docs(ratelimit): tighten dev-mode comment after keyFor refactor
Some checks failed
CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Successful in 1s
CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Successful in 0s
CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Successful in 1s
pr-guards / disable-auto-merge-on-push (pull_request) Failing after 2s
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 4s
CI / Detect changes (pull_request) Successful in 7s
E2E API Smoke Test / detect-changes (pull_request) Successful in 7s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 6s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 6s
Harness Replays / detect-changes (pull_request) Successful in 7s
CI / Python Lint & Test (pull_request) Successful in 3s
CI / Canvas (Next.js) (pull_request) Successful in 4s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 6s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 7s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 3s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 3s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 5s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 5s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Failing after 35s
Harness Replays / Harness Replays (pull_request) Failing after 36s
CI / Platform (Go) (pull_request) Successful in 1m52s
Some checks failed
CodeQL / Analyze (${{ matrix.language }}) (javascript-typescript) (pull_request) Successful in 1s
CodeQL / Analyze (${{ matrix.language }}) (go) (pull_request) Successful in 0s
CodeQL / Analyze (${{ matrix.language }}) (python) (pull_request) Successful in 1s
pr-guards / disable-auto-merge-on-push (pull_request) Failing after 2s
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 4s
CI / Detect changes (pull_request) Successful in 7s
E2E API Smoke Test / detect-changes (pull_request) Successful in 7s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 6s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 6s
Harness Replays / detect-changes (pull_request) Successful in 7s
CI / Python Lint & Test (pull_request) Successful in 3s
CI / Canvas (Next.js) (pull_request) Successful in 4s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 6s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 7s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 3s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 3s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 5s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 5s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Failing after 35s
Harness Replays / Harness Replays (pull_request) Failing after 36s
CI / Platform (Go) (pull_request) Successful in 1m52s
The previous comment said "all share one IP bucket" — accurate before the keyFor refactor, slightly stale after it. The dev-mode rationale (bucket fills fast, blanks the page on a single-user dev box) is unchanged; only the bucket-key flavour text needed updating. Doc-only follow-up from #60's hostile self-review #3. No behavior change. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
security-auditor
parent
9dda84d671
commit
5b7b669b4c
@ -105,10 +105,11 @@ func (rl *RateLimiter) Middleware() gin.HandlerFunc {
|
|||||||
// Tier-1b dev-mode hatch — same gate as AdminAuth / WorkspaceAuth /
|
// Tier-1b dev-mode hatch — same gate as AdminAuth / WorkspaceAuth /
|
||||||
// discovery. On a local single-user Docker setup the 600-req/min
|
// discovery. On a local single-user Docker setup the 600-req/min
|
||||||
// bucket fills fast: a 15-workspace canvas + activity polling +
|
// bucket fills fast: a 15-workspace canvas + activity polling +
|
||||||
// approvals polling + A2A overlay + initial hydration all share
|
// approvals polling + A2A overlay + initial hydration all land in
|
||||||
// one IP bucket, so a minute of active use can trip 429 and blank
|
// one bucket (whichever keyFor returns — typically the dev user's
|
||||||
// the page. Gated by MOLECULE_ENV=development + empty ADMIN_TOKEN
|
// IP or shared admin token), so a minute of active use can trip
|
||||||
// so SaaS production keeps the bucket.
|
// 429 and blank the page. Gated by MOLECULE_ENV=development +
|
||||||
|
// empty ADMIN_TOKEN so SaaS production keeps the bucket.
|
||||||
if isDevModeFailOpen() {
|
if isDevModeFailOpen() {
|
||||||
c.Header("X-RateLimit-Limit", "unlimited")
|
c.Header("X-RateLimit-Limit", "unlimited")
|
||||||
c.Next()
|
c.Next()
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user