Description
Add Server-Timing headers exposing phase timings (auth, db, external) for instrumented routes, gated by env flag for non-prod, to speed up frontend performance triage without leaking PII.
Requirements and context
- Must be secure, tested, and documented
- Should be efficient and easy to review
- Relevant code:
src/middleware/metricsMiddleware.ts, src/middleware/requestLog.ts
- Header must be omitted on prod unless
X-Debug-Token matches
Suggested execution
- Fork the repo and create a branch
git checkout -b obs/server-timing- Implement changes
- Add phase wrapper utility recording timings into request context
- Emit
Server-Timing header from response finalize
- Gate by env and debug-token middleware
- Validate security and correctness assumptions
Test and commit
- Run tests
- Cover edge cases
- Disabled by default, very-slow phase, missing phase
- Include test output and notes
Example commit message
obs: Server-Timing breakdown for instrumented routes
Guidelines
- Minimum 95 percent test coverage
- Clear documentation
- Timeframe: 96 hours
Description
Add
Server-Timingheaders exposing phase timings (auth, db, external) for instrumented routes, gated by env flag for non-prod, to speed up frontend performance triage without leaking PII.Requirements and context
src/middleware/metricsMiddleware.ts,src/middleware/requestLog.tsX-Debug-TokenmatchesSuggested execution
git checkout -b obs/server-timingServer-Timingheader from response finalizeTest and commit
npm testExample commit message
obs: Server-Timing breakdown for instrumented routesGuidelines