will/flynn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(gateway): add websocket ingress rate limiting

Browse Source
This commit is contained in:
William Valentin
2026-02-15 21:56:13 -08:00
parent 948d589ac3
commit 63d645bd87
10 changed files with 249 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/deployment/PRODUCTION.md
+6
View File
@@ -249,6 +249,12 @@ server:
auth_http: true
lock: false
max_request_body_bytes: 1048576
ws_rate_limit:
enabled: true
capacity: 30
refill_per_sec: 15
max_violations: 8
violation_window_ms: 10000
```
Generate a secure token:
docs/plans/analysis/2026-02-16-codebase-audit-report.md
+1
View File
@@ -12,6 +12,7 @@ Scope: Production-risk-first audit of bugs, code improvements, and feature oppor
- ✅ F-005 addressed: ESLint JS globals now include `FileReader`, removing UI false-positive lint failures for attachment handling code.
- ✅ F-010 addressed: `session.compact` audit events now emit actual message counts for `messages_before/messages_after` (tokens remain in token fields).
- ✅ F-012 addressed: synthetic repeated-tool nudge no longer emits invalid `tool_result.tool_use_id`; nudge is injected as plain user text guidance.
- ✅ F-009 addressed: gateway now enforces per-connection WebSocket ingress rate limits with deterministic throttle errors and close-on-repeated-violation behavior.
## Executive Summary
docs/plans/state.json
+18
View File
@@ -2478,6 +2478,24 @@
"docs/plans/analysis/2026-02-16-codebase-audit-report.md"
],
"test_status": "pnpm test:run src/backends/native/agent.test.ts src/backends/native/orchestrator.test.ts + pnpm typecheck passing"
},
"audit-followup-ws-rate-limiting": {
"status": "completed",
"date": "2026-02-16",
"updated": "2026-02-16",
"summary": "Implemented gateway WebSocket ingress rate limiting (token bucket per connection) with deterministic throttle errors and close-on-repeated-violation enforcement; added schema/config wiring and tests.",
"files_modified": [
"src/gateway/server.ts",
"src/gateway/server.test.ts",
"src/config/schema.ts",
"src/config/schema.test.ts",
"src/daemon/services.ts",
"config/default.yaml",
"README.md",
"docs/deployment/PRODUCTION.md",
"docs/plans/analysis/2026-02-16-codebase-audit-report.md"
],
"test_status": "pnpm test:run src/gateway/server.test.ts src/config/schema.test.ts + pnpm typecheck passing"
}
},
"overall_progress": {