RubyGems - e11y - Versions diffs - 0.2.0 → 1.0.0 - Mend

e11y 0.2.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (230) hide show

checksums.yaml +4 -4
data/.rubocop.yml +130 -10
data/CHANGELOG.md +56 -1
data/CLAUDE.md +168 -0
data/CONTRIBUTING.md +640 -0
data/README.md +134 -702
data/RELEASE.md +18 -3
data/Rakefile +108 -29
data/config/README.md +1 -1
data/config/loki-local-config.yaml +12 -0
data/config/otel-collector-config.yaml +44 -0
data/cucumber.yml +1 -0
data/docker-compose.yml +18 -2
data/docs/ADAPTERS.md +76 -0
data/docs/ADAPTIVE_SAMPLING.md +59 -0
data/docs/COMPARISON.md +104 -0
data/docs/CONFIGURATION.md +52 -0
data/docs/DISTRIBUTED_TRACING.md +44 -0
data/docs/LIMITATIONS.md +13 -0
data/docs/METRICS_DSL.md +84 -0
data/docs/PERFORMANCE.md +60 -0
data/docs/PII_FILTERING.md +40 -0
data/docs/PRESETS.md +65 -0
data/docs/QUICK-START.md +546 -587
data/docs/RAILS_INTEGRATION.md +29 -0
data/docs/SCHEMA_VALIDATION.md +63 -0
data/docs/SLO-PROMQL-ALERTS.md +161 -0
data/docs/TESTING.md +69 -0
data/docs/{ADR-001-architecture.md → architecture/ADR-001-architecture.md} +35 -64
data/docs/{ADR-002-metrics-yabeda.md → architecture/ADR-002-metrics-yabeda.md} +62 -236
data/docs/{ADR-003-slo-observability.md → architecture/ADR-003-slo-observability.md} +27 -466
data/docs/{ADR-004-adapter-architecture.md → architecture/ADR-004-adapter-architecture.md} +163 -146
data/docs/{ADR-005-tracing-context.md → architecture/ADR-005-tracing-context.md} +10 -9
data/docs/{ADR-006-security-compliance.md → architecture/ADR-006-security-compliance.md} +184 -191
data/docs/{ADR-007-opentelemetry-integration.md → architecture/ADR-007-opentelemetry-integration.md} +3 -21
data/docs/{ADR-008-rails-integration.md → architecture/ADR-008-rails-integration.md} +209 -339
data/docs/{ADR-009-cost-optimization.md → architecture/ADR-009-cost-optimization.md} +45 -54
data/docs/architecture/ADR-010-developer-experience.md +522 -0
data/docs/{ADR-011-testing-strategy.md → architecture/ADR-011-testing-strategy.md} +41 -83
data/docs/{ADR-013-reliability-error-handling.md → architecture/ADR-013-reliability-error-handling.md} +37 -12
data/docs/{ADR-014-event-driven-slo.md → architecture/ADR-014-event-driven-slo.md} +12 -24
data/docs/{ADR-015-middleware-order.md → architecture/ADR-015-middleware-order.md} +23 -41
data/docs/{ADR-016-self-monitoring-slo.md → architecture/ADR-016-self-monitoring-slo.md} +52 -349
data/docs/{ADR-017-multi-rails-compatibility.md → architecture/ADR-017-multi-rails-compatibility.md} +4 -11
data/docs/architecture/ADR-018-memory-optimization.md +366 -0
data/docs/{ADR-INDEX.md → architecture/ADR-INDEX.md} +11 -6
data/docs/{00-ICP-AND-TIMELINE.md → prd/00-ICP-AND-TIMELINE.md} +6 -6
data/docs/{01-SCALE-REQUIREMENTS.md → prd/01-SCALE-REQUIREMENTS.md} +6 -6
data/docs/prd/01-overview-vision.md +19 -14
data/docs/use_cases/README.md +22 -23
data/docs/use_cases/UC-001-request-scoped-debug-buffering.md +50 -44
data/docs/use_cases/UC-002-business-event-tracking.md +26 -95
data/docs/use_cases/UC-003-event-metrics.md +66 -0
data/docs/use_cases/UC-004-zero-config-slo-tracking.md +42 -101
data/docs/use_cases/UC-005-sentry-integration.md +13 -15
data/docs/use_cases/UC-006-trace-context-management.md +30 -28
data/docs/use_cases/UC-007-pii-filtering.md +35 -87
data/docs/use_cases/UC-008-opentelemetry-integration.md +51 -89
data/docs/use_cases/UC-009-multi-service-tracing.md +4 -4
data/docs/use_cases/UC-010-background-job-tracking.md +5 -5
data/docs/use_cases/UC-011-rate-limiting.md +95 -168
data/docs/use_cases/UC-012-audit-trail.md +21 -46
data/docs/use_cases/UC-013-high-cardinality-protection.md +29 -167
data/docs/use_cases/UC-014-adaptive-sampling.md +2 -2
data/docs/use_cases/UC-015-cost-optimization.md +46 -99
data/docs/use_cases/UC-016-rails-logger-migration.md +39 -213
data/docs/use_cases/UC-017-local-development.md +203 -777
data/docs/use_cases/UC-018-testing-events.md +3 -3
data/docs/use_cases/UC-019-retention-based-routing.md +53 -106
data/docs/use_cases/UC-020-event-versioning.md +8 -9
data/docs/use_cases/UC-021-error-handling-retry-dlq.md +18 -22
data/docs/use_cases/UC-022-event-registry.md +15 -21
data/docs/use_cases/backlog.md +119 -87
data/e11y.gemspec +2 -2
data/gems/e11y-devtools/README.md +136 -0
data/gems/e11y-devtools/config/routes.rb +8 -0
data/gems/e11y-devtools/e11y-devtools.gemspec +25 -0
data/gems/e11y-devtools/exe/e11y +34 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/server.rb +96 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tool_base.rb +25 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tools/clear.rb +31 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tools/errors.rb +35 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tools/event_detail.rb +33 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tools/events_by_trace.rb +33 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tools/interactions.rb +40 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tools/recent_events.rb +34 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tools/search.rb +34 -0
data/gems/e11y-devtools/lib/e11y/devtools/mcp/tools/stats.rb +30 -0
data/gems/e11y-devtools/lib/e11y/devtools/overlay/assets/overlay.js +115 -0
data/gems/e11y-devtools/lib/e11y/devtools/overlay/controller.rb +54 -0
data/gems/e11y-devtools/lib/e11y/devtools/overlay/engine.rb +26 -0
data/gems/e11y-devtools/lib/e11y/devtools/overlay/middleware.rb +80 -0
data/gems/e11y-devtools/lib/e11y/devtools/overlay/rails_controller.rb +42 -0
data/gems/e11y-devtools/lib/e11y/devtools/tui/app.rb +262 -0
data/gems/e11y-devtools/lib/e11y/devtools/tui/grouping.rb +66 -0
data/gems/e11y-devtools/lib/e11y/devtools/tui/widgets/event_detail.rb +62 -0
data/gems/e11y-devtools/lib/e11y/devtools/tui/widgets/event_list.rb +70 -0
data/gems/e11y-devtools/lib/e11y/devtools/tui/widgets/interaction_list.rb +47 -0
data/gems/e11y-devtools/lib/e11y/devtools/version.rb +8 -0
data/gems/e11y-devtools/lib/e11y/devtools.rb +13 -0
data/gems/e11y-devtools/spec/e11y/devtools/mcp/tools_spec.rb +107 -0
data/gems/e11y-devtools/spec/e11y/devtools/overlay/controller_spec.rb +58 -0
data/gems/e11y-devtools/spec/e11y/devtools/overlay/middleware_spec.rb +46 -0
data/gems/e11y-devtools/spec/e11y/devtools/tui/app_spec.rb +85 -0
data/gems/e11y-devtools/spec/e11y/devtools/tui/grouping_spec.rb +64 -0
data/gems/e11y-devtools/spec/spec_helper.rb +5 -0
data/gems/e11y-devtools/spec/tui/widgets/event_list_spec.rb +44 -0
data/gems/e11y-devtools/spec/tui/widgets/interaction_list_spec.rb +62 -0
data/lib/e11y/adapters/audit_encrypted.rb +53 -11
data/lib/e11y/adapters/base.rb +33 -34
data/lib/e11y/adapters/dev_log/file_store.rb +143 -0
data/lib/e11y/adapters/dev_log/query.rb +219 -0
data/lib/e11y/adapters/dev_log.rb +118 -0
data/lib/e11y/adapters/file.rb +3 -6
data/lib/e11y/adapters/in_memory.rb +52 -5
data/lib/e11y/adapters/in_memory_test.rb +29 -0
data/lib/e11y/adapters/loki.rb +58 -23
data/lib/e11y/adapters/null.rb +82 -0
data/lib/e11y/adapters/opentelemetry_collector.rb +183 -0
data/lib/e11y/adapters/otel_logs.rb +136 -23
data/lib/e11y/adapters/sentry.rb +4 -7
data/lib/e11y/adapters/stdout.rb +73 -7
data/lib/e11y/adapters/yabeda.rb +153 -29
data/lib/e11y/buffers/adaptive_buffer.rb +3 -17
data/lib/e11y/buffers/{request_scoped_buffer.rb → ephemeral_buffer.rb} +72 -58
data/lib/e11y/buffers/ring_buffer.rb +3 -16
data/lib/e11y/configuration.rb +272 -0
data/lib/e11y/console.rb +10 -17
data/lib/e11y/current.rb +53 -1
data/lib/e11y/debug/pipeline_inspector.rb +96 -0
data/lib/e11y/documentation/generator.rb +48 -0
data/lib/e11y/event/base.rb +176 -82
data/lib/e11y/event/value_sampling_config.rb +1 -5
data/lib/e11y/events/rails/database/query.rb +1 -4
data/lib/e11y/events/rails/job/failed.rb +2 -0
data/lib/e11y/instruments/active_job.rb +46 -12
data/lib/e11y/instruments/rails_instrumentation.rb +49 -24
data/lib/e11y/instruments/sidekiq.rb +137 -31
data/lib/e11y/linters/base.rb +11 -0
data/lib/e11y/linters/pii/pii_declaration_linter.rb +120 -0
data/lib/e11y/linters/slo/config_consistency_linter.rb +76 -0
data/lib/e11y/linters/slo/explicit_declaration_linter.rb +36 -0
data/lib/e11y/linters/slo/slo_status_from_linter.rb +41 -0
data/lib/e11y/logger/bridge.rb +26 -7
data/lib/e11y/metrics/cardinality_protection.rb +10 -15
data/lib/e11y/metrics/cardinality_tracker.rb +16 -6
data/lib/e11y/metrics/registry.rb +3 -5
data/lib/e11y/metrics/test_backend.rb +62 -0
data/lib/e11y/metrics.rb +56 -10
data/lib/e11y/middleware/adapter_resolver.rb +40 -0
data/lib/e11y/middleware/audit_signing.rb +43 -6
data/lib/e11y/middleware/baggage_protection.rb +75 -0
data/lib/e11y/middleware/dev_log_source.rb +24 -0
data/lib/e11y/middleware/event_slo.rb +23 -9
data/lib/e11y/middleware/otel_span.rb +23 -0
data/lib/e11y/middleware/pii_filter.rb +104 -75
data/lib/e11y/middleware/rate_limiting.rb +54 -27
data/lib/e11y/middleware/request.rb +70 -23
data/lib/e11y/middleware/routing.rb +78 -21
data/lib/e11y/middleware/sampling.rb +66 -17
data/lib/e11y/middleware/self_monitoring_emit.rb +39 -0
data/lib/e11y/middleware/trace_context.rb +45 -10
data/lib/e11y/middleware/track_latency.rb +34 -0
data/lib/e11y/middleware/validation.rb +7 -16
data/lib/e11y/middleware/versioning.rb +26 -22
data/lib/e11y/opentelemetry/semantic_conventions.rb +109 -0
data/lib/e11y/opentelemetry/span_creator.rb +142 -0
data/lib/e11y/pii/patterns.rb +12 -1
data/lib/e11y/pipeline/builder.rb +1 -1
data/lib/e11y/presets/audit_event.rb +13 -2
data/lib/e11y/railtie.rb +52 -15
data/lib/e11y/registry.rb +306 -0
data/lib/e11y/reliability/circuit_breaker.rb +19 -21
data/lib/e11y/reliability/dlq/base.rb +71 -0
data/lib/e11y/reliability/dlq/file_adapter.rb +301 -0
data/lib/e11y/reliability/dlq/file_storage.rb +63 -34
data/lib/e11y/reliability/dlq/filter.rb +37 -54
data/lib/e11y/reliability/retry_handler.rb +26 -29
data/lib/e11y/reliability/retry_rate_limiter.rb +3 -11
data/lib/e11y/sampling/error_spike_detector.rb +0 -2
data/lib/e11y/sampling/load_monitor.rb +5 -9
data/lib/e11y/sampling/stratified_tracker.rb +18 -0
data/lib/e11y/self_monitoring/buffer_monitor.rb +2 -0
data/lib/e11y/self_monitoring/performance_monitor.rb +19 -61
data/lib/e11y/self_monitoring/reliability_monitor.rb +4 -74
data/lib/e11y/slo/config_loader.rb +40 -0
data/lib/e11y/slo/config_validator.rb +58 -0
data/lib/e11y/slo/dashboard_generator.rb +122 -0
data/lib/e11y/slo/event_driven.rb +8 -0
data/lib/e11y/slo/tracker.rb +31 -4
data/lib/e11y/testing/have_tracked_event_matcher.rb +190 -0
data/lib/e11y/testing/rspec_matchers.rb +21 -0
data/lib/e11y/testing/snapshot_matcher.rb +86 -0
data/lib/e11y/trace_context/sampler.rb +35 -0
data/lib/e11y/tracing/faraday_middleware.rb +31 -0
data/lib/e11y/tracing/net_http_patch.rb +33 -0
data/lib/e11y/tracing/propagator.rb +116 -0
data/lib/e11y/tracing.rb +47 -0
data/lib/e11y/version.rb +1 -1
data/lib/e11y/versioning/version_extractor.rb +32 -0
data/lib/e11y.rb +141 -265
data/lib/generators/e11y/event/event_generator.rb +22 -0
data/lib/generators/e11y/event/templates/event.rb.tt +16 -0
data/lib/generators/e11y/grafana_dashboard/grafana_dashboard_generator.rb +30 -0
data/lib/generators/e11y/grafana_dashboard/templates/e11y_dashboard.json +81 -0
data/lib/generators/e11y/install/install_generator.rb +34 -0
data/lib/generators/e11y/install/templates/e11y.rb +239 -0
data/lib/generators/e11y/prometheus_alerts/prometheus_alerts_generator.rb +29 -0
data/lib/generators/e11y/prometheus_alerts/templates/e11y_alerts.yml +28 -0
data/lib/tasks/e11y_docs.rake +30 -0
data/lib/tasks/e11y_events.rake +71 -0
data/lib/tasks/e11y_lint.rake +91 -0
data/lib/tasks/e11y_slo.rake +29 -0
metadata +129 -39
data/docs/ADR-010-developer-experience.md +0 -2166
data/docs/API-REFERENCE-L28.md +0 -914
data/docs/COMPREHENSIVE-CONFIGURATION.md +0 -2366
data/docs/CONTRIBUTING.md +0 -312
data/docs/IMPLEMENTATION_NOTES.md +0 -2804
data/docs/IMPLEMENTATION_PLAN.md +0 -1971
data/docs/IMPLEMENTATION_PLAN_ARCHITECTURE.md +0 -586
data/docs/PLAN.md +0 -148
data/docs/README.md +0 -296
data/docs/design/00-memory-optimization.md +0 -593
data/docs/guides/MIGRATION-L27-L28.md +0 -692
data/docs/guides/PERFORMANCE-BENCHMARKS.md +0 -434
data/docs/guides/README.md +0 -44
data/docs/use_cases/UC-003-pattern-based-metrics.md +0 -1627
data/lib/e11y/adapters/registry.rb +0 -141
/data/docs/{ADR-012-event-evolution.md → architecture/ADR-012-event-evolution.md} +0 -0

data/docs/{ADR-006-security-compliance.md → architecture/ADR-006-security-compliance.md} RENAMED Viewed

@@ -21,7 +21,7 @@
    - 4.1. [Global Rate Limiting](#41-global-rate-limiting)
    - 4.2. [Per-Event Rate Limiting](#42-per-event-rate-limiting)
    - 4.3. [Per-Context Rate Limiting](#43-per-context-rate-limiting)
-   - 4.4. [Redis Integration](#44-redis-integration)
+   - 4.4. [In-Memory Token Bucket Implementation](#44-in-memory-token-bucket-implementation)
 5. [Audit Trail](#5-audit-trail)
    - 5.1. [Immutable Events](#51-immutable-events)
    - 5.2. [Cryptographic Signing](#52-cryptographic-signing)
@@ -121,12 +121,10 @@ C4Context
     System(e11y, "E11y Gem", "Event tracking with security")
-    System_Ext(redis, "Redis", "Rate limiting state")
     System_Ext(kms, "KMS", "Signing keys")
     System_Ext(audit_store, "Audit Store", "Immutable audit logs")
     Rel(dev, e11y, "Tracks events", "Events::OrderPaid.track(...)")
-    Rel(e11y, redis, "Check rate limits", "Redis commands")
     Rel(e11y, kms, "Sign audit events", "HMAC-SHA256")
     Rel(e11y, audit_store, "Store signed events", "Append-only")
@@ -151,14 +149,12 @@ graph TB
         PII --> PerAdapter[Per-Adapter Rules]
     end
-    subgraph "Rate Limiting"
-        Rate --> Global[Global Limiter]
-        Rate --> PerEvent[Per-Event Limiter]
-        Rate --> PerContext[Per-Context Limiter]
+    subgraph "Rate Limiting (In-Memory)"
+        Rate --> Global[Global Token Bucket]
+        Rate --> PerEvent[Per-Event Token Buckets]
+        Rate --> PerContext[Per-Context Token Buckets]
-        Global --> Redis1[Redis]
-        PerEvent --> Redis2[Redis]
-        PerContext --> Redis3[Redis]
+        Note1[In-Memory<br/>No Redis Dependency]
     end
     subgraph "Audit Trail"
@@ -239,19 +235,19 @@ sequenceDiagram
 #### 3.0.2. Three-Tier Filtering Strategy
-E11y uses a **3-tier approach** to balance security and performance:
+E11y uses a **3-tier approach** to balance security and performance. Code uses `pii_filtering_mode` returning `:no_pii`, `:rails_filters`, or `:explicit_pii`:
-| Tier | Strategy | Cost | Use Case | Events/sec |
+| Mode | Strategy | Cost | Use Case | Events/sec |
 |------|----------|------|----------|------------|
-| **Tier 1** | Skip filtering | 0ms | Health checks, metrics, internal events | 500 |
-| **Tier 2** | Rails filters only | ~0.05ms | Standard events (known PII keys) | 400 |
-| **Tier 3** | Deep filtering | ~0.2ms | User data, payments, complex nested | 100 |
+| **:no_pii** | Skip filtering | 0ms | Health checks, metrics, internal events | 500 |
+| **:rails_filters** | Rails filters only | ~0.05ms | Standard events (known PII keys) | 400 |
+| **:explicit_pii** | Deep filtering | ~0.2ms | User data, payments, complex nested | 100 |
 **Performance Budget:**
 ```
-500 events/sec × 0ms     = 0ms CPU/sec      (Tier 1)
-400 events/sec × 0.05ms  = 20ms CPU/sec     (Tier 2)
-100 events/sec × 0.2ms   = 20ms CPU/sec     (Tier 3)
+500 events/sec × 0ms     = 0ms CPU/sec      (:no_pii)
+400 events/sec × 0.05ms  = 20ms CPU/sec     (:rails_filters)
+100 events/sec × 0.2ms   = 20ms CPU/sec     (:explicit_pii)
 ---
 Total: 40ms CPU/sec = 4% CPU on single core ✅
 ```
@@ -268,7 +264,7 @@ class Events::HealthCheck < E11y::Event::Base
   end
   # ✅ Explicit: This event contains NO PII
-  contains_pii false  # Skip all PII filtering (Tier 1)
+  contains_pii false  # Skip all PII filtering (:no_pii)
 end
 ```
@@ -280,7 +276,7 @@ class Events::OrderCreated < E11y::Event::Base
     required(:amount).filled(:float)
   end
-  # No declaration → Rails filters applied (Tier 2, default)
+  # No declaration → Rails filters applied (:rails_filters, default)
   # Uses: Rails.application.config.filter_parameters
 end
 ```
@@ -296,7 +292,7 @@ class Events::UserRegistered < E11y::Event::Base
   end
   # ✅ Explicit: This event contains PII
-  contains_pii true  # Tier 3: Deep filtering
+  contains_pii true  # :explicit_pii: Deep filtering
   pii_filtering do
     # ✅ MANDATORY: Explicit declaration for EACH schema field
@@ -389,7 +385,7 @@ module E11y
   module Linters
     class PiiDeclarationLinter
       def self.validate_all!
-        E11y::Registry.all_events.each do |event_class|
+        E11y::Registry.event_classes.each do |event_class|
           validate!(event_class)
         end
       end
@@ -480,7 +476,7 @@ namespace :e11y do
       errors = []
       warnings = []
-      E11y::Registry.all_events.each do |event_class|
+      E11y::Registry.event_classes.each do |event_class|
         begin
           E11y::Linters::PiiDeclarationLinter.validate!(event_class)
@@ -567,7 +563,7 @@ end
 #### 3.0.6. Default Behavior
 **If `contains_pii` not specified:**
-- ✅ Apply Rails filters only (Tier 2)
+- ✅ Apply Rails filters only (:rails_filters)
 - ✅ Fast (0.05ms overhead)
 - ✅ Covers 90% of use cases (password, token, secret, api_key)
 - ⚠️ No linter validation (assumes you know what you're doing)
@@ -639,7 +635,10 @@ end
       └─→ PII Filtering (per-adapter, different rules per destination)
    ```
-**Key Insight:** PII filtering is **NOT a global middleware** — it's applied **inside each adapter** with different rules!
+**Key Insight (Hybrid Implementation):** PII filtering uses a **hybrid model**:
+- **:no_pii / :rails_filters:** Global middleware (PIIFilter) — skip or Rails filters only
+- **:explicit_pii without exclude_adapters:** Global middleware — single filtered payload
+- **:explicit_pii with exclude_adapters:** Per-adapter — PIIFilter produces `payload_rewrites`, Routing merges overrides per adapter (e.g. audit gets original for GDPR Art. 6(1)(c))
 ### 3.1. Rails Integration
@@ -1908,7 +1907,7 @@ RSpec.describe 'PII Filtering', type: :integration do
     end
   end
-  describe 'Tier 1: No PII (Skip Filtering)' do
+  describe ':no_pii (Skip Filtering)' do
     let(:event_class) { Events::HealthCheck }
     let(:payload) { { status: 'ok' } }
@@ -1924,7 +1923,7 @@ RSpec.describe 'PII Filtering', type: :integration do
     end
   end
-  describe 'Tier 2: Rails Filters Only' do
+  describe ':rails_filters (Rails Filters Only)' do
     let(:event_class) { Events::OrderCreated }
     let(:payload) do
       {
@@ -1950,7 +1949,7 @@ RSpec.describe 'PII Filtering', type: :integration do
     end
   end
-  describe 'Tier 3: Deep Filtering' do
+  describe ':explicit_pii (Deep Filtering)' do
     let(:event_class) { Events::UserRegistered }
     let(:payload) do
       {
@@ -1994,9 +1993,9 @@ RSpec.describe 'PII Filtering', type: :integration do
   describe 'Performance Regression Test' do
     it 'meets performance budget for 1000 events/sec' do
       events = [
-        { class: Events::HealthCheck, payload: { status: 'ok' }, count: 500 },         # Tier 1
-        { class: Events::OrderCreated, payload: { id: 'o1' }, count: 400 },            # Tier 2
-        { class: Events::UserLogin, payload: { email: 'u@x.com' }, count: 100 }        # Tier 3
+        { class: Events::HealthCheck, payload: { status: 'ok' }, count: 500 },         # :no_pii
+        { class: Events::OrderCreated, payload: { id: 'o1' }, count: 400 },            # :rails_filters
+        { class: Events::UserLogin, payload: { email: 'u@x.com' }, count: 100 }        # :explicit_pii
       ]
       start = Time.now
@@ -2112,7 +2111,7 @@ end
 bundle exec rspec spec/lib/e11y/security/pii_filtering_spec.rb
 # Test specific tier
-bundle exec rspec spec/lib/e11y/security/pii_filtering_spec.rb -e "Tier 3"
+bundle exec rspec spec/e11y/middleware/pii_filtering_spec.rb -e "explicit_pii"
 # Performance test
 bundle exec rspec spec/lib/e11y/security/pii_filtering_spec.rb -e "Performance"
@@ -2183,31 +2182,65 @@ module E11y
       def initialize(config)
         @limit = config.limit  # events per second
         @window = config.window || 1.second
-        @strategy = config.strategy || :sliding_window
-        @redis = config.redis
-        @counter = initialize_counter
+        # In-memory token bucket (no Redis dependency)
+        @bucket = TokenBucket.new(
+          capacity: @limit,
+          refill_rate: @limit,
+          window: @window.to_f
+        )
       end
       def allow?(event_data = nil)
-        @counter.increment('global')
-        current_rate = @counter.rate('global', window: @window)
-        current_rate <= @limit
+        @bucket.allow?
       end
       def current_rate
-        @counter.rate('global', window: @window)
+        # Calculate current rate based on tokens consumed
+        @limit - @bucket.tokens
       end
       private
-      def initialize_counter
-        if @redis
-          RedisCounter.new(@redis, strategy: @strategy)
-        else
-          InMemoryCounter.new(strategy: @strategy)
+      class TokenBucket
+        def initialize(capacity:, refill_rate:, window:)
+          @capacity = capacity
+          @refill_rate = refill_rate
+          @window = window
+          @tokens = capacity.to_f
+          @last_refill = Time.now
+          @mutex = Mutex.new
+        end
+        def allow?
+          @mutex.synchronize do
+            refill_tokens
+            if @tokens >= 1.0
+              @tokens -= 1.0
+              true
+            else
+              false
+            end
+          end
+        end
+        def tokens
+          @mutex.synchronize do
+            refill_tokens
+            @tokens
+          end
+        end
+        private
+        def refill_tokens
+          now = Time.now
+          elapsed = now - @last_refill
+          return if elapsed <= 0
+          tokens_to_add = elapsed * @refill_rate
+          @tokens = [@tokens + tokens_to_add, @capacity].min
+          @last_refill = now
         end
       end
     end
@@ -2252,9 +2285,18 @@ module E11y
         @limits = config.limits || {}
         @default_limit = config.default_limit || Float::INFINITY
         @window = config.window || 1.second
-        @redis = config.redis
-        @counter = initialize_counter
+        # In-memory token buckets per event type (lazy initialization)
+        @buckets = Hash.new do |hash, event_name|
+          limit = @limits[event_name] || @default_limit
+          next nil if limit == Float::INFINITY
+          hash[event_name] = TokenBucket.new(
+            capacity: limit,
+            refill_rate: limit,
+            window: @window.to_f
+          )
+        end
+        @mutex = Mutex.new
       end
       def allow?(event_data)
@@ -2263,15 +2305,15 @@ module E11y
         return true if limit == Float::INFINITY
-        @counter.increment(event_name)
-        current_rate = @counter.rate(event_name, window: @window)
-        current_rate <= limit
+        bucket = @mutex.synchronize { @buckets[event_name] }
+        bucket&.allow? || false
       end
       def current_rate(event_name)
-        @counter.rate(event_name, window: @window)
+        bucket = @mutex.synchronize { @buckets[event_name] }
+        return Float::INFINITY unless bucket
+        limit = @limits[event_name] || @default_limit
+        limit - bucket.tokens
       end
     end
   end
@@ -2316,9 +2358,16 @@ module E11y
         @limit = config.limit
         @window = config.window || 1.minute
         @context_keys = config.context_keys || [:user_id]
-        @redis = config.redis
-        @counter = initialize_counter
+        # In-memory token buckets per context value (lazy initialization)
+        @buckets = Hash.new do |hash, context_value|
+          hash[context_value] = TokenBucket.new(
+            capacity: @limit,
+            refill_rate: @limit,
+            window: @window.to_f
+          )
+        end
+        @mutex = Mutex.new
       end
       def allow?(event_data)
@@ -2326,12 +2375,8 @@ module E11y
         return true unless context_value
-        key = "context:#{context_value}"
-        @counter.increment(key)
-        current_rate = @counter.rate(key, window: @window)
-        current_rate <= @limit
+        bucket = @mutex.synchronize { @buckets[context_value] }
+        bucket.allow?
       end
       private
@@ -2376,88 +2421,58 @@ end
 ---
-### 4.4. Redis Integration
+### 4.4. In-Memory Token Bucket Implementation
+**Design Decision:** In-memory token bucket algorithm (no Redis dependency).
-**Design Decision:** Distributed rate limiting with Redis.
+**Rationale:**
+- ✅ **Fast:** No network latency (O(1) operations, ~0.003ms per event)
+- ✅ **Simple:** No external dependencies (Redis not required)
+- ✅ **Thread-safe:** Mutex-protected token buckets
+- ✅ **Smooth rate limiting:** Token bucket avoids bursty behavior
+- ⚠️ **Trade-off:** Per-process limits (not shared across instances)
+**Current Implementation:**
 ```ruby
 module E11y
-  module RateLimiting
-    class RedisCounter
-      def initialize(redis, strategy: :sliding_window)
-        @redis = redis
-        @strategy = strategy
-      end
-      def increment(key)
-        case @strategy
-        when :sliding_window
-          increment_sliding_window(key)
-        when :fixed_window
-          increment_fixed_window(key)
-        when :token_bucket
-          increment_token_bucket(key)
-        end
-      end
-      def rate(key, window:)
-        case @strategy
-        when :sliding_window
-          count_sliding_window(key, window)
-        when :fixed_window
-          count_fixed_window(key, window)
-        when :token_bucket
-          tokens_remaining(key)
-        end
-      end
-      private
-      # Sliding Window (most accurate)
-      def increment_sliding_window(key)
-        now = Time.now.to_f
-        redis_key = "e11y:rate:#{key}"
-        @redis.multi do |multi|
-          multi.zadd(redis_key, now, "#{now}:#{SecureRandom.uuid}")
-          multi.expire(redis_key, 60)
-        end
-      end
-      def count_sliding_window(key, window)
-        now = Time.now.to_f
-        cutoff = now - window.to_f
-        redis_key = "e11y:rate:#{key}"
-        # Remove old entries
-        @redis.zremrangebyscore(redis_key, '-inf', cutoff)
-        # Count remaining
-        @redis.zcard(redis_key)
-      end
-      # Fixed Window (simpler, less accurate)
-      def increment_fixed_window(key)
-        window_key = current_window_key(key)
-        @redis.multi do |multi|
-          multi.incr(window_key)
-          multi.expire(window_key, 60)
+  module Middleware
+    class RateLimiting < Base
+      def initialize(app, global_limit: 10_000, per_event_limit: 1_000, window: 1.0)
+        super(app)
+        @global_limit = global_limit
+        @per_event_limit = per_event_limit
+        @window = window
+        # Token buckets for rate limiting (in-memory)
+        @global_bucket = TokenBucket.new(
+          capacity: @global_limit,
+          refill_rate: @global_limit,
+          window: @window
+        )
+        @per_event_buckets = Hash.new do |hash, event_name|
+          hash[event_name] = TokenBucket.new(
+            capacity: @per_event_limit,
+            refill_rate: @per_event_limit,
+            window: @window
+          )
         end
+        @mutex = Mutex.new
       end
-      def count_fixed_window(key, window)
-        window_key = current_window_key(key)
-        @redis.get(window_key).to_i
-      end
-      def current_window_key(key)
-        window_start = (Time.now.to_i / 1) * 1  # 1-second windows
-        "e11y:rate:fixed:#{key}:#{window_start}"
-      end
-      # Token Bucket (burst-friendly)
-      def increment_token_bucket(key)
+    end
+  end
+end
+```
+**Why Not Redis?**
+- ❌ **Complexity:** Adds external dependency and infrastructure overhead
+- ❌ **Latency:** Network round-trip adds ~0.25ms per event (83x slower)
+- ❌ **Not needed:** Per-process rate limiting is sufficient for event tracking
+- ✅ **User feedback:** "outdated solution"
+**Note:** In-memory rate limiting is sufficient for most use cases. Each application process maintains its own rate limits, which is appropriate for event tracking workloads. If distributed rate limiting is needed in the future, it can be added as an optional feature.
+---
         redis_key = "e11y:rate:bucket:#{key}"
         # Lua script for atomic token consumption
@@ -3213,44 +3228,24 @@ end
 ```ruby
 # config/initializers/e11y.rb
 E11y.configure do |config|
-  config.security.baggage_protection do
-    enabled true  # ✅ CRITICAL: Always enable in production
-    # Allowlist: Only these keys allowed in baggage
-    allowed_keys [
-      'trace_id',
-      'span_id',
-      'environment',
-      'version',
-      'service_name',
-      'deployment_id',
-      'request_id',
-      # Custom safe keys (optional):
-      'feature_flag_id',   # Feature flag identifier (not PII)
-      'ab_test_variant'    # A/B test variant (not PII)
-    ]
-    # Block mode (how to handle violations)
-    block_mode :silent   # Options: :silent, :warn, :raise
-    # Monitoring
-    on_blocked_key do |key, value, caller_location|
-      # Track violations for security audit
-      Yabeda.e11y_baggage_pii_blocked.increment(
-        key: key,
-        service: ENV['SERVICE_NAME']
-      )
-      # Alert on critical violations
-      if key.match?(/email|password|ssn|credit_card/)
-        Sentry.capture_message(
-          "Critical PII blocked from baggage: #{key}",
-          level: :warning,
-          extra: { caller: caller_location }
-        )
-      end
-    end
-  end
+  config.security_baggage_protection_enabled = true  # ✅ CRITICAL: Always enable in production
+  # Allowlist: Only these keys allowed in baggage
+  config.security_baggage_protection_allowed_keys = [
+    'trace_id',
+    'span_id',
+    'environment',
+    'version',
+    'service_name',
+    'deployment_id',
+    'request_id',
+    # Custom safe keys (optional):
+    'feature_flag_id',   # Feature flag identifier (not PII)
+    'ab_test_variant'    # A/B test variant (not PII)
+  ]
+  # Block mode (how to handle violations)
+  config.security_baggage_protection_block_mode = :silent  # Options: :silent, :warn, :raise
 end
 ```
@@ -3314,14 +3309,12 @@ OpenTelemetry::Baggage.set_value('request_id', SecureRandom.uuid)
 ```ruby
 # config/environments/development.rb
 E11y.configure do |config|
-  config.security.baggage_protection do
-    enabled true
-    # RAISE exception on blocked keys (fail fast)
-    block_mode :raise  # ← Developer sees error immediately
-    allowed_keys E11y::Middleware::BaggageProtection::ALLOWED_KEYS
-  end
+  config.security_baggage_protection_enabled = true
+  # RAISE exception on blocked keys (fail fast)
+  config.security_baggage_protection_block_mode = :raise  # ← Developer sees error immediately
+  config.security_baggage_protection_allowed_keys = E11y::BAGGAGE_PROTECTION_DEFAULT_ALLOWED_KEYS
 end
 # Developer tries to set PII in baggage:
@@ -3426,11 +3419,11 @@ Events::UserLogin.track(
 **Metadata Flags:**
 - `:pii_filtered` - Event already went through PII filtering (set by PII filter middleware)
-- `:replayed` - Event is being replayed from DLQ (set by DLQ replay service)
+- `:dlq_replayed` - Event is being replayed from DLQ (set by DLQ replay service)
 **When to Skip PII Filtering:**
 1. Event has `:pii_filtered => true` (already processed)
-2. Event has `:replayed => true` (replay scenario)
+2. Event has `:dlq_replayed => true` (replay scenario)
 3. Both flags present → skip PII filtering entirely
 ### 5.6.3. PiiFilter Middleware with Replay Detection
@@ -3457,7 +3450,7 @@ module E11y
         # Check if event contains PII
         unless event_class.contains_pii?
-          # No PII declared, skip filtering (Tier 1)
+          # No PII declared, skip filtering (:no_pii)
           return event_data
         end
@@ -3477,7 +3470,7 @@ module E11y
         metadata = event_data[:metadata] || {}
         # Check for replay flag
-        return true if metadata[:replayed]
+        return true if metadata[:dlq_replayed]
         # Check for already-filtered flag
         return true if metadata[:pii_filtered]
@@ -3507,7 +3500,7 @@ module E11y
         # ✅ CRITICAL: Mark as replayed (skip transformations)
         event_data[:metadata] ||= {}
-        event_data[:metadata][:replayed] = true
+        event_data[:metadata][:dlq_replayed] = true
         event_data[:metadata][:pii_filtered] = true  # Already filtered!
         event_data[:metadata][:replayed_at] = Time.now.utc.iso8601
         event_data[:metadata][:original_event_id] = event_data[:event_id]
@@ -3560,7 +3553,7 @@ E11y.configure do |config|
   config.dlq.replay do
     # Metadata flags for replayed events
     set_metadata_flags do
-      replayed true
+      dlq_replayed true
       pii_filtered true
       replay_timestamp true
       original_event_id true
@@ -4022,7 +4015,7 @@ RSpec.describe E11y::RateLimiting do
       end
       # Exceed limit
-      E11y.config.rate_limiting.global.limit = 100
+      E11y.config.rate_limiting_global_limit = 100
       expect(Events::Test.track(message: 'over limit')).to be_falsey
     end

data/docs/{ADR-007-opentelemetry-integration.md → architecture/ADR-007-opentelemetry-integration.md} RENAMED Viewed

@@ -127,25 +127,7 @@ C4Context
 **Configuration:**
-```ruby
-# config/initializers/e11y.rb
-E11y.configure do |config|
-  # Option 1: Yabeda only (DEFAULT, recommended for Rails)
-  config.metrics do
-    backend :yabeda  # Prometheus via Yabeda
-  end
-  # Option 2: OpenTelemetry only (for OTLP backends)
-  # config.metrics do
-  #   backend :opentelemetry  # OTLP via OTel SDK
-  # end
-  # Option 3: Both (for migration period ONLY)
-  # config.metrics do
-  #   backend [:yabeda, :opentelemetry]  # ⚠️ DOUBLE OVERHEAD!
-  # end
-end
-```
+Metrics are emitted via Yabeda adapter when events with `metrics do` are tracked. Register Yabeda adapter in `config.adapters`.
 **Metrics Adapter Pattern:**
@@ -756,7 +738,7 @@ module E11y
         return true if event[:severity].in?([:error, :fatal])
         # Check if event matches span creation patterns
-        E11y.config.opentelemetry.span_creation_patterns.any? do |pattern|
+        E11y.config.opentelemetry_span_creation_patterns.any? do |pattern|
           File.fnmatch(pattern, event[:event_name])
         end
       end
@@ -1068,7 +1050,7 @@ module E11y
         return true if event[:severity].in?([:error, :fatal])
         # Check configured patterns
-        patterns = E11y.config.opentelemetry.span_creation_patterns || []
+        patterns = E11y.config.opentelemetry_span_creation_patterns || []
         patterns.any? { |pattern| File.fnmatch(pattern, event[:event_name]) }
       end