Skip to content

[codex] Honor live rate limit config#221

Open
pq198363-ops wants to merge 1 commit into
Agentpay-Org:mainfrom
pq198363-ops:bounty-36-live-rate-limit-config
Open

[codex] Honor live rate limit config#221
pq198363-ops wants to merge 1 commit into
Agentpay-Org:mainfrom
pq198363-ops:bounty-36-live-rate-limit-config

Conversation

@pq198363-ops

Copy link
Copy Markdown

Summary

  • Read the in-process rate limiter limits from the live runtime config on each request.
  • Use the active window when pruning existing IP buckets.
  • Compute Retry-After and the rate-limit message from the active rateLimitWindowMs value.
  • Document that /api/v1/config updates rateLimitPerWindow and rateLimitWindowMs without a restart.

Closes #36

Root cause

The config API accepted runtime updates to rateLimitPerWindow and rateLimitWindowMs, but the rate limiter still imported frozen default constants. PATCHing /api/v1/config therefore appeared successful while request limiting kept using the original 60 requests / 60s behavior.

Verification

  • npm run build
  • $env:NODE_ENV='test'; node --test dist/ratelimit-config.test.js (3 tests)
  • npx prettier --check README.md src/store/state.ts src/middleware/index.ts src/ratelimit-config.test.ts
  • npm run lint
  • clean dist, then npm run build
  • $env:NODE_ENV='test'; node --test dist/*.test.js dist/**/*.test.js (92 tests)
  • git diff --check

Note: npm test uses POSIX-style NODE_ENV=test, so the verification above uses the Windows PowerShell-compatible form.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Make the rate limiter honour the runtime /config values instead of frozen constants

1 participant