The API should protect itself from requests that would take too long or use too much memory.
What to do:
Add limits on calculation complexity and reject requests that would be too expensive to process.
Why this matters:
- Prevents one user from slowing down the service
- Protects against accidental or malicious overload
- Enables predictable performance
- Required for production deployment
Acceptance criteria:
- Limit number of payment items per request
- Limit calculation time period
- Limit complexity of recurring patterns
- Return helpful error when limits exceeded
- Limits are configurable
The API should protect itself from requests that would take too long or use too much memory.
What to do:
Add limits on calculation complexity and reject requests that would be too expensive to process.
Why this matters:
Acceptance criteria: