From 6397b500baadcaad9c76fd780660174e02b85df8 Mon Sep 17 00:00:00 2001
From: claude_code <claude_code@vvzvlad.xyz>
Date: Sun, 21 Jun 2026 14:24:18 +0300
Subject: [PATCH] fix(share-ai): lower default per-workspace cap to 100 (#62)

The fail-closed limiter behavior (#62 primary item) already shipped; this
finishes the issue by lowering the default hourly per-workspace cap from 300
to 100 to better fit real anonymous-assistant load. Still overridable via
SHARE_AI_WORKSPACE_MAX_PER_HOUR.

- public-share-workspace-limiter.ts: SHARE_AI_WORKSPACE_MAX_PER_WINDOW 300 -> 100.
- .env.example: documented default + example value 300 -> 100.
- public-share-chat.spec.ts: update the default-cap assertion to 100.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
---
 .env.example                                                  | 4 ++--
 apps/server/src/core/ai-chat/public-share-chat.spec.ts        | 2 +-
 .../server/src/core/ai-chat/public-share-workspace-limiter.ts | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.env.example b/.env.example
index 1cfcb43f..1948fafe 100644
--- a/.env.example
+++ b/.env.example
@@ -147,8 +147,8 @@ MCP_DOCMOST_PASSWORD=
 # per-IP limit is fully evaded. It is a COST backstop, not an access control, and
 # FAILS CLOSED if Redis is unavailable (an optional assistant briefly going
 # offline is safer than an unbounded bill). Override the hourly cap below
-# (default: 300 calls per workspace per rolling hour).
-# SHARE_AI_WORKSPACE_MAX_PER_HOUR=300
+# (default: 100 calls per workspace per rolling hour).
+# SHARE_AI_WORKSPACE_MAX_PER_HOUR=100
 #
 # Per-request output-token ceiling for the anonymous assistant (default: 512).
 # Worst-case output per accepted call = agent steps (5) × this value.
diff --git a/apps/server/src/core/ai-chat/public-share-chat.spec.ts b/apps/server/src/core/ai-chat/public-share-chat.spec.ts
index e7577589..3b80e9be 100644
--- a/apps/server/src/core/ai-chat/public-share-chat.spec.ts
+++ b/apps/server/src/core/ai-chat/public-share-chat.spec.ts
@@ -386,7 +386,7 @@ describe('resolveShareAiWorkspaceMax (env-overridable per-workspace cap)', () =>
   it('falls back to the default for an unparseable / NaN value', () => {
     process.env[ENV] = 'not-a-number';
     expect(resolveShareAiWorkspaceMax()).toBe(SHARE_AI_WORKSPACE_MAX_PER_WINDOW);
-    expect(SHARE_AI_WORKSPACE_MAX_PER_WINDOW).toBe(300);
+    expect(SHARE_AI_WORKSPACE_MAX_PER_WINDOW).toBe(100);
   });
 
   it('falls back to the default when unset', () => {
diff --git a/apps/server/src/core/ai-chat/public-share-workspace-limiter.ts b/apps/server/src/core/ai-chat/public-share-workspace-limiter.ts
index bcc40c5a..cf0dd80d 100644
--- a/apps/server/src/core/ai-chat/public-share-workspace-limiter.ts
+++ b/apps/server/src/core/ai-chat/public-share-workspace-limiter.ts
@@ -42,7 +42,7 @@ import type { Redis } from 'ioredis';
  */
 
 /** Default cap: anonymous share-AI calls allowed per workspace per window. */
-export const SHARE_AI_WORKSPACE_MAX_PER_WINDOW = 300;
+export const SHARE_AI_WORKSPACE_MAX_PER_WINDOW = 100;
 /** Default window length: one rolling hour. */
 export const SHARE_AI_WORKSPACE_WINDOW_MS = 60 * 60 * 1000;