← Jobb

Senior Full-Stack Engineer Needed for Independent Launch Audit of Existing React/Supabase Platform

Budget: $4000.0 FIXED / ⭐ 0.00 (0) Spain

typescript, postgresql, github, api-integration, react-js, stripe, application-security, software-testing

We are preparing to launch an existing Swedish web platform and are looking for a senior full-stack engineer to conduct an independent technical launch-readiness audit. This is an audit and specification assignment only. The purpose is to identify technical risks, security gaps, stability issues and launch blockers in an existing application — and to create a detailed implementation-ready issue register that can later be used to obtain competitive fixed-price quotes from multiple developers. The selected contractor may submit a proposal for future implementation work, but will not receive any exclusive right to Phase 2. The platform is already built and connected to GitHub. It uses a modern React/TypeScript-based stack with Supabase/Postgres, authentication, role-based permissions, payment-related functionality, background processes, admin tools and data/content workflows. We are not looking for a designer, a junior developer, or someone who wants to rebuild the platform from scratch. We need an experienced engineer who can enter an existing codebase, understand how it works, identify real risks, test important user flows and produce clear technical documentation. Scope of the audit should include: - React and TypeScript code quality, architecture and maintainability - Supabase database structure, SQL functions, triggers and migrations - Row Level Security policies, user roles, permissions and admin access - Authentication and session handling - Potential data leaks or unauthorized access between users, organizations or roles - API security, secrets, environment variables and external integrations - Payment-related flows and error handling - Background jobs, scheduled processes, imports and recovery after failed jobs - Duplicate prevention, error handling and data consistency - Deployment process, rollback options, backups and release safety - Mobile responsiveness and major performance bottlenecks - Logging, monitoring, error reporting and production incident readiness - Missing automated tests and high-risk user flows - Any P0 launch blockers or major stability risks Deliverables You must provide a structured written audit report and an implementation-ready issue register. For every identified P0 or P1 issue, the documentation must include: 1. Clear description of the problem or risk 2. Reproduction steps, evidence or explanation of how the issue was identified 3. Severity classification: - P0: launch blocker / critical security or production risk - P1: important issue that should be addressed before or shortly after launch - P2: lower-priority improvement 4. Affected files, components, database tables, SQL functions, API routes or RLS policies 5. Recommended remediation approach 6. Dependencies or risks related to the fix 7. Clear acceptance criteria for verifying that the issue has been resolved 8. Estimated implementation effort in hours or complexity level The final deliverables must also include: - A prioritised launch checklist - A suggested remediation roadmap - Recommended monitoring, logging and alerting setup - Recommended backup and rollback procedures - Recommended automated test coverage for critical flows - A short handover document explaining the architecture and major technical risks Important commercial requirement The audit report must be detailed enough that another qualified senior engineer can understand, estimate and implement the recommended fixes without relying on undocumented knowledge from the audit contractor. After the audit, we may share the resulting specification with other senior developers and request competing fixed-price bids for implementation. No implementation work, refactoring or code changes should begin without separate written approval. Requirements - Strong senior-level React and TypeScript experience - Strong Supabase, PostgreSQL, SQL and Row Level Security experience - Authentication, role-based access control and security auditing - GitHub workflows, pull requests and production deployments - Stripe or similar payment integration experience - Debugging and stabilizing existing applications - Automated testing with Playwright, Cypress or similar - Error monitoring tools such as Sentry or equivalent - Experience supporting live production platforms Nice to have - Experience with Lovable-generated projects - Experience with content-heavy platforms, SaaS products, marketplaces or community platforms - Experience with background jobs, scheduled functions, imports or data pipelines - Experience with GDPR and European privacy requirements - Availability during Central European Time business hours Confidentiality Detailed product information, URL, repository access and credentials will only be shared with shortlisted candidates after a confidentiality agreement or equivalent arrangement. All source code, accounts, infrastructure and intellectual property remain owned by us. To apply, please answer all questions below: 1. Describe two comparable projects where you audited, stabilized or took over an existing production application. 2. Describe your experience auditing Supabase Row Level Security policies. 3. What are the first five things you would inspect in a launch-readiness audit of a React/Supabase application? 4. How would you ensure that your audit documentation can be used by another engineer for a competitive implementation quote? 5. What fixed price would you propose for this audit assignment? 6. What is your estimated timeline for completing the audit? 7. What is your hourly rate for potential future work? 8. Please provide relevant portfolio links, GitHub examples, case studies or references. Generic applications will not be considered.
Öppna på Upwork