Skip to content

Instantly share code, notes, and snippets.

@pmutua

pmutua/2026-05-26-arifa-platform-updates-ai-cost-instrumentation-security-and--6b4b8ab.md

Created May 26, 2026 01:17
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save pmutua/1be39b721471bc047f387356329c56fb to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save pmutua/1be39b721471bc047f387356329c56fb to your computer and use it in GitHub Desktop.
Download ZIP
Arifa Platform Updates: AI Cost Instrumentation, Security, and Subscription Features
Raw
2026-05-26-arifa-platform-updates-ai-cost-instrumentation-security-and--6b4b8ab.md
title Arifa Platform Updates: AI Cost Instrumentation, Security, and Subscription Features
date 2026-05-26
author pmutua
tags
react-native
expo
astro
cloudflare-workers
hono
d1
drizzle
kv
r2
rag
workers-ai
vectorize
turborepo
typescript
commit 6b4b8ab
type dev-diary

The Hook

The latest updates to the Arifa platform introduce significant enhancements in AI cost instrumentation, security, and subscription features. These changes aim to improve the platform's efficiency, user experience, and compliance with regulatory requirements.

Context

Arifa is an AI-powered news aggregation, analysis, and distribution platform designed for Kenya and Global Tech & Science news. The platform utilizes a range of technologies, including React Native, Expo, Astro, Cloudflare Workers, Hono, D1, Drizzle, KV, R2, RAG, Workers AI, Vectorize, and Turborepo, all built with TypeScript.

What Changed

AI Cost Instrumentation

A new feature has been added to track AI costs across all pipeline steps. This involves creating a table in the database to store AI cost tracking data, including the date, feature class, model ID, tier, call count, and estimated neurons. The recordAiCost function is used to insert or update AI cost tracking data in the database.

export async function recordAiCost(
  db: DrizzleD1Database<typeof schema>,
  params: RecordAiCostParams,
): Promise<void> {
  const date = new Date().toISOString().split('T')[0]!;
  const tier = params.tier ?? 'system';
  const neurons = params.neurons ?? 0;
  const id = `${date}:${params.featureClass}:${params.modelId}:${tier}`;

  await db.run(
    sql`INSERT INTO ai_cost_tracking (id, date, feature_class, model_id, tier, call_count, estimated_neurons)
        VALUES (${id}, ${date}, ${params.featureClass}, ${params.modelId}, ${tier}, 1, ${neurons})
        ON CONFLICT (date, feature_class, model_id, tier)
        DO UPDATE SET call_count = call_count + 1, estimated_neurons = estimated_neurons + ${neurons}`,
  );
}

Security

A production security launch gate checklist has been added to ensure that all necessary security measures are in place before promoting the platform to production. This includes verifying authentication, rate limiting, and path security.

Subscription Features

Clerk tier sync, KV cache invalidation, and a grace period on payment failure have been implemented. When a subscription is created or updated, the tier is synced with Clerk, and the KV cache is invalidated to ensure that the latest subscription data is used. A 3-day grace period is also applied when a payment fails, allowing the user to retain access until the issue is resolved.

flowchart TD
    A[Subscription Create/Update] -->|Sync Tier|> B[Clerk]
    B -->|Invalidate Cache|> C[KV Cache]
    C -->|Update Subscription|> D[Database]
    D -->|Apply Grace Period|> E[Grace Period]
    E -->|Retain Access|> F[User]
Loading

Challenges

One of the challenges faced during this update was ensuring that the AI cost instrumentation feature was accurate and efficient. This required careful consideration of the database schema and the implementation of the recordAiCost function.

What I Learned

  • The importance of tracking AI costs to optimize platform efficiency and reduce expenses.
  • The need for robust security measures, such as authentication and rate limiting, to protect the platform and its users.
  • The value of implementing a grace period on payment failure to provide a better user experience and reduce churn.

What's Next

The next steps for the Arifa platform include continuing to refine the AI cost instrumentation feature, expanding the subscription features to include more tiers and options, and enhancing the security measures to ensure the platform remains secure and compliant with regulatory requirements.

Git Provenance

All commits are SSH-signed (Ed25519) and show a Verified badge on GitHub. The source repository is private — commit URLs are not publicly accessible.

Commit Date Message Verified
a85af61 2026-05-25 19:11 +03:00 docs(root): add production security launch gate checklist (closes #37)
e8bfcab 2026-05-25 19:11 +03:00 feat(ai-pipe): add AI cost instrumentation across all pipeline steps (closes #38)
4a5cb86 2026-05-25 19:11 +03:00 docs(root): add source audit and issue plan
6dd9f34 2026-05-25 19:46 +03:00 feat(api): add AI processing consent with point-of-use gating (closes #39)
6b4b8ab 2026-05-25 19:59 +03:00 feat(webhook): add Clerk tier sync, KV cache invalidation, and grace period on payment failure (closes #40)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment