insert data timing blocks and any other debug gating to
reference IS_DEBUG so the check is DRY and easy to change.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@apps/public-api/src/controllers/data.controller.js`:
- Line 15: Extract the repeated process.env.DEBUG === 'true' check into a single
top-level constant (e.g., IS_DEBUG) and replace all inline checks (used around
console.time("insert data") and console.timeEnd and any other occurrences in
this file) with that constant; update the insert data timing blocks and any
other debug gating to reference IS_DEBUG so the check is DRY and easy to change.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 7a647a31-dcde-47b4-8f6d-05a42bee37fd

📥 Commits

Reviewing files that changed from the base of the PR and between b1cde91 and f25feb3.

📒 Files selected for processing (1)

• apps/public-api/src/controllers/data.controller.js

[yash-pouranik]

@coderabbitai ready to merge? or still any issues

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check the PR status, review comments, and any open issues
gh pr view 71 --repo yash-pouranik/urBackend --json state,reviews,reviewDecision,statusCheckRollup,comments
echo "---"
gh pr checks 71 --repo yash-pouranik/urBackend
echo "---"
# List review comments (inline) on the PR
gh api repos/yash-pouranik/urBackend/pulls/71/comments --jq '.[] | {id: .id, user: .user.login, body: .body, resolved: .resolved}'
echo "---"
# List issue comments
gh api repos/yash-pouranik/urBackend/issues/71/comments --jq '.[] | {id: .id, user: .user.login, body: .body}'

Length of output: 35979

---

@yash-pouranik — Almost there! Here's a quick summary of the current state:

✅ What's good:

• All CI checks pass (lint, tests, CodeQL, CodeRabbit pre-merge checks — 5/5)
• The core objective (guarding console.time/console.timeEnd behind DEBUG) is fully addressed
• Vercel failure is not a code issue — it's just waiting for a team member to authorize the deployment

⚠️ Outstanding concerns before merging:

1. Concurrency bug (raised by gemini-code-assist) — console.time() uses a global label map in Node.js. If two requests hit insertData or getAllData simultaneously, they'll share the same label ("insert data" / "getall") and overwrite each other's timers, producing inaccurate output. A safe fix is to use a unique per-request label or performance.now():

   // Option A: unique label per request
   if (process.env.DEBUG === 'true') {
     const label = `insert data-${Date.now()}-${Math.random()}`;
     console.time(label);
     // ... your logic ...
     console.timeEnd(label);
   }
   
   // Option B: use performance.now() instead
   if (process.env.DEBUG === 'true') {
     const start = performance.now();
     // ... your logic ...
     console.log(`insert data: ${(performance.now() - start).toFixed(2)}ms`);
   }

2. DRY / efficiency (my nitpick + Gemini) — Extract the repeated process.env.DEBUG === 'true' check to a module-level constant (optional but clean):

   + const isDebug = process.env.DEBUG === 'true';

The concurrency issue (#1) is worth addressing if this API handles concurrent traffic in production. If it's low-traffic or used only in dev, it's lower risk. The DRY refactor (#2) is optional.

Would you like me to open an issue to track the concurrency concern, or address it directly in this PR?

[yash-pouranik]

is it a good practice to use console.time in production lvl apps like this @coderabbitai

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

@yash-pouranik — Great question! The short answer is: No, console.time/console.timeEnd is not recommended for production-level apps. Here's why:

---

❌ Why console.time is not ideal for production

1. It's a dev/debug tool, not a production tool.
   console.time() and console.timeEnd() help with analyzing the performance of pieces of your code — but this is not a solution for production; it can be used only when you don't have better tools.

2. It has overhead.
   console.time() uses process.hrtime() under the hood to track start times — it stores the current process.hrtime() in an internal map using the label as the key, then retrieves the start time on timeEnd(), calculates the difference, and formats it as a string for logging. All of this adds non-trivial overhead.

3. Concurrency bug (as previously flagged).
   Since console.time(label) stores the start time in an internal map using the label as the key, two simultaneous requests using the same label (e.g., "insert data") will overwrite each other's timers — making measurements inaccurate under concurrent load.

---

✅ What to use instead in production

Use Case	Recommended Tool
Quick local debug timing	performance.now() (more accurate than console.time)
High-precision benchmarking	process.hrtime.bigint()
Production observability	A structured logger like pino or winston with log levels
Full APM/tracing	Datadog, New Relic, OpenTelemetry

In Node.js programs, prioritize process.hrtime, followed by performance.now, and lastly Date.now — based on considerations of precision and clock synchronization.

---

📌 Verdict on this PR

The PR's approach of gating console.time behind DEBUG === 'true' is a reasonable pragmatic fix for the immediate noise issue (as required by issue #69), but for a proper production-grade API, the long-term recommendation would be to replace these timers entirely with a structured logger that supports log levels (e.g., logger.debug(...)) — so performance tracing integrates cleanly with your log aggregation pipeline rather than printing raw strings to stdout.

Would you like me to open a follow-up issue to track replacing console.time with a structured logger?

[yash-pouranik]

look @coderabbitai I think we should merge this PR and then create a new issue to replace them with real world tools? what say?

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

@yash-pouranik — Totally agree! That's a clean and pragmatic approach:

• ✅ Merge this PR — it fully satisfies issue #69 (no unguarded console.time/console.timeEnd left in production paths)
• 📋 Track the proper long-term solution in a new issue

Let me create that follow-up issue now!

---

🏁 Script executed:

#!/bin/bash
gh issue create \
  --repo yash-pouranik/urBackend \
  --title "Replace console.time/timeEnd with a structured logger for production observability" \
  --body "## Background

In PR `#71` (and issue `#69`), \`console.time()\`/\`console.timeEnd()\` calls in \`apps/public-api/src/controllers/data.controller.js\` were gated behind \`process.env.DEBUG === 'true'\` as a pragmatic short-term fix.

However, \`console.time\` is a dev/debug utility and is **not recommended for production-grade applications** for the following reasons:

- **Overhead**: It stores start times in an internal map using the label as the key, adds string formatting on every call.
- **Concurrency bug**: Concurrent requests sharing the same label (e.g., \`\"insert data\"\`) overwrite each other's timer start times, producing inaccurate measurements under load.
- **Not log-level aware**: Cannot be silenced or routed through a log aggregation pipeline.

## Goal

Replace \`console.time\`/\`console.timeEnd\` (and potentially other bare \`console.*\` calls) with a structured logger that supports log levels, so performance/debug tracing integrates cleanly with the application's observability pipeline.

## Suggested options

| Use Case | Recommended Tool |
|---|---|
| Quick per-request timing | \`performance.now()\` or \`process.hrtime.bigint()\` |
| Structured logging with log levels | [pino](https://github.com/pinojs/pino) or [winston](https://github.com/winstonjs/winston) |
| Full APM/distributed tracing | OpenTelemetry, Datadog, New Relic |

## Acceptance criteria

- [ ] No bare \`console.time\`/\`console.timeEnd\` calls remain in \`apps/public-api/src/\`
- [ ] A structured logger (e.g., pino or winston) is introduced with appropriate log levels (\`debug\`, \`info\`, \`warn\`, \`error\`)
- [ ] Performance timing is done with \`performance.now()\` or \`process.hrtime.bigint()\` with unique per-request identifiers to avoid concurrency issues
- [ ] Existing tests continue to pass

## References

- Fixes follow-up from PR `#71`
- Original issue: `#69`
- Requested by: `@yash-pouranik`" \
  --assignee yash-pouranik

Length of output: 52

---

@yash-pouranik — Done! 🎉 Follow-up issue created: #73 — Replace console.time/timeEnd with a structured logger for production observability

It covers:

• The concurrency pitfall with shared timer labels
• Recommended alternatives (performance.now(), pino, winston, OpenTelemetry)
• Clear acceptance criteria for a future PR

This PR (#71) is ready to merge — all 5 CI checks pass and it fully satisfies issue #69. Go ahead and hit that merge button! 🚀

[yash-pouranik]

@ayash911 is there anything u wanna update or may i manually review an then merge?

[ayash911]

@yash-pouranik i have refactoed the code please review

[yash-pouranik]

@ayash911 okay

[yash-pouranik]

@ayash911 have you tested locally??

[yash-pouranik]

You havent added this package to dependencies?? It seems like you are just adding the code, not actually running?

[yash-pouranik]

@ayash911

[yash-pouranik]

@coderabbitai does this also solve #73 ?

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Get the current PR diff
gh pr diff 71 --repo yash-pouranik/urBackend
echo "=== PR FILES ==="
gh pr view 71 --repo yash-pouranik/urBackend --json files --jq '.files[].path'
echo "=== ISSUE `#73` ==="
gh issue view 73 --repo yash-pouranik/urBackend --json title,body,state --jq '{title: .title, state: .state, body: .body}'

Length of output: 5211

---

@yash-pouranik — Partially, but not fully. Here's the breakdown against issue #73's acceptance criteria:

Acceptance Criterion	Status
No bare console.time/console.timeEnd remain in apps/public-api/src/	✅ Done — fully removed
Performance timing uses performance.now() / no concurrency bug	✅ Done — performance.now() is used and the shared-label concurrency issue is fixed
A structured logger (pino / winston) introduced with log levels	❌ Not done — the output still falls back to raw console.log('[DEBUG] ...')
Existing tests continue to pass	❓ Unknown (not verified locally per PR description)

Bottom line: The refactored PR solves the console.time/console.timeEnd concerns (criteria 1 & 3 of #73), but issue #73 still remains open because the core ask — replacing bare console.* calls with a structured logger like pino or winston — hasn't been done. The console.log on the debug output line is still unstructured.

So the flow would be:

• ✅ Merge PR #71 — it satisfies issue #69 and partially improves #73
• 📋 Keep #73 open for a future PR that introduces pino/winston with proper log levels

[yash-pouranik]

@ayash911 please update dependency, this is the last thing remaining, i resolved the conflict , then will merge this

[coderabbitai]

🧹 Nitpick comments (1)

apps/public-api/package.json (1)

17-17: Prefer workspace:* for local monorepo dependencies instead of wildcard.

At Line 17, "@urbackend/common": "*" should use the workspace protocol since @urbackend/common is a local package in this monorepo. This ensures reproducible installs and explicit workspace linkage.

Proposed change

-    "@urbackend/common": "*",
+    "@urbackend/common": "workspace:*",

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@apps/public-api/package.json` at line 17, The dependency entry
"@urbackend/common": "*" in package.json should use the workspace protocol for
local monorepo linkage; replace the wildcard version with "workspace:*" for the
"@urbackend/common" dependency in apps/public-api's package.json so installs use
the workspace protocol and preserve explicit local linking.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@apps/public-api/package.json`:
- Line 17: The dependency entry "@urbackend/common": "*" in package.json should
use the workspace protocol for local monorepo linkage; replace the wildcard
version with "workspace:*" for the "@urbackend/common" dependency in
apps/public-api's package.json so installs use the workspace protocol and
preserve explicit local linking.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 44c6211f-032e-4d76-80d1-35e03e5bc341

📥 Commits

Reviewing files that changed from the base of the PR and between f25feb3 and 332ce98.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (2)

• apps/public-api/package.json
• apps/public-api/src/controllers/data.controller.js

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/public-api/src/controllers/data.controller.js

[yash-pouranik]

@ayash911 I told you that i resolved merge conflicts still, so you should have to pull new chnages and then do required updates, but you again did yourself and force pushed?? seriously? Like the data.controller.js file now has too many errors I can see, check the copmare button just after you commit, It shows you have removed imp piece of work in this file - data.controller.js

[yash-pouranik]

@coderabbitai feels like this file data.controller.js has lost some code?

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Get the current PR diff for data.controller.js
gh pr diff 71 --repo yash-pouranik/urBackend -- apps/public-api/src/controllers/data.controller.js
echo "=== PR STATUS ==="
gh pr view 71 --repo yash-pouranik/urBackend --json baseRefName,headRefName,commits
echo "=== FILE ON PR BRANCH (head) ==="
gh api repos/yash-pouranik/urBackend/contents/apps/public-api/src/controllers/data.controller.js?ref=feature/gate-debug-timers --jq '.content' | base64 -d
echo "=== FILE ON MAIN BRANCH ==="
gh api repos/yash-pouranik/urBackend/contents/apps/public-api/src/controllers/data.controller.js?ref=main --jq '.content' | base64 -d

Length of output: 8882

---

🏁 Script executed:

#!/bin/bash
# Fetch file from the latest PR commit SHA directly
echo "=== FILE ON PR BRANCH (via commit SHA) ==="
gh api "repos/yash-pouranik/urBackend/contents/apps/public-api/src/controllers/data.controller.js?ref=c94e9cc6c68235864039f8a2f46cd7968366391a" --jq '.content' | base64 -d

echo ""
echo "=== COMPARE: line counts ==="
echo "--- main ---"
gh api "repos/yash-pouranik/urBackend/contents/apps/public-api/src/controllers/data.controller.js?ref=main" --jq '.content' | base64 -d | wc -l
echo "--- PR branch (latest commit) ---"
gh api "repos/yash-pouranik/urBackend/contents/apps/public-api/src/controllers/data.controller.js?ref=c94e9cc6c68235864039f8a2f46cd7968366391a" --jq '.content' | base64 -d | wc -l

Length of output: 7474

---

@yash-pouranik — Good news: no code was lost. I compared data.controller.js line-by-line between main and the PR branch's latest commit. Here's the summary:

	main	PR branch (latest commit)
Lines	250	255 (+5 added)
insertData	✅	✅
getAllData	✅	✅
getSingleDoc	✅	✅
updateSingleData	✅	✅
deleteSingleDoc	✅	✅

The PR branch actually has more lines than main — all 5 controller handlers are fully intact. The force push correctly merged the upstream changes and added these lines:

const { performance } = require('perf_hooks');
const isDebug = process.env.DEBUG === 'true';

// in insertData:
let start;
if (isDebug) start = performance.now();
// ...
if (isDebug) console.log(`[DEBUG] insert data took ${(performance.now() - start).toFixed(2)}ms`);

// in getAllData:
let start;
if (isDebug) start = performance.now();
// ...
if (isDebug) console.log(`[DEBUG] getall took ${(performance.now() - start).toFixed(2)}ms`);

The file is complete and correct. The PR is safe to merge! 🚀

[yash-pouranik]

okay lets merge, Thank you @ayash911 for the PR and continuously updating according to the reviews.
All the best, Thank you ❤️

[yash-pouranik]

Dont forget to Star the REPO @ayash911