fix(SEC-ORCH-28+29): Add Valkey connection timeout + workItems MaxLength

SEC-ORCH-28: Add connectTimeout (5000ms default) and commandTimeout (3000ms default) to Valkey/Redis client to prevent indefinite connection hangs. Both are configurable via VALKEY_CONNECT_TIMEOUT_MS and VALKEY_COMMAND_TIMEOUT_MS environment variables. SEC-ORCH-29: Add @ArrayMaxSize(50) and @MaxLength(2000) to workItems in AgentContextDto to prevent memory exhaustion from unbounded input. Also adds @ArrayMaxSize(20) and @MaxLength(200) to skills array. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 15:19:44 -06:00
parent 144495ae6b
commit 3880993b60
7 changed files with 133 additions and 1 deletions
--- a/apps/orchestrator/src/valkey/valkey.client.ts
+++ b/apps/orchestrator/src/valkey/valkey.client.ts
@@ -16,6 +16,10 @@ export interface ValkeyClientConfig {
  port: number;
  password?: string;
  db?: number;
+  /** Connection timeout in milliseconds (default: 5000) */
+  connectTimeout?: number;
+  /** Command timeout in milliseconds (default: 3000) */
+  commandTimeout?: number;
  logger?: {
    error: (message: string, error?: unknown) => void;
  };
@@ -57,6 +61,8 @@ export class ValkeyClient {
      port: config.port,
      password: config.password,
      db: config.db,
+      connectTimeout: config.connectTimeout ?? 5000,
+      commandTimeout: config.commandTimeout ?? 3000,
    });
    this.logger = config.logger;
  }