security-auditor 62e793040e chore(observability): edge-429 probe + ratelimit observability runbook ... Two artifacts that unblock the parked follow-ups from #59: 1. scripts/edge-429-probe.sh (closes the "operator-blocked" status of #62). An operator without CF/Vercel dashboard access can reproduce a canvas-sized burst against a tenant subdomain and read each 429's response shape — workspace-server bucket overflow (JSON body + X-RateLimit-* headers) is distinguishable from CF (cf-ray) and Vercel (x-vercel-id) by inspection of the report. Read-only, parallel via background subshells (no GNU parallel dependency), no credential use. Smoke-tested against example.com end-to-end. 2. docs/engineering/ratelimit-observability.md (closes the "metric-blocked" status of #64). The existing molecule_http_requests_total{path,status} counter + X-RateLimit-* response headers already cover #64's acceptance criterion ("watch metrics for two weeks"). The runbook collects the PromQL queries, a decision tree for the re-tune (keep / per-tenant override / change default), an alert rule template, and a hard "do not roll ad-hoc per-bucket-key exposure" note (in-memory map includes SHA-256 of bearer tokens — exposing it is a security review surface, file a follow-up if needed). Neither artifact changes runtime behaviour. Pure operational tooling. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-05-07 15:48:34 -07:00
..
postmortem-2026-04-23-boot-event-401.md	docs: testing strategy + PR hygiene + backend parity matrix + boot-event postmortem (#1824)	2026-04-23 19:59:38 +00:00
pr-hygiene.md	docs: testing strategy + PR hygiene + backend parity matrix + boot-event postmortem (#1824)	2026-04-23 19:59:38 +00:00
ratelimit-observability.md	chore(observability): edge-429 probe + ratelimit observability runbook	2026-05-07 15:48:34 -07:00
testing-strategy.md	docs: testing strategy + PR hygiene + backend parity matrix + boot-event postmortem (#1824)	2026-04-23 19:59:38 +00:00