From 91d7a24ed958f82578cfe36840c3589a8e22268d Mon Sep 17 00:00:00 2001 From: Danijel Martinek Date: Wed, 20 May 2026 11:05:31 +0200 Subject: [PATCH] chore(work): finish 04-with-rate-limit-wrapper-and-conformance --- docs/work/_system/_state.json | 11 +++-------- .../_story.md | 6 +++--- .../epics/security-headers-rate-limit-sbom/_epic.md | 4 ++-- 3 files changed, 8 insertions(+), 13 deletions(-) diff --git a/docs/work/_system/_state.json b/docs/work/_system/_state.json index ca36d89..10f432f 100644 --- a/docs/work/_system/_state.json +++ b/docs/work/_system/_state.json @@ -1,5 +1,5 @@ { - "updated_at": "2026-05-20T08:45:03.332Z", + "updated_at": "2026-05-20T09:05:32.004Z", "epics": { "binder-wrap-helper": { "status": "done", @@ -603,10 +603,10 @@ ] }, "04-with-rate-limit-wrapper-and-conformance": { - "status": "todo", + "status": "done", "title": "`withRateLimit` wrapper and conformance extensions", "ac_total": 1, - "ac_completed": 0, + "ac_completed": 1, "depends_on": [ "01-rate-limit-type-primitives", "02-rate-limit-implementations" @@ -686,11 +686,6 @@ } }, "ready": [ - { - "epic": "security-headers-rate-limit-sbom", - "story": "04-with-rate-limit-wrapper-and-conformance", - "title": "`withRateLimit` wrapper and conformance extensions" - }, { "epic": "security-headers-rate-limit-sbom", "story": "05-auth-signin-rate-limit-backfill", diff --git a/docs/work/epics/security-headers-rate-limit-sbom/04-with-rate-limit-wrapper-and-conformance/_story.md b/docs/work/epics/security-headers-rate-limit-sbom/04-with-rate-limit-wrapper-and-conformance/_story.md index 31fb17b..3cab6ae 100644 --- a/docs/work/epics/security-headers-rate-limit-sbom/04-with-rate-limit-wrapper-and-conformance/_story.md +++ b/docs/work/epics/security-headers-rate-limit-sbom/04-with-rate-limit-wrapper-and-conformance/_story.md @@ -3,12 +3,12 @@ id: 04-with-rate-limit-wrapper-and-conformance epic: security-headers-rate-limit-sbom title: "`withRateLimit` wrapper and conformance extensions" type: technical-story -status: todo +status: done feature: core-shared depends-on: [01-rate-limit-type-primitives, 02-rate-limit-implementations] blocks: [05-auth-signin-rate-limit-backfill] created: 2026-05-20T00:00:00Z -updated: 2026-05-20T08:14:55.907Z +updated: 2026-05-20T09:05:31.838Z --- ## Goal @@ -45,4 +45,4 @@ The brand enforcement loop must be complete before any feature can declare `rate ## Tasks -- [ ] Implement `withRateLimit(rateLimit, factory)` in `packages/core-shared/src/rate-limit/with-rate-limit.ts` attaching the `RateLimited` brand; extend `wireUseCase` to accept optional `rateLimit?: IRateLimit` and compose `withRateLimit` innermost when `manifest.rateLimit.length > 0`; extend `assertFeatureConformance` to require `RateLimited` brand when `rateLimit.length > 0` with a synthetic fixture test asserting `ConformanceError` on absent brand; add `rateLimit?: IRateLimit` to `BindContext` and default it to `new NoopRateLimit()` in app aggregators; unit tests for wrapper brand attachment and factory passthrough; all gates pass. +- [x] Implement `withRateLimit(rateLimit, factory)` in `packages/core-shared/src/rate-limit/with-rate-limit.ts` attaching the `RateLimited` brand; extend `wireUseCase` to accept optional `rateLimit?: IRateLimit` and compose `withRateLimit` innermost when `manifest.rateLimit.length > 0`; extend `assertFeatureConformance` to require `RateLimited` brand when `rateLimit.length > 0` with a synthetic fixture test asserting `ConformanceError` on absent brand; add `rateLimit?: IRateLimit` to `BindContext` and default it to `new NoopRateLimit()` in app aggregators; unit tests for wrapper brand attachment and factory passthrough; all gates pass. diff --git a/docs/work/epics/security-headers-rate-limit-sbom/_epic.md b/docs/work/epics/security-headers-rate-limit-sbom/_epic.md index ffc1b49..4283c5f 100644 --- a/docs/work/epics/security-headers-rate-limit-sbom/_epic.md +++ b/docs/work/epics/security-headers-rate-limit-sbom/_epic.md @@ -7,7 +7,7 @@ status: in-progress features: [core-shared, core-testing, core-eslint, auth, web-next, web-tanstack, cms] created: 2026-05-20T00:00:00Z -updated: 2026-05-20T08:45:03.170Z +updated: 2026-05-20T09:05:31.838Z --- ## Goal @@ -23,7 +23,7 @@ Security scanners flag the absence of HSTS, X-Frame-Options, X-Content-Type-Opti - [x] [01 — Rate-limit type primitives and manifest field](01-rate-limit-type-primitives/_story.md) - [x] [02 — Rate-limit implementations: Noop, InMemory, Recording](02-rate-limit-implementations/_story.md) - [x] [03 — `no-undeclared-rate-limit` ESLint rule](03-no-undeclared-rate-limit-eslint-rule/_story.md) -- [ ] [04 — `withRateLimit` wrapper and conformance extensions](04-with-rate-limit-wrapper-and-conformance/_story.md) +- [x] [04 — `withRateLimit` wrapper and conformance extensions](04-with-rate-limit-wrapper-and-conformance/_story.md) - [ ] [05 — auth.signIn rate-limit backfill](05-auth-signin-rate-limit-backfill/_story.md) - [ ] [06 — Security headers core module](06-security-headers-core-module/_story.md) - [ ] [07 — Per-framework security header adapters](07-security-header-adapters/_story.md)