Changes before error encountered

Co-authored-by: huangyiirene <7665279+huangyiirene@users.noreply.github.com>

Author: Copilot

packages/cli/package.json

@@ -36,6 +36,7 @@
     "vite": "^5.0.0",
     "@vitejs/plugin-react": "^4.2.1",
     "express": "^4.21.2",
+    "express-rate-limit": "^7.4.1",
     "js-yaml": "^4.1.0",
     "@object-ui/react": "workspace:*",
     "@object-ui/components": "workspace:*"

packages/cli/src/commands/start.ts

@@ -1,4 +1,5 @@
 import express from 'express';
+import rateLimit from 'express-rate-limit';
 import { existsSync } from 'fs';
 import { join, resolve } from 'path';
 import chalk from 'chalk';
@@ -37,6 +38,18 @@ export async function start(options: StartOptions) {
   const port = parseInt(options.port);
   const host = options.host;
 
+  // Configure rate limiting to prevent abuse
+  const limiter = rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 1000, // Limit each IP to 1000 requests per windowMs
+    message: 'Too many requests from this IP, please try again later.',
+    standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
+    legacyHeaders: false, // Disable the `X-RateLimit-*` headers
+  });
+
+  // Apply rate limiting to all routes
+  app.use(limiter);
+
   // Serve static files from dist directory
   app.use(express.static(distPath));