perf(auditlogs,localization): reduce per-request overhead#124
Merged
antosubash merged 3 commits intomainfrom Apr 27, 2026
Merged
perf(auditlogs,localization): reduce per-request overhead#124antosubash merged 3 commits intomainfrom
antosubash merged 3 commits intomainfrom
Conversation
- Quiet ZiggyCreatures.Caching.Fusion + EF Core Database.Command at Information level — was producing two log lines per cache call and one per SQL command on every request. - AuditMiddleware: wrap the 5-setting parallel batch in a single FusionCache entry (auditlogs:request-config, 60s TTL) so subsequent requests do one cache lookup instead of five. - AuditWriterService: add a linger window after the first read so the writer accumulates a real batch instead of flushing one entry per request. - LocaleResolutionMiddleware: cache an empty sentinel when a user has no app.language setting so we stop probing the settings cache on every subsequent request.
- AuditMiddleware: inject IFusionCache via the primary constructor and defer the scoped ISettingsContracts resolution to the cache-miss factory, so cache hits do zero scoped DI work. Move the cache key to a shared AuditCacheKeys constant and switch ExcludedPaths to string[] for span-friendly iteration. - AuditLogs: add AuditConfigCacheInvalidator (Wolverine handler on SettingChangedEvent) so auditlogs.* setting changes evict the composite request-config entry instead of waiting for the 60s TTL. Register the assembly with Wolverine via AuditLogsWolverineExtension. - AuditWriterService: collapse the per-iteration linger CTS into a single linked source scoping the whole batch fill, drop the OperationCanceledException filter so shutdown mid-linger persists already-drained entries instead of dropping them, and remove the unused CancellationToken parameter from FlushBatchAsync. - LocaleResolutionMiddleware: cap Accept-Language cache keys at 256 chars so a hostile client cannot pin multi-KB strings in the L1 cache.
Deploying simplemodule-website with
|
| Latest commit: |
b59b4c5
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://9709ca7a.simplemodule-website.pages.dev |
| Branch Preview URL: | https://perf-reduce-request-overhead.simplemodule-website.pages.dev |
OpenTelemetry.Api 1.14.0 and OpenTelemetry.Exporter.OpenTelemetryProtocol 1.14.0 picked up GHSA advisories (g94r-2vxg-569j, mr8r-92fq-pj8p, q834-8qmm-v933) that NuGetAudit + TreatWarningsAsErrors elevate to NU1902 build failures. Bump direct refs to the highest stable for each package so the transitive Api resolves to a non-vulnerable version.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Trims work on the AuditLogs and Localization request hot paths, plus a small DoS-hardening tweak.
ZiggyCreatures.Caching.FusionandEF Core Database.Commandat Information so cache calls and SQL commands no longer log per request.ISettingsContracts+ FusionCache lookups into one composite cache entry (auditlogs:request-config, 60s TTL). Cache hits do zero scoped DI work —ISettingsContractsis resolved only inside the cache-miss factory. New Wolverine handler (AuditConfigCacheInvalidator) listens onSettingChangedEventand evicts the entry when anauditlogs.*setting changes, so updates land immediately instead of waiting out the TTL.ExcludedPathsswitched tostring[]for span-friendly iteration.OperationCanceledExceptionfilter so a shutdown mid-linger now persists already-drained entries instead of dropping them. DeadCancellationTokenparameter onFlushBatchAsyncremoved.app.languagesetting so we stop probing settings on every subsequent request. Cap Accept-Language cache keys at 256 chars so a hostile client can't pin multi-KB strings in the L1 cache.Test plan
dotnet buildclean (no warnings/errors)dotnet test modules/AuditLogs/tests/SimpleModule.AuditLogs.Tests— 37/37 passingISettingsContractsper request (logs / profiler)auditlogs.*setting in dev and confirm the change takes effect on the next request rather than after 60s