Feature/pr analysis rate limiting

java-ecosystem/libs/analysis-engine/pom.xml

@@ -68,6 +68,12 @@
             <artifactId>okhttp</artifactId>
         </dependency>
 
+        <!-- JTokkit for token counting -->
+        <dependency>
+            <groupId>com.knuddels</groupId>
+            <artifactId>jtokkit</artifactId>
+        </dependency>
+
         <!-- Test Dependencies -->
         <dependency>
             <groupId>org.junit.jupiter</groupId>

java-ecosystem/libs/analysis-engine/src/main/java/module-info.java

@@ -18,6 +18,7 @@
     requires com.fasterxml.jackson.annotation;
     requires jakarta.persistence;
     requires kotlin.stdlib;
+    requires jtokkit;
 
     exports org.rostilos.codecrow.analysisengine.aiclient;
     exports org.rostilos.codecrow.analysisengine.config;

java-ecosystem/libs/analysis-engine/src/main/java/org/rostilos/codecrow/analysisengine/dto/request/processor/PrProcessRequest.java

@@ -35,6 +35,13 @@ public class PrProcessRequest implements AnalysisProcessRequest {
     public String prAuthorId;
 
     public String prAuthorUsername;
+
+    /**
+     * Optional pre-acquired lock key. If set, the processor will skip lock acquisition
+     * and use this lock key directly. This prevents double-locking when the webhook handler
+     * has already acquired the lock before calling the processor.
+     */
+    public String preAcquiredLockKey;
 
 
     public Long getProjectId() {
@@ -64,4 +71,6 @@ public String getSourceBranchName() {
     public String getPrAuthorId() { return prAuthorId; }
 
     public String getPrAuthorUsername() { return prAuthorUsername; }
+
+    public String getPreAcquiredLockKey() { return preAcquiredLockKey; }
 }

java-ecosystem/libs/analysis-engine/src/main/java/org/rostilos/codecrow/analysisengine/exception/DiffTooLargeException.java

@@ -0,0 +1,47 @@
+package org.rostilos.codecrow.analysisengine.exception;
+
+/**
+ * Exception thrown when a diff exceeds the configured token limit for analysis.
+ * This is a soft skip - the analysis is not performed but the job is not marked as failed.
+ */
+public class DiffTooLargeException extends RuntimeException {
+
+    private final int estimatedTokens;
+    private final int maxAllowedTokens;
+    private final Long projectId;
+    private final Long pullRequestId;
+
+    public DiffTooLargeException(int estimatedTokens, int maxAllowedTokens, Long projectId, Long pullRequestId) {
+        super(String.format(
+            "PR diff exceeds token limit: estimated %d tokens, max allowed %d tokens (project=%d, PR=%d)",
+            estimatedTokens, maxAllowedTokens, projectId, pullRequestId
+        ));
+        this.estimatedTokens = estimatedTokens;
+        this.maxAllowedTokens = maxAllowedTokens;
+        this.projectId = projectId;
+        this.pullRequestId = pullRequestId;
+    }
+
+    public int getEstimatedTokens() {
+        return estimatedTokens;
+    }
+
+    public int getMaxAllowedTokens() {
+        return maxAllowedTokens;
+    }
+
+    public Long getProjectId() {
+        return projectId;
+    }
+
+    public Long getPullRequestId() {
+        return pullRequestId;
+    }
+
+    /**
+     * Returns the percentage of the token limit that would be used.
+     */
+    public double getUtilizationPercentage() {
+        return maxAllowedTokens > 0 ? (estimatedTokens * 100.0 / maxAllowedTokens) : 0;
+    }
+}

java-ecosystem/libs/analysis-engine/src/main/java/org/rostilos/codecrow/analysisengine/processor/analysis/PullRequestAnalysisProcessor.java

@@ -91,34 +91,45 @@
         // Publish analysis started event
         publishAnalysisStartedEvent(project, request, correlationId);
 
-        Optional<String> lockKey = analysisLockService.acquireLockWithWait(
-                project,
-                request.getSourceBranchName(),
-                AnalysisLockType.PR_ANALYSIS,
-                request.getCommitHash(),
-                request.getPullRequestId(),
-                consumer::accept
-        );
-
-        if (lockKey.isEmpty()) {
-            String message = String.format(
-                    "Failed to acquire lock after %d minutes for project=%s, PR=%d, branch=%s. Another analysis is still in progress.",
-                    analysisLockService.getLockWaitTimeoutMinutes(),
-                    project.getId(),
-                    request.getPullRequestId(),
-                    request.getSourceBranchName()
-            );
-            log.warn(message);
-
-            // Publish failed event due to lock timeout
-            publishAnalysisCompletedEvent(project, request, correlationId, startTime, 
-                    AnalysisCompletedEvent.CompletionStatus.FAILED, 0, 0, "Lock acquisition timeout");
-
-            throw new AnalysisLockedException(
-                    AnalysisLockType.PR_ANALYSIS.name(),
+        // Check if a lock was already acquired by the caller (e.g., webhook handler)
+        // to prevent double-locking which causes unnecessary 2-minute waits
+        String lockKey;
+        boolean isPreAcquired = false;
+        if (request.getPreAcquiredLockKey() != null && !request.getPreAcquiredLockKey().isBlank()) {
+            lockKey = request.getPreAcquiredLockKey();
+            isPreAcquired = true;
+            log.info("Using pre-acquired lock: {} for project={}, PR={}", lockKey, project.getId(), request.getPullRequestId());
+        } else {
+            Optional<String> acquiredLock = analysisLockService.acquireLockWithWait(
+                    project,
                     request.getSourceBranchName(),
-                    project.getId()
+                    AnalysisLockType.PR_ANALYSIS,
+                    request.getCommitHash(),
+                    request.getPullRequestId(),
+                    consumer::accept
             );
+
+            if (acquiredLock.isEmpty()) {
+                String message = String.format(
+                        "Failed to acquire lock after %d minutes for project=%s, PR=%d, branch=%s. Another analysis is still in progress.",
+                        analysisLockService.getLockWaitTimeoutMinutes(),
+                        project.getId(),
+                        request.getPullRequestId(),
+                        request.getSourceBranchName()
+                );
+                log.warn(message);
+
+                // Publish failed event due to lock timeout
+                publishAnalysisCompletedEvent(project, request, correlationId, startTime, 
+                        AnalysisCompletedEvent.CompletionStatus.FAILED, 0, 0, "Lock acquisition timeout");
+
+                throw new AnalysisLockedException(
+                        AnalysisLockType.PR_ANALYSIS.name(),
+                        request.getSourceBranchName(),
+                        project.getId()
+                );
+            }
+            lockKey = acquiredLock.get();
         }
 
         try {
@@ -216,7 +227,9 @@
 
             return Map.of("status", "error", "message", e.getMessage());
         } finally {
-            analysisLockService.releaseLock(lockKey.get());
+            if (!isPreAcquired) {
+                analysisLockService.releaseLock(lockKey);
+            }
         }
     }
 

java-ecosystem/libs/analysis-engine/src/main/java/org/rostilos/codecrow/analysisengine/util/TokenEstimator.java

@@ -0,0 +1,83 @@
+package org.rostilos.codecrow.analysisengine.util;
+
+import com.knuddels.jtokkit.Encodings;
+import com.knuddels.jtokkit.api.Encoding;
+import com.knuddels.jtokkit.api.EncodingRegistry;
+import com.knuddels.jtokkit.api.EncodingType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Utility class for estimating token counts in text content.
+ * Uses the cl100k_base encoding (used by GPT-4, Claude, and most modern LLMs).
+ */
+public class TokenEstimator {
+    private static final Logger log = LoggerFactory.getLogger(TokenEstimator.class);
+
+    private static final EncodingRegistry ENCODING_REGISTRY = Encodings.newDefaultEncodingRegistry();
+    private static final Encoding ENCODING = ENCODING_REGISTRY.getEncoding(EncodingType.CL100K_BASE);
+
+    /**
+     * Estimate the number of tokens in the given text.
+     * 
+     * @param text The text to estimate tokens for
+     * @return The estimated token count, or 0 if text is null/empty
+     */
+    public static int estimateTokens(String text) {
+        if (text == null || text.isEmpty()) {
+            return 0;
+        }
+        try {
+            return ENCODING.countTokens(text);
+        } catch (Exception e) {
+            log.warn("Failed to count tokens, using fallback estimation: {}", e.getMessage());
+            // Fallback: rough estimate of ~4 characters per token
+            return text.length() / 4;
+        }
+    }
+
+    /**
+     * Check if the estimated token count exceeds the given limit.
+     * 
+     * @param text The text to check
+     * @param maxTokens The maximum allowed tokens
+     * @return true if the text exceeds the limit, false otherwise
+     */
+    public static boolean exceedsLimit(String text, int maxTokens) {
+        return estimateTokens(text) > maxTokens;
+    }
+
+    /**
+     * Result of a token estimation check with details.
+     */
+    public record TokenEstimationResult(
+        int estimatedTokens,
+        int maxAllowedTokens,
+        boolean exceedsLimit,
+        double utilizationPercentage
+    ) {
+        public String toLogString() {
+            return String.format("Tokens: %d / %d (%.1f%%) - %s",
+                estimatedTokens, maxAllowedTokens, utilizationPercentage,
+                exceedsLimit ? "EXCEEDS LIMIT" : "within limit");
+        }
+    }
+
+    /**
+     * Estimate tokens and check against limit, returning detailed result.
+     * 
+     * @param text The text to check
+     * @param maxTokens The maximum allowed tokens
+     * @return Detailed estimation result
+     */
+    public static TokenEstimationResult estimateAndCheck(String text, int maxTokens) {
+        int estimated = estimateTokens(text);
+        double utilization = maxTokens > 0 ? (estimated * 100.0 / maxTokens) : 0;
+        return new TokenEstimationResult(
+            estimated,
+            maxTokens,
+            estimated > maxTokens,
+            utilization
+        );
+    }
+}

java-ecosystem/libs/core/src/main/java/org/rostilos/codecrow/core/dto/ai/AIConnectionDTO.java

@@ -11,8 +11,7 @@ public record AIConnectionDTO(
         AIProviderKey providerKey,
         String aiModel,
         OffsetDateTime createdAt,
-        OffsetDateTime updatedAt,
-        int tokenLimitation
+        OffsetDateTime updatedAt
 ) {
 
     public static AIConnectionDTO fromAiConnection(AIConnection aiConnection) {
@@ -22,8 +21,7 @@ public static AIConnectionDTO fromAiConnection(AIConnection aiConnection) {
                 aiConnection.getProviderKey(),
                 aiConnection.getAiModel(),
                 aiConnection.getCreatedAt(),
-                aiConnection.getUpdatedAt(),
-                aiConnection.getTokenLimitation()
+                aiConnection.getUpdatedAt()
         );
     }
 }

java-ecosystem/libs/core/src/main/java/org/rostilos/codecrow/core/dto/project/ProjectDTO.java

@@ -32,7 +32,8 @@ public record ProjectDTO(
         String installationMethod,
         CommentCommandsConfigDTO commentCommandsConfig,
         Boolean webhooksConfigured,
-        Long qualityGateId
+        Long qualityGateId,
+        Integer maxAnalysisTokenLimit
 ) {
     public static ProjectDTO fromProject(Project project) {
         Long vcsConnectionId = null;
@@ -123,6 +124,9 @@ public static ProjectDTO fromProject(Project project) {
         if (project.getVcsRepoBinding() != null) {
             webhooksConfigured = project.getVcsRepoBinding().isWebhooksConfigured();
         }
+
+        // Get maxAnalysisTokenLimit from config
+        Integer maxAnalysisTokenLimit = config != null ? config.maxAnalysisTokenLimit() : ProjectConfig.DEFAULT_MAX_ANALYSIS_TOKEN_LIMIT;
 
         return new ProjectDTO(
                 project.getId(),
@@ -146,7 +150,8 @@ public static ProjectDTO fromProject(Project project) {
                 installationMethod,
                 commentCommandsConfigDTO,
                 webhooksConfigured,
-                project.getQualityGate() != null ? project.getQualityGate().getId() : null
+                project.getQualityGate() != null ? project.getQualityGate().getId() : null,
+                maxAnalysisTokenLimit
         );
     }
 

java-ecosystem/libs/core/src/main/java/org/rostilos/codecrow/core/model/ai/AIConnection.java

@@ -39,9 +39,6 @@ public class AIConnection {
     @Column(name = "updated_at", nullable = false)
     private OffsetDateTime updatedAt = OffsetDateTime.now();
 
-    @Column(name= "token_limitation", nullable = false)
-    private int tokenLimitation = 100000;
-
     @PreUpdate
     public void onUpdate() {
         this.updatedAt = OffsetDateTime.now();
@@ -98,12 +95,4 @@ public OffsetDateTime getCreatedAt() {
     public OffsetDateTime getUpdatedAt() {
         return updatedAt;
     }
-
-    public void setTokenLimitation(int tokenLimitation) {
-        this.tokenLimitation = tokenLimitation;
-    }
-
-    public int getTokenLimitation() {
-        return tokenLimitation;
-    }
 }

java-ecosystem/libs/core/src/main/java/org/rostilos/codecrow/core/model/project/Project.java

@@ -222,6 +222,15 @@
         this.configuration = configuration;
     }
 
+    /**
+     * Returns the effective project configuration.
+     * If configuration is null, returns a new default ProjectConfig.
+     * This ensures callers always get a valid config with default values.
+     */
+    public org.rostilos.codecrow.core.model.project.config.ProjectConfig getEffectiveConfig() {
+        return configuration != null ? configuration : new org.rostilos.codecrow.core.model.project.config.ProjectConfig();
+    }
+
     public org.rostilos.codecrow.core.model.branch.Branch getDefaultBranch() {
         return defaultBranch;
     }