From 65b7cba6b1fb61446e21f2810c4e9ebcbd73c319 Mon Sep 17 00:00:00 2001 From: Mathis HERRIOT <197931332+0x485254@users.noreply.github.com> Date: Thu, 8 Jan 2026 15:28:16 +0100 Subject: [PATCH] feat: enhance bootstrap with Sentry, security middleware, and global configurations Integrated Sentry for error monitoring and profiling. Added security improvements using Helmet and CORS. Implemented global validation pipes and exception filters for consistent request handling. Dynamically configured app PORT and logging for startup information. --- backend/src/main.ts | 46 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 45 insertions(+), 1 deletion(-) diff --git a/backend/src/main.ts b/backend/src/main.ts index 6d4d521..5eb3a59 100644 --- a/backend/src/main.ts +++ b/backend/src/main.ts @@ -1,8 +1,52 @@ +import { Logger, ValidationPipe } from "@nestjs/common"; +import { ConfigService } from "@nestjs/config"; import { NestFactory } from "@nestjs/core"; +import * as Sentry from "@sentry/nestjs"; +import { nodeProfilingIntegration } from "@sentry/profiling-node"; +import helmet from "helmet"; import { AppModule } from "./app.module"; +import { AllExceptionsFilter } from "./common/filters/http-exception.filter"; async function bootstrap() { const app = await NestFactory.create(AppModule); - await app.listen(process.env.PORT ?? 3000); + const configService = app.get(ConfigService); + const logger = new Logger("Bootstrap"); + + const sentryDsn = configService.get("SENTRY_DSN"); + if (sentryDsn) { + Sentry.init({ + dsn: sentryDsn, + integrations: [nodeProfilingIntegration()], + tracesSampleRate: 1.0, + profilesSampleRate: 1.0, + sendDefaultPii: false, // RGPD + }); + } + + // Sécurité + app.use(helmet()); + app.enableCors({ + origin: + configService.get("NODE_ENV") === "production" + ? [configService.get("DOMAIN_NAME") as string] + : true, + credentials: true, + }); + + // Validation Globale + app.useGlobalPipes( + new ValidationPipe({ + whitelist: true, + forbidNonWhitelisted: true, + transform: true, + }), + ); + + // Filtre d'exceptions global + app.useGlobalFilters(new AllExceptionsFilter()); + + const port = configService.get("PORT") || 3000; + await app.listen(port); + logger.log(`Application is running on: http://localhost:${port}`); } bootstrap();