Launch GitLab Knowledge Graph

Implement rate limiting for API endpoints

Add rate limiting to prevent API abuse.

Implementation:

Use Spring Security rate limiting or Bucket4j
Different limits for authenticated vs. unauthenticated users
Return proper 429 Too Many Requests responses
Add rate limit headers (X-RateLimit-*)

Limits:

Authenticated: 1000 req/hour
Unauthenticated: 100 req/hour
Login endpoint: 10 req/minute

Monitoring:

Add metrics for rate limit hits
Alert on excessive rate limiting