@company-semantics/contracts 0.140.0 → 0.142.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/index.ts +18 -0
- package/src/pressure.ts +57 -0
- package/src/queryIntent.ts +42 -0
- package/src/sse.ts +10 -0
- package/src/timeouts.ts +27 -0
package/package.json
CHANGED
package/src/index.ts
CHANGED
|
@@ -619,3 +619,21 @@ export type { MutationPolicy } from './mutations'
|
|
|
619
619
|
// Observability envelope types (shared metric shape)
|
|
620
620
|
export { REQUEST_ID_HEADER } from './observability'
|
|
621
621
|
export type { Labels, MetricEnvelope, SchedulerMetricName } from './observability'
|
|
622
|
+
|
|
623
|
+
// Long-lived route vocabulary (PRD-00485 SSE / event-stream isolation)
|
|
624
|
+
export type { LongLivedRouteOptions } from './sse'
|
|
625
|
+
|
|
626
|
+
// Query intent vocabulary (PRD-00486 per-tier DB query timeouts + circuit breaker)
|
|
627
|
+
export type { QueryIntent } from './queryIntent'
|
|
628
|
+
|
|
629
|
+
// System pressure vocabulary (PRD-00489 load-shed + progressive degradation)
|
|
630
|
+
export {
|
|
631
|
+
SYSTEM_PRESSURE_HEADER,
|
|
632
|
+
HEAP_SHED_PCT,
|
|
633
|
+
HEAP_CLEAR_PCT,
|
|
634
|
+
CLEAR_HOLDDOWN_MS,
|
|
635
|
+
} from './pressure'
|
|
636
|
+
export type { SystemPressureValue, ShedResponse } from './pressure'
|
|
637
|
+
|
|
638
|
+
// Timeout ladder (PRD-00491 end-to-end timing budgets)
|
|
639
|
+
export { TIMEOUT_LADDER_MS, getTimeoutForTier } from './timeouts'
|
package/src/pressure.ts
ADDED
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* System pressure vocabulary (PRD-00489 load-shed + progressive degradation).
|
|
3
|
+
*
|
|
4
|
+
* Canonical contract shared between backend and frontend for signalling
|
|
5
|
+
* resource pressure. The backend sets the `X-System-Pressure` response header
|
|
6
|
+
* (normal|degraded) whenever a load-shed window is active; the frontend
|
|
7
|
+
* observes the header in its fetch layer and routes the signal to a single
|
|
8
|
+
* SystemPressureProvider. Threshold constants are shared so both sides reason
|
|
9
|
+
* about the same hysteresis window.
|
|
10
|
+
*
|
|
11
|
+
* Per feedback_tenant_induced_not_503: tenant-visible shedding returns 429
|
|
12
|
+
* with the `tenant_quota_shed` body shape. Per feedback_derive_dont_duplicate
|
|
13
|
+
* the constants below are the single source of truth — do not duplicate
|
|
14
|
+
* these literals in backend or app code.
|
|
15
|
+
*/
|
|
16
|
+
|
|
17
|
+
/**
|
|
18
|
+
* Canonical response header used to signal system pressure to clients.
|
|
19
|
+
* Frontend imports this to avoid stringly-typed header lookups.
|
|
20
|
+
*/
|
|
21
|
+
export const SYSTEM_PRESSURE_HEADER = 'X-System-Pressure';
|
|
22
|
+
|
|
23
|
+
/**
|
|
24
|
+
* Values carried on the `X-System-Pressure` header. `degraded` indicates the
|
|
25
|
+
* backend is actively shedding P3 traffic; `normal` indicates the controller
|
|
26
|
+
* is quiescent.
|
|
27
|
+
*/
|
|
28
|
+
export type SystemPressureValue = 'normal' | 'degraded';
|
|
29
|
+
|
|
30
|
+
/**
|
|
31
|
+
* Heap-utilisation ratio above which the load-shed controller begins
|
|
32
|
+
* shedding new P3 traffic.
|
|
33
|
+
*/
|
|
34
|
+
export const HEAP_SHED_PCT = 0.75;
|
|
35
|
+
|
|
36
|
+
/**
|
|
37
|
+
* Heap-utilisation ratio at or below which the controller becomes eligible
|
|
38
|
+
* to clear the shed window (paired with CLEAR_HOLDDOWN_MS).
|
|
39
|
+
*/
|
|
40
|
+
export const HEAP_CLEAR_PCT = 0.6;
|
|
41
|
+
|
|
42
|
+
/**
|
|
43
|
+
* Hysteresis: heap pressure must remain below HEAP_CLEAR_PCT for at least
|
|
44
|
+
* this many milliseconds before the shed window clears. Prevents oscillation
|
|
45
|
+
* when heap hovers around the threshold.
|
|
46
|
+
*/
|
|
47
|
+
export const CLEAR_HOLDDOWN_MS = 30_000;
|
|
48
|
+
|
|
49
|
+
/**
|
|
50
|
+
* Response body returned with HTTP 429 when a P3 request is shed at ingress.
|
|
51
|
+
* `retryAfter` mirrors the `Retry-After` header value (seconds).
|
|
52
|
+
*/
|
|
53
|
+
export type ShedResponse = {
|
|
54
|
+
error: 'tenant_quota_shed';
|
|
55
|
+
retryAfter: number;
|
|
56
|
+
reason: 'heap_pressure' | 'queue_depth';
|
|
57
|
+
};
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Query intent vocabulary (PRD-00486).
|
|
3
|
+
*
|
|
4
|
+
* A string-literal union naming the hot-path database reads/writes the
|
|
5
|
+
* backend currently serves. The backend's `tenantDb.query(intent, fn, opts)`
|
|
6
|
+
* wrapper uses this union to:
|
|
7
|
+
*
|
|
8
|
+
* 1. look up a per-intent budget via `budgetMsOf()` (derived from tier),
|
|
9
|
+
* 2. key the per-intent circuit breaker in
|
|
10
|
+
* `src/server/plugins/circuit-breaker.ts`, and
|
|
11
|
+
* 3. label observability counters (`query_timeout_total{intent,tier,orgId}`,
|
|
12
|
+
* `query_duration_ms{intent,tier}`).
|
|
13
|
+
*
|
|
14
|
+
* The tier vocabulary (P0/P1/P2/P3) is shared with PRD-00484's request
|
|
15
|
+
* scheduler (see `./requests#Tier`). Per feedback_derive_dont_duplicate the
|
|
16
|
+
* budget ceilings live in a single table in
|
|
17
|
+
* `company-semantics-backend/src/db/query-intent.ts` and are derived from
|
|
18
|
+
* tier; there is no parallel registry here. This file is the type-only
|
|
19
|
+
* authority for the intent set itself.
|
|
20
|
+
*/
|
|
21
|
+
export type QueryIntent =
|
|
22
|
+
| 'me.read'
|
|
23
|
+
| 'workspace.read'
|
|
24
|
+
| 'workspace.write'
|
|
25
|
+
| 'company-md.tree.read'
|
|
26
|
+
| 'company-md.doc.read'
|
|
27
|
+
| 'company-md.doc.write'
|
|
28
|
+
| 'company-md.settings.read'
|
|
29
|
+
| 'company-md.settings.write'
|
|
30
|
+
| 'chats.events'
|
|
31
|
+
| 'chats.write'
|
|
32
|
+
| 'billing.read'
|
|
33
|
+
| 'ai-usage.read'
|
|
34
|
+
| 'audit.read'
|
|
35
|
+
| 'invites.read'
|
|
36
|
+
| 'invites.write'
|
|
37
|
+
| 'integrations.status.read'
|
|
38
|
+
| 'org.transfer.status.read'
|
|
39
|
+
| 'org.deletion.eligibility.read'
|
|
40
|
+
| 'user.preferences.read'
|
|
41
|
+
| 'user.preferences.write'
|
|
42
|
+
| 'admin.impersonate.events';
|
package/src/sse.ts
ADDED
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Long-lived route vocabulary (e.g. SSE / text/event-stream).
|
|
3
|
+
*
|
|
4
|
+
* Paired with the runtime decorator `longLived()` and reader `isLongLived(req)`
|
|
5
|
+
* in company-semantics-backend/src/server/plugins/long-lived.ts. Structurally
|
|
6
|
+
* disjoint from the PRD-00484 `Tier` vocabulary: a route may carry both a
|
|
7
|
+
* transactional `tier` and a `longLived` flag, but the flag selects the SSE
|
|
8
|
+
* pool (PRD-00485) instead of the transactional semaphore.
|
|
9
|
+
*/
|
|
10
|
+
export type LongLivedRouteOptions = { longLived: true };
|
package/src/timeouts.ts
ADDED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Timeout ladder (PRD-00491).
|
|
3
|
+
*
|
|
4
|
+
* Per-tier hard timeout ceilings shared by every enforcement layer:
|
|
5
|
+
* client fetch, scheduler, backend handler, DB query. Backend and app
|
|
6
|
+
* import from here so the ladder cannot drift between layers.
|
|
7
|
+
*
|
|
8
|
+
* Extends PRD-00486 (backend query timeouts) and PRD-00487 (client fetch
|
|
9
|
+
* timeouts) into a single coherent ladder. Per-intent DB budgets in
|
|
10
|
+
* `company-semantics-backend/src/db/query-intent.ts` are derived from
|
|
11
|
+
* these ceilings (feedback_derive_dont_duplicate).
|
|
12
|
+
*
|
|
13
|
+
* Tiers: P0 = user-blocking, P1 = interactive, P2 = background,
|
|
14
|
+
* P3 = bulk. See `./requests#Tier` for the canonical tier definition.
|
|
15
|
+
*/
|
|
16
|
+
import type { Tier } from './requests';
|
|
17
|
+
|
|
18
|
+
export const TIMEOUT_LADDER_MS: Record<Tier, number> = {
|
|
19
|
+
P0: 2_000,
|
|
20
|
+
P1: 5_000,
|
|
21
|
+
P2: 8_000,
|
|
22
|
+
P3: 15_000,
|
|
23
|
+
};
|
|
24
|
+
|
|
25
|
+
export function getTimeoutForTier(tier: Tier): number {
|
|
26
|
+
return TIMEOUT_LADDER_MS[tier];
|
|
27
|
+
}
|