npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@p-vbordei/rate-limit-guard

v1.0.0

Published

Cross-session API rate limit guard for LLM providers

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

vlad1987654123vlad1987654123

Keywords

llmrate-limitcircuit-breakerapi-retry429ai-agents

Readme

rate-limit-guard

A cross-session circuit breaker and rate limit guard for LLM providers (e.g. OpenAI, OpenRouter). It coordinates rate limit states across multiple processes and instances (CLIs, workers, cron jobs, etc.) to prevent API retry amplification.

License

Apache License 2.0 (100% independent and open-source).

Features

  • Cross-Process Synchronization: Uses an atomic-renamed JSON file to share rate limit states across multiple Node.js processes, workers, CLIs, or subprocesses.
  • Retry Amplification Prevention: Prevents concurrent tasks from slamming rate-limited endpoints, avoiding quota multiplier exhaustion.
  • Genuine vs. Transient Filter: Evaluates HTTP rate limit headers (such as x-ratelimit-* and retry-after) and last-known bucket capacities to differentiate between genuine quota exhaustions (e.g., hourly RPH limits) and transient upstream provider hiccups (e.g., 5-second provider capacity issues).
  • Human-Readable Durations: Built-in helper to format remaining cooldown durations into compact, readable strings (e.g., 2m 30s or 1h 15m).

Installation

npm install rate-limit-guard

Usage

1. Basic Cooldown Check

Use the RateLimitGuard class statefully to check and record rate limit statuses:

import { RateLimitGuard, formatRemaining } from 'rate-limit-guard';

// Initialize with a shared state file path (defaults to ~/.rate_limits/default.json)
const guard = new RateLimitGuard();

// Check if provider is currently blocked:
const remaining = guard.getRemainingCooldown();
if (remaining !== null) {
  console.log(`Rate limit is active. Please wait ${formatRemaining(remaining)}.`);
  // Wait, failover, or exit early...
  process.exit(1);
}

// Perform LLM API request...
try {
  const res = await callLlmApi();
  // Clear any existing limit state on success
  guard.clear();
} catch (error: any) {
  if (error.status === 429) {
    // Record rate limit state from headers
    guard.recordLimit({
      headers: error.headers,
      defaultCooldownSeconds: 300 // fallback if no reset headers present
    });
  }
}

2. Differentiating Genuine Quota Limits from Transient Hiccups

Large LLM routers multiplex multiple backends. When deep upstream providers hit capacity, they might return a transient 429 that goes away in seconds, while actual account limits can last hours.

Use isGenuineLimit to avoid blocking your agent for hours on a transient 5-second model jitter:

if (error.status === 429) {
  const headers = error.headers;
  
  // Checks headers and historical states to see if it's a real account limit (e.g. hourly limit reset >= 60s)
  const isGenuine = guard.isGenuineLimit({ headers });
  
  if (isGenuine) {
    console.log("Genuine account quota limit reached. Tripping cross-session breaker.");
    guard.recordLimit({ headers });
  } else {
    console.log("Transient upstream provider error. Retrying with a model failover immediately.");
  }
}