Introduces PgBouncer as a connection pooler between the API service and
PostgreSQL in docker-compose.prod.yml, reducing connection overhead and
improving concurrency under production load.
- Add PgBouncer service (edoburu/pgbouncer:1.23.1-p2) with transaction
pool mode, max_client_conn=200, default_pool_size=20
- Route API DATABASE_URL through PgBouncer (port 6432), keep direct
connection (DATABASE_URL_DIRECT) for Prisma migrations/introspection
- Create infra/pgbouncer/ config: pgbouncer.ini, userlist template,
and entrypoint script with runtime env-var substitution
- Update prisma.config.ts to prefer DATABASE_URL_DIRECT for migrations
- Add K6 load test (e2e/load/pgbouncer-pool-test.js) with ramp-up to
200 VUs, pool exhaustion detection, and p95 < 2s threshold
- Add PgBouncer env vars to .env.example
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Remove unused `registerUser` import in e2e/api/inquiries.spec.ts
- Add `override` modifier to class methods in query-provider.tsx
Co-Authored-By: Paperclip <noreply@paperclip.ing>
MCP endpoints already had JwtAuthGuard applied but lacked per-route rate
limiting and test coverage for security behavior. Add @Throttle decorators
with appropriate limits (5 req/min for SSE connections, 30 req/min for
server list and messages), unit tests verifying guard/throttle metadata,
and E2E tests confirming 401 rejection for unauthenticated requests.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Add AiServiceClient HTTP client for Python FastAPI AI service with timeout and fallback
- Add HttpAVMService that calls Python AVM endpoint, falls back to PrismaAVMService on failure
- Add ListingCreatedModerationHandler: auto-flags suspicious listings via AI moderation on create
- Add MarketIndexCronService: daily cron job aggregating market stats per district/city/type
- Wire ScheduleModule and new providers into AnalyticsModule and AppModule
- Add unit tests for AiServiceClient, HttpAVMService, and moderation handler (all passing)
Co-Authored-By: Paperclip <noreply@paperclip.ing>
- Fix DI issues: circular MCP module dependency, EventBus type import,
SearchModule provider, CacheService metric counters placement
- Fix Express 5 readonly req.query in SanitizeInputMiddleware
- Fix Typesense client lazy initialization (getter instead of constructor)
- Fix MinIO bucket init error handling (non-fatal on 403)
- Fix missing class-validator decorators on bigint DTO fields (priceVND, amountVND)
- Fix subscription plan 404 (was returning 500 for invalid tier)
- Disable CSRF and raise rate limits in test environment
- Update E2E tests to match actual API response shapes
- Update CI workflow with Redis, Typesense, MinIO services and env vars
All 101 API E2E tests now pass against Docker dev environment.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
