Rate-limit checks return 429 with no log, so we have no signal in production for whether limits are firing, who is hitting them, or whether thresholds need tuning.
Sites
Proposal
Before the 429 response, emit one structured log line with: limit name, mailbox/principal id, current count, limit, and timestamp. Keep the response shape unchanged.
Why
Rate-limit hits are an abuse/incident signal. Without a log we can't answer "is the limit too tight?" or "is something looping?" from the dashboard.
Effort
~5 lines per site.
Rate-limit checks return 429 with no log, so we have no signal in production for whether limits are firing, who is hitting them, or whether thresholds need tuning.
Sites
Proposal
Before the 429 response, emit one structured log line with: limit name, mailbox/principal id, current count, limit, and timestamp. Keep the response shape unchanged.
Why
Rate-limit hits are an abuse/incident signal. Without a log we can't answer "is the limit too tight?" or "is something looping?" from the dashboard.
Effort
~5 lines per site.