@qiaolei81/copilot-session-viewer 0.1.3 → 0.1.4

package/CHANGELOG.md

@@ -5,6 +5,29 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.1.4] - 2026-02-16
+
+### Fixed
+- Rate limiting configuration for insight operations - resolved 429 "Too Many Requests" errors
+- Removed rate limiting from insight status checks (GET requests) - status checks are now unlimited
+- Improved rate limiting differentiation: strict for generation (POST), lenient for access (DELETE)
+- Fixed "Age: NaNs" timestamp display issue in insight generation progress
+- Added missing `ageMs` calculation to backend insight service responses
+- ESLint configuration migration from deprecated `.eslintignore` to modern flat config
+- Minimal `.npmignore` configuration for optimized package publishing (82% size reduction)
+
+### Changed
+- Insight output file renamed from `insight-report.md` to `copilot-insight.md`
+- Insight prompt rewritten to enforce ≤500 character output (down from ~2000 words)
+- Insight now focuses on three essentials: health score, top issue, key recommendation
+- Insight generation rate limiting: 3 requests per 5 minutes (more user-friendly window)
+- Insight access operations: 50 requests per minute (very lenient for status checks)
+- Package size optimized from 298kB to 52kB for npm publishing
+
+### Removed
+- Deprecated `.eslintignore` file in favor of `eslint.config.mjs` ignores property
+- Verbose `.npmignore` entries - simplified to essential exclusions only
+
 ## [0.1.3] - 2026-02-16
 
 ### Added

package/README.md

@@ -111,7 +111,7 @@ npx @qiaolei81/copilot-session-viewer
 │  Data Layer (~/.copilot/session-state/)         │
 │  • events.jsonl (event streams)                 │
 │  • workspace.yaml (metadata)                    │
-│  • insight-report.md (AI analysis)              │
+│  • copilot-insight.md (AI analysis)              │
 └─────────────────────────────────────────────────┘
 ```
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qiaolei81/copilot-session-viewer",
-  "version": "0.1.3",
+  "version": "0.1.4",
   "description": "Web UI for viewing GitHub Copilot CLI session logs",
   "author": "Lei Qiao <qiaolei81@gmail.com>",
   "license": "MIT",

package/src/app.js

@@ -7,7 +7,7 @@ const helmet = require('helmet');
 const config = require('./config');
 
 // Middleware
-const { globalLimiter, insightLimiter, uploadLimiter } = require('./middleware/rateLimiting');
+const { globalLimiter, insightGenerationLimiter, insightAccessLimiter, uploadLimiter } = require('./middleware/rateLimiting');
 const { requestTimeout, developmentCors, errorHandler, notFoundHandler } = require('./middleware/common');
 
 // Controllers
@@ -75,10 +75,10 @@ function createApp(options = {}) {
     uploadController.importSession.bind(uploadController)
   );
 
-  // Insight routes with rate limiting
-  app.post('/session/:id/insight', insightLimiter, insightController.generateInsight.bind(insightController));
-  app.get('/session/:id/insight', insightLimiter, insightController.getInsightStatus.bind(insightController));
-  app.delete('/session/:id/insight', insightLimiter, insightController.deleteInsight.bind(insightController));
+  // Insight routes with appropriate rate limiting
+  app.post('/session/:id/insight', insightGenerationLimiter, insightController.generateInsight.bind(insightController));
+  app.get('/session/:id/insight', insightController.getInsightStatus.bind(insightController)); // Remove rate limiting for GET
+  app.delete('/session/:id/insight', insightAccessLimiter, insightController.deleteInsight.bind(insightController));
 
   // Upload rate limiting
   app.use('/session/import', uploadLimiter);

package/src/config/index.js

@@ -20,8 +20,8 @@ module.exports = {
   // Session Repository
   SESSION_CACHE_TTL_MS: 30 * 1000, // 30 seconds
 
-  // Request Limits
+  // Request Limits - More lenient for better UX
   RATE_LIMIT_WINDOW_MS: 15 * 60 * 1000, // 15 minutes
-  RATE_LIMIT_MAX_REQUESTS: 5,
+  RATE_LIMIT_MAX_REQUESTS: 15, // Increased from 5 to 15 for better UX
   REQUEST_TIMEOUT_MS: 30 * 1000 // 30 seconds
 };

package/src/middleware/rateLimiting.js

@@ -1,5 +1,4 @@
 const rateLimit = require('express-rate-limit');
-const config = require('../config');
 
 // Global rate limiting for all routes
 const globalLimiter = rateLimit({
@@ -8,14 +7,34 @@ const globalLimiter = rateLimit({
   message: { error: 'Too many requests. Please try again later.' },
   standardHeaders: true,
   legacyHeaders: false,
-  skip: (req) => req.path.startsWith('/public') // Skip static files
+  skip: (req) => {
+    // Skip static files
+    if (req.path.startsWith('/public')) return true;
+
+    // Skip insight status checks (GET requests)
+    if (req.method === 'GET' && req.path.includes('/insight')) return true;
+
+    return false;
+  }
+});
+
+// Rate limiting for insight generation (stricter for POST)
+const insightGenerationLimiter = rateLimit({
+  windowMs: 5 * 60 * 1000, // 5 minutes (shorter window)
+  max: 3, // 3 generations per 5-minute window (expensive operations)
+  message: {
+    error: 'Too many insight generation requests. Please wait 5 minutes before generating another insight.',
+    retryAfter: 5 * 60 // 5 minutes in seconds
+  },
+  standardHeaders: true,
+  legacyHeaders: false
 });
 
-// Rate limiting for insight generation (stricter)
-const insightLimiter = rateLimit({
-  windowMs: config.RATE_LIMIT_WINDOW_MS,
-  max: config.RATE_LIMIT_MAX_REQUESTS,
-  message: { error: 'Too many insight generation requests. Please try again later.' },
+// Rate limiting for insight status/retrieval (very lenient for GET/DELETE)
+const insightAccessLimiter = rateLimit({
+  windowMs: 1 * 60 * 1000, // 1 minute (shorter window)
+  max: 50, // 50 requests per minute (very lenient)
+  message: { error: 'Too many insight requests. Please try again in a minute.' },
   standardHeaders: true,
   legacyHeaders: false
 });
@@ -31,6 +50,7 @@ const uploadLimiter = rateLimit({
 
 module.exports = {
   globalLimiter,
-  insightLimiter,
+  insightGenerationLimiter,
+  insightAccessLimiter,
   uploadLimiter
 };

package/src/services/insightService.js

@@ -24,8 +24,8 @@ class InsightService {
    */
   async generateInsight(sessionId, forceRegenerate = false) {
     const sessionPath = path.join(this.sessionDir, sessionId);
-    const insightFile = path.join(sessionPath, 'insight-report.md');
-    const lockFile = path.join(sessionPath, 'insight-report.md.lock');
+    const insightFile = path.join(sessionPath, 'copilot-insight.md');
+    const lockFile = path.join(sessionPath, 'copilot-insight.md.lock');
     const eventsFile = path.join(sessionPath, 'events.jsonl');
 
     // Check if complete insight exists
@@ -65,7 +65,8 @@ class InsightService {
               status: 'generating',
               report: '# Generating Copilot Insight...\n\nAnother request is currently generating this insight. Please wait.',
               startedAt: lockStats.birthtime,
-              lastUpdate: lockStats.mtime
+              lastUpdate: lockStats.mtime,
+              ageMs: Date.now() - lockStats.birthtime.getTime()
             };
           }
           
@@ -123,7 +124,7 @@ class InsightService {
     await fs.mkdir(tmpDir, { recursive: true });
 
     const prompt = this._buildPrompt();
-    const outputFile = path.join(sessionPath, 'insight-report.md.tmp');
+    const outputFile = path.join(sessionPath, 'copilot-insight.md.tmp');
 
     // Spawn copilot directly (no shell)
     const copilotPath = 'copilot';
@@ -201,42 +202,18 @@ class InsightService {
    * @private
    */
   _buildPrompt() {
-    return `Analyze this GitHub Copilot CLI session data (JSONL format, one event per line) and generate a deep, actionable insight report.
+    return `Analyze this GitHub Copilot CLI session data (JSONL format) and produce a concise insight.
 
-CRITICAL: Output ONLY the analysis report. Do NOT include thinking blocks, reasoning steps, or meta-commentary about your analysis process. Go straight to insights.
+CRITICAL CONSTRAINTS:
+- Your ENTIRE output must be UNDER 500 characters (not words — characters, including spaces and punctuation).
+- Output ONLY the analysis. No thinking blocks, no meta-commentary.
 
-Focus on:
-1. **Session Health Score** (0-100): Calculate based on success rate, completion rate, and performance
-   - Red flags: error rate >50%, incomplete sub-agents, timeout patterns
-   
-2. **Critical Issues** (if any):
-   - What went wrong and why (root cause analysis)
-   - Impact on user workflow
-   - Specific failing patterns (e.g., "all 'create' calls missing file_text parameter")
+Include:
+1. **Health Score** (0-100) based on success/error rates
+2. **Top Issue**: The single most impactful problem with root cause
+3. **Key Recommendation**: One specific, actionable improvement
 
-3. **Performance Bottlenecks**:
-   - Slowest operations with timing data
-   - Where LLM is spending most time
-   - Tool execution delays vs LLM thinking time
-
-4. **Sub-Agent Effectiveness**:
-   - Which sub-agents succeeded/failed and why
-   - Completion patterns and failure points
-   - Resource utilization (tool calls per sub-agent)
-
-5. **Tool Usage Intelligence**:
-   - Most/least used tools
-   - Error patterns per tool type
-   - Unused but potentially helpful tools
-
-6. **Workflow Recommendations**:
-   - Actionable improvements (specific, not generic)
-   - Configuration tuning suggestions
-   - Anti-patterns detected
-
-Use data-driven language with specific numbers. Be critical, not descriptive. Focus on "why" and "what to do" rather than "what happened".
-
-Output in clean Markdown with ## headers. Keep it concise but insightful (<2000 words).`;
+Be data-driven with specific numbers. No filler or generic advice.`;
   }
 
   /**
@@ -261,8 +238,8 @@ Output in clean Markdown with ## headers. Keep it concise but insightful (<2000
    */
   async getInsightStatus(sessionId) {
     const sessionPath = path.join(this.sessionDir, sessionId);
-    const insightFile = path.join(sessionPath, 'insight-report.md');
-    const lockFile = path.join(sessionPath, 'insight-report.md.lock');
+    const insightFile = path.join(sessionPath, 'copilot-insight.md');
+    const lockFile = path.join(sessionPath, 'copilot-insight.md.lock');
 
     try {
       const report = await fs.readFile(insightFile, 'utf-8');
@@ -280,7 +257,8 @@ Output in clean Markdown with ## headers. Keep it concise but insightful (<2000
         return {
           status: 'generating',
           startedAt: stats.birthtime,
-          lastUpdate: stats.mtime
+          lastUpdate: stats.mtime,
+          ageMs: Date.now() - stats.birthtime.getTime()
         };
       } catch (_lockErr) {
         return { status: 'not_started' };
@@ -293,8 +271,8 @@ Output in clean Markdown with ## headers. Keep it concise but insightful (<2000
    */
   async deleteInsight(sessionId) {
     const sessionPath = path.join(this.sessionDir, sessionId);
-    const insightFile = path.join(sessionPath, 'insight-report.md');
-    
+    const insightFile = path.join(sessionPath, 'copilot-insight.md');
+
     try {
       await fs.unlink(insightFile);
       return { success: true };

package/src/services/sessionRepository.js

@@ -85,7 +85,7 @@ class SessionRepository {
     const workspaceFile = path.join(fullPath, 'workspace.yaml');
     const eventsFile = path.join(fullPath, 'events.jsonl');
     const importedMarkerFile = path.join(fullPath, '.imported');
-    const insightReportFile = path.join(fullPath, 'insight-report.md');
+    const insightReportFile = path.join(fullPath, 'copilot-insight.md');
 
     // Check if workspace.yaml exists
     if (!await fileExists(workspaceFile)) {