@supaku/agentfactory-server 0.7.18 → 0.7.19

package/dist/src/index.d.ts

@@ -18,4 +18,7 @@ export * from './governor-storage.js';
 export * from './processing-state-storage.js';
 export * from './governor-event-bus.js';
 export * from './governor-dedup.js';
+export * from './redis-rate-limiter.js';
+export * from './redis-circuit-breaker.js';
+export * from './quota-tracker.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/src/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,cAAc,aAAa,CAAA;AAG3B,cAAc,YAAY,CAAA;AAG1B,cAAc,YAAY,CAAA;AAG1B,cAAc,sBAAsB,CAAA;AAGpC,cAAc,iBAAiB,CAAA;AAG/B,cAAc,qBAAqB,CAAA;AAGnC,cAAc,iBAAiB,CAAA;AAG/B,cAAc,qBAAqB,CAAA;AAGnC,cAAc,0BAA0B,CAAA;AAGxC,cAAc,sBAAsB,CAAA;AAGpC,cAAc,qBAAqB,CAAA;AAGnC,cAAc,kBAAkB,CAAA;AAGhC,cAAc,mBAAmB,CAAA;AAGjC,cAAc,iBAAiB,CAAA;AAG/B,cAAc,oBAAoB,CAAA;AAGlC,cAAc,qBAAqB,CAAA;AAGnC,cAAc,uBAAuB,CAAA;AAGrC,cAAc,+BAA+B,CAAA;AAG7C,cAAc,yBAAyB,CAAA;AAGvC,cAAc,qBAAqB,CAAA"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,cAAc,aAAa,CAAA;AAG3B,cAAc,YAAY,CAAA;AAG1B,cAAc,YAAY,CAAA;AAG1B,cAAc,sBAAsB,CAAA;AAGpC,cAAc,iBAAiB,CAAA;AAG/B,cAAc,qBAAqB,CAAA;AAGnC,cAAc,iBAAiB,CAAA;AAG/B,cAAc,qBAAqB,CAAA;AAGnC,cAAc,0BAA0B,CAAA;AAGxC,cAAc,sBAAsB,CAAA;AAGpC,cAAc,qBAAqB,CAAA;AAGnC,cAAc,kBAAkB,CAAA;AAGhC,cAAc,mBAAmB,CAAA;AAGjC,cAAc,iBAAiB,CAAA;AAG/B,cAAc,oBAAoB,CAAA;AAGlC,cAAc,qBAAqB,CAAA;AAGnC,cAAc,uBAAuB,CAAA;AAGrC,cAAc,+BAA+B,CAAA;AAG7C,cAAc,yBAAyB,CAAA;AAGvC,cAAc,qBAAqB,CAAA;AAGnC,cAAc,yBAAyB,CAAA;AAGvC,cAAc,4BAA4B,CAAA;AAG1C,cAAc,oBAAoB,CAAA"}

package/dist/src/index.js

@@ -38,3 +38,9 @@ export * from './processing-state-storage.js';
 export * from './governor-event-bus.js';
 // Governor event deduplicator (Redis SETNX)
 export * from './governor-dedup.js';
+// Redis-backed Linear API rate limiter (shared across processes)
+export * from './redis-rate-limiter.js';
+// Redis-backed circuit breaker (shared across processes)
+export * from './redis-circuit-breaker.js';
+// Linear API quota tracker (reads rate limit headers)
+export * from './quota-tracker.js';

package/dist/src/quota-tracker.d.ts

@@ -0,0 +1,62 @@
+/**
+ * Linear API Quota Tracker
+ *
+ * Stores Linear's rate limit response headers in Redis so any component
+ * can check the remaining budget before making a call.
+ *
+ * Redis keys:
+ * - `linear:quota:{workspaceId}:requests_remaining`
+ * - `linear:quota:{workspaceId}:complexity_remaining`
+ * - `linear:quota:{workspaceId}:requests_reset`  (timestamp)
+ * - `linear:quota:{workspaceId}:updated_at`       (timestamp)
+ *
+ * Usage:
+ * - After every Linear API call, call `recordQuota()` with response headers
+ * - Before making a call, check `getQuota()` to see remaining budget
+ * - If `requestsRemaining < LOW_QUOTA_THRESHOLD`, the rate limiter
+ *   should proactively throttle
+ */
+/** Threshold below which we should proactively throttle */
+export declare const LOW_QUOTA_THRESHOLD = 500;
+export interface LinearQuotaSnapshot {
+    /** Remaining request quota (from X-RateLimit-Requests-Remaining) */
+    requestsRemaining: number | null;
+    /** Remaining complexity quota (from X-RateLimit-Complexity-Remaining) */
+    complexityRemaining: number | null;
+    /** Timestamp when request quota resets (from X-RateLimit-Requests-Reset) */
+    requestsReset: number | null;
+    /** When this snapshot was last updated */
+    updatedAt: number;
+}
+/**
+ * Record quota information from Linear API response headers.
+ *
+ * Call this after every successful Linear API response.
+ */
+export declare function recordQuota(workspaceId: string, headers: {
+    requestsRemaining?: string | number | null;
+    complexityRemaining?: string | number | null;
+    requestsReset?: string | number | null;
+}): Promise<void>;
+/**
+ * Get the current quota snapshot for a workspace.
+ */
+export declare function getQuota(workspaceId: string): Promise<LinearQuotaSnapshot>;
+/**
+ * Check if quota is critically low for a workspace.
+ *
+ * Returns true if we know the quota is below the threshold.
+ * Returns false if quota is healthy or unknown (fail open).
+ */
+export declare function isQuotaLow(workspaceId: string): Promise<boolean>;
+/**
+ * Extract quota headers from a Linear API response.
+ *
+ * Works with both fetch Response objects and plain header objects.
+ */
+export declare function extractQuotaHeaders(response: unknown): {
+    requestsRemaining?: string;
+    complexityRemaining?: string;
+    requestsReset?: string;
+};
+//# sourceMappingURL=quota-tracker.d.ts.map

package/dist/src/quota-tracker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"quota-tracker.d.ts","sourceRoot":"","sources":["../../src/quota-tracker.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAOH,2DAA2D;AAC3D,eAAO,MAAM,mBAAmB,MAAM,CAAA;AAKtC,MAAM,WAAW,mBAAmB;IAClC,oEAAoE;IACpE,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAA;IAChC,yEAAyE;IACzE,mBAAmB,EAAE,MAAM,GAAG,IAAI,CAAA;IAClC,4EAA4E;IAC5E,aAAa,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,0CAA0C;IAC1C,SAAS,EAAE,MAAM,CAAA;CAClB;AAED;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE;IACP,iBAAiB,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;IAC1C,mBAAmB,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;IAC5C,aAAa,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;CACvC,GACA,OAAO,CAAC,IAAI,CAAC,CAgDf;AAED;;GAEG;AACH,wBAAsB,QAAQ,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAiChF;AAED;;;;;GAKG;AACH,wBAAsB,UAAU,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAUtE;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,OAAO,GAAG;IACtD,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB,CAkCA"}

package/dist/src/quota-tracker.js

@@ -0,0 +1,155 @@
+/**
+ * Linear API Quota Tracker
+ *
+ * Stores Linear's rate limit response headers in Redis so any component
+ * can check the remaining budget before making a call.
+ *
+ * Redis keys:
+ * - `linear:quota:{workspaceId}:requests_remaining`
+ * - `linear:quota:{workspaceId}:complexity_remaining`
+ * - `linear:quota:{workspaceId}:requests_reset`  (timestamp)
+ * - `linear:quota:{workspaceId}:updated_at`       (timestamp)
+ *
+ * Usage:
+ * - After every Linear API call, call `recordQuota()` with response headers
+ * - Before making a call, check `getQuota()` to see remaining budget
+ * - If `requestsRemaining < LOW_QUOTA_THRESHOLD`, the rate limiter
+ *   should proactively throttle
+ */
+import { getRedisClient } from './redis.js';
+import { createLogger } from './logger.js';
+const log = createLogger('quota-tracker');
+/** Threshold below which we should proactively throttle */
+export const LOW_QUOTA_THRESHOLD = 500;
+/** Default quota TTL in Redis (2 hours, matching Linear's hourly reset) */
+const QUOTA_TTL_SECONDS = 7200;
+/**
+ * Record quota information from Linear API response headers.
+ *
+ * Call this after every successful Linear API response.
+ */
+export async function recordQuota(workspaceId, headers) {
+    try {
+        const redis = getRedisClient();
+        const prefix = `linear:quota:${workspaceId}`;
+        const pipeline = redis.pipeline();
+        const now = Date.now();
+        if (headers.requestsRemaining != null) {
+            const value = String(headers.requestsRemaining);
+            pipeline.set(`${prefix}:requests_remaining`, value, 'EX', QUOTA_TTL_SECONDS);
+            const remaining = parseInt(value, 10);
+            if (!isNaN(remaining) && remaining < LOW_QUOTA_THRESHOLD) {
+                log.warn('Linear quota running low', {
+                    workspaceId,
+                    requestsRemaining: remaining,
+                });
+            }
+        }
+        if (headers.complexityRemaining != null) {
+            pipeline.set(`${prefix}:complexity_remaining`, String(headers.complexityRemaining), 'EX', QUOTA_TTL_SECONDS);
+        }
+        if (headers.requestsReset != null) {
+            pipeline.set(`${prefix}:requests_reset`, String(headers.requestsReset), 'EX', QUOTA_TTL_SECONDS);
+        }
+        pipeline.set(`${prefix}:updated_at`, String(now), 'EX', QUOTA_TTL_SECONDS);
+        await pipeline.exec();
+    }
+    catch (err) {
+        // Non-critical — log and continue
+        log.error('Failed to record quota', {
+            workspaceId,
+            error: err instanceof Error ? err.message : String(err),
+        });
+    }
+}
+/**
+ * Get the current quota snapshot for a workspace.
+ */
+export async function getQuota(workspaceId) {
+    try {
+        const redis = getRedisClient();
+        const prefix = `linear:quota:${workspaceId}`;
+        const [requestsRemaining, complexityRemaining, requestsReset, updatedAt] = await Promise.all([
+            redis.get(`${prefix}:requests_remaining`),
+            redis.get(`${prefix}:complexity_remaining`),
+            redis.get(`${prefix}:requests_reset`),
+            redis.get(`${prefix}:updated_at`),
+        ]);
+        return {
+            requestsRemaining: requestsRemaining ? parseInt(requestsRemaining, 10) : null,
+            complexityRemaining: complexityRemaining
+                ? parseInt(complexityRemaining, 10)
+                : null,
+            requestsReset: requestsReset ? parseInt(requestsReset, 10) : null,
+            updatedAt: updatedAt ? parseInt(updatedAt, 10) : 0,
+        };
+    }
+    catch (err) {
+        log.error('Failed to get quota', {
+            workspaceId,
+            error: err instanceof Error ? err.message : String(err),
+        });
+        return {
+            requestsRemaining: null,
+            complexityRemaining: null,
+            requestsReset: null,
+            updatedAt: 0,
+        };
+    }
+}
+/**
+ * Check if quota is critically low for a workspace.
+ *
+ * Returns true if we know the quota is below the threshold.
+ * Returns false if quota is healthy or unknown (fail open).
+ */
+export async function isQuotaLow(workspaceId) {
+    const quota = await getQuota(workspaceId);
+    if (quota.requestsRemaining === null)
+        return false; // unknown = allow
+    // Check staleness — if data is older than 5 minutes, don't trust it
+    const staleThreshold = 5 * 60 * 1000;
+    if (Date.now() - quota.updatedAt > staleThreshold)
+        return false;
+    return quota.requestsRemaining < LOW_QUOTA_THRESHOLD;
+}
+/**
+ * Extract quota headers from a Linear API response.
+ *
+ * Works with both fetch Response objects and plain header objects.
+ */
+export function extractQuotaHeaders(response) {
+    const result = {};
+    if (typeof response !== 'object' || response === null)
+        return result;
+    const resp = response;
+    // Try fetch-style Response with .headers.get()
+    const headers = resp.headers;
+    if (headers) {
+        if (typeof headers.get === 'function') {
+            const getHeader = headers.get;
+            const rr = getHeader.call(headers, 'x-ratelimit-requests-remaining');
+            const cr = getHeader.call(headers, 'x-ratelimit-complexity-remaining');
+            const rs = getHeader.call(headers, 'x-ratelimit-requests-reset');
+            if (rr)
+                result.requestsRemaining = rr;
+            if (cr)
+                result.complexityRemaining = cr;
+            if (rs)
+                result.requestsReset = rs;
+        }
+        else {
+            // Plain object headers
+            const rr = headers['x-ratelimit-requests-remaining'];
+            const cr = headers['x-ratelimit-complexity-remaining'];
+            const rs = headers['x-ratelimit-requests-reset'];
+            if (rr)
+                result.requestsRemaining = rr;
+            if (cr)
+                result.complexityRemaining = cr;
+            if (rs)
+                result.requestsReset = rs;
+        }
+    }
+    return result;
+}

package/dist/src/redis-circuit-breaker.d.ts

@@ -0,0 +1,67 @@
+/**
+ * Redis Circuit Breaker
+ *
+ * Shares circuit breaker state across processes via Redis.
+ * All processes (dashboard, governor, CLI agents) see the same
+ * circuit state for a workspace.
+ *
+ * Redis keys:
+ * - `linear:circuit:{workspaceId}:state`    — 'closed' | 'open' | 'half-open'
+ * - `linear:circuit:{workspaceId}:failures` — consecutive failure count (with TTL)
+ * - `linear:circuit:{workspaceId}:opened_at` — timestamp when circuit was opened
+ * - `linear:circuit:{workspaceId}:reset_timeout` — current reset timeout (for backoff)
+ *
+ * Implements CircuitBreakerStrategy from @supaku/agentfactory-linear
+ * so it can be injected into LinearAgentClient.
+ */
+import type { CircuitBreakerStrategy, CircuitBreakerConfig } from '@supaku/agentfactory-linear';
+export interface RedisCircuitBreakerConfig extends CircuitBreakerConfig {
+    /** Workspace-specific key prefix */
+    workspaceId: string;
+}
+export declare class RedisCircuitBreaker implements CircuitBreakerStrategy {
+    private readonly config;
+    private readonly keyPrefix;
+    constructor(config: Partial<RedisCircuitBreakerConfig> & {
+        workspaceId: string;
+    });
+    private get stateKey();
+    private get failuresKey();
+    private get openedAtKey();
+    private get resetTimeoutKey();
+    /**
+     * Check if a call is allowed to proceed.
+     */
+    canProceed(): Promise<boolean>;
+    /**
+     * Record a successful API call. Resets the circuit to closed.
+     */
+    recordSuccess(): Promise<void>;
+    /**
+     * Record an auth failure. May trip the circuit to open.
+     */
+    recordAuthFailure(statusCode: number): Promise<void>;
+    /**
+     * Check if an error is an auth/rate-limit error.
+     * Reuses the same detection logic as the in-memory CircuitBreaker.
+     */
+    isAuthError(error: unknown): boolean;
+    /**
+     * Reset the circuit breaker to closed state.
+     */
+    reset(): Promise<void>;
+    /**
+     * Get diagnostic info for monitoring.
+     */
+    getStatus(): Promise<{
+        state: string;
+        failures: number;
+        openedAt: number | null;
+        currentResetTimeoutMs: number;
+    }>;
+}
+/**
+ * Create a Redis circuit breaker for a specific workspace.
+ */
+export declare function createRedisCircuitBreaker(workspaceId: string, config?: Partial<Omit<RedisCircuitBreakerConfig, 'workspaceId'>>): RedisCircuitBreaker;
+//# sourceMappingURL=redis-circuit-breaker.d.ts.map

package/dist/src/redis-circuit-breaker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis-circuit-breaker.d.ts","sourceRoot":"","sources":["../../src/redis-circuit-breaker.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAIH,OAAO,KAAK,EAAE,sBAAsB,EAAE,oBAAoB,EAAE,MAAM,6BAA6B,CAAA;AAI/F,MAAM,WAAW,yBAA0B,SAAQ,oBAAoB;IACrE,oCAAoC;IACpC,WAAW,EAAE,MAAM,CAAA;CACpB;AA6GD,qBAAa,mBAAoB,YAAW,sBAAsB;IAChE,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA2B;IAClD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAQ;gBAEtB,MAAM,EAAE,OAAO,CAAC,yBAAyB,CAAC,GAAG;QAAE,WAAW,EAAE,MAAM,CAAA;KAAE;IAKhF,OAAO,KAAK,QAAQ,GAEnB;IACD,OAAO,KAAK,WAAW,GAEtB;IACD,OAAO,KAAK,WAAW,GAEtB;IACD,OAAO,KAAK,eAAe,GAE1B;IAED;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC;IAuBpC;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAgBpC;;OAEG;IACG,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkC1D;;;OAGG;IACH,WAAW,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO;IAsCpC;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAgB5B;;OAEG;IACG,SAAS,IAAI,OAAO,CAAC;QACzB,KAAK,EAAE,MAAM,CAAA;QACb,QAAQ,EAAE,MAAM,CAAA;QAChB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;QACvB,qBAAqB,EAAE,MAAM,CAAA;KAC9B,CAAC;CA2BH;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CACvC,WAAW,EAAE,MAAM,EACnB,MAAM,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,yBAAyB,EAAE,aAAa,CAAC,CAAC,GAC/D,mBAAmB,CAErB"}

package/dist/src/redis-circuit-breaker.js

@@ -0,0 +1,294 @@
+/**
+ * Redis Circuit Breaker
+ *
+ * Shares circuit breaker state across processes via Redis.
+ * All processes (dashboard, governor, CLI agents) see the same
+ * circuit state for a workspace.
+ *
+ * Redis keys:
+ * - `linear:circuit:{workspaceId}:state`    — 'closed' | 'open' | 'half-open'
+ * - `linear:circuit:{workspaceId}:failures` — consecutive failure count (with TTL)
+ * - `linear:circuit:{workspaceId}:opened_at` — timestamp when circuit was opened
+ * - `linear:circuit:{workspaceId}:reset_timeout` — current reset timeout (for backoff)
+ *
+ * Implements CircuitBreakerStrategy from @supaku/agentfactory-linear
+ * so it can be injected into LinearAgentClient.
+ */
+import { getRedisClient } from './redis.js';
+import { createLogger } from './logger.js';
+const log = createLogger('redis-circuit-breaker');
+const DEFAULT_CONFIG = {
+    failureThreshold: 2,
+    resetTimeoutMs: 60_000,
+    maxResetTimeoutMs: 300_000,
+    backoffMultiplier: 2,
+    authErrorCodes: [400, 401, 403],
+};
+/**
+ * Lua script for atomic circuit breaker state check.
+ *
+ * KEYS[1] = state key
+ * KEYS[2] = opened_at key
+ * KEYS[3] = reset_timeout key
+ * ARGV[1] = current timestamp (ms)
+ * ARGV[2] = default reset timeout (ms)
+ *
+ * Returns: 1 if call can proceed, 0 if blocked, 2 if probe (half-open)
+ */
+const CAN_PROCEED_LUA = `
+local stateKey = KEYS[1]
+local openedAtKey = KEYS[2]
+local resetTimeoutKey = KEYS[3]
+local now = tonumber(ARGV[1])
+local defaultResetTimeout = tonumber(ARGV[2])
+
+local state = redis.call('GET', stateKey)
+
+-- Closed or no state: allow
+if state == false or state == 'closed' then
+  return 1
+end
+
+-- Open: check if reset timeout has elapsed
+if state == 'open' then
+  local openedAt = tonumber(redis.call('GET', openedAtKey)) or 0
+  local resetTimeout = tonumber(redis.call('GET', resetTimeoutKey)) or defaultResetTimeout
+
+  if (now - openedAt) >= resetTimeout then
+    -- Transition to half-open: allow one probe
+    redis.call('SET', stateKey, 'half-open', 'EX', 3600)
+    return 2
+  end
+
+  return 0
+end
+
+-- Half-open: block (probe already in flight)
+-- The first caller to see 'open' -> 'half-open' transition gets the probe
+if state == 'half-open' then
+  return 0
+end
+
+return 1
+`;
+/**
+ * Lua script for recording auth failure.
+ *
+ * KEYS[1] = state key
+ * KEYS[2] = failures key
+ * KEYS[3] = opened_at key
+ * KEYS[4] = reset_timeout key
+ * ARGV[1] = failure threshold
+ * ARGV[2] = current timestamp (ms)
+ * ARGV[3] = default reset timeout (ms)
+ * ARGV[4] = backoff multiplier
+ * ARGV[5] = max reset timeout (ms)
+ *
+ * Returns: new state ('closed', 'open')
+ */
+const RECORD_FAILURE_LUA = `
+local stateKey = KEYS[1]
+local failuresKey = KEYS[2]
+local openedAtKey = KEYS[3]
+local resetTimeoutKey = KEYS[4]
+local threshold = tonumber(ARGV[1])
+local now = tonumber(ARGV[2])
+local defaultResetTimeout = tonumber(ARGV[3])
+local backoffMultiplier = tonumber(ARGV[4])
+local maxResetTimeout = tonumber(ARGV[5])
+
+local state = redis.call('GET', stateKey) or 'closed'
+local failures = tonumber(redis.call('INCR', failuresKey))
+redis.call('EXPIRE', failuresKey, 3600)
+
+-- If half-open: probe failed, reopen with backoff
+if state == 'half-open' then
+  local currentTimeout = tonumber(redis.call('GET', resetTimeoutKey)) or defaultResetTimeout
+  local newTimeout = math.min(currentTimeout * backoffMultiplier, maxResetTimeout)
+  redis.call('SET', stateKey, 'open', 'EX', 3600)
+  redis.call('SET', openedAtKey, tostring(now), 'EX', 3600)
+  redis.call('SET', resetTimeoutKey, tostring(newTimeout), 'EX', 3600)
+  return 'open'
+end
+
+-- If closed and at threshold: trip to open
+if failures >= threshold then
+  redis.call('SET', stateKey, 'open', 'EX', 3600)
+  redis.call('SET', openedAtKey, tostring(now), 'EX', 3600)
+  redis.call('SET', resetTimeoutKey, tostring(defaultResetTimeout), 'EX', 3600)
+  return 'open'
+end
+
+return 'closed'
+`;
+export class RedisCircuitBreaker {
+    config;
+    keyPrefix;
+    constructor(config) {
+        this.config = { ...DEFAULT_CONFIG, ...config };
+        this.keyPrefix = `linear:circuit:${this.config.workspaceId}`;
+    }
+    get stateKey() {
+        return `${this.keyPrefix}:state`;
+    }
+    get failuresKey() {
+        return `${this.keyPrefix}:failures`;
+    }
+    get openedAtKey() {
+        return `${this.keyPrefix}:opened_at`;
+    }
+    get resetTimeoutKey() {
+        return `${this.keyPrefix}:reset_timeout`;
+    }
+    /**
+     * Check if a call is allowed to proceed.
+     */
+    async canProceed() {
+        try {
+            const redis = getRedisClient();
+            const result = await redis.eval(CAN_PROCEED_LUA, 3, this.stateKey, this.openedAtKey, this.resetTimeoutKey, String(Date.now()), String(this.config.resetTimeoutMs));
+            // 1 = closed (allow), 2 = half-open probe (allow), 0 = blocked
+            return result === 1 || result === 2;
+        }
+        catch (err) {
+            // If Redis is down, allow the request (fail open for circuit breaker)
+            log.error('Redis circuit breaker error, failing open', {
+                error: err instanceof Error ? err.message : String(err),
+            });
+            return true;
+        }
+    }
+    /**
+     * Record a successful API call. Resets the circuit to closed.
+     */
+    async recordSuccess() {
+        try {
+            const redis = getRedisClient();
+            const pipeline = redis.pipeline();
+            pipeline.set(this.stateKey, 'closed', 'EX', 3600);
+            pipeline.del(this.failuresKey);
+            pipeline.del(this.openedAtKey);
+            pipeline.del(this.resetTimeoutKey);
+            await pipeline.exec();
+        }
+        catch (err) {
+            log.error('Failed to record circuit breaker success', {
+                error: err instanceof Error ? err.message : String(err),
+            });
+        }
+    }
+    /**
+     * Record an auth failure. May trip the circuit to open.
+     */
+    async recordAuthFailure(statusCode) {
+        if (!this.config.authErrorCodes.includes(statusCode)) {
+            return;
+        }
+        try {
+            const redis = getRedisClient();
+            const result = await redis.eval(RECORD_FAILURE_LUA, 4, this.stateKey, this.failuresKey, this.openedAtKey, this.resetTimeoutKey, String(this.config.failureThreshold), String(Date.now()), String(this.config.resetTimeoutMs), String(this.config.backoffMultiplier), String(this.config.maxResetTimeoutMs));
+            if (result === 'open') {
+                log.warn('Circuit breaker tripped to OPEN', {
+                    workspaceId: this.config.workspaceId,
+                    statusCode,
+                });
+            }
+        }
+        catch (err) {
+            log.error('Failed to record circuit breaker failure', {
+                error: err instanceof Error ? err.message : String(err),
+            });
+        }
+    }
+    /**
+     * Check if an error is an auth/rate-limit error.
+     * Reuses the same detection logic as the in-memory CircuitBreaker.
+     */
+    isAuthError(error) {
+        if (typeof error !== 'object' || error === null)
+            return false;
+        const err = error;
+        // Check HTTP status code
+        const statusCode = (typeof err.status === 'number' ? err.status : undefined) ??
+            (typeof err.statusCode === 'number' ? err.statusCode : undefined) ??
+            (typeof err.response?.status === 'number'
+                ? err.response.status
+                : undefined);
+        if (statusCode !== undefined && this.config.authErrorCodes.includes(statusCode)) {
+            return true;
+        }
+        // Check for GraphQL RATELIMITED
+        const extensions = err.extensions;
+        if (extensions?.code === 'RATELIMITED')
+            return true;
+        const errors = err.errors;
+        if (Array.isArray(errors)) {
+            for (const gqlError of errors) {
+                const ext = gqlError.extensions;
+                if (ext?.code === 'RATELIMITED')
+                    return true;
+            }
+        }
+        // Check error message patterns
+        const message = err.message ?? '';
+        if (/access denied|unauthorized|forbidden|RATELIMITED/i.test(message)) {
+            return true;
+        }
+        return false;
+    }
+    /**
+     * Reset the circuit breaker to closed state.
+     */
+    async reset() {
+        try {
+            const redis = getRedisClient();
+            const pipeline = redis.pipeline();
+            pipeline.set(this.stateKey, 'closed', 'EX', 3600);
+            pipeline.del(this.failuresKey);
+            pipeline.del(this.openedAtKey);
+            pipeline.del(this.resetTimeoutKey);
+            await pipeline.exec();
+        }
+        catch (err) {
+            log.error('Failed to reset circuit breaker', {
+                error: err instanceof Error ? err.message : String(err),
+            });
+        }
+    }
+    /**
+     * Get diagnostic info for monitoring.
+     */
+    async getStatus() {
+        try {
+            const redis = getRedisClient();
+            const [state, failures, openedAt, resetTimeout] = await Promise.all([
+                redis.get(this.stateKey),
+                redis.get(this.failuresKey),
+                redis.get(this.openedAtKey),
+                redis.get(this.resetTimeoutKey),
+            ]);
+            return {
+                state: state ?? 'closed',
+                failures: failures ? parseInt(failures, 10) : 0,
+                openedAt: openedAt ? parseInt(openedAt, 10) : null,
+                currentResetTimeoutMs: resetTimeout
+                    ? parseInt(resetTimeout, 10)
+                    : this.config.resetTimeoutMs,
+            };
+        }
+        catch {
+            return {
+                state: 'unknown',
+                failures: -1,
+                openedAt: null,
+                currentResetTimeoutMs: this.config.resetTimeoutMs,
+            };
+        }
+    }
+}
+/**
+ * Create a Redis circuit breaker for a specific workspace.
+ */
+export function createRedisCircuitBreaker(workspaceId, config) {
+    return new RedisCircuitBreaker({ ...config, workspaceId });
+}

package/dist/src/redis-rate-limiter.d.ts

@@ -0,0 +1,51 @@
+/**
+ * Redis Token Bucket Rate Limiter
+ *
+ * Atomic token bucket implementation using Redis + Lua script.
+ * All processes (dashboard, governor, CLI agents) share one bucket
+ * keyed by `linear:rate-limit:{workspaceId}`.
+ *
+ * Implements RateLimiterStrategy from @supaku/agentfactory-linear
+ * so it can be injected into LinearAgentClient.
+ */
+import type { RateLimiterStrategy } from '@supaku/agentfactory-linear';
+export interface RedisTokenBucketConfig {
+    /** Redis key for this bucket (default: 'linear:rate-limit:default') */
+    key: string;
+    /** Maximum tokens (burst capacity). Default: 80 */
+    maxTokens: number;
+    /** Tokens added per second. Default: 1.5 (~90/min) */
+    refillRate: number;
+    /** Maximum time to wait for a token before throwing (ms). Default: 30_000 */
+    acquireTimeoutMs: number;
+    /** Polling interval when waiting for tokens (ms). Default: 500 */
+    pollIntervalMs: number;
+}
+export declare const DEFAULT_REDIS_RATE_LIMIT_CONFIG: RedisTokenBucketConfig;
+export declare class RedisTokenBucket implements RateLimiterStrategy {
+    private readonly config;
+    constructor(config?: Partial<RedisTokenBucketConfig>);
+    /**
+     * Acquire a single token. Polls Redis until a token is available
+     * or the acquire timeout is reached.
+     */
+    acquire(): Promise<void>;
+    /**
+     * Penalize the bucket after receiving a rate limit response.
+     * Drains all tokens and sets a penalty period.
+     */
+    penalize(seconds: number): Promise<void>;
+    /**
+     * Try to acquire a token atomically. Returns true if acquired.
+     */
+    private tryAcquire;
+    /**
+     * Get the current token count (for monitoring).
+     */
+    getAvailableTokens(): Promise<number>;
+}
+/**
+ * Create a Redis token bucket for a specific workspace.
+ */
+export declare function createRedisTokenBucket(workspaceId: string, config?: Partial<Omit<RedisTokenBucketConfig, 'key'>>): RedisTokenBucket;
+//# sourceMappingURL=redis-rate-limiter.d.ts.map

package/dist/src/redis-rate-limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis-rate-limiter.d.ts","sourceRoot":"","sources":["../../src/redis-rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAA;AAItE,MAAM,WAAW,sBAAsB;IACrC,uEAAuE;IACvE,GAAG,EAAE,MAAM,CAAA;IACX,mDAAmD;IACnD,SAAS,EAAE,MAAM,CAAA;IACjB,sDAAsD;IACtD,UAAU,EAAE,MAAM,CAAA;IAClB,6EAA6E;IAC7E,gBAAgB,EAAE,MAAM,CAAA;IACxB,kEAAkE;IAClE,cAAc,EAAE,MAAM,CAAA;CACvB;AAED,eAAO,MAAM,+BAA+B,EAAE,sBAM7C,CAAA;AAyED,qBAAa,gBAAiB,YAAW,mBAAmB;IAC1D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAwB;gBAEnC,MAAM,CAAC,EAAE,OAAO,CAAC,sBAAsB,CAAC;IAIpD;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAqB9B;;;OAGG;IACG,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkB9C;;OAEG;YACW,UAAU;IAqBxB;;OAEG;IACG,kBAAkB,IAAI,OAAO,CAAC,MAAM,CAAC;CAS5C;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CACpC,WAAW,EAAE,MAAM,EACnB,MAAM,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC,GACpD,gBAAgB,CAKlB"}

package/dist/src/redis-rate-limiter.js

@@ -0,0 +1,168 @@
+/**
+ * Redis Token Bucket Rate Limiter
+ *
+ * Atomic token bucket implementation using Redis + Lua script.
+ * All processes (dashboard, governor, CLI agents) share one bucket
+ * keyed by `linear:rate-limit:{workspaceId}`.
+ *
+ * Implements RateLimiterStrategy from @supaku/agentfactory-linear
+ * so it can be injected into LinearAgentClient.
+ */
+import { getRedisClient } from './redis.js';
+import { createLogger } from './logger.js';
+const log = createLogger('redis-rate-limiter');
+export const DEFAULT_REDIS_RATE_LIMIT_CONFIG = {
+    key: 'linear:rate-limit:default',
+    maxTokens: 80,
+    refillRate: 1.5,
+    acquireTimeoutMs: 30_000,
+    pollIntervalMs: 500,
+};
+/**
+ * Lua script for atomic token bucket acquire.
+ *
+ * KEYS[1] = bucket key (hash with fields: tokens, last_refill, penalty_until)
+ * ARGV[1] = maxTokens
+ * ARGV[2] = refillRate (tokens per second)
+ * ARGV[3] = current timestamp (ms)
+ *
+ * Returns: 1 if token acquired, 0 if no tokens available
+ */
+const ACQUIRE_LUA = `
+local key = KEYS[1]
+local maxTokens = tonumber(ARGV[1])
+local refillRate = tonumber(ARGV[2])
+local now = tonumber(ARGV[3])
+
+-- Initialize bucket if it doesn't exist
+local tokens = tonumber(redis.call('HGET', key, 'tokens'))
+local lastRefill = tonumber(redis.call('HGET', key, 'last_refill'))
+local penaltyUntil = tonumber(redis.call('HGET', key, 'penalty_until')) or 0
+
+if tokens == nil then
+  tokens = maxTokens
+  lastRefill = now
+  redis.call('HMSET', key, 'tokens', tokens, 'last_refill', lastRefill, 'penalty_until', 0)
+  redis.call('EXPIRE', key, 3600)
+end
+
+-- Check if we're in a penalty period
+if now < penaltyUntil then
+  return 0
+end
+
+-- Refill tokens based on elapsed time
+local elapsed = (now - lastRefill) / 1000.0
+if elapsed > 0 then
+  local newTokens = elapsed * refillRate
+  tokens = math.min(maxTokens, tokens + newTokens)
+  lastRefill = now
+end
+
+-- Try to acquire a token
+if tokens >= 1 then
+  tokens = tokens - 1
+  redis.call('HMSET', key, 'tokens', tokens, 'last_refill', lastRefill)
+  redis.call('EXPIRE', key, 3600)
+  return 1
+end
+
+redis.call('HMSET', key, 'tokens', tokens, 'last_refill', lastRefill)
+redis.call('EXPIRE', key, 3600)
+return 0
+`;
+/**
+ * Lua script for penalizing the bucket (after rate limit response).
+ *
+ * KEYS[1] = bucket key
+ * ARGV[1] = penalty duration (seconds)
+ * ARGV[2] = current timestamp (ms)
+ */
+const PENALIZE_LUA = `
+local key = KEYS[1]
+local penaltySeconds = tonumber(ARGV[1])
+local now = tonumber(ARGV[2])
+
+redis.call('HMSET', key, 'tokens', 0, 'penalty_until', now + (penaltySeconds * 1000))
+redis.call('EXPIRE', key, 3600)
+return 1
+`;
+export class RedisTokenBucket {
+    config;
+    constructor(config) {
+        this.config = { ...DEFAULT_REDIS_RATE_LIMIT_CONFIG, ...config };
+    }
+    /**
+     * Acquire a single token. Polls Redis until a token is available
+     * or the acquire timeout is reached.
+     */
+    async acquire() {
+        const start = Date.now();
+        while (true) {
+            const acquired = await this.tryAcquire();
+            if (acquired)
+                return;
+            // Check timeout
+            if (Date.now() - start > this.config.acquireTimeoutMs) {
+                throw new Error(`RedisTokenBucket: timed out waiting for rate limit token after ${this.config.acquireTimeoutMs}ms`);
+            }
+            // Wait before polling again
+            await new Promise((resolve) => setTimeout(resolve, this.config.pollIntervalMs));
+        }
+    }
+    /**
+     * Penalize the bucket after receiving a rate limit response.
+     * Drains all tokens and sets a penalty period.
+     */
+    async penalize(seconds) {
+        try {
+            const redis = getRedisClient();
+            await redis.eval(PENALIZE_LUA, 1, this.config.key, String(seconds), String(Date.now()));
+            log.warn('Rate limit penalty applied', { seconds, key: this.config.key });
+        }
+        catch (err) {
+            log.error('Failed to apply rate limit penalty', {
+                error: err instanceof Error ? err.message : String(err),
+            });
+        }
+    }
+    /**
+     * Try to acquire a token atomically. Returns true if acquired.
+     */
+    async tryAcquire() {
+        try {
+            const redis = getRedisClient();
+            const result = await redis.eval(ACQUIRE_LUA, 1, this.config.key, String(this.config.maxTokens), String(this.config.refillRate), String(Date.now()));
+            return result === 1;
+        }
+        catch (err) {
+            // If Redis is down, allow the request (fail open for rate limiting)
+            log.error('Redis rate limiter error, failing open', {
+                error: err instanceof Error ? err.message : String(err),
+            });
+            return true;
+        }
+    }
+    /**
+     * Get the current token count (for monitoring).
+     */
+    async getAvailableTokens() {
+        try {
+            const redis = getRedisClient();
+            const tokens = await redis.hget(this.config.key, 'tokens');
+            return tokens ? parseFloat(tokens) : this.config.maxTokens;
+        }
+        catch {
+            return -1;
+        }
+    }
+}
+/**
+ * Create a Redis token bucket for a specific workspace.
+ */
+export function createRedisTokenBucket(workspaceId, config) {
+    return new RedisTokenBucket({
+        ...config,
+        key: `linear:rate-limit:${workspaceId}`,
+    });
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@supaku/agentfactory-server",
-  "version": "0.7.18",
+  "version": "0.7.19",
   "type": "module",
   "description": "Webhook server and distributed worker pool for AgentFactory — Redis queues, issue locks, session management",
   "author": "Supaku (https://supaku.com)",
@@ -44,8 +44,8 @@
   ],
   "dependencies": {
     "ioredis": "^5.4.2",
-    "@supaku/agentfactory": "0.7.18",
-    "@supaku/agentfactory-linear": "0.7.18"
+    "@supaku/agentfactory-linear": "0.7.19",
+    "@supaku/agentfactory": "0.7.19"
   },
   "devDependencies": {
     "@types/node": "^22.5.4",