Silent Redis Failure in Rate Limiter — Fixed in v1.0.53
Silent Redis Failure in Rate Limiter — Fixed in v1.0.53
What happened
A subtle but impactful bug was discovered in src/lib/agent/rate-limiter.ts: the module was calling require('redis') — a CommonJS dynamic require — to establish a Redis connection. The problem is that redis is not listed as a dependency in package.json. Only ioredis is.
As a result, the require('redis') call would silently resolve to null at runtime instead of throwing an error. The rate-limiter detected the null client and fell back to Postgres-only rate limiting, never surfacing any warning or exception.
Why it was hard to spot
- No crash, no error log. The fallback path was intentionally designed to be graceful, so nothing in the logs indicated Redis wasn't being used.
- Postgres-only limiting still works — it just isn't as fast or as horizontally scalable as the Redis-backed path.
- The rest of the codebase was correct.
src/lib/agent/working-memory.tsalready usedioredisproperly. Only the rate-limiter was inconsistent.
The fix
The getRedis() function inside rate-limiter.ts has been updated to initialise a Redis client using ioredis, exactly as working-memory.ts does. This brings the two modules into alignment and ensures Redis is correctly used for rate limiting across the agent.
Before (broken):
// rate-limiter.ts
const redis = require('redis'); // ❌ 'redis' not in package.json — returns null silently
function getRedis() {
return redis.createClient(...);
}
After (fixed):
// rate-limiter.ts
import Redis from 'ioredis'; // ✅ consistent with working-memory.ts
function getRedis() {
return new Redis(process.env.REDIS_URL);
}
Impact
| Before v1.0.53 | v1.0.53+ | |
|---|---|---|
| Redis client used | null (silent failure) | ioredis ✅ |
| Rate-limit backend | Postgres only | Redis (primary) + Postgres (fallback) ✅ |
| Error surfaced | None | N/A — now works correctly |
What you need to do
For most deployments, nothing. The fix is transparent.
If your Redis instance is unreachable, the existing Postgres fallback path remains in place. However, now that Redis is functional again, ensure your Redis connection string (REDIS_URL) is correctly configured in your environment so the agent can use it as intended.