refactor(api): Replace for loop with array indexing while decrypting secrets during bulk fetch #265

[anudeeps352]

User description

…bulk fetch

Description

Replace for loop with array indexing while decrypting secrets during bulk fetch

Fixes #265

Dependencies

Mention any dependencies/packages used

Future Improvements

Mention any improvements to be done in future related to any file/feature

Mentions

Mention and tag the people

Screenshots of relevant screens

Add screenshots of relevant screens

Developer's checklist

• My PR follows the style guidelines of this project
• I have performed a self-check on my work

If changes are made in the code:

• I have followed the coding guidelines
• My changes in code generate no new warnings
• My changes are breaking another fix/feature of the project
• I have added test cases to show that my feature works
• I have added relevant screenshots in my PR
• There are no UI/UX issues

Documentation Update

• This PR requires an update to the documentation at docs.keyshade.xyz
• I have made the necessary updates to the documentation, or no documentation changes are required.

---

PR Type

Enhancement

---

Description

• Replaced the for loop with array indexing to optimize the decryption of secrets during bulk fetch.
• Simplified the decryption logic by assuming only the first version of each secret needs to be decrypted.

---

Changes walkthrough 📝

	Relevant files
Enhancement	secret.service.ts Optimize secret decryption by replacing loop with array indexing apps/api/src/secret/service/secret.service.ts Replaced for loop with array indexing for decrypting secrets. Simplified decryption logic by assuming only the first version needs decryption. +5/-10

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[codiumai-pr-agent-free]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	2, because the changes are localized to a specific function and involve simplifying the decryption logic by replacing a loop with direct indexing. The logic is straightforward, and the impact is limited to one part of the code.
🧪 Relevant tests	No
⚡ Possible issues	Possible Bug: The new code assumes that only the first version of each secret needs to be decrypted. If there are scenarios where other versions need decryption, this change could lead to incorrect behavior.
🔒 Security concerns	No

[codiumai-pr-agent-free]

PR Code Suggestions ✨

Category	Suggestion	Score
Possible bug	Add a check to ensure that the versions array is not empty before accessing its first element Consider handling the scenario where secret.versions might be an empty array. This can prevent runtime errors when attempting to access secret.versions[0]. You can add a check to ensure the array is not empty before proceeding with decryption. apps/api/src/secret/service/secret.service.ts [508] -const version = secret.versions[0] +if (secret.versions.length > 0) { + const version = secret.versions[0] + // Optionally decrypt secret value if decryptValue is true + if (decryptValue) { + const decryptedValue = await decrypt(project.privateKey, version.value) + version.value = decryptedValue + } +} Suggestion importance[1-10]: 10 Why: This suggestion addresses a potential runtime error by ensuring that the secret.versions array is not empty before accessing its first element. This is crucial for preventing crashes and maintaining the robustness of the code.	10
Performance	Modify the decryption to be handled asynchronously for all versions, improving performance To ensure that the decryption process does not block other operations, consider handling the decryption asynchronously for each secret version, possibly using Promise.all if reverting to processing all versions. apps/api/src/secret/service/secret.service.ts [511-512] -const decryptedValue = await decrypt(project.privateKey, version.value) -version.value = decryptedValue +const decryptedValues = await Promise.all(secrets.map(secret => decrypt(project.privateKey, secret.versions[0].value))); +secrets.forEach((secret, index) => { + secret.versions[0].value = decryptedValues[index]; +}); Suggestion importance[1-10]: 7 Why: This suggestion can improve performance by handling decryption asynchronously. However, it introduces a more complex change and assumes that reverting to processing all versions is desired, which may not align with the current PR's intent.	7
Maintainability	Use a more descriptive variable name for the decrypted value Consider using a more descriptive variable name for decryptedValue to indicate what the value represents, such as decryptedSecretValue. apps/api/src/secret/service/secret.service.ts [511-512] -const decryptedValue = await decrypt(project.privateKey, version.value) +const decryptedSecretValue = await decrypt(project.privateKey, version.value) +version.value = decryptedSecretValue Suggestion importance[1-10]: 6 Why: Using a more descriptive variable name can enhance code readability and maintainability. However, it is a minor improvement and does not affect the functionality of the code.	6
	Rename the variable to reflect that it handles only the first version of the secret Since the loop now only processes the first version of each secret, consider renaming the variable secret to firstSecretVersion or similar to reflect that it's specifically handling the first version. This enhances code readability and maintainability. apps/api/src/secret/service/secret.service.ts [508] -const version = secret.versions[0] +const firstSecretVersion = secret.versions[0] Suggestion importance[1-10]: 5 Why: While renaming the variable can improve code readability, it is not crucial for the functionality or performance of the code. It is a minor improvement focused on maintainability.	5

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[rajdip-b]

🎉 This PR is included in version 2.0.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀