@limitkit/core 0.1.0

package/dist/index.d.ts

@@ -0,0 +1,702 @@
+/**
+ * Literals of supported rate limiting algorithms.
+ *
+ * Each algorithm offers different trade-offs in terms of accuracy, memory usage, and behavior:
+ * - **FixedWindow**: Simple, resets at fixed intervals (e.g., every minute)
+ * - **SlidingWindow**: Memory-intensive but more accurate than fixed window
+ * - **SlidingWindowCounter**: Hybrid approach with better accuracy than fixed window
+ * - **TokenBucket**: Allows burst traffic while maintaining average rate
+ * - **LeakyBucket**: Smooths traffic flow, good for queue management
+ * - **GCRA**: Generic Cell Rate Algorithm, precise and memory-efficient for telecom use cases
+ * - **Custom**: User-defined rate limiting algorithm
+ */
+type AlgorithmName = "fixed-window" | "sliding-window" | "sliding-window-counter" | "token-bucket" | "leaky-bucket" | "gcra" | (string & {});
+interface BaseConfig {
+    name: AlgorithmName;
+}
+/**
+ * Configuration shared by window-based algorithms (FixedWindow, SlidingWindow, SlidingWindowCounter).
+ */
+interface WindowConfig {
+    /**
+     * Window duration in seconds. Resets occur at this interval.
+     */
+    window: number;
+    /**
+     * Maximum number of requests allowed within the window.
+     */
+    limit: number;
+}
+interface FixedWindowConfig extends BaseConfig, WindowConfig {
+    name: "fixed-window";
+}
+interface SlidingWindowConfig extends BaseConfig, WindowConfig {
+    name: "sliding-window";
+}
+interface SlidingWindowCounterConfig extends BaseConfig, WindowConfig {
+    name: "sliding-window-counter";
+}
+interface TokenBucketConfig extends BaseConfig {
+    name: "token-bucket";
+    /**
+     * Number of tokens to add back to the bucket per second.
+     */
+    refillRate: number;
+    /**
+     * Maximum capacity of the bucket (total tokens it can hold).
+     */
+    capacity: number;
+}
+interface LeakyBucketConfig extends BaseConfig {
+    name: "leaky-bucket";
+    /**
+     * Number of requests to process and leak from the queue per second.
+     */
+    leakRate: number;
+    /**
+     * Maximum number of requests that can be queued at once.
+     */
+    capacity: number;
+}
+interface GCRAConfig extends BaseConfig {
+    name: "gcra";
+    /**
+     * Time interval between request allowances in seconds (1/max-rate bucket).
+     */
+    interval: number;
+    /**
+     * Number of requests that can arrive simultaneously without penalty.
+     */
+    burst: number;
+}
+/**
+ * Configuration for custom rate limiting algorithms
+ */
+interface CustomConfig extends BaseConfig {
+    [key: string]: any;
+}
+/**
+ * Configuration for supported rate limiting algorithms.
+ *
+ * Use the appropriate algorithm configuration based on your use case:
+ * - Window-based (FixedWindow, SlidingWindow, SlidingWindowCounter): Simple rate limiting
+ * - TokenBucket: Supports traffic bursts while maintaining average rate
+ * - LeakyBucket: Smooths traffic, prevents bursts
+ * - GCRA: Precise rate limiting with low memory overhead
+ * - Custom: Custom algorithm
+ */
+type AlgorithmConfig = FixedWindowConfig | SlidingWindowConfig | SlidingWindowCounterConfig | TokenBucketConfig | LeakyBucketConfig | GCRAConfig | CustomConfig;
+
+/**
+ * Represents an algorithm that can be executed
+ * @template TConfig - The configuration schema for the algorithm.
+ */
+interface Algorithm<TConfig extends AlgorithmConfig> {
+    /**
+     * Readonly algorithm configuration
+     */
+    readonly config: TConfig;
+    /**
+     * Validate algorithm configuration values
+     * @returns {void} If the configuration is valid
+     * @throws BadArgumentsException If any of the values violate conditions
+     */
+    validate(): void;
+}
+
+/**
+ * Defines a single rate limiting rule with its associated algorithm and constraints.
+ *
+ * Rules are evaluated in order, and the rate limiter returns the result of the first
+ * rule that reaches its limit. This allows for layered rate limiting (e.g., per-user
+ * and per-IP limits simultaneously).
+ *
+ * @template C The context type used to dynamically determine rule parameters.
+ */
+interface LimitRule<C = unknown> {
+    /**
+     * Unique name/identifier for this rule, used for tracking which rule caused a rate limit.
+     * Appears in debug results when the rule is exceeded.
+     */
+    name: string;
+    /**
+     * The rate limiting key that groups requests together.
+     *
+     * Can be:
+     * - A **fixed string**: All requests use the same limit (e.g., "global-api-limit")
+     * - A **function**: Dynamically determines the key per request (e.g., extract user ID from context)
+     * - An **async function**: For async key resolution (e.g., lookup user tier from database)
+     *
+     * Example: `(ctx) => ctx.userId` to apply per-user rate limits
+     */
+    key: string | ((ctx: C) => string | Promise<string>);
+    /**
+     * Optional cost/weight of each request. Defaults to 1 if not specified.
+     *
+     * Can be:
+     * - A **fixed number**: Every request costs the same (e.g., 1)
+     * - A **function**: Different requests have different costs (e.g., expensive operations cost more)
+     * - An **async function**: For async cost calculation
+     *
+     * Useful for implementing tiered request costs where some operations are more resource-intensive
+     * and should count as multiple requests against the rate limit.
+     */
+    cost?: number | ((ctx: C) => number | Promise<number>);
+    /**
+     * The rate limiting algorithm and its configuration.
+     *
+     * Can be:
+     * - A **fixed policy**: Same algorithm for all requests (e.g., 100 requests per minute)
+     * - A **function**: Dynamically choose algorithm per request (e.g., stricter limits for free tier users)
+     * - An **async function**: For async policy resolution (e.g., fetch limits from a service)
+     */
+    policy: PolicyResolver<C>;
+}
+/**
+ * Resolver function type for rate limit policies.
+ */
+type PolicyResolver<C> = Algorithm<AlgorithmConfig> | ((ctx: C) => Algorithm<AlgorithmConfig> | Promise<Algorithm<AlgorithmConfig>>);
+
+/**
+ * Result of a rate limit check for a single request.
+ *
+ * Indicates whether the request is allowed, the maximum number of requests can be made, how many requests remain in the current
+ * window, when the limit resets and how many seconds to wait before retrying.
+ */
+interface RateLimitResult {
+    /**
+     * Whether the request is allowed (true = within limits, false = limit exceeded).
+     */
+    allowed: boolean;
+    /**
+     * The maximum number of requests the client can make
+     */
+    limit: number;
+    /**
+     * Number of requests remaining in the current rate limit window.
+     * When `allowed` is false, this is typically 0.
+     */
+    remaining: number;
+    /**
+     * Unix timestamp (in milliseconds) when the rate limit counter fully resets.
+     * Useful for implementing client-side backoff strategies.
+     */
+    reset: number;
+    /**
+     * If the request is rate limited, suggests how many seconds to wait before retrying.
+     * Clients should use exponential backoff and add jitter, rather than strictly following this value.
+     * Only present when `allowed` is false.
+     */
+    retryAfter?: number;
+}
+/**
+ * Extended rate limit result with debug information.
+ *
+ * Returned when debug mode is enabled on the RateLimiter. Includes details about
+ * all evaluated rules and which rule caused the rate limit (if any).
+ */
+interface DebugLimitResult extends RateLimitResult {
+    /**
+     * The name of the rule that caused the rate limit to be exceeded.
+     * If the request was allowed, this is null.
+     */
+    failedRule: string | null;
+    /**
+     * An array of results from the first rule to the first failed one
+     */
+    details: (RateLimitResult & {
+        name: string;
+    })[];
+}
+
+/**
+ * Interface for a rate limiter that enforces rate limit rules.
+ *
+ * @template C The context type passed to the limiter to determine dynamic rule values.
+ */
+interface Limiter<C = unknown> {
+    /**
+     * Check if a request is allowed under the configured rate limits.
+     *
+     * Evaluates all configured rules in order and returns the result of the first rule
+     * that limits the request. If all rules allow the request, returns a positive result.
+     *
+     * @param ctx - Context object containing information about the request (e.g., user ID, IP address).
+     *              Used to dynamically determine rule keys, costs, and policies.
+     * @returns A promise that resolves to the result of the rate limit check, including
+     *          whether the request is allowed and when the limit resets.
+     */
+    consume(ctx: C): Promise<RateLimitResult>;
+}
+
+/**
+ * Interface for a storage backend that tracks rate limiting state.
+ *
+ * Implementations can use various backends (in-memory, Redis, DynamoDB, etc.)
+ * to persist the request counts and windows needed by rate limiting algorithms.
+ */
+interface Store {
+    /**
+     * Process a request and update the stored rate limit state for the given key.
+     *
+     * Atomically updates the counter for the given key based on the specified algorithm
+     * and returns the result (whether the request is allowed and when the limit resets).
+     * @template TConfig - Algorithm-dependent configuration schema
+     * @param key - The rate limiting key that identifies what entity is being limited
+     *              (e.g., "user-123", "ip-192.168.1.1"). Requests with the same key
+     *              share the same rate limit quota.
+     * @param algorithm - The rate limiting algorithm configuration to apply.
+     * @param now - Unix timestamp in millisecond
+     * @param cost - The cost/weight of this request. Defaults to 1. Higher costs consume
+     *               more quota (useful for charging different amounts for different operations).
+     * @returns A promise that resolves to the rate limit check result.
+     */
+    consume<TConfig extends AlgorithmConfig>(key: string, algorithm: Algorithm<TConfig>, now: number, cost?: number): Promise<RateLimitResult>;
+}
+
+/**
+ * Represents a configuration object for the rate limiter
+ */
+interface RateLimitConfig<C = unknown> {
+    /**
+     * A set of rate limiting rules to apply.
+     */
+    rules: LimitRule<C>[];
+    /**
+     * The storage backend for tracking rate limit state.
+     */
+    store: Store;
+    /**
+     * Optional. When true, returns detailed information about
+     * each evaluated rule. Useful for troubleshooting. Defaults to false.
+     */
+    debug?: boolean;
+}
+
+/**
+ * Core rate limiter implementation that enforces rate limiting rules.
+ *
+ * The RateLimiter evaluates rules in order and returns the result of the first rule
+ * that limits the request. If all rules allow the request, it returns a positive result.
+ *
+ * Use cases:
+ * - API rate limiting (requests per second/minute)
+ * - Preventing brute force attacks
+ * - Protecting backend resources from traffic spikes
+ * - Multi-tier rate limiting (e.g., per-user AND per-IP limits simultaneously)
+ *
+ * @template C The context type that contains information about each request.
+ *             Passed to rule resolvers to dynamically determine keys, costs, and policies.
+ *
+ * @example
+ * ```typescript
+ * const limiter = new RateLimiter({
+ *   store: redisStore,
+ *   rules: [
+ *     {
+ *       name: 'per-user-limit',
+ *       key: (ctx) => ctx.userId,
+ *       policy: new RedisFixedWindow({ name: 'fixed-window', window: 60, limit: 100 })
+ *     }
+ *   ]
+ * });
+ *
+ * const result = await limiter.consume({ userId: 'user-123' });
+ * if (!result.allowed) {
+ *   return 429 with headers: Retry-After: result.retryAfter
+ * }
+ * ```
+ * @see Limiter
+ * @see LimitRule
+ * @see Store
+ */
+declare class RateLimiter<C = unknown> implements Limiter<C> {
+    private rules;
+    private debug;
+    private store;
+    /**
+     * Create a new rate limiter instance.
+     * @throws {EmptyRulesException} If the list of rules is empty
+     * @param config - Configuration for the rate limiter
+     * @see RateLimitConfig
+     */
+    constructor({ rules, debug, store }: RateLimitConfig<C>);
+    /**
+     * Return the configuration object
+     * @returns {RateLimitConfig<C>}
+     */
+    get config(): RateLimitConfig<C>;
+    /**
+     * Check if a request should be allowed under the configured rate limits.
+     *
+     * Evaluates each rule in order from left to right. Returns as soon as a rule is exceeded (request denied).
+     * If all rules allow the request, returns the result of the last rule evaluated.
+     *
+     * Each rule resolution (key, cost, policy) can be static or dynamic:
+     * - Static: evaluated once and reused
+     * - Dynamic: evaluated per request based on context
+     * - Async: evaluated asynchronously (e.g., database lookups)
+     *
+     * @param ctx - Request context passed to rule resolvers to determine dynamic values.
+     * @returns Promise resolving to the rate limit result. If debug mode is enabled,
+     *          includes details about each evaluated rule and which rule failed (if any).
+     *
+     * @example
+     * ```typescript
+     * const result = await limiter.consume({
+     *   userId: 'user-123',
+     *   ip: '192.168.1.1',
+     *   endpoint: '/api/search'
+     * });
+     *
+     * if (!result.allowed) {
+     *   console.log(`Rate limited. Retry in ${result.retryAfter} seconds`);
+     * }
+     * ```
+     */
+    consume(ctx: C): Promise<RateLimitResult>;
+}
+
+declare class BadArgumentsException extends Error {
+    constructor(message: string);
+}
+
+declare class EmptyRulesException extends Error {
+    constructor();
+}
+
+declare class UnknownAlgorithmException extends Error {
+    constructor(algorithm: string);
+}
+
+/**
+ * Prepend additional data to user-defined rate limiting keys, which include:
+ * * Rate limiting algorithm name e.g., `"fixed-window"`, `"sliding-window"`
+ * * SHA-256 hash of the algorithm config object (deterministic order guaranteed)
+ *
+ * @warning Avoid nested or non-primitive key-value pairs to ensure deterministic hash value
+ *
+ * The modified key will have the format: `ratelimit:{algorithm_name}:{sha256_hash}:{key}`
+ * @param config The algorithm config object
+ * @param key The user-defined key
+ * @returns {string} A modified key with the format above
+ */
+declare function addConfigToKey(config: AlgorithmConfig, key: string): string;
+
+/**
+ * Merge two arrays of rules by name such that:
+ * * Local rules override global rules if the name matches
+ * * New local rules are appended
+ * @param globalRules The global rules to be overriden
+ * @param localRules The local rules to be appended or to override global rules
+ * @returns {LimitRule<C>[]} A new list of rules merged from `globalRules` and `localRules`
+ */
+declare function mergeRules<C>(globalRules?: LimitRule<C>[], localRules?: LimitRule<C>[]): LimitRule<C>[];
+
+/**
+ * Base implementation of the **Fixed Window** rate limiting algorithm.
+ *
+ * This class provides the **shared configuration and validation logic**
+ * for fixed window rate limiting but does **not perform rate limiting itself**.
+ *
+ * Concrete implementations must extend this class and provide the execution
+ * logic for a specific storage backend (e.g. Redis, in-memory, database).
+ *
+ * ## Purpose
+ * Separating algorithm configuration from storage execution allows the same
+ * algorithm definition to be reused across multiple stores.
+ *
+ * For example:
+ *
+ * - `InMemoryFixedWindow` — executes the algorithm using in-memory state
+ * - `RedisFixedWindow` — executes the algorithm using Redis + Lua scripts
+ *
+ * ## Usage
+ * End users typically **do not use this class directly**. Instead they should
+ * use a store-specific implementation:
+ *
+ * ```ts
+ * import { InMemoryFixedWindow } from "@limitkit/memory";
+ *
+ * const limiter = new InMemoryFixedWindow({
+ *   name: "fixed-window",
+ *   limit: 100,
+ *   window: 60
+ * });
+ * ```
+ *
+ * @abstract
+ * @implements {Algorithm<FixedWindowConfig>}
+ */
+declare abstract class FixedWindow implements Algorithm<FixedWindowConfig> {
+    readonly config: FixedWindowConfig;
+    constructor(config: FixedWindowConfig);
+    /**
+     * Validates the fixed window configuration.
+     *
+     * Ensures the configured window size and request limit are positive values.
+     *
+     * @throws BadArgumentsException
+     * Thrown if:
+     * - `limit <= 0`
+     * - `window <= 0`
+     */
+    validate(): void;
+}
+
+/**
+ * Base implementation of the **Sliding Window** rate limiting algorithm.
+ *
+ * This class provides the **shared configuration and validation logic**
+ * for sliding window rate limiting but does **not perform rate limiting itself**.
+ *
+ * Concrete implementations must extend this class and provide the execution
+ * logic for a specific storage backend (e.g. Redis, in-memory, database).
+ *
+ * ## Purpose
+ * Separating algorithm configuration from storage execution allows the same
+ * algorithm definition to be reused across multiple stores.
+ *
+ * For example:
+ *
+ * - `InMemorySlidingWindow` — executes the algorithm using in-memory state
+ * - `RedisSlidingWindow` — executes the algorithm using Redis + Lua scripts
+ *
+ * ## Usage
+ * End users typically **do not use this class directly**. Instead they should
+ * use a store-specific implementation:
+ *
+ * ```ts
+ * import { InMemorySlidingWindow } from "@limitkit/memory";
+ *
+ * const limiter = new InMemorySlidingWindow({
+ *   name: "sliding-window",
+ *   limit: 100,
+ *   window: 60
+ * });
+ * ```
+ *
+ * @abstract
+ * @implements {Algorithm<SlidingWindowConfig>}
+ */
+declare abstract class SlidingWindow implements Algorithm<SlidingWindowConfig> {
+    readonly config: SlidingWindowConfig;
+    constructor(config: SlidingWindowConfig);
+    /**
+     * Validates the sliding window configuration.
+     *
+     * Ensures the configured window size and request limit are positive values.
+     *
+     * @throws BadArgumentsException
+     * Thrown if:
+     * - `limit <= 0`
+     * - `window <= 0`
+     */
+    validate(): void;
+}
+
+/**
+ * Base implementation of the **Sliding Window Counter** rate limiting algorithm.
+ *
+ * This class provides the **shared configuration and validation logic**
+ * for sliding window counter rate limiting but does **not perform rate limiting itself**.
+ *
+ * Concrete implementations must extend this class and provide the execution
+ * logic for a specific storage backend (e.g. Redis, in-memory, database).
+ *
+ * ## Purpose
+ * Separating algorithm configuration from storage execution allows the same
+ * algorithm definition to be reused across multiple stores.
+ *
+ * For example:
+ *
+ * - `InMemorySlidingWindowCounter` — executes the algorithm using in-memory state
+ * - `RedisSlidingWindowCounter` — executes the algorithm using Redis + Lua scripts
+ *
+ * ## Usage
+ * End users typically **do not use this class directly**. Instead they should
+ * use a store-specific implementation:
+ *
+ * ```ts
+ * import { InMemorySlidingWindowCounter } from "@limitkit/memory";
+ *
+ * const limiter = new InMemorySlidingWindowCounter({
+ *   name: "sliding-window-counter",
+ *   limit: 100,
+ *   window: 60
+ * });
+ * ```
+ *
+ * @abstract
+ * @implements {Algorithm<SlidingWindowCounterConfig>}
+ */
+declare abstract class SlidingWindowCounter implements Algorithm<SlidingWindowCounterConfig> {
+    readonly config: SlidingWindowCounterConfig;
+    constructor(config: SlidingWindowCounterConfig);
+    /**
+     * Validates the sliding window counter configuration.
+     *
+     * Ensures the configured window size and request limit are positive values.
+     *
+     * @throws BadArgumentsException
+     * Thrown if:
+     * - `limit <= 0`
+     * - `window <= 0`
+     */
+    validate(): void;
+}
+
+/**
+ * Base implementation of the **Token Bucket** rate limiting algorithm.
+ *
+ * This class provides the **shared configuration and validation logic**
+ * for token bucket rate limiting but does **not perform rate limiting itself**.
+ *
+ * Concrete implementations must extend this class and provide the execution
+ * logic for a specific storage backend (e.g. Redis, in-memory, database).
+ *
+ * ## Purpose
+ * Separating algorithm configuration from storage execution allows the same
+ * algorithm definition to be reused across multiple stores.
+ *
+ * For example:
+ *
+ * - `InMemoryTokenBucket` — executes the algorithm using in-memory state
+ * - `RedisTokenBucket` — executes the algorithm using Redis + Lua scripts
+ *
+ * ## Usage
+ * End users typically **do not use this class directly**. Instead they should
+ * use a store-specific implementation:
+ *
+ * ```ts
+ * import { InMemoryTokenBucket } from "@limitkit/memory";
+ *
+ * const limiter = new InMemoryTokenBucket({
+ *   name: "token-bucket",
+ *   capacity: 100,
+ *   refillRate: 5
+ * });
+ * ```
+ *
+ * @abstract
+ * @implements {Algorithm<TokenBucketConfig>}
+ */
+declare abstract class TokenBucket implements Algorithm<TokenBucketConfig> {
+    readonly config: TokenBucketConfig;
+    constructor(config: TokenBucketConfig);
+    /**
+     * Validates the token bucket configuration.
+     *
+     * Ensures the configured capacity and refill rate are positive values.
+     *
+     * @throws BadArgumentsException
+     * Thrown if:
+     * - `capacity <= 0`
+     * - `refillRate <= 0`
+     */
+    validate(): void;
+}
+
+/**
+ * Base implementation of the **Leaky Bucket** rate limiting algorithm.
+ *
+ * This class provides the **shared configuration and validation logic**
+ * for leaky bucket rate limiting but does **not perform rate limiting itself**.
+ *
+ * Concrete implementations must extend this class and provide the execution
+ * logic for a specific storage backend (e.g. Redis, in-memory, database).
+ *
+ * ## Purpose
+ * Separating algorithm configuration from storage execution allows the same
+ * algorithm definition to be reused across multiple stores.
+ *
+ * For example:
+ *
+ * - `InMemoryLeakyBucket` — executes the algorithm using in-memory state
+ * - `RedisLeakyBucket` — executes the algorithm using Redis + Lua scripts
+ *
+ * ## Usage
+ * End users typically **do not use this class directly**. Instead they should
+ * use a store-specific implementation:
+ *
+ * ```ts
+ * import { InMemoryLeakyBucket } from "@limitkit/memory";
+ *
+ * const limiter = new InMemoryLeakyBucket({
+ *   name: "leaky-bucket",
+ *   capacity: 100,
+ *   leakRate: 5
+ * });
+ * ```
+ *
+ * @abstract
+ * @implements {Algorithm<LeakyBucketConfig>}
+ */
+declare abstract class LeakyBucket implements Algorithm<LeakyBucketConfig> {
+    readonly config: LeakyBucketConfig;
+    constructor(config: LeakyBucketConfig);
+    /**
+     * Validates the leaky bucket configuration.
+     *
+     * Ensures the configured capacity and leak rate are positive values.
+     *
+     * @throws BadArgumentsException
+     * Thrown if:
+     * - `capacity <= 0`
+     * - `leakRate <= 0`
+     */
+    validate(): void;
+}
+
+/**
+ * Base implementation of the **GCRA** rate limiting algorithm.
+ *
+ * This class provides the **shared configuration and validation logic**
+ * for sliding window counter rate limiting but does **not perform rate limiting itself**.
+ *
+ * Concrete implementations must extend this class and provide the execution
+ * logic for a specific storage backend (e.g. Redis, in-memory, database).
+ *
+ * ## Purpose
+ * Separating algorithm configuration from storage execution allows the same
+ * algorithm definition to be reused across multiple stores.
+ *
+ * For example:
+ *
+ * - `InMemoryGCRA` — executes the algorithm using in-memory state
+ * - `RedisGCRA` — executes the algorithm using Redis + Lua scripts
+ *
+ * ## Usage
+ * End users typically **do not use this class directly**. Instead they should
+ * use a store-specific implementation:
+ *
+ * ```ts
+ * import { InMemoryGCRA } from "@limitkit/memory";
+ *
+ * const limiter = new InMemoryGCRA({
+ *   name: "gcra",
+ *   burst: 5,
+ *   interval: 1
+ * });
+ * ```
+ *
+ * @abstract
+ * @implements {Algorithm<GCRAConfig>}
+ */
+declare abstract class GCRA implements Algorithm<GCRAConfig> {
+    readonly config: GCRAConfig;
+    constructor(config: GCRAConfig);
+    /**
+     * Validates the GCRA configuration.
+     *
+     * Ensures the configured burst and interval are positive values.
+     *
+     * @throws BadArgumentsException
+     * Thrown if:
+     * - `burst <= 0`
+     * - `interval <= 0`
+     */
+    validate(): void;
+}
+
+export { type Algorithm, type AlgorithmConfig, type AlgorithmName, BadArgumentsException, type BaseConfig, type CustomConfig, type DebugLimitResult, EmptyRulesException, FixedWindow, type FixedWindowConfig, GCRA, type GCRAConfig, LeakyBucket, type LeakyBucketConfig, type LimitRule, type Limiter, type RateLimitConfig, type RateLimitResult, RateLimiter, SlidingWindow, type SlidingWindowConfig, SlidingWindowCounter, type SlidingWindowCounterConfig, type Store, TokenBucket, type TokenBucketConfig, UnknownAlgorithmException, type WindowConfig, addConfigToKey, mergeRules };