📌 Description
The backend enforces per-org and per-IP rate-limit tiers, export quotas with 429
enforcement, and emits RateLimit-Limit/Retry-After headers, with a Redis-backed
distributed store for multi-replica deployments. There is no consolidated,
integrator-facing reference describing the limits, headers, and recommended client
backoff behaviour, so consumers cannot build correct retry logic.
This issue authors a rate-limiting and quota reference.
🎯 Requirements and Context
- Document each rate-limit tier and quota (auth, api-keys, jobs, exports, privacy)
with the limits and windows actually configured.
- Document the response headers (
RateLimit-Limit, RateLimit-Remaining,
Retry-After) and the 429 envelope shape.
- Recommend a client backoff-with-jitter pattern honouring
Retry-After.
- Note multi-replica behaviour via the distributed token-bucket store.
🛠️ Suggested Execution
1. Fork the repo and create a branch
git checkout -b docs/rate-limiting-reference
2. Implement changes
- Author
docs/rate-limiting.md reflecting src/middleware/rateLimiter.ts and the
export quota logic.
- Add
src/tests/docs.rateLimiting.test.ts asserting documented header names
match those emitted by the middleware.
3. Test and commit
- Run:
npm test -- src/tests/docs.rateLimiting.test.ts
- Cover edge cases: header names match implementation, documented tiers exist,
429 envelope shape matches the error contract.
Example commit message
docs: integrator rate-limiting and quota reference
✅ Guidelines
- Minimum 95% test coverage on any assertion code added.
- Documented headers/tiers must match the implementation.
- Timeframe: 96 hours.
🏷️ Labels
type-documentation · area-backend · MAYBE REWARDED · GRANTFOX OSS · OFFICIAL CAMPAIGN
💬 Community & Support
- Join the contributor Discord to coordinate, ask questions, and get unblocked fast: https://discord.gg/xvNAvMJf
- Please introduce yourself in the channel before you start so we can avoid duplicate work, pair you with a reviewer, and get your PR merged quickly.
- Maintainers actively triage this channel and aim for fast, clear, respectful reviews — reach out any time you're blocked.
📌 Description
The backend enforces per-org and per-IP rate-limit tiers, export quotas with 429
enforcement, and emits
RateLimit-Limit/Retry-Afterheaders, with a Redis-backeddistributed store for multi-replica deployments. There is no consolidated,
integrator-facing reference describing the limits, headers, and recommended client
backoff behaviour, so consumers cannot build correct retry logic.
This issue authors a rate-limiting and quota reference.
🎯 Requirements and Context
with the limits and windows actually configured.
RateLimit-Limit,RateLimit-Remaining,Retry-After) and the 429 envelope shape.Retry-After.🛠️ Suggested Execution
1. Fork the repo and create a branch
2. Implement changes
docs/rate-limiting.mdreflectingsrc/middleware/rateLimiter.tsand theexport quota logic.
src/tests/docs.rateLimiting.test.tsasserting documented header namesmatch those emitted by the middleware.
3. Test and commit
npm test -- src/tests/docs.rateLimiting.test.ts429 envelope shape matches the error contract.
Example commit message
✅ Guidelines
🏷️ Labels
type-documentation·area-backend·MAYBE REWARDED·GRANTFOX OSS·OFFICIAL CAMPAIGN💬 Community & Support