v10.1.8

.playwright-mcp/console-2026-03-02T19-29-32-708Z.log

@@ -0,0 +1,6 @@
+[      95ms] TypeError: Cannot read properties of null (reading 'appendChild')
+    at TypedserverStatusPill.show (http://localhost:3000/typedserver/devtools:17607:21)
+    at TypedserverStatusPill.updateStatus (http://localhost:3000/typedserver/devtools:17567:10)
+    at ReloadChecker.checkReload (http://localhost:3000/typedserver/devtools:18137:23)
+    at async ReloadChecker.start (http://localhost:3000/typedserver/devtools:18224:9)
+[     992ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/overview:0

.playwright-mcp/console-2026-03-02T19-30-09-759Z.log

@@ -0,0 +1,5 @@
+[     329ms] [ERROR] method: >>getMergedRoutes<< got an ERROR: "unauthorized" with data undefined @ http://localhost:3000/bundle.js:13
+[     727ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/routes:0
+[  260513ms] [ERROR] method: >>adminLoginWithUsernameAndPassword<< got an ERROR: "login failed" with data undefined @ http://localhost:3000/bundle.js:13
+[  260514ms] [ERROR] Login failed: Ns @ http://localhost:3000/bundle.js:38066
+[  260518ms] [WARNING] FontAwesome icon not found: circle-xmark @ http://localhost:3000/bundle.js:1203

.playwright-mcp/console-2026-03-02T19-34-55-496Z.log

@@ -0,0 +1,3 @@
+[     397ms] [ERROR] method: >>getMergedRoutes<< got an ERROR: "unauthorized" with data undefined @ http://localhost:3000/bundle.js:13
+[     657ms] [ERROR] Error while trying to use the following icon from the Manifest: http://localhost:3000/assetbroker/manifest/icon-144x144.png (Download error or resource isn't a valid image) @ http://localhost:3000/routes:0
+[   24180ms] [WARNING] FontAwesome icon not found: circle-check @ http://localhost:3000/bundle.js:1203

changelog.md

@@ -1,5 +1,42 @@
 # Changelog
 
+## 2026-03-03 - 10.1.8 - fix(deps)
+bump dependencies: @push.rocks/smartmetrics to ^3.0.2, @push.rocks/smartproxy to ^25.9.0, @serve.zone/remoteingress to ^4.4.0
+
+- @push.rocks/smartmetrics: 3.0.1 -> 3.0.2 (patch)
+- @push.rocks/smartproxy: 25.8.5 -> 25.9.0 (minor)
+- @serve.zone/remoteingress: 4.3.0 -> 4.4.0 (minor)
+
+## 2026-03-03 - 10.1.7 - fix(ops-view-apitokens)
+use correct lucide icon name for roll/rotate actions in API tokens view
+
+- Updated iconName from 'lucide:rotate-cw' to 'lucide:rotateCw' in ts_web/elements/ops-view-apitokens.ts (two occurrences) to match lucide icon naming and ensure icons render correctly
+- Non-functional UI fix; no API or behavior changes
+
+## 2026-03-02 - 10.1.6 - fix(ts_web)
+use actionContext for dispatches in web state actions and bump @push.rocks/smartstate to ^2.2.0
+
+- Action handlers in ts_web/appstate.ts now accept an actionContext parameter and call await actionContext.dispatch(...) instead of using statePartArg.dispatchAction(...).
+- Handlers return the awaited dispatch result (ensuring callers receive refreshed state) instead of returning the previous statePartArg.getState().
+- Dependency bumped in package.json: @push.rocks/smartstate from ^2.1.1 to ^2.2.0.
+- Playwright artifacts (logs and page screenshots) were added under .playwright-mcp.
+
+## 2026-03-02 - 10.1.5 - fix(monitoring)
+use a per-second ring buffer for DNS query metrics, improve DNS logging rate limiting and security event aggregation, and bump smartmta dependency
+
+- Replace unbounded query timestamp array with a fixed-size per-second Int32Array ring buffer (300s) to calculate queries-per-second with O(1) updates and bounded memory
+- Add incrementQueryRing and getQueryRingSum helpers to correctly zero stale slots and sum recent seconds
+- Change metrics cache interval from 200ms to 1000ms to better match dashboard polling and reduce update frequency
+- Refactor DNS adaptive logging to use per-second counters (dnsLogWindowSecond / dnsLogWindowCount) instead of timestamp arrays to avoid per-query array filtering and improve rate limiting accuracy; reset counters on flush
+- Security logger: avoid mutating source when sorting/filtering, and implement single-pass aggregation with optional time-window filtering for byLevel/byType/top lists
+- Bump dependency @push.rocks/smartmta from ^5.3.0 to ^5.3.1
+
+## 2026-03-02 - 10.1.4 - fix(no-changes)
+no changes detected; no version bump required
+
+- package version is 10.1.3
+- git diff contains no changes
+
 ## 2026-03-02 - 10.1.3 - fix(deps)
 bump @api.global/typedrequest to ^3.2.7
 

package.json

@@ -1,7 +1,7 @@
 {
   "name": "@serve.zone/dcrouter",
   "private": false,
-  "version": "10.1.3",
+  "version": "10.1.8",
   "description": "A multifaceted routing service handling mail and SMS delivery functions.",
   "type": "module",
   "exports": {
@@ -43,21 +43,21 @@
     "@push.rocks/smartguard": "^3.1.0",
     "@push.rocks/smartjwt": "^2.2.1",
     "@push.rocks/smartlog": "^3.2.1",
-    "@push.rocks/smartmetrics": "^3.0.1",
+    "@push.rocks/smartmetrics": "^3.0.2",
     "@push.rocks/smartmongo": "^5.1.0",
-    "@push.rocks/smartmta": "^5.3.0",
+    "@push.rocks/smartmta": "^5.3.1",
     "@push.rocks/smartnetwork": "^4.4.0",
     "@push.rocks/smartpath": "^6.0.0",
     "@push.rocks/smartpromise": "^4.2.3",
-    "@push.rocks/smartproxy": "^25.8.5",
+    "@push.rocks/smartproxy": "^25.9.0",
     "@push.rocks/smartradius": "^1.1.1",
     "@push.rocks/smartrequest": "^5.0.1",
     "@push.rocks/smartrx": "^3.0.10",
-    "@push.rocks/smartstate": "^2.1.1",
+    "@push.rocks/smartstate": "^2.2.0",
     "@push.rocks/smartunique": "^3.0.9",
     "@serve.zone/catalog": "^2.5.0",
     "@serve.zone/interfaces": "^5.3.0",
-    "@serve.zone/remoteingress": "^4.3.0",
+    "@serve.zone/remoteingress": "^4.4.0",
     "@tsclass/tsclass": "^9.3.0",
     "lru-cache": "^11.2.6",
     "uuid": "^13.0.0"

pnpm-lock.yaml

@@ -57,14 +57,14 @@ importers:
         specifier: ^3.2.1
         version: 3.2.1
       '@push.rocks/smartmetrics':
-        specifier: ^3.0.1
-        version: 3.0.1
+        specifier: ^3.0.2
+        version: 3.0.2
       '@push.rocks/smartmongo':
         specifier: ^5.1.0
         version: 5.1.0(socks@2.8.7)
       '@push.rocks/smartmta':
-        specifier: ^5.3.0
-        version: 5.3.0
+        specifier: ^5.3.1
+        version: 5.3.1
       '@push.rocks/smartnetwork':
         specifier: ^4.4.0
         version: 4.4.0
@@ -75,8 +75,8 @@ importers:
         specifier: ^4.2.3
         version: 4.2.3
       '@push.rocks/smartproxy':
-        specifier: ^25.8.5
-        version: 25.8.5
+        specifier: ^25.9.0
+        version: 25.9.0
       '@push.rocks/smartradius':
         specifier: ^1.1.1
         version: 1.1.1
@@ -87,8 +87,8 @@ importers:
         specifier: ^3.0.10
         version: 3.0.10
       '@push.rocks/smartstate':
-        specifier: ^2.1.1
-        version: 2.1.1
+        specifier: ^2.2.0
+        version: 2.2.0
       '@push.rocks/smartunique':
         specifier: ^3.0.9
         version: 3.0.9
@@ -99,8 +99,8 @@ importers:
         specifier: ^5.3.0
         version: 5.3.0
       '@serve.zone/remoteingress':
-        specifier: ^4.3.0
-        version: 4.3.0
+        specifier: ^4.4.0
+        version: 4.4.0
       '@tsclass/tsclass':
         specifier: ^9.3.0
         version: 9.3.0
@@ -984,8 +984,8 @@ packages:
   '@push.rocks/smartmatch@2.0.0':
     resolution: {integrity: sha512-MBzP++1yNIBeox71X6VxpIgZ8m4bXnJpZJ4nWVH6IWpmO38MXTu4X0QF8tQnyT4LFcwvc9iiWaD15cstHa7Mmw==}
 
-  '@push.rocks/smartmetrics@3.0.1':
-    resolution: {integrity: sha512-wdc9v8F0dQXwraAVCZjGvt2lnGpbVYHWzER9OFR+u+ultMq7aLjUevxSpkS8BkhBMLTuNMCCWIqyAzaCqHzFgQ==}
+  '@push.rocks/smartmetrics@3.0.2':
+    resolution: {integrity: sha512-bW60TrdCubsZwsYK1+lE9y+OoXN8MfB7bhSASlTKtwhExdCbjXYXnSt9W7zerD7HbsUNOsvejIjX9q4oju+P2g==}
 
   '@push.rocks/smartmime@1.0.6':
     resolution: {integrity: sha512-PHd+I4UcsnOATNg8wjDsSAmmJ4CwQFrQCNzd0HSJMs4ZpiK3Ya91almd6GLpDPU370U4HFh4FaPF4eEAI6vkJQ==}
@@ -999,8 +999,8 @@ packages:
   '@push.rocks/smartmongo@5.1.0':
     resolution: {integrity: sha512-2tpKf8K+SMdLHOEpafgKPIN+ypWTLwHc33hCUDNMQ1KaL7vokkavA44+fHxQydOGPMtDi22tSMFeVMCcUSzs4w==}
 
-  '@push.rocks/smartmta@5.3.0':
-    resolution: {integrity: sha512-uJI25fslzvrcenU36WCdt5gB8cCfkjUlY7PqlxEtFp474/l/kZxNnvirv1gnZLRNNa+ioe5aH18HKE+KcAjuxA==}
+  '@push.rocks/smartmta@5.3.1':
+    resolution: {integrity: sha512-cEuXO56i/zL9eZS79eAesEW16ikdBJKLlEv9pLKkt2cmaHBWADGHjeOzJmsszQ9CSFcuhd41aHYVGMZXVvsG2g==}
     engines: {node: '>=14.0.0'}
     cpu: [x64, arm64]
     os: [darwin, linux, win32]
@@ -1038,8 +1038,8 @@ packages:
   '@push.rocks/smartpromise@4.2.3':
     resolution: {integrity: sha512-Ycg/TJR+tMt+S3wSFurOpEoW6nXv12QBtKXgBcjMZ4RsdO28geN46U09osPn9N9WuwQy1PkmTV5J/V4F9U8qEw==}
 
-  '@push.rocks/smartproxy@25.8.5':
-    resolution: {integrity: sha512-oLmV+Bq7sSgQP9McTao/imb6Xb62QM7wlTFt5kNynrS5WK2wAe8cEjDKOcyu8N/WmzNCEClT5f/0xAtI6JxtkA==}
+  '@push.rocks/smartproxy@25.9.0':
+    resolution: {integrity: sha512-fMw47zDFCj8umeoi+85H/fFzdsKB6iZxhgqfYGiCoB/yL6j0jodHujxqyRavJtL1XFHjMIw95nwSVgz/mx0q8g==}
 
   '@push.rocks/smartpuppeteer@2.0.5':
     resolution: {integrity: sha512-yK/qSeWVHIGWRp3c8S5tfdGP6WCKllZC4DR8d8CQlEjszOSBmHtlTdyyqOMBZ/BA4kd+eU5f3A1r4K2tGYty1g==}
@@ -1086,8 +1086,8 @@ packages:
   '@push.rocks/smartspawn@3.0.3':
     resolution: {integrity: sha512-DyrGPV69wwOiJgKkyruk5hS3UEGZ99xFAqBE9O2nM8VXCRLbbty3xt1Ug5Z092ZZmJYaaGMSnMw3ijyZJFCT0Q==}
 
-  '@push.rocks/smartstate@2.1.1':
-    resolution: {integrity: sha512-4OM9TXfiiSYIgVz2pQdM2UCTurXwd8o9LCtyZ/o+rnntnXp/X8UTWZ+WyTxgnfuzXhpIYXt83t34bVBJ2EPUOw==}
+  '@push.rocks/smartstate@2.2.0':
+    resolution: {integrity: sha512-e41vA1y9b0HBauzjMSh3l0YlRhcG4jhArm43/HHNdT+inxEGIeRL24VGeq+sl2MUr/eFWqgrETXhvL3YrsYFaw==}
 
   '@push.rocks/smartstream@2.0.8':
     resolution: {integrity: sha512-GlF/9cCkvBHwKa3DK4DO5wjfSgqkj6gAS4TrY9uD5NMHu9RQv4WiNrElTYj7iCEpnZgUnLO3tzw1JA3NRIMnnA==}
@@ -1347,8 +1347,8 @@ packages:
   '@serve.zone/interfaces@5.3.0':
     resolution: {integrity: sha512-venO7wtDR9ixzD9NhdERBGjNKbFA5LL0yHw4eqGh0UpmvtXVc3SFG0uuHDilOKMZqZ8bttV88qVsFy1aSTJrtA==}
 
-  '@serve.zone/remoteingress@4.3.0':
-    resolution: {integrity: sha512-yk14uS6oWIP83Zpem4hGf8zi3W9pefnxijtSWp45WvZ+u9XTXIADQNaUZBSTCId8CYkfPkfRGaaaARunVdjFXg==}
+  '@serve.zone/remoteingress@4.4.0':
+    resolution: {integrity: sha512-+M2EHP0irezN0xutYn0H6ZXePWoMJy4ETbK9/5Zgb4nx2FbDRYQyFLJUXyLzVL/rtJ/5trToPwOa3ljZoVze3g==}
 
   '@sindresorhus/is@5.6.0':
     resolution: {integrity: sha512-TV7t8GKYaJWsn00tFDqBw8+Uqmr8A0fRU1tvTQhyZzGv0sJCGRQL3JGMI3ucuKo3XIZdUP+Lx7/gh2t3lewy7g==}
@@ -5013,7 +5013,7 @@ snapshots:
       '@push.rocks/smartpromise': 4.2.3
       '@push.rocks/smartrouter': 1.3.3
       '@push.rocks/smartrx': 3.0.10
-      '@push.rocks/smartstate': 2.1.1
+      '@push.rocks/smartstate': 2.2.0
       '@push.rocks/smartstring': 4.1.0
       '@push.rocks/smarturl': 3.1.0
       '@push.rocks/webrequest': 3.0.37
@@ -6179,7 +6179,7 @@ snapshots:
     dependencies:
       matcher: 5.0.0
 
-  '@push.rocks/smartmetrics@3.0.1':
+  '@push.rocks/smartmetrics@3.0.2':
     dependencies:
       '@push.rocks/smartdelay': 3.0.5
       '@push.rocks/smartlog': 3.2.1
@@ -6247,7 +6247,7 @@ snapshots:
       - supports-color
       - vue
 
-  '@push.rocks/smartmta@5.3.0':
+  '@push.rocks/smartmta@5.3.1':
     dependencies:
       '@push.rocks/smartfile': 13.1.2
       '@push.rocks/smartfs': 1.3.1
@@ -6354,7 +6354,7 @@ snapshots:
 
   '@push.rocks/smartpromise@4.2.3': {}
 
-  '@push.rocks/smartproxy@25.8.5':
+  '@push.rocks/smartproxy@25.9.0':
     dependencies:
       '@push.rocks/smartcrypto': 2.0.4
       '@push.rocks/smartlog': 3.2.1
@@ -6501,7 +6501,7 @@ snapshots:
     transitivePeerDependencies:
       - supports-color
 
-  '@push.rocks/smartstate@2.1.1':
+  '@push.rocks/smartstate@2.2.0':
     dependencies:
       '@push.rocks/smarthash': 3.2.6
       '@push.rocks/smartjson': 6.0.0
@@ -6840,7 +6840,7 @@ snapshots:
       '@push.rocks/smartlog-interfaces': 3.0.2
       '@tsclass/tsclass': 9.3.0
 
-  '@serve.zone/remoteingress@4.3.0':
+  '@serve.zone/remoteingress@4.4.0':
     dependencies:
       '@push.rocks/qenv': 6.1.3
       '@push.rocks/smartrust': 1.3.1

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '10.1.3',
+  version: '10.1.8',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }

ts/classes.dcrouter.ts

@@ -222,7 +222,8 @@ export class DcRouter {
   public detectedPublicIp: string | null = null;
 
   // DNS query logging rate limiter state
-  private dnsLogWindow: number[] = [];
+  private dnsLogWindowSecond: number = 0; // epoch second of current window
+  private dnsLogWindowCount: number = 0;  // queries logged this second
   private dnsBatchCount: number = 0;
   private dnsBatchTimer: ReturnType<typeof setTimeout> | null = null;
 
@@ -901,7 +902,8 @@ export class DcRouter {
       }
       this.dnsBatchTimer = null;
       this.dnsBatchCount = 0;
-      this.dnsLogWindow = [];
+      this.dnsLogWindowSecond = 0;
+      this.dnsLogWindowCount = 0;
     }
 
     await this.opsServer.stop();
@@ -1312,11 +1314,14 @@ export class DcRouter {
         }
 
         // Adaptive logging: individual logs up to 2/sec, then batch
-        const now = Date.now();
-        this.dnsLogWindow = this.dnsLogWindow.filter(t => now - t < 1000);
+        const nowSec = Math.floor(Date.now() / 1000);
+        if (nowSec !== this.dnsLogWindowSecond) {
+          this.dnsLogWindowSecond = nowSec;
+          this.dnsLogWindowCount = 0;
+        }
 
-        if (this.dnsLogWindow.length < 2) {
-          this.dnsLogWindow.push(now);
+        if (this.dnsLogWindowCount < 2) {
+          this.dnsLogWindowCount++;
           const summary = event.questions.map(q => `${q.type} ${q.name}`).join(', ');
           logger.log('info', `DNS query: ${summary} (${event.responseTimeMs}ms, ${event.answered ? 'answered' : 'unanswered'})`, { zone: 'dns' });
         } else {

ts/monitoring/classes.metricsmanager.ts

@@ -35,7 +35,9 @@ export class MetricsManager {
     queryTypes: {} as Record<string, number>,
     topDomains: new Map<string, number>(),
     lastResetDate: new Date().toDateString(),
-    queryTimestamps: [] as number[], // Track query timestamps for rate calculation
+    // Per-second query count ring buffer (300 entries = 5 minutes)
+    queryRing: new Int32Array(300),
+    queryRingLastSecond: 0, // last epoch second that was written
     responseTimes: [] as number[], // Track response times in ms
     recentQueries: [] as Array<{ timestamp: number; domain: string; type: string; answered: boolean; responseTimeMs: number }>,
   };
@@ -95,7 +97,8 @@ export class MetricsManager {
         this.dnsMetrics.cacheMisses = 0;
         this.dnsMetrics.queryTypes = {};
         this.dnsMetrics.topDomains.clear();
-        this.dnsMetrics.queryTimestamps = [];
+        this.dnsMetrics.queryRing.fill(0);
+        this.dnsMetrics.queryRingLastSecond = 0;
         this.dnsMetrics.responseTimes = [];
         this.dnsMetrics.recentQueries = [];
         this.dnsMetrics.lastResetDate = currentDate;
@@ -111,15 +114,6 @@ export class MetricsManager {
         this.securityMetrics.lastResetDate = currentDate;
       }
 
-      // Prune old query timestamps (keep last 5 minutes)
-      const fiveMinutesAgo = Date.now() - 300000;
-      const idx = this.dnsMetrics.queryTimestamps.findIndex(ts => ts >= fiveMinutesAgo);
-      if (idx > 0) {
-        this.dnsMetrics.queryTimestamps = this.dnsMetrics.queryTimestamps.slice(idx);
-      } else if (idx === -1) {
-        this.dnsMetrics.queryTimestamps = [];
-      }
-
       // Prune old time-series buckets every minute (don't wait for lazy query)
       this.pruneOldBuckets();
     }, 60000); // Check every minute
@@ -150,16 +144,16 @@ export class MetricsManager {
       const smartMetricsData = await this.smartMetrics.getMetrics();
       const proxyMetrics = this.dcRouter.smartProxy ? this.dcRouter.smartProxy.getMetrics() : null;
       const proxyStats = this.dcRouter.smartProxy ? await this.dcRouter.smartProxy.getStatistics() : null;
+      const { heapUsed, heapTotal, external, rss } = process.memoryUsage();
 
       return {
         uptime: process.uptime(),
         startTime: Date.now() - (process.uptime() * 1000),
         memoryUsage: {
-          heapUsed: process.memoryUsage().heapUsed,
-          heapTotal: process.memoryUsage().heapTotal,
-          external: process.memoryUsage().external,
-          rss: process.memoryUsage().rss,
-          // Add SmartMetrics memory data
+          heapUsed,
+          heapTotal,
+          external,
+          rss,
           maxMemoryMB: this.smartMetrics.maxMemoryMB,
           actualUsageBytes: smartMetricsData.memoryUsageBytes,
           actualUsagePercentage: smartMetricsData.memoryPercentage,
@@ -228,11 +222,8 @@ export class MetricsManager {
         .slice(0, 10)
         .map(([domain, count]) => ({ domain, count }));
       
-      // Calculate queries per second from recent timestamps
-      const now = Date.now();
-      const oneMinuteAgo = now - 60000;
-      const recentQueries = this.dnsMetrics.queryTimestamps.filter(ts => ts >= oneMinuteAgo);
-      const queriesPerSecond = recentQueries.length / 60;
+      // Calculate queries per second from ring buffer (sum last 60 seconds)
+      const queriesPerSecond = this.getQueryRingSum(60) / 60;
       
       // Calculate average response time
       const avgResponseTime = this.dnsMetrics.responseTimes.length > 0
@@ -436,8 +427,8 @@ export class MetricsManager {
       this.dnsMetrics.cacheMisses++;
     }
     
-    // Track query timestamp (pruning moved to resetInterval to avoid O(n) per query)
-    this.dnsMetrics.queryTimestamps.push(Date.now());
+    // Increment per-second query counter in ring buffer
+    this.incrementQueryRing();
     
     // Track response time if provided
     if (responseTimeMs) {
@@ -609,7 +600,7 @@ export class MetricsManager {
         requestsPerSecond,
         requestsTotal,
       };
-    }, 200); // Use 200ms cache for more frequent updates
+    }, 1000); // 1s cache — matches typical dashboard poll interval
   }
 
   // --- Time-series helpers ---
@@ -638,6 +629,63 @@ export class MetricsManager {
     bucket.queries++;
   }
 
+  /**
+   * Increment the per-second query counter in the ring buffer.
+   * Zeros any stale slots between the last write and the current second.
+   */
+  private incrementQueryRing(): void {
+    const currentSecond = Math.floor(Date.now() / 1000);
+    const ring = this.dnsMetrics.queryRing;
+    const last = this.dnsMetrics.queryRingLastSecond;
+
+    if (last === 0) {
+      // First call — zero and anchor
+      ring.fill(0);
+      this.dnsMetrics.queryRingLastSecond = currentSecond;
+      ring[currentSecond % ring.length] = 1;
+      return;
+    }
+
+    const gap = currentSecond - last;
+    if (gap >= ring.length) {
+      // Entire ring is stale — clear all
+      ring.fill(0);
+    } else if (gap > 0) {
+      // Zero slots from (last+1) to currentSecond (inclusive)
+      for (let s = last + 1; s <= currentSecond; s++) {
+        ring[s % ring.length] = 0;
+      }
+    }
+
+    this.dnsMetrics.queryRingLastSecond = currentSecond;
+    ring[currentSecond % ring.length]++;
+  }
+
+  /**
+   * Sum query counts from the ring buffer for the last N seconds.
+   */
+  private getQueryRingSum(seconds: number): number {
+    const currentSecond = Math.floor(Date.now() / 1000);
+    const ring = this.dnsMetrics.queryRing;
+    const last = this.dnsMetrics.queryRingLastSecond;
+
+    if (last === 0) return 0;
+
+    // First, zero stale slots so reads are accurate even without writes
+    const gap = currentSecond - last;
+    if (gap >= ring.length) return 0; // all data is stale
+
+    let sum = 0;
+    const limit = Math.min(seconds, ring.length);
+    for (let i = 0; i < limit; i++) {
+      const sec = currentSecond - i;
+      if (sec < last - (ring.length - 1)) break; // slot is from older cycle
+      if (sec > last) continue; // no writes yet for this second
+      sum += ring[sec % ring.length];
+    }
+    return sum;
+  }
+
   private pruneOldBuckets(): void {
     const cutoff = Date.now() - 86400000; // 24h
     for (const key of this.emailMinuteBuckets.keys()) {

ts/security/classes.securitylogger.ts

@@ -162,8 +162,9 @@ export class SecurityLogger {
       }
     }
     
-    // Return most recent events up to limit
+    // Return most recent events up to limit (slice first to avoid mutating source)
     return filteredEvents
+      .slice()
       .sort((a, b) => b.timestamp - a.timestamp)
       .slice(0, limit);
   }
@@ -249,40 +250,34 @@ export class SecurityLogger {
     topIPs: Array<{ ip: string; count: number }>;
     topDomains: Array<{ domain: string; count: number }>;
   } {
-    // Filter by time window if provided
-    let events = this.securityEvents;
-    if (timeWindow) {
-      const cutoff = Date.now() - timeWindow;
-      events = events.filter(e => e.timestamp >= cutoff);
+    const cutoff = timeWindow ? Date.now() - timeWindow : 0;
+
+    // Initialize counters
+    const byLevel = {} as Record<SecurityLogLevel, number>;
+    for (const level of Object.values(SecurityLogLevel)) {
+      byLevel[level] = 0;
+    }
+    const byType = {} as Record<SecurityEventType, number>;
+    for (const type of Object.values(SecurityEventType)) {
+      byType[type] = 0;
     }
-    
-    // Count by level
-    const byLevel = Object.values(SecurityLogLevel).reduce((acc, level) => {
-      acc[level] = events.filter(e => e.level === level).length;
-      return acc;
-    }, {} as Record<SecurityLogLevel, number>);
-    
-    // Count by type
-    const byType = Object.values(SecurityEventType).reduce((acc, type) => {
-      acc[type] = events.filter(e => e.type === type).length;
-      return acc;
-    }, {} as Record<SecurityEventType, number>);
-    
-    // Count by IP
     const ipCounts = new Map<string, number>();
-    events.forEach(e => {
+    const domainCounts = new Map<string, number>();
+
+    // Single pass over all events
+    let total = 0;
+    for (const e of this.securityEvents) {
+      if (cutoff && e.timestamp < cutoff) continue;
+      total++;
+      byLevel[e.level]++;
+      byType[e.type]++;
       if (e.ipAddress) {
         ipCounts.set(e.ipAddress, (ipCounts.get(e.ipAddress) || 0) + 1);
       }
-    });
-    
-    // Count by domain
-    const domainCounts = new Map<string, number>();
-    events.forEach(e => {
       if (e.domain) {
         domainCounts.set(e.domain, (domainCounts.get(e.domain) || 0) + 1);
       }
-    });
+    }
 
     // Sort and limit top entries
     const topIPs = Array.from(ipCounts.entries())
@@ -295,12 +290,6 @@ export class SecurityLogger {
       .sort((a, b) => b.count - a.count)
       .slice(0, 10);
 
-    return {
-      total: events.length,
-      byLevel,
-      byType,
-      topIPs,
-      topDomains
-    };
+    return { total, byLevel, byType, topIPs, topDomains };
   }
 }

ts_web/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '10.1.3',
+  version: '10.1.8',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }

ts_web/appstate.ts

@@ -581,7 +581,7 @@ export const fetchCertificateOverviewAction = certificateStatePart.createAction(
 });
 
 export const reprovisionCertificateAction = certificateStatePart.createAction<string>(
-  async (statePartArg, domain) => {
+  async (statePartArg, domain, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -596,8 +596,7 @@ export const reprovisionCertificateAction = certificateStatePart.createAction<st
       });
 
       // Re-fetch overview after reprovisioning
-      await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
-      return statePartArg.getState();
+      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
     } catch (error) {
       return {
         ...currentState,
@@ -608,7 +607,7 @@ export const reprovisionCertificateAction = certificateStatePart.createAction<st
 );
 
 export const deleteCertificateAction = certificateStatePart.createAction<string>(
-  async (statePartArg, domain) => {
+  async (statePartArg, domain, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -623,8 +622,7 @@ export const deleteCertificateAction = certificateStatePart.createAction<string>
       });
 
       // Re-fetch overview after deletion
-      await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
-      return statePartArg.getState();
+      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
     } catch (error) {
       return {
         ...currentState,
@@ -643,7 +641,7 @@ export const importCertificateAction = certificateStatePart.createAction<{
   publicKey: string;
   csr: string;
 }>(
-  async (statePartArg, cert) => {
+  async (statePartArg, cert, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -658,8 +656,7 @@ export const importCertificateAction = certificateStatePart.createAction<{
       });
 
       // Re-fetch overview after import
-      await certificateStatePart.dispatchAction(fetchCertificateOverviewAction, null);
-      return statePartArg.getState();
+      return await actionContext.dispatch(fetchCertificateOverviewAction, null);
     } catch (error) {
       return {
         ...currentState,
@@ -737,7 +734,7 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
   listenPorts?: number[];
   autoDerivePorts?: boolean;
   tags?: string[];
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -756,7 +753,7 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
 
     if (response.success) {
       // Refresh the list
-      await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
+      await actionContext.dispatch(fetchRemoteIngressAction, null);
 
       return {
         ...statePartArg.getState(),
@@ -774,7 +771,7 @@ export const createRemoteIngressAction = remoteIngressStatePart.createAction<{
 });
 
 export const deleteRemoteIngressAction = remoteIngressStatePart.createAction<string>(
-  async (statePartArg, edgeId) => {
+  async (statePartArg, edgeId, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -788,8 +785,7 @@ export const deleteRemoteIngressAction = remoteIngressStatePart.createAction<str
         id: edgeId,
       });
 
-      await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
-      return statePartArg.getState();
+      return await actionContext.dispatch(fetchRemoteIngressAction, null);
     } catch (error) {
       return {
         ...currentState,
@@ -805,7 +801,7 @@ export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
   listenPorts?: number[];
   autoDerivePorts?: boolean;
   tags?: string[];
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -823,8 +819,7 @@ export const updateRemoteIngressAction = remoteIngressStatePart.createAction<{
       tags: dataArg.tags,
     });
 
-    await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
-    return statePartArg.getState();
+    return await actionContext.dispatch(fetchRemoteIngressAction, null);
   } catch (error) {
     return {
       ...currentState,
@@ -877,7 +872,7 @@ export const clearNewEdgeIdAction = remoteIngressStatePart.createAction(
 export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -892,8 +887,7 @@ export const toggleRemoteIngressAction = remoteIngressStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await remoteIngressStatePart.dispatchAction(fetchRemoteIngressAction, null);
-    return statePartArg.getState();
+    return await actionContext.dispatch(fetchRemoteIngressAction, null);
   } catch (error) {
     return {
       ...currentState,
@@ -939,7 +933,7 @@ export const fetchMergedRoutesAction = routeManagementStatePart.createAction(asy
 export const createRouteAction = routeManagementStatePart.createAction<{
   route: any;
   enabled?: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -954,8 +948,7 @@ export const createRouteAction = routeManagementStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
-    return statePartArg.getState();
+    return await actionContext.dispatch(fetchMergedRoutesAction, null);
   } catch (error) {
     return {
       ...currentState,
@@ -965,7 +958,7 @@ export const createRouteAction = routeManagementStatePart.createAction<{
 });
 
 export const deleteRouteAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, routeId) => {
+  async (statePartArg, routeId, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -979,8 +972,7 @@ export const deleteRouteAction = routeManagementStatePart.createAction<string>(
         id: routeId,
       });
 
-      await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
-      return statePartArg.getState();
+      return await actionContext.dispatch(fetchMergedRoutesAction, null);
     } catch (error) {
       return {
         ...currentState,
@@ -993,7 +985,7 @@ export const deleteRouteAction = routeManagementStatePart.createAction<string>(
 export const toggleRouteAction = routeManagementStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -1008,8 +1000,7 @@ export const toggleRouteAction = routeManagementStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
-    return statePartArg.getState();
+    return await actionContext.dispatch(fetchMergedRoutesAction, null);
   } catch (error) {
     return {
       ...currentState,
@@ -1021,7 +1012,7 @@ export const toggleRouteAction = routeManagementStatePart.createAction<{
 export const setRouteOverrideAction = routeManagementStatePart.createAction<{
   routeName: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -1036,8 +1027,7 @@ export const setRouteOverrideAction = routeManagementStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
-    return statePartArg.getState();
+    return await actionContext.dispatch(fetchMergedRoutesAction, null);
   } catch (error) {
     return {
       ...currentState,
@@ -1047,7 +1037,7 @@ export const setRouteOverrideAction = routeManagementStatePart.createAction<{
 });
 
 export const removeRouteOverrideAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, routeName) => {
+  async (statePartArg, routeName, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -1061,8 +1051,7 @@ export const removeRouteOverrideAction = routeManagementStatePart.createAction<s
         routeName,
       });
 
-      await routeManagementStatePart.dispatchAction(fetchMergedRoutesAction, null);
-      return statePartArg.getState();
+      return await actionContext.dispatch(fetchMergedRoutesAction, null);
     } catch (error) {
       return {
         ...currentState,
@@ -1128,7 +1117,7 @@ export async function rollApiToken(id: string) {
 }
 
 export const revokeApiTokenAction = routeManagementStatePart.createAction<string>(
-  async (statePartArg, tokenId) => {
+  async (statePartArg, tokenId, actionContext) => {
     const context = getActionContext();
     const currentState = statePartArg.getState();
 
@@ -1142,8 +1131,7 @@ export const revokeApiTokenAction = routeManagementStatePart.createAction<string
         id: tokenId,
       });
 
-      await routeManagementStatePart.dispatchAction(fetchApiTokensAction, null);
-      return statePartArg.getState();
+      return await actionContext.dispatch(fetchApiTokensAction, null);
     } catch (error) {
       return {
         ...currentState,
@@ -1156,7 +1144,7 @@ export const revokeApiTokenAction = routeManagementStatePart.createAction<string
 export const toggleApiTokenAction = routeManagementStatePart.createAction<{
   id: string;
   enabled: boolean;
-}>(async (statePartArg, dataArg) => {
+}>(async (statePartArg, dataArg, actionContext) => {
   const context = getActionContext();
   const currentState = statePartArg.getState();
 
@@ -1171,8 +1159,7 @@ export const toggleApiTokenAction = routeManagementStatePart.createAction<{
       enabled: dataArg.enabled,
     });
 
-    await routeManagementStatePart.dispatchAction(fetchApiTokensAction, null);
-    return statePartArg.getState();
+    return await actionContext.dispatch(fetchApiTokensAction, null);
   } catch (error) {
     return {
       ...currentState,

ts_web/elements/ops-view-apitokens.ts

@@ -154,7 +154,7 @@ export class OpsViewApiTokens extends DeesElement {
             },
             {
               name: 'Roll',
-              iconName: 'lucide:rotate-cw',
+              iconName: 'lucide:rotateCw',
               type: ['inRow', 'contextmenu'] as any,
               actionFunc: async (actionData: any) => {
                 const token = actionData.item as interfaces.data.IApiTokenInfo;
@@ -306,7 +306,7 @@ export class OpsViewApiTokens extends DeesElement {
         },
         {
           name: 'Roll Token',
-          iconName: 'lucide:rotate-cw',
+          iconName: 'lucide:rotateCw',
           action: async (modalArg: any) => {
             await modalArg.destroy();
             try {