feat: resolve #386 #387 #388 #400 — Redis eviction, HTTP/2 push, WS p…

[STX-Boot]

…rotobuf, internal signing

Closes #386 — Redis cache eviction policy

• Implement real ioredis connection in RedisCache (was a stub)
• Set maxmemory-policy allkeys-lru and configurable maxmemory on connect
• Add TTL to every cache entry via setex; add getMemoryInfo() for monitoring

Closes #387 — HTTP/2 server push and connection multiplexing

• Add Link preload headers for critical fonts and CSS in next.config.ts so HTTP/2-aware proxies issue PUSH_PROMISE frames before HTML is parsed
• Add custom_headers to aws_amplify_app in infra/main.tf to propagate server push hints through CloudFront (HTTP/2 enabled by default on Amplify)

Closes #388 — WebSocket binary protocol via Protocol Buffers

• Add packages/types/src/websocket.proto — canonical schema for WireMessage, WireMessageBatch, and ClientMessage
• backend/src/websocket/codec.ts — zero-dependency protobuf-compatible binary encoder (encodeWireMessage, encodeBatch) and ClientMessage decoder
• managedConnection.ts — store WireMessage objects in queue; encode as binary protobuf (WireMessageBatch) or JSON text at flush time based on useBinary flag
• server.ts — detect ?proto=1 query param; pass useBinary to ManagedConnection
• frontend/lib/websocket/codec.ts — browser-native protobuf decoder (decodeServerBinary) using TextDecoder; zero deps
• pool.ts — set binaryType='arraybuffer' when proto=1 in URL; decode binary frames with codec and re-serialize for existing ordered-delivery logic Fallback to JSON text frames for clients without ?proto=1

Closes #400 — HMAC request signing for API-to-API communication

• backend/src/middleware/internalSignature.ts — HMAC-SHA256 signing with:
  • 5-minute timestamp replay-protection window
  • Key rotation via in-memory store (loaded from INTERNAL_API_SIGNING_KEYS env)
  • signRequest() helper for outbound internal calls
  • verifyInternalSignature() Express middleware for inbound calls
  • Audit logging for all auth successes and failures

What this PR does

• Summary of the implemented changes related to issue(s) DevTooling: Implement Monorepo with Turborepo for Shared Packages #240 and DevTooling: Implement Real-Time Error Monitoring with Sentry and Custom Dashboards #242
• Any breaking changes introduced (if any)
• Any migrations or data changes (if applicable)

Changes

• List of notable files and modules touched (monorepo wiring, Sentry integration, dashboards, etc.)
• Notes about the Turborepo configuration, shared packages, and ESLint/TS config

Why

• Rationale for the changes and how they solve the Acceptance Criteria

How to test

• Steps to reproduce locally, including commands to run build/test
• Any environment variables needed (e.g., SENTRY_DSN)
• How to verify the dashboards/alerts configuration (stubs or real)

Notes

• Any caveats, risks, or follow-up tasks
• If you want to close issues automatically, include:
  • Closes DevTooling: Implement Monorepo with Turborepo for Shared Packages #240
  • Closes DevTooling: Implement Real-Time Error Monitoring with Sentry and Custom Dashboards #242

[vercel]

@devjayy43 is attempting to deploy a commit to the smartdevs17's projects Team on Vercel.

A member of the Team first needs to authorize it.

[drips-wave]

@STX-Boot Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits