Closed
Description
There are two kinds of rate limits when publishing crates: a rate limit for brand new crates implemented in the application and a rate limit for all published configured in nginx (1, 2). The nginx rate limit, while simpler in its implementation, has multiple problems:
- The rate limit state is stored in every dyno, which results in users actually having at most 2 times the rate limit depending on where the Heroku Router send their requests.
- There is no way to manually increase the limit for a subset of the users.
- The rate limit also applies to new crates, even though those have their separate rate limit.
- The rate limit is per IP address, not per user.
We should move new versions to use the same rate limiting code as new crates, but with different thresholds, and then we should remove the nginx rate limits.