Resolve unbounded in-memory failed-attempts map causing memory leak in ThreatDetectionService

[RUKAYAT-CODER]

Overview

src/security/threats/threat-detection.service.ts uses private failedAttempts = new Map<string, number>() with no TTL or eviction. An IP-rotation attack or a large user base will cause this Map to grow indefinitely, eventually consuming all heap memory and triggering OOM kills across pod restarts. This is a distinct issue from the distributed-state problem (tracked separately) — this bug exists even in a single-instance deployment.

Specifications

Features:

• Replace the unbounded Map with a bounded, TTL-based structure even before Redis migration.

Tasks:

• As an interim fix, replace the Map with an lru-cache instance capped at 50,000 entries and a 15-minute TTL per entry.
• Log a warning when the LRU eviction is triggered (indicating the cap was hit).
• Add a unit test that inserts 50,001 entries and verifies the oldest is evicted.

Impacted Files:

• src/security/threats/threat-detection.service.ts

Acceptance Criteria

• Map size is bounded at 50,000 entries.
• Entries expire after 15 minutes without manual reset.
• Unit test verifies LRU eviction at the cap boundary.

[JoesWalker]

@JoesWalker has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi maintainers, I'd like to claim this issue!

I’m a Full Stack Developer specializing in Next.js/React (TypeScript + Tailwind) and Node.js (PostgreSQL + Prisma/Drizzle).

My Approach for This Issue
Context: I’ll implement this by [insert 1 sentence specific to the issue, e.g., updates the database schema for X and linking it to the Y component].

Frontend: Deliver clean, reusable components with responsive layouts, hover/focus states, and semantic HTML.

Backend/Infra: Secure API routes (REST/GraphQL), proper data validation, and clean migrations if required.

Testing & QA: Write unit/integration tests for critical paths and verify breakpoints.

I can start immediately and will share progress updates directly in the PR (complete with screenshots/videos). Ready when you are!

ℹ️ Repo Maintainers: To accept this application, review their application or assign @JoesWalker to this issue.

[MoscowDev]

@MoscowDev has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

I’d love to take this issue on. I’ve worked on production-ready applications and collaborated extensively through GitHub workflows. I’ll dig into the current setup, implement a solid and reliable fix, and deliver a well-tested PR. My focus is on clean, maintainable code and fast, dependable delivery.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @MoscowDev to this issue.

[Mkalbani]

@Mkalbani has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi, Maintainers. Can I work on this. I've worked on a similar work like this. Thank you.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Mkalbani to this issue.

[drips-wave]

Congratulations, @Mkalbani! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @Mkalbani: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊